[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit d016a81978d204b4dad8c06fdf81524391c724de
Author: Translation commit bot 
Date:   Fri Dec 9 07:48:19 2016 +

Update translations for tor-browser-manual
---
 nb/nb.po | 48 ++--
 1 file changed, 46 insertions(+), 2 deletions(-)

diff --git a/nb/nb.po b/nb/nb.po
index 3fc5690..7479699 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -438,6 +438,9 @@ msgid ""
 "Message to @get_tor with the words \"osx en\" in it (you don't need to "
 "follow the account)."
 msgstr ""
+"For å få lenker til nedlasting av Tor-nettleseren på engelsk for OS X, 
send "
+"en direkte melding til @get_tor inneholdende ordene \"osx en\" (du trenger "
+"ikke å følge kontoen)."
 
 #: downloading.page:70
 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):"
@@ -745,6 +748,11 @@ msgid ""
 "trackers, and advertising beacons, all of which can link your activity "
 "across different sites."
 msgstr ""
+"Når du kobler til en nettside, er det ikke bare operatørene av nettsiden 
som"
+" kan lagre informasjon om ditt besøk. De fleste nettsider bruker flerfoldige"
+" tredjepartstjenester, som usosiale nettverkstejesters \"Like\"-knapper, "
+"analysesporere, og reklamesignalering, som alle kan lenke sammen din "
+"aktivitet på tvers av forskjellige nettsider."
 
 #: managing-identities.page:20
 msgid ""
@@ -792,6 +800,8 @@ msgid ""
 "You can see a diagram of the circuit that Tor Browser is using for the "
 "current tab in the onion menu."
 msgstr ""
+"Du kan se et diagram av kretsen Tor-nettleseren bruker for gjeldende fane i "
+"løk-menyen."
 
 #: managing-identities.page:55
 msgid "Logging in over Tor"
@@ -940,7 +950,7 @@ msgstr ""
 
 #: onionsites.page:46
 msgid "How to access an onion service"
-msgstr ""
+msgstr "Hvordan få tilgang til en løk-tjeneste"
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -1007,6 +1017,13 @@ msgid ""
 "operators, or to an outside observer. For this reason, Flash is disabled by "
 "default in Tor Browser, and enabling it is not recommended."
 msgstr ""
+"Videonettsider som Vimeo gjør bruk av programtillegget for Flash-avspilling "
+"for å vise videoinnhold. Dessverre kjører denne programvaren uavhengig av "
+"Tor-nettleseren og kan ikke enkelt fås til å adlyde Tor-nettleserens "
+"mellomtjenerinnstillinger. Derfor kan den avsløre din egentlige plassering "
+"og IP-adresse til nettsideoperatørene, eller til en tredjepart som holder "
+"øye med deg. Av denne grunnen er Flash avskrudd som forvalg i Tor-"
+"nettleseren, og å skru det på er ikke anbefalt."
 
 #: plugins.page:23
 msgid ""
@@ -1014,6 +1031,9 @@ msgid ""
 "methods that do not use Flash. These methods may be compatible with Tor "
 "Browser."
 msgstr ""
+"Noen videonettsider (som YouTube) tilbyr alternative videoleveringsmetoder "
+"som ikke gjør bruk av flash. Disse metodene kan være kompatible med Tor-"
+"nettleseren."
 
 #: plugins.page:31
 msgid "JavaScript"
@@ -1057,13 +1077,15 @@ msgstr ""
 
 #: plugins.page:58
 msgid "Browser Add-ons"
-msgstr ""
+msgstr "Programtillegg for nettleser"
 
 #: plugins.page:59
 msgid ""
 "Tor Browser is based on Firefox, and any browser add-ons or themes that are "
 "compatible with Firefox can also be installed in Tor Browser."
 msgstr ""
+"Tor-nettleseren er basert på Firefox, og ethvert programtillegg og enhver "
+"drakt kompatibelt med Firefox kan også installeres i Tor-nettleseren."
 
 #: plugins.page:64
 msgid ""
@@ -1073,6 +1095,12 @@ msgid ""
 " privacy and security. It is strongly discouraged to install additional add-"
 "ons, and the Tor Project will not offer support for these configurations."
 msgstr ""
+"Dog er de eneste programtilleggene som har blitt testet for bruk med Tor-"
+"nettleseren dem som er inkludert som forvalg. Installasjon av andre "
+"programtillegg kan knekke funksjonalitet i Tor-nettleseren eller forårsake "
+"mer alvorlige problemer som har innvirkning på din sikkerhet eller "
+"personvern. Det frarådes sterkt å installere ytterligere programtillegg, og 
"
+"Tor-prosjektet vil ikke tilby støtte for disse oppsettene."
 
 #: secure-connections.page:8
 msgid "Learn how to protect your data using Tor Browser and HTTPS"
@@ -1133,6 +1161,8 @@ msgid ""
 "When both buttons are grey, you see the data that is visible to observers "
 "when you don't use either tool."
 msgstr ""
+"Når begge knappene er grået ut, ser du dataen som er synlig for 
observatører"
+" når du ikke bruker hvert av verktøyene."
 
 #: secure-connections.page:62
 msgid "Potentially visible data"
@@ -1178,6 +1208,11 @@ msgid ""
 "some web pages from functioning properly, so you should weigh your security "
 "needs against the degree of usability you require."
 msgstr ""
+"Tor-nettleseren inneholder en \"sikkerhetsglidebryter\" som lar deg øke "
+"sikkerhetsnivået ved å skru av noen 

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit abc2dccf1fb49809427338d65d91fb94f4f39470
Author: Translation commit bot 
Date:   Fri Dec 9 07:18:19 2016 +

Update translations for tor-browser-manual
---
 nb/nb.po | 79 +---
 1 file changed, 71 insertions(+), 8 deletions(-)

diff --git a/nb/nb.po b/nb/nb.po
index 0eb9c8d..3fc5690 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -124,7 +124,7 @@ msgstr ""
 
 #: bridges.page:6
 msgid "Learn what bridges are and how to get them"
-msgstr ""
+msgstr "Lær hva broer er og hvordan bruke dem"
 
 #: bridges.page:10
 msgid "Bridges"
@@ -139,6 +139,12 @@ msgid ""
 " in combination with pluggable transports helps to disguise the fact that "
 "you are using Tor."
 msgstr ""
+"De fleste Pluggbare transporter, som obfs3 "
+"og obfs4 belager seg på \"bro\"-baserte routingstafettoppsett. Som ordinære 
"
+"Tor-routingstafettoppsett, drives broer av frivillige; ulikt vanlige "
+"routingstafettoppsett, er de ikke på noen offentlig liste, så en fiendtlig "
+"part kan ikke identifisere dem så lett. Bruk av broer i kombinasjon med "
+"pluggbare transporter hjelper deg med å skjule at du bruker Tor."
 
 #: bridges.page:21
 msgid ""
@@ -146,6 +152,9 @@ msgid ""
 "techniques that do not rely on bridges. You do not need to obtain bridge "
 "addresses in order to use these transports."
 msgstr ""
+"Andre pluggbare transporter, som meek, bruker andre antisensur-teknikker som"
+" ikke avhenger av broer. Du trenger ikke å innhente broadresser for å bruke 
"
+"disse transportene."
 
 #: bridges.page:28
 msgid "Getting bridge addresses"
@@ -217,6 +226,10 @@ msgid ""
 " may be down. Please use one of the above methods to obtain more bridge "
 "addresses, and try again."
 msgstr ""
+"Klikk \"Koble til\". Bruk av broer kan sakke ned tilkoblingen sett i forhold"
+" til bruk av vanlige Tor-routingstafettoppsett. Hvis tilkoblingen feiler, "
+"kan det hende at broene du har mottatt er nede. Bruk en av metodene ovenfor "
+"for å innhente flere broadresser, og prøv igjen."
 
 #: circumvention.page:6
 msgid "What to do if the Tor network is blocked"
@@ -235,6 +248,12 @@ msgid ""
 "page for more information on the types of transport that are currently "
 "available."
 msgstr ""
+"Direkte tilgang til Tor-nettverket kan noen ganger være blokkert av din "
+"tjenestetilbyder for Internett eller av en myndighet. Tor-nettleseren "
+"innehar noen av disse omgåelsesverktøyene for å komme rundt disse "
+"blokkeringene. Disse verktøyene heter \"pluggbare transporter\". Se siden "
+"for Pluggbare transporter for mer "
+"informasjon om transporttypene som er tilgjengelige for tiden."
 
 #: circumvention.page:22
 msgid "Using pluggable transports"
@@ -402,6 +421,12 @@ msgid ""
 "“32-bit” or “64-bit” software: this depends on the model of the 
computer you"
 " are using."
 msgstr ""
+"GetTor vil svare med en e-post inneholdende lenker du kan laste ned Tor-"
+"nettleserpakken fra, den kryptografiske signaturen (som trengs for å "
+"bekrefte nedlastingen), fingeravtrykket til nøkkelen som ble brukt til å "
+"lage signaturen, og pakkens sjekksum. Du vil bli tilbudt et valg mellom "
+"\"32-biters\" og \"64-biters\" programvare: dette avhenger av "
+"datamaskinmodellen du bruker."
 
 #: downloading.page:57
 msgid "To use GetTor via Twitter:"
@@ -423,6 +448,9 @@ msgid ""
 "To get links for downloading Tor Browser in Chinese for Linux, send a "
 "message to get...@torproject.org with the words \"linux zh\" in it."
 msgstr ""
+"For å hente lenker for nedlasting av Tor-nettleseren på Kinesisk for Linux, 
"
+"send en melding til get...@torproject.org med ordene \"linux zh\" i "
+"brødteksten."
 
 #: downloading.page:84
 msgid "Satori"
@@ -457,6 +485,11 @@ msgid ""
 "after the name of the program — each one represents a different source from 
"
 "which to get the software. Your download will then begin."
 msgstr ""
+"Når Satori åpnes, klikk ditt foretrukne språk. En meny vil åpnes med "
+"tilgjengelige nedlastinger for valgt språk. Finn oppføringen for Tor-"
+"nettleseren under navnet på ditt operativsystem. Velg enten \"A\" eller "
+"\"B\" etter navnet på programmet — hver av dem representerer en kilde å "
+"laste ned programmet fra. Din nedlasting vil deretter begynne."
 
 #: downloading.page:115
 msgid ""
@@ -556,6 +589,13 @@ msgid ""
 "xref=\"circumvention\">Circumvention screen to configure a pluggable "
 "transport."
 msgstr ""
+"Denne første skjermen spør om tilgang til Tor-nettverket er sensurert eller 
"
+"blokkert på din tilknytning. Hvis du ikke tror dette er tilfellet, velg "
+"\"Nei\". Hvis du vet at din tilkobling blir sensurert, eller du har prøvd og"
+" feilet i tilkobling til Tor-nettverket, og ingen andre løsninger har "
+"virket, velg \"Ja\". Du vil så bli ført til skjermen for Omgåelse for å sette opp en pluggbar "
+"transport."
 
 #: first-time.page:55
 msgid ""
@@ -565,6 +605,12 @@ msgid ""
 "ask your 

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 01284d3d234622420b395e623c02a48735049339
Author: Translation commit bot 
Date:   Fri Dec 9 05:02:43 2016 +

Update translations for tor-browser-manual
---
 nb/nb.po | 56 ++--
 1 file changed, 46 insertions(+), 10 deletions(-)

diff --git a/nb/nb.po b/nb/nb.po
index d1a89ee..0eb9c8d 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -329,6 +329,10 @@ msgid ""
 "xref=\"bridges\">Bridges section to learn what bridges are and how to"
 " obtain them."
 msgstr ""
+"Hvis du prøver alle disse valgene, og ingen av dem får deg på nett, vil du 
"
+"måtte skrive inn broadresser manuelt. Les delen om Broer for å lære hva broer er og hvordan du henter "
+"dem."
 
 #: downloading.page:7
 msgid "How to download Tor Browser"
@@ -363,7 +367,7 @@ msgstr ""
 
 #: downloading.page:27
 msgid "GetTor"
-msgstr ""
+msgstr "GetTor"
 
 #: downloading.page:28
 msgid ""
@@ -371,10 +375,13 @@ msgid ""
 "the latest version of Tor Browser, hosted at a variety of locations, such as"
 " Dropbox, Google Drive and Github.."
 msgstr ""
+"GetTor er en tjeneste som automatisk svarer på meldinger med lenker til "
+"seneste versjon av Tor-nettleseren, delt fra en mengde plasser, som Dropbox,"
+" Google drive og GitHub."
 
 #: downloading.page:34
 msgid "To use GetTor via email:"
-msgstr ""
+msgstr "For å bruke GetTor via e-post:"
 
 #: downloading.page:39
 msgid ""
@@ -382,6 +389,9 @@ msgid ""
 "simply write “windows”, “osx”, or “linux”, (without quotation 
marks) "
 "depending on your operating system."
 msgstr ""
+"Send en e-post til get...@torproject.org, og i få med \"windows\", \"osx\" "
+"eller \"linux\" (uten anførselstegn og avhengig av ditt operativsystem) i "
+"brødteksten av meldingen."
 
 #: downloading.page:46
 msgid ""
@@ -395,7 +405,7 @@ msgstr ""
 
 #: downloading.page:57
 msgid "To use GetTor via Twitter:"
-msgstr ""
+msgstr "For å bruke GetTor via Twitter:"
 
 #: downloading.page:62
 msgid ""
@@ -406,7 +416,7 @@ msgstr ""
 
 #: downloading.page:70
 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):"
-msgstr ""
+msgstr "For å bruke GetTor via Jabber/XMPP (Tor messenger, Jitsi, CoyIM):"
 
 #: downloading.page:75
 msgid ""
@@ -416,13 +426,16 @@ msgstr ""
 
 #: downloading.page:84
 msgid "Satori"
-msgstr ""
+msgstr "Satori"
 
 #: downloading.page:85
 msgid ""
 "Satori is an add-on for the Chrome or Chromium browsers that allows you to "
 "download several security and privacy programs from different sources."
 msgstr ""
+"Satori er et programtillegg for Chrome- eller Chromium-nettleserne som lar "
+"deg laste ned forskjellige sikkerhets- og personverns-programmer fra "
+"forskjellige kilder."
 
 #: downloading.page:90
 msgid "To download Tor Browser using Satori:"
@@ -430,11 +443,11 @@ msgstr "For å laste ned Tor-nettleseren ved bruk av 
Satori:"
 
 #: downloading.page:95
 msgid "Install Satori from the Chrome App Store."
-msgstr ""
+msgstr "Installer Satori fra Chrome-programbutikken."
 
 #: downloading.page:100
 msgid "Select Satori from your browser’s Apps menu."
-msgstr ""
+msgstr "Velg Satori fra din nettlesers programmeny."
 
 #: downloading.page:105
 msgid ""
@@ -450,6 +463,8 @@ msgid ""
 "Wait for your download to finish, then find the “Generate Hash” section 
in "
 "Satori’s menu and click “Select Files”."
 msgstr ""
+"Vent på at nedlastingen skal fullføres, finn så \"Generer sjekksum\"-delen 
i"
+" Satoris meny og klikk \"Velg filer\"."
 
 #: downloading.page:121
 msgid ""
@@ -461,6 +476,13 @@ msgid ""
 "Browser. If they do not match, you may need to try downloading again,"
 " or from a different source."
 msgstr ""
+"Velg den nedlastede Tor-nettleserfila. Satori vil vise sjekksumen av fila, "
+"som du burde jamføre med programvarens orginale sjekksum: du kan finne dette"
+" ved å klikke ordet \"sjekksum\" som etterfølger lenken du klikket på for 
Ã¥ "
+"starte nedlastingen. Hvis sjekksummene stemmer overens, var nedlastingen "
+"vellykket, og du kan sette i gang å bruke Tor-"
+"nettleseren. Hvis de ikke stemmer overens, kan du prøve å laste ned "
+"igjen, eller fra en annen kilde."
 
 #: first-time.page:7
 msgid "Learn how to use Tor Browser for the first time"
@@ -476,6 +498,9 @@ msgid ""
 "Settings window. This offers you the option to connect directly to the Tor "
 "network, or to configure Tor Browser for your connection."
 msgstr ""
+"Når du kjører Tor-nettleseren for første gang, vil du se et vindu for "
+"nettverksinnstillinger for Tor-nettverket. Dette lar deg koble til Tor-"
+"nettverket direkte, eller sette opp Tor-nettleseren for din tilkobling."
 
 #: first-time.page:19
 msgid "Connect"
@@ -501,6 +526,11 @@ msgid ""
 "Troubleshooting page for help solving "
 "the problem."
 msgstr ""
+"I de fleste fall vil \"Koble til\" la deg koble til Tor-nettverket uten "
+"videre oppsett. NÃ¥r du har klikket dette, vil en framdriftsindikator komme "
+"til syne. Hvis du har 

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 19166bd83c858ba5e7a1f277347beffcd1cb21dc
Author: Translation commit bot 
Date:   Fri Dec 9 04:21:40 2016 +

Update translations for tor-browser-manual
---
 es/es.po | 10 
 nb/nb.po | 82 
 2 files changed, 72 insertions(+), 20 deletions(-)

diff --git a/es/es.po b/es/es.po
index a5fb39a..c3bc177 100644
--- a/es/es.po
+++ b/es/es.po
@@ -578,6 +578,13 @@ msgid ""
 "Troubleshooting page for help solving "
 "the problem."
 msgstr ""
+"En la mayoría de los casos, escoger \"Conectar\" le permitirá conectar a la 
"
+"red Tor sin ninguna configuración adicional. Una vez haga clic, aparecerá "
+"una barra de estado mostrando el progreso de la conexión de Tor. Si está "
+"sobre una conexión relativamente rápida, pero este barra parece haberse "
+"quedado fija en un determinado punto, vea la página Solución de problemas en busca de ayuda para"
+" solucionar el problema."
 
 #: first-time.page:33
 msgid "Configure"
@@ -589,6 +596,9 @@ msgid ""
 "select this option. Tor Browser will take you through a series of "
 "configuration options."
 msgstr ""
+"Si sabe que su conexión está censurada, o usa un proxy, debe seleccionar "
+"esta opción. El Navegador Tor le llevará a través de una serie de opciones 
"
+"de configuración."
 
 #: first-time.page:44
 msgid ""
diff --git a/nb/nb.po b/nb/nb.po
index 998e238..d1a89ee 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -93,6 +93,11 @@ msgid ""
 " last relay in the circuit (the “exit relay”) then sends the traffic out "
 "onto the public Internet."
 msgstr ""
+"Tor er et nettverk av virtuelle tunneler som forbedrer ditt personvern og "
+"din sikkerhet på Internett.  Tor fungerer ved å sende din internett-trafikk 
"
+"gjennom tre tilfeldig valgte servere (også kalt relays) i Tor-"
+"nettverket. Det siste rutingstafettoppsettet er det \"utgående "
+"rutingstafettoppsettet\" før trafikken sendes ut på det åpne Internettet."
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -112,6 +117,10 @@ msgid ""
 "three keys represent the layers of encryption between the user and each "
 "relay."
 msgstr ""
+"Bildet ovenfor illustrerer en bruker som besøker forskjellige nettsider over"
+" Tor. De grønne maskinene i midten representerer rutingstafettoppsett i Tor-"
+"nettverket, mens de tre nøklene representerer krypteringslag mellom brukeren"
+" og hvert rutingstafettoppsett."
 
 #: bridges.page:6
 msgid "Learn what bridges are and how to get them"
@@ -165,6 +174,8 @@ msgid ""
 "Email brid...@torproject.org from a Gmail, Yahoo, or Riseup email address, "
 "or"
 msgstr ""
+"Send en e-post til brid...@torproject.org fra en e-postadresse fra Gmail, "
+"Yahoo eller Riseup, alternativt"
 
 #: bridges.page:51
 msgid "Entering bridge addresses"
@@ -245,6 +256,8 @@ msgid ""
 "To use pluggable transports, click \"Configure\" in the Tor Launcher window "
 "that appears when you first run Tor Browser."
 msgstr ""
+"For å bruke pluggbare transporter, klikk \"Sett opp\" i Tor-"
+"oppstartervinduet som kommer opp når du først kjører Tor-nettleseren."
 
 #: circumvention.page:33
 msgid ""
@@ -252,6 +265,9 @@ msgid ""
 " clicking on the green onion near your address bar and selecting “Tor "
 "Network Settings”."
 msgstr ""
+"Du kan også sette opp pluggbare transporter mens Tor-nettleseren kjører, 
ved"
+" å klikke på den grønne løken nært adressefeltet ditt og velge \"Tor "
+"nettverksinnstillinger\"."
 
 #: circumvention.page:41
 msgid ""
@@ -341,6 +357,9 @@ msgid ""
 "for example, it could be blocked on your network. If this happens, you can "
 "use one of the alternative download methods listed below."
 msgstr ""
+"Dog kan det være tider der Tor-prosjektets nettside er utilgjengelig: for "
+"eksempel kan den være blokkert på ditt nettverk. Hvis dette skjer, kan du "
+"bruke en av de alternative nedlastingsmetodene nedenfor."
 
 #: downloading.page:27
 msgid "GetTor"
@@ -407,7 +426,7 @@ msgstr ""
 
 #: downloading.page:90
 msgid "To download Tor Browser using Satori:"
-msgstr ""
+msgstr "For å laste ned Tor-nettleseren ved bruk av Satori:"
 
 #: downloading.page:95
 msgid "Install Satori from the Chrome App Store."
@@ -621,7 +640,7 @@ msgstr ""
 
 #: managing-identities.page:10
 msgid "Managing identities"
-msgstr ""
+msgstr "Behandling av identiteter"
 
 #: managing-identities.page:12
 msgid ""
@@ -705,12 +724,16 @@ msgid ""
 "When you log in to a website over Tor, there are several points you should "
 "bear in mind:"
 msgstr ""
+"Når du logger på en nettside over Tor, er det flere punkter du bør ha i "
+"minnet:"
 
 #: managing-identities.page:79
 msgid ""
 "See the Secure Connections page for"
 " important information on how to secure your connection when logging in."
 msgstr ""
+"Se siden for Sikre tilkoblinger for"
+" viktig informasjon om 

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 0d543b7c9fea1caba5c0232acdc6c70a77f3610b
Author: Translation commit bot 
Date:   Fri Dec 9 03:48:20 2016 +

Update translations for tor-browser-manual
---
 es/es.po | 26 --
 nb/nb.po | 63 +--
 2 files changed, 77 insertions(+), 12 deletions(-)

diff --git a/es/es.po b/es/es.po
index 67d5f1c..a5fb39a 100644
--- a/es/es.po
+++ b/es/es.po
@@ -499,12 +499,20 @@ msgid ""
 "after the name of the program — each one represents a different source from 
"
 "which to get the software. Your download will then begin."
 msgstr ""
+"Cuando Satori se abra, pulse sobre su elección de idioma. Se abrirá un 
menú "
+"listando las descargas disponibles para ese idioma. Busque la entrada para "
+"el Navegador Tor (Tor Browser) bajo el nombre de su sistema operativo. "
+"Seleccione \"A\" o \"B\" tras el nombre del programa — cada una representa "
+"una fuente distinta desde la que obtener el software. Entonces comenzará su "
+"descarga."
 
 #: downloading.page:115
 msgid ""
 "Wait for your download to finish, then find the “Generate Hash” section 
in "
 "Satori’s menu and click “Select Files”."
 msgstr ""
+"Espere a que finalice su descarga, luego busque la sección \"Generar Hash\" "
+"en el menú de Satori, y pulse \"Seleccionar ficheros\"."
 
 #: downloading.page:121
 msgid ""
@@ -516,14 +524,22 @@ msgid ""
 "Browser. If they do not match, you may need to try downloading again,"
 " or from a different source."
 msgstr ""
+"Seleccione el archivo de Navegador Tor descargado. Satori mostrará la suma "
+"de verificación (checksum) del fichero, que debe comparar con la suma de "
+"verificación del software original: puede encontrarla haciendo clic en "
+"palabra \"checksum\" tras el enlace sobre el que hizo clic para iniciar la "
+"descarga. Si las sumas de verificación coinciden, su descarga fue exitosa, y"
+" puede comenzar a usar el Navegador Tor. Si"
+" no coinciden, puede que precise descargarlo de nuevo, o desde una fuente "
+"diferente."
 
 #: first-time.page:7
 msgid "Learn how to use Tor Browser for the first time"
-msgstr ""
+msgstr "Conozca cómo usar el Navegador Tor por primera vez"
 
 #: first-time.page:10
 msgid "Running Tor Browser for the first time"
-msgstr ""
+msgstr "Ejecutar el Navegador Tor por primera vez"
 
 #: first-time.page:12
 msgid ""
@@ -531,6 +547,10 @@ msgid ""
 "Settings window. This offers you the option to connect directly to the Tor "
 "network, or to configure Tor Browser for your connection."
 msgstr ""
+"Cuando ejecute el Navegador Tor por primera vez, verá la ventana de "
+"Configuración de la Red Tor. Esto le ofrece la opción de conectar "
+"directamente a la red Tor, o de configurar el Navegador Tor para su "
+"conexión."
 
 #: first-time.page:19
 msgid "Connect"
@@ -546,6 +566,8 @@ msgid ""
 "external ref='media/first-time/connect.png' "
 "md5='9d07068f751a3bfd274365a4ba8d90ca'"
 msgstr ""
+"external ref='media/first-time/connect.png' "
+"md5='9d07068f751a3bfd274365a4ba8d90ca'"
 
 #: first-time.page:23
 msgid ""
diff --git a/nb/nb.po b/nb/nb.po
index 1a0aec1..998e238 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -168,13 +168,15 @@ msgstr ""
 
 #: bridges.page:51
 msgid "Entering bridge addresses"
-msgstr ""
+msgstr "Innskriving av bro-adresser"
 
 #: bridges.page:52
 msgid ""
 "Once you have obtained some bridge addresses, you will need to enter them "
 "into Tor Launcher."
 msgstr ""
+"Når du har innhentet noen bro-adresser, vil du måtte fylle dem inn i Tor-"
+"oppstarteren."
 
 #: bridges.page:57
 msgid ""
@@ -182,6 +184,9 @@ msgid ""
 " to the Tor network. Select “Use custom bridges” and enter each bridge "
 "address on a separate line."
 msgstr ""
+"Velg \"Ja\" når du blir sport om din tjenestetilbyder for Internett "
+"blokkerer tilkoblinger til Tor-nettverket. Velg \"egendefinerte broer\" og "
+"skriv inn hver bro-adresse på en egen linje."
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -204,7 +209,7 @@ msgstr ""
 
 #: circumvention.page:6
 msgid "What to do if the Tor network is blocked"
-msgstr ""
+msgstr "Tiltak for et blokkert Tor-nettverk"
 
 #: circumvention.page:10
 msgid "Circumvention"
@@ -222,7 +227,7 @@ msgstr ""
 
 #: circumvention.page:22
 msgid "Using pluggable transports"
-msgstr ""
+msgstr "Bruk av pluggbare transporter"
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -253,6 +258,8 @@ msgid ""
 "Select “yes” when asked if your Internet Service Provider blocks 
connections"
 " to the Tor network."
 msgstr ""
+"Velg \"Ja\" når du blir sport om din tjenestetilbyder for Internett "
+"blokkerer tilkoblinger til Tor-nettverket."
 
 #. This is a reference to an external file such as an image or video. 

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 7e31b579f468ab9f3b47e3779cc439a36c7ba5be
Author: Translation commit bot 
Date:   Fri Dec 9 03:18:24 2016 +

Update translations for tor-browser-manual
---
 es/es.po | 11 +++
 nb/nb.po | 11 +--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/es/es.po b/es/es.po
index 39595a3..67d5f1c 100644
--- a/es/es.po
+++ b/es/es.po
@@ -468,25 +468,28 @@ msgstr ""
 
 #: downloading.page:84
 msgid "Satori"
-msgstr ""
+msgstr "Satori"
 
 #: downloading.page:85
 msgid ""
 "Satori is an add-on for the Chrome or Chromium browsers that allows you to "
 "download several security and privacy programs from different sources."
 msgstr ""
+"Satori es un complemento para navegadores Chrome y Chromium que le permite "
+"descargar varios programas de seguridad y privacidad desde distintas "
+"fuentes."
 
 #: downloading.page:90
 msgid "To download Tor Browser using Satori:"
-msgstr ""
+msgstr "Para descargar el Navegador Tor usando Satori:"
 
 #: downloading.page:95
 msgid "Install Satori from the Chrome App Store."
-msgstr ""
+msgstr "Instale Satori desde la Chrome App Store."
 
 #: downloading.page:100
 msgid "Select Satori from your browser’s Apps menu."
-msgstr ""
+msgstr "Seleccione Satori desde su menú Aplicaciones del navegador."
 
 #: downloading.page:105
 msgid ""
diff --git a/nb/nb.po b/nb/nb.po
index d00744a..1a0aec1 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -1124,11 +1124,11 @@ msgstr ""
 
 #: transports.page:6 transports.page:20
 msgid "Types of pluggable transport"
-msgstr ""
+msgstr "Typer pluggbare transporter"
 
 #: transports.page:10
 msgid "Pluggable Transports"
-msgstr ""
+msgstr "Pluggbare transporter"
 
 #: transports.page:12
 msgid ""
@@ -1137,6 +1137,10 @@ msgid ""
 "Provider or other authority is actively blocking connections to the Tor "
 "network."
 msgstr ""
+"Pluggbare transporter er verktøy Tor kan bruke for å forkle trafikken den "
+"sender ut. Dette kan være nyttig i situasjoner der en tjenestetilbyder for "
+"Internett eller annen autoritet aktivt blokkerer tilkoblinger til Tor-"
+"nettverket."
 
 #: transports.page:21
 msgid ""
@@ -1285,6 +1289,9 @@ msgid ""
 " computer. Uninstalling Tor Browser will not affect your system’s software "
 "or settings."
 msgstr ""
+"Tor-nettleseren har ingen innvirking på innstillinger eller programvare som "
+"allerede finnes på maskinen din. Avinstallering av Tor-nettleseren vil "
+"heller ikke ha noen innvirkning."
 
 #: uninstalling.page:18
 msgid "Removing Tor Browser from your system is simple:"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-properties_completed] Update translations for tor-launcher-properties_completed

[translation]

commit 00a53d38823537a17d96bee9dd5058d706f7d36f
Author: Translation commit bot 
Date:   Fri Dec 9 03:16:02 2016 +

Update translations for tor-launcher-properties_completed
---
 nb/torlauncher.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/torlauncher.properties b/nb/torlauncher.properties
index 2d73760..af07fa9 100644
--- a/nb/torlauncher.properties
+++ b/nb/torlauncher.properties
@@ -60,4 +60,4 @@ torlauncher.bootstrapWarning.identity=feil identitet
 torlauncher.bootstrapWarning.timeout=forbindelse tidsavbrutt
 torlauncher.bootstrapWarning.noroute=ingen rute til vert
 torlauncher.bootstrapWarning.ioerror=lese/skrive feil
-torlauncher.bootstrapWarning.pt_missing=Pluggable Transport mangler
+torlauncher.bootstrapWarning.pt_missing=pluggbar transport mangler

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-properties] Update translations for tor-launcher-properties

[translation]

commit 9e6e1e7fbd8f77f2c90bfec4df7476ff745473f4
Author: Translation commit bot 
Date:   Fri Dec 9 03:15:58 2016 +

Update translations for tor-launcher-properties
---
 nb/torlauncher.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/torlauncher.properties b/nb/torlauncher.properties
index 2d73760..af07fa9 100644
--- a/nb/torlauncher.properties
+++ b/nb/torlauncher.properties
@@ -60,4 +60,4 @@ torlauncher.bootstrapWarning.identity=feil identitet
 torlauncher.bootstrapWarning.timeout=forbindelse tidsavbrutt
 torlauncher.bootstrapWarning.noroute=ingen rute til vert
 torlauncher.bootstrapWarning.ioerror=lese/skrive feil
-torlauncher.bootstrapWarning.pt_missing=Pluggable Transport mangler
+torlauncher.bootstrapWarning.pt_missing=pluggbar transport mangler

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 7698e887121c0902cb08c101b0fa1d6bf7ac1191
Author: Translation commit bot 
Date:   Fri Dec 9 02:48:53 2016 +

Update translations for tor-browser-manual
---
 nb/nb.po | 32 +---
 1 file changed, 21 insertions(+), 11 deletions(-)

diff --git a/nb/nb.po b/nb/nb.po
index c21b880..d00744a 100644
--- a/nb/nb.po
+++ b/nb/nb.po
@@ -25,6 +25,8 @@ msgstr "Oversettere"
 #: about-tor-browser.page:7
 msgid "Learn what Tor Browser can do to protect your privacy and anonymity"
 msgstr ""
+"Lær hva Tor-nettleseren kan gjøre for å beskytte ditt personvern og din "
+"anonymitet"
 
 #: about-tor-browser.page:10
 msgid "About Tor Browser"
@@ -206,7 +208,7 @@ msgstr ""
 
 #: circumvention.page:10
 msgid "Circumvention"
-msgstr ""
+msgstr "Omgåelse"
 
 #: circumvention.page:12
 msgid ""
@@ -1245,7 +1247,7 @@ msgstr ""
 
 #: troubleshooting.page:64
 msgid "Is your connection censored?"
-msgstr ""
+msgstr "Er tilknytningen din sensurert?"
 
 #: troubleshooting.page:65
 msgid ""
@@ -1253,10 +1255,13 @@ msgid ""
 "censoring connections to the Tor network. Read the Circumvention section for possible solutions."
 msgstr ""
+"Hvis du ikke kan koble til, kan det hende at din tjenestetilbyder for "
+"Internett sensurerer tilkoblinger til Tor-nettverket. Les Omgåelse-delen for mulige løsninger."
 
 #: troubleshooting.page:74
 msgid "Known issues"
-msgstr ""
+msgstr "Kjente problemer"
 
 #: troubleshooting.page:75
 msgid ""
@@ -1268,11 +1273,11 @@ msgstr ""
 
 #: uninstalling.page:6
 msgid "How to remove Tor Browser from your system"
-msgstr ""
+msgstr "Hvordan fjerne Tor-nettleseren fra ditt system"
 
 #: uninstalling.page:10
 msgid "Uninstalling"
-msgstr ""
+msgstr "Avinstallering"
 
 #: uninstalling.page:12
 msgid ""
@@ -1283,7 +1288,7 @@ msgstr ""
 
 #: uninstalling.page:18
 msgid "Removing Tor Browser from your system is simple:"
-msgstr ""
+msgstr "Å fjerne Tor-nettleseren fra systemet ditt er enkelt:"
 
 #: uninstalling.page:24
 msgid ""
@@ -1299,7 +1304,7 @@ msgstr ""
 
 #: uninstalling.page:35
 msgid "Empty your Trash"
-msgstr ""
+msgstr "Tøm papirkurven din"
 
 #: uninstalling.page:39
 msgid ""
@@ -1308,11 +1313,11 @@ msgstr ""
 
 #: updating.page:6
 msgid "How to update Tor Browser"
-msgstr ""
+msgstr "Hvordan oppdatere Tor-nettleseren"
 
 #: updating.page:10
 msgid "Updating"
-msgstr ""
+msgstr "Oppdatering"
 
 #: updating.page:12
 msgid ""
@@ -1331,7 +1336,7 @@ msgstr ""
 
 #: updating.page:26
 msgid "Updating Tor Browser automatically"
-msgstr ""
+msgstr "Oppdaterer Tor-nettleseren automatisk"
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -1386,13 +1391,15 @@ msgstr ""
 
 #: updating.page:58
 msgid "Updating Tor Browser manually"
-msgstr ""
+msgstr "Oppdaterer Tor-nettleseren manuelt"
 
 #: updating.page:61
 msgid ""
 "When you are prompted to update Tor Browser, finish the browsing session and"
 " close the program."
 msgstr ""
+"Når du blir forespurt oppdatering av Tor-nettleseren, fullfør surfeøkta og 
"
+"lukk programmet."
 
 #: updating.page:67
 msgid ""
@@ -1400,6 +1407,9 @@ msgid ""
 "(see the Uninstalling section for more "
 "information)."
 msgstr ""
+"Fjern Tor-nettlesren fra systemet ditt ved å slette mappa den ligger i "
+"(sjekk Avinstallering-delen for mer "
+"informasjon)."
 
 #: updating.page:74
 msgid ""

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/exoneratorproperties_completed] Update translations for exoneratorproperties_completed

[translation]

commit 811295da847903f32079f102c004818a840efa4d
Author: Translation commit bot 
Date:   Fri Dec 9 02:48:48 2016 +

Update translations for exoneratorproperties_completed
---
 nb/exonerator.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/exonerator.properties b/nb/exonerator.properties
index 3044217..42d0777 100644
--- a/nb/exonerator.properties
+++ b/nb/exonerator.properties
@@ -47,6 +47,6 @@ footer.abouttor.body.link2=lær mer om Tor
 footer.abouttor.body.link3=kontakt The Tor Project, Inc.
 footer.aboutexonerator.heading=Om ExoneraTor
 footer.aboutexonerator.body=ExoneraTor-tjenesten veldikeholder en database med 
IP-adresser som har vært en del av Tor-nettverket. Den svarer på 
spørsmål knyttet til om et Tor-routingstafettoppsett kjørte på en angitt 
IP-adresse på en gitt dato. ExoneraTor kan lagre mer enn én IP-adresse 
per routingstafettoppsett hvis de bruker en annen IP-adresse for å trå over 
til Internett enn for å registrere seg i Tor-nettverket, og den lagrer 
hvorvidt et routingstafettoppsett tillot Tor-trafikk overgang til det åpne 
Internett på dette tidspunktet.
-footer.trademark.text="Tor" og "Onion-logoen" er %s tilhørende The Tor 
Project, Inc.
+footer.trademark.text="Tor" og "Løk-logoen" er %s tilhørende The Tor 
Project, Inc.
 footer.trademark.link=registrerte varemerker
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/exoneratorproperties] Update translations for exoneratorproperties

[translation]

commit ccbc39088b36382e4a06c8ce18424d0731c6db74
Author: Translation commit bot 
Date:   Fri Dec 9 02:48:45 2016 +

Update translations for exoneratorproperties
---
 nb/exonerator.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/exonerator.properties b/nb/exonerator.properties
index 3044217..42d0777 100644
--- a/nb/exonerator.properties
+++ b/nb/exonerator.properties
@@ -47,6 +47,6 @@ footer.abouttor.body.link2=lær mer om Tor
 footer.abouttor.body.link3=kontakt The Tor Project, Inc.
 footer.aboutexonerator.heading=Om ExoneraTor
 footer.aboutexonerator.body=ExoneraTor-tjenesten veldikeholder en database med 
IP-adresser som har vært en del av Tor-nettverket. Den svarer på 
spørsmål knyttet til om et Tor-routingstafettoppsett kjørte på en angitt 
IP-adresse på en gitt dato. ExoneraTor kan lagre mer enn én IP-adresse 
per routingstafettoppsett hvis de bruker en annen IP-adresse for å trå over 
til Internett enn for å registrere seg i Tor-nettverket, og den lagrer 
hvorvidt et routingstafettoppsett tillot Tor-trafikk overgang til det åpne 
Internett på dette tidspunktet.
-footer.trademark.text="Tor" og "Onion-logoen" er %s tilhørende The Tor 
Project, Inc.
+footer.trademark.text="Tor" og "Løk-logoen" er %s tilhørende The Tor 
Project, Inc.
 footer.trademark.link=registrerte varemerker
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed

[translation]

commit 6625f6bfad14d65233803c91ccb2ee35872f1ef6
Author: Translation commit bot 
Date:   Fri Dec 9 02:47:23 2016 +

Update translations for torbutton-aboutdialogdtd_completed
---
 nb/aboutdialog.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/aboutdialog.dtd b/nb/aboutdialog.dtd
index 62a3a58..fbb2aba 100644
--- a/nb/aboutdialog.dtd
+++ b/nb/aboutdialog.dtd
@@ -16,4 +16,4 @@
 
 
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd

[translation]

commit f96b1abbae52f01afece93acb3b99c4b3b3dd97a
Author: Translation commit bot 
Date:   Fri Dec 9 02:47:19 2016 +

Update translations for torbutton-aboutdialogdtd
---
 nb/aboutdialog.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/aboutdialog.dtd b/nb/aboutdialog.dtd
index 62a3a58..fbb2aba 100644
--- a/nb/aboutdialog.dtd
+++ b/nb/aboutdialog.dtd
@@ -16,4 +16,4 @@
 
 
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties

[translation]

commit 8dc0969a9ccaaac22754bc7153c16003b727089b
Author: Translation commit bot 
Date:   Fri Dec 9 02:46:49 2016 +

Update translations for torbutton-torbuttonproperties
---
 nb/torbutton.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/torbutton.properties b/nb/torbutton.properties
index a8422c8..310bf5f 100644
--- a/nb/torbutton.properties
+++ b/nb/torbutton.properties
@@ -1,6 +1,6 @@
 torbutton.circuit_display.internet = Internett
 torbutton.circuit_display.ip_unknown = Ukjent IP
-torbutton.circuit_display.onion_site = Onion-side
+torbutton.circuit_display.onion_site = Løk-side
 torbutton.circuit_display.this_browser = Denne nettleseren
 torbutton.circuit_display.relay = rutingsstafettoppsett
 torbutton.circuit_display.tor_bridge = Bro

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbirdy_completed] Update translations for torbirdy_completed

[translation]

commit 0014683858562677486edd635bad481fa8210ae8
Author: Translation commit bot 
Date:   Fri Dec 9 02:45:56 2016 +

Update translations for torbirdy_completed
---
 nb/torbirdy.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/torbirdy.dtd b/nb/torbirdy.dtd
index 3b5db95..c5f9673 100644
--- a/nb/torbirdy.dtd
+++ b/nb/torbirdy.dtd
@@ -50,7 +50,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbirdy] Update translations for torbirdy

[translation]

commit 43a0296316f6edbc74f6c19cf60d31c4c3f1bcc6
Author: Translation commit bot 
Date:   Fri Dec 9 02:45:51 2016 +

Update translations for torbirdy
---
 nb/torbirdy.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nb/torbirdy.dtd b/nb/torbirdy.dtd
index 3b5db95..c5f9673 100644
--- a/nb/torbirdy.dtd
+++ b/nb/torbirdy.dtd
@@ -50,7 +50,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 8d06c21a8d5aa0e76433f29bda8dfd16b6b0adb6
Author: Translation commit bot 
Date:   Fri Dec 9 02:18:59 2016 +

Update translations for tor-browser-manual
---
 es/es.po | 33 -
 1 file changed, 28 insertions(+), 5 deletions(-)

diff --git a/es/es.po b/es/es.po
index dc3e620..39595a3 100644
--- a/es/es.po
+++ b/es/es.po
@@ -379,7 +379,7 @@ msgid ""
 "makes it much harder for somebody to tamper with."
 msgstr ""
 "La forma más fácil y simple de descargar el Navegador Tor es desde el sitio 
"
-"web oficial del Proyecto Tor en https://www.torproject.org. Su conexión al "
+"web oficial del Tor Project en https://www.torproject.org. Su conexión al "
 "sitio será asegurada usando HTTPS, "
 "que se lo pone mucho más difícil a cualquiera para manipularla."
 
@@ -389,10 +389,14 @@ msgid ""
 "for example, it could be blocked on your network. If this happens, you can "
 "use one of the alternative download methods listed below."
 msgstr ""
+"Sin embargo, hay muchas ocasiones en las que no puede acceder al sitio web "
+"del Tor Project: por ejemplo, podría estar bloqueado en su red. Si esto "
+"sucede, puede usar uno de los métodos de descarga alternativos listados "
+"debajo."
 
 #: downloading.page:27
 msgid "GetTor"
-msgstr ""
+msgstr "GetTor"
 
 #: downloading.page:28
 msgid ""
@@ -400,10 +404,13 @@ msgid ""
 "the latest version of Tor Browser, hosted at a variety of locations, such as"
 " Dropbox, Google Drive and Github.."
 msgstr ""
+"GetTor (obtener tor) es un servicio que responde automáticamente a los "
+"mensajes con enlaces a la versión más reciente del Navegador Tor, alojada 
en"
+" distintas ubicaciones, como Dropbox, Google Drive y GitHub."
 
 #: downloading.page:34
 msgid "To use GetTor via email:"
-msgstr ""
+msgstr "Para usar GetTor vía correo electrónico:"
 
 #: downloading.page:39
 msgid ""
@@ -411,6 +418,9 @@ msgid ""
 "simply write “windows”, “osx”, or “linux”, (without quotation 
marks) "
 "depending on your operating system."
 msgstr ""
+"Envíe un correo a get...@torproject.org, y en el cuerpo del mensaje escriba "
+"simplemente “windows”, “osx”, o “linux”, (sin las comillas) 
dependiendo de "
+"su sistema operativo."
 
 #: downloading.page:46
 msgid ""
@@ -421,10 +431,17 @@ msgid ""
 "“32-bit” or “64-bit” software: this depends on the model of the 
computer you"
 " are using."
 msgstr ""
+"GetTor responderá con un correo conteniendo enlaces desde los que puede "
+"descargar el paquete del Navegador Tor, la firma criptográfica (necesaria "
+"para verificar la descarga), la huella de validación (fingerprint) de la "
+"clave usada para hacer la firma, y la suma de verificación (checksum) del "
+"paquete. Puede que se le ofrezca la elección entre software de \"32-bit\" o "
+"de \"64-bit\": la elección dependerá del modelo de la computadora donde se "
+"vaya a usar."
 
 #: downloading.page:57
 msgid "To use GetTor via Twitter:"
-msgstr ""
+msgstr "Para usar GetTor vía Twitter:"
 
 #: downloading.page:62
 msgid ""
@@ -432,16 +449,22 @@ msgid ""
 "Message to @get_tor with the words \"osx en\" in it (you don't need to "
 "follow the account)."
 msgstr ""
+"Para obtener enlaces para descargar el Navegador Tor en inglés para OS X, "
+"envíe un Mensaje Directo a @get_tor con las palabras \"osx en\" en él (no "
+"necesita seguir la cuenta)."
 
 #: downloading.page:70
 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):"
-msgstr ""
+msgstr "Para usar GetTor vía Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):"
 
 #: downloading.page:75
 msgid ""
 "To get links for downloading Tor Browser in Chinese for Linux, send a "
 "message to get...@torproject.org with the words \"linux zh\" in it."
 msgstr ""
+"Para obtener enlaces para descargar el Navegador Tor en chino para Linux, "
+"envíe un mensaje a get...@torproject.org con las palabras \"linux zh\" (sin "
+"las comillas) en él."
 
 #: downloading.page:84
 msgid "Satori"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 4e5a727f21bce880100ba2bbfe10343d3611d3cf
Author: Translation commit bot 
Date:   Fri Dec 9 01:48:54 2016 +

Update translations for tor-browser-manual
---
 es/es.po   | 13 ++---
 pt_BR/pt_BR.po | 11 ++-
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/es/es.po b/es/es.po
index c2a93c7..dc3e620 100644
--- a/es/es.po
+++ b/es/es.po
@@ -1,7 +1,6 @@
 # Translators:
 # strel , 2016
 # Joaquín Tita , 2016
-# Diego Contreras <>, 2016
 # Lena , 2016
 msgid ""
 msgstr ""
@@ -359,14 +358,18 @@ msgid ""
 "xref=\"bridges\">Bridges section to learn what bridges are and how to"
 " obtain them."
 msgstr ""
+"Si prueba todas estas opciones, y con ninguna de ellas consigue conectar, "
+"necesitará introducir direcciones de puentes de red manualmente. Lea la "
+"sección Puentes para conocer qué son los "
+"repetidores puente y cómo obtenerlos."
 
 #: downloading.page:7
 msgid "How to download Tor Browser"
-msgstr ""
+msgstr "Cómo descargar el Navegador Tor"
 
 #: downloading.page:10
 msgid "Downloading"
-msgstr "Descargando"
+msgstr "Descargar"
 
 #: downloading.page:12
 msgid ""
@@ -375,6 +378,10 @@ msgid ""
 "will be secured using HTTPS, which "
 "makes it much harder for somebody to tamper with."
 msgstr ""
+"La forma más fácil y simple de descargar el Navegador Tor es desde el sitio 
"
+"web oficial del Proyecto Tor en https://www.torproject.org. Su conexión al "
+"sitio será asegurada usando HTTPS, "
+"que se lo pone mucho más difícil a cualquiera para manipularla."
 
 #: downloading.page:19
 msgid ""
diff --git a/pt_BR/pt_BR.po b/pt_BR/pt_BR.po
index 78f7eeb..8ddd24a 100644
--- a/pt_BR/pt_BR.po
+++ b/pt_BR/pt_BR.po
@@ -1,11 +1,12 @@
 # Translators:
 # Communia , 2016
+# CRISTIANO MARQUES DOS SANTOS , 2016
 msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "POT-Creation-Date: 2016-12-06 16:36-0600\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-"Last-Translator: Communia , 2016\n"
+"Last-Translator: CRISTIANO MARQUES DOS SANTOS 
, 2016\n"
 "Language-Team: Portuguese (Brazil) 
(https://www.transifex.com/otf/teams/1519/pt_BR/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -520,6 +521,14 @@ msgid ""
 "Browser. If they do not match, you may need to try downloading again,"
 " or from a different source."
 msgstr ""
+"Selecione o download do Tor Browser. O Satori exibirá que a soma de "
+"verificação do arquivo , que você deve comparar com a soma de 
verificação do"
+" software original: você pode encontrar isto clicando a palavra \"checksum\""
+" depois do link que você clicou para começar o download. Se as somas de "
+"vericação for igual, seu download foi um sucesso total, e você poderecomeçar usando o Browser Tor.  se eles não "
+"forem iguais, você pode precisar tentar baixar novamente, ou de uma fonte "
+"diferente."
 
 #: first-time.page:7
 msgid "Learn how to use Tor Browser for the first time"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual_completed] pulling translations from transifex

[translation]

commit 3e3bb34cb2936dbd31cfd087cd1ba89b73545308
Author: Translation commit bot 
Date:   Fri Dec 9 01:27:13 2016 +

pulling translations from transifex
---
 templates/tor-browser-manual.pot | 1791 ++
 1 file changed, 1791 insertions(+)

diff --git a/templates/tor-browser-manual.pot b/templates/tor-browser-manual.pot
new file mode 100644
index 000..40b1ed4
--- /dev/null
+++ b/templates/tor-browser-manual.pot
@@ -0,0 +1,1791 @@
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2016-12-06 16:36-0600\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME \n"
+"Language-Team: LANGUAGE \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Put one translator per line, in the form NAME , YEAR1, YEAR2
+msgctxt "_"
+msgid "translator-credits"
+msgstr "translator-credits"
+
+#: about-tor-browser.page:7
+msgid "Learn what Tor Browser can do to protect your privacy and anonymity"
+msgstr "Learn what Tor Browser can do to protect your privacy and anonymity"
+
+#: about-tor-browser.page:10
+msgid "About Tor Browser"
+msgstr "About Tor Browser"
+
+#: about-tor-browser.page:12
+msgid ""
+"Tor Browser uses the Tor network to protect your privacy and anonymity. "
+"Using the Tor network has two main properties:"
+msgstr ""
+"Tor Browser uses the Tor network to protect your privacy and anonymity. "
+"Using the Tor network has two main properties:"
+
+#: about-tor-browser.page:18
+msgid ""
+"Your internet service provider, and anyone watching your connection locally,"
+" will not be able to track your internet activity, including the names and "
+"addresses of the websites you visit."
+msgstr ""
+"Your internet service provider, and anyone watching your connection locally,"
+" will not be able to track your internet activity, including the names and "
+"addresses of the websites you visit."
+
+#: about-tor-browser.page:25
+msgid ""
+"The operators of the websites and services that you use, and anyone watching"
+" them, will see a connection coming from the Tor network instead of your "
+"real Internet (IP) address, and will not know who you are unless you "
+"explicitly identify yourself."
+msgstr ""
+"The operators of the websites and services that you use, and anyone watching"
+" them, will see a connection coming from the Tor network instead of your "
+"real Internet (IP) address, and will not know who you are unless you "
+"explicitly identify yourself."
+
+#: about-tor-browser.page:34
+msgid ""
+"In addition, Tor Browser is designed to prevent websites from "
+"“fingerprinting” or identifying you based on your browser configuration."
+msgstr ""
+"In addition, Tor Browser is designed to prevent websites from "
+"“fingerprinting” or identifying you based on your browser configuration."
+
+#: about-tor-browser.page:39
+msgid ""
+"By default, Tor Browser does not keep any browsing history. Cookies are only"
+" valid for a single session (until Tor Browser is exited or a New Identity is requested)."
+msgstr ""
+"By default, Tor Browser does not keep any browsing history. Cookies are only"
+" valid for a single session (until Tor Browser is exited or a New Identity is requested)."
+
+#: about-tor-browser.page:50
+msgid "How Tor works"
+msgstr "How Tor works"
+
+#: about-tor-browser.page:52
+msgid ""
+"Tor is a network of virtual tunnels that allows you to improve your privacy "
+"and security on the Internet. Tor works by sending your traffic through "
+"three random servers (also known as relays) in the Tor network. The"
+" last relay in the circuit (the “exit relay”) then sends the traffic out "
+"onto the public Internet."
+msgstr ""
+"Tor is a network of virtual tunnels that allows you to improve your privacy "
+"and security on the Internet. Tor works by sending your traffic through "
+"three random servers (also known as relays) in the Tor network. The"
+" last relay in the circuit (the “exit relay”) then sends the traffic out "
+"onto the public Internet."
+
+#. This is a reference to an external file such as an image or video. When
+#. the file changes, the md5 hash will change to let you know you need to
+#. update your localized copy. The msgstr is not used at all. Set it to
+#. whatever you like once you have updated your copy of the file.
+#: about-tor-browser.page:59
+msgctxt "_"
+msgid ""
+"external ref='media/how-tor-works.png' "
+"md5='6fe4151a88b7a518466f0582e40ccc8c'"
+msgstr ""
+"external ref='media/how-tor-works.png' "
+"md5='6fe4151a88b7a518466f0582e40ccc8c'"
+
+#: about-tor-browser.page:60
+msgid ""
+"The image above illustrates a user browsing to different websites over Tor. "
+"The green middle computers represent relays in the Tor network, while the "
+"three keys represent the layers of encryption between the user and each "
+"relay."
+msgstr ""
+"The image above 

[tor-commits] [sandboxed-tor-browser/master] Re-enable normalizing UID/GID on systems that support it.

[yawning]

commit 1f82276f539a9033f6c80dd94f1b77749fa6504c
Author: Yawning Angel 
Date:   Fri Dec 9 01:23:56 2016 +

Re-enable normalizing UID/GID on systems that support it.

USER_NS considered harmful, but if the user is running a kernel that
supports it, use it.
---
 .../internal/sandbox/hugbox.go | 49 +++---
 1 file changed, 34 insertions(+), 15 deletions(-)

diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go 
b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
index c52c879..bbc4333 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
@@ -71,26 +71,27 @@ type hugbox struct {
cmd string
cmdArgs []string
 
-   hostname   string
-   runtimeDir string
-   homeDirstring
-   chdir  string
-   mountProc  bool
-   unshareunshareOpts
-   stdin  io.Reader
-   stdout io.Writer
-   stderr io.Writer
-   seccompFn  func(*os.File) error
-   pdeathSig  syscall.Signal
+   hostname  string
+   homeDir   string
+   chdir string
+   mountProc bool
+   unshare   unshareOpts
+   stdin io.Reader
+   stdoutio.Writer
+   stderrio.Writer
+   seccompFn func(*os.File) error
+   pdeathSig syscall.Signal
 
fakeDbus bool
standardLibs bool
 
-   // Internal options, not to be modified except via helpers, unless you
+   // Internal options, not to be *modified* except via helpers, unless you
// know what you are doing.
bwrapPath string
args  []string
fileData  [][]byte
+
+   runtimeDir string // Set at creation time.
 }
 
 func (h *hugbox) setenv(k, v string) {
@@ -224,8 +225,17 @@ func (h *hugbox) run() (*exec.Cmd, error) {
if h.chdir != "" {
fdArgs = append(fdArgs, "--chdir", h.chdir)
}
-   passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live 
User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid())
-   groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid())
+
+   uid, gid := os.Getuid(), os.Getgid()
+   if h.unshare.user {
+   uid, gid = 1000, 1000
+   fdArgs = append(fdArgs, []string{
+   "--uid", "1000",
+   "--gid", "1000",
+   }...)
+   }
+   passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live 
User,,,:/home/amnesia:/bin/bash\n", uid, gid)
+   groupBody := fmt.Sprintf("amnesia:x:%d:\n", gid)
h.file("/etc/passwd", []byte(passwdBody))
h.file("/etc/group", []byte(groupBody))
 
@@ -371,7 +381,7 @@ type bwrapInfo struct {
 func newHugbox() (*hugbox, error) {
h := {
unshare: unshareOpts{
-   user:   false, // No point, not enough USER_NS support.
+   user:   false,
ipc:true,
pid:true,
net:true,
@@ -386,6 +396,15 @@ func newHugbox() (*hugbox, error) {
standardLibs: true,
}
 
+   // This option is considered dangerous and leads to things like
+   // CVE-2016-8655.  But if the user is running with this enabled,
+   // then might as well take advantage of it.
+   if FileExists("/proc/self/ns/user") {
+   Debugf("sandbox: User namespace support detected.")
+   h.unshare.user = true
+   h.runtimeDir = "/run/user/1000"
+   }
+
// Look for the bwrap binary in sensible locations.
bwrapPaths := []string{
"/usr/bin/bwrap",

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation-tools/master] Add tor-browser-manual and tor-browser-manual_completed

[colin]

commit f445383db0f6d7f04843961d92f9a92998585773
Author: Colin Childs 
Date:   Thu Dec 8 19:14:04 2016 -0600

Add tor-browser-manual and tor-browser-manual_completed
---
 config | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config b/config
index 27815d9..d2348ec 100644
--- a/config
+++ b/config
@@ -36,7 +36,8 @@ tor-messenger-privdtd tor-messenger-privdtd_completed
 tor-messenger-privproperties tor-messenger-privproperties_completed
 tor-messenger-uiproperties tor-messenger-uiproperties_completed
 tails-greeter-2 tails-greeter-2_completed exoneratorproperties
-exoneratorproperties_completed"
+exoneratorproperties_completed tor-browser-manual
+tor-browser-manual_completed"
 
 PIDFILE=/srv/translation.torproject.org/run/update_translations.pid
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [sandboxed-tor-browser/master] Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4

[yawning]

commit 031521f8aebc75fb29d1b02f16125ed4a3d77647
Author: Yawning Angel 
Date:   Fri Dec 9 00:49:11 2016 +

Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4

I forgot why I didn't do this in the first place, till I remembered that
all my systems I've been testing on recently have USER_NS in one form or
another.
---
 data/group |  1 -
 data/passwd|  1 -
 .../internal/sandbox/hugbox.go | 22 ++
 3 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/data/group b/data/group
deleted file mode 100644
index cbaebb5..000
--- a/data/group
+++ /dev/null
@@ -1 +0,0 @@
-amnesia:x:1000:
diff --git a/data/passwd b/data/passwd
deleted file mode 100644
index bed4f72..000
--- a/data/passwd
+++ /dev/null
@@ -1 +0,0 @@
-amnesia:x:1000:1000:Debian Live User,,,:/home/amnesia:/bin/bash
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go 
b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
index 98b2ec7..c52c879 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
@@ -35,7 +35,7 @@ import (
 )
 
 type unshareOpts struct {
-   // user   bool
+   user   bool
ipcbool
pidbool
netbool
@@ -46,10 +46,9 @@ type unshareOpts struct {
 func (u *unshareOpts) toArgs() []string {
var args []string
 
-   // A new user namespace is created unconditionally, so that gid/uids
-   // can be normalized.
-   args = append(args, "--unshare-user")
-
+   if u.user {
+   args = append(args, "--unshare-user")
+   }
if u.ipc {
args = append(args, "--unshare-ipc")
}
@@ -225,11 +224,10 @@ func (h *hugbox) run() (*exec.Cmd, error) {
if h.chdir != "" {
fdArgs = append(fdArgs, "--chdir", h.chdir)
}
-
-   fdArgs = append(fdArgs, "--uid", "1000")
-   fdArgs = append(fdArgs, "--gid", "1000")
-   h.assetFile("/etc/passwd", "passwd")
-   h.assetFile("/etc/group", "group")
+   passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live 
User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid())
+   groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid())
+   h.file("/etc/passwd", []byte(passwdBody))
+   h.file("/etc/group", []byte(groupBody))
 
if h.fakeDbus {
h.setupDbus()
@@ -373,7 +371,7 @@ type bwrapInfo struct {
 func newHugbox() (*hugbox, error) {
h := {
unshare: unshareOpts{
-   // user:   true,
+   user:   false, // No point, not enough USER_NS support.
ipc:true,
pid:true,
net:true,
@@ -382,7 +380,7 @@ func newHugbox() (*hugbox, error) {
},
hostname: "amnesia",
mountProc:true,
-   runtimeDir:   filepath.Join("/run", "user", "1000"),
+   runtimeDir:   filepath.Join("/run", "user", fmt.Sprintf("%d", 
os.Getuid())),
homeDir:  "/home/amnesia",
pdeathSig:syscall.SIGTERM,
standardLibs: true,

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-greeter] Update translations for tails-greeter

[translation]

commit 89440e2410b6d19da006c047c52cd08794c19101
Author: Translation commit bot 
Date:   Thu Dec 8 23:45:40 2016 +

Update translations for tails-greeter
---
 es/es.po | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/es/es.po b/es/es.po
index aa724df..adb6002 100644
--- a/es/es.po
+++ b/es/es.po
@@ -5,6 +5,7 @@
 # Translators:
 # Carlos Marin , 2016
 # her_tor_es_ar , 2014
+# eulalio barbero espinosa , 2016
 # Animalcustomize , 2014
 # Noel Torres , 2013
 # ROSA CRUELLS , 2015
@@ -15,8 +16,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2016-09-02 14:43+0200\n"
-"PO-Revision-Date: 2016-11-19 18:52+\n"
-"Last-Translator: Carlos Marin \n"
+"PO-Revision-Date: 2016-12-08 23:37+\n"
+"Last-Translator: eulalio barbero espinosa \n"
 "Language-Team: Spanish 
(http://www.transifex.com/otf/torproject/language/es/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -26,7 +27,7 @@ msgstr ""
 
 #: ../glade/persistencewindow.glade.h:1
 msgid "Forward"
-msgstr "Continuar"
+msgstr "Adelante"
 
 #: ../glade/persistencewindow.glade.h:2 ../glade/optionswindow.glade.h:1
 msgid "Login"
@@ -169,7 +170,7 @@ msgstr "Diseño"
 msgid ""
 "live-persist failed with return code %(returncode)s:\n"
 "%(stderr)s"
-msgstr "live-persist falló con el código de retorno %(returncode)s: 
\n%(stderr)s"
+msgstr "ve-persist falló devolviendo el código %(returncode)s: %(stderr)s"
 
 #: ../tailsgreeter/persistence.py:99
 #, python-format
@@ -185,7 +186,7 @@ msgid ""
 "live-persist failed with return code %(returncode)s:\n"
 "%(stdout)s\n"
 "%(stderr)s"
-msgstr "live-persist falló con el código de retorno %(returncode)s: 
\n%(stdout)s \n%(stderr)s"
+msgstr "live-persist falló devolviendo el código %(returncode)s: 
\n%(stdout)s \n%(stderr)s"
 
 #: ../tailsgreeter/langpanel.py:142 ../tailsgreeter/langpanel.py:169
 #: ../tailsgreeter/langpanel.py:202

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-greeter_completed] Update translations for tails-greeter_completed

[translation]

commit 9ec2995955e191811f64ab5caedef8e396fb5822
Author: Translation commit bot 
Date:   Thu Dec 8 23:45:44 2016 +

Update translations for tails-greeter_completed
---
 es/es.po | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/es/es.po b/es/es.po
index aa724df..adb6002 100644
--- a/es/es.po
+++ b/es/es.po
@@ -5,6 +5,7 @@
 # Translators:
 # Carlos Marin , 2016
 # her_tor_es_ar , 2014
+# eulalio barbero espinosa , 2016
 # Animalcustomize , 2014
 # Noel Torres , 2013
 # ROSA CRUELLS , 2015
@@ -15,8 +16,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2016-09-02 14:43+0200\n"
-"PO-Revision-Date: 2016-11-19 18:52+\n"
-"Last-Translator: Carlos Marin \n"
+"PO-Revision-Date: 2016-12-08 23:37+\n"
+"Last-Translator: eulalio barbero espinosa \n"
 "Language-Team: Spanish 
(http://www.transifex.com/otf/torproject/language/es/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -26,7 +27,7 @@ msgstr ""
 
 #: ../glade/persistencewindow.glade.h:1
 msgid "Forward"
-msgstr "Continuar"
+msgstr "Adelante"
 
 #: ../glade/persistencewindow.glade.h:2 ../glade/optionswindow.glade.h:1
 msgid "Login"
@@ -169,7 +170,7 @@ msgstr "Diseño"
 msgid ""
 "live-persist failed with return code %(returncode)s:\n"
 "%(stderr)s"
-msgstr "live-persist falló con el código de retorno %(returncode)s: 
\n%(stderr)s"
+msgstr "ve-persist falló devolviendo el código %(returncode)s: %(stderr)s"
 
 #: ../tailsgreeter/persistence.py:99
 #, python-format
@@ -185,7 +186,7 @@ msgid ""
 "live-persist failed with return code %(returncode)s:\n"
 "%(stdout)s\n"
 "%(stderr)s"
-msgstr "live-persist falló con el código de retorno %(returncode)s: 
\n%(stdout)s \n%(stderr)s"
+msgstr "live-persist falló devolviendo el código %(returncode)s: 
\n%(stdout)s \n%(stderr)s"
 
 #: ../tailsgreeter/langpanel.py:142 ../tailsgreeter/langpanel.py:169
 #: ../tailsgreeter/langpanel.py:202

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a completely stupid stack-protector warning in test_channels.c

[nickm]

commit 39f455468731d4746adb729a67597927beaca4b8
Author: Nick Mathewson 
Date:   Thu Dec 8 17:50:01 2016 -0500

Fix a completely stupid stack-protector warning in test_channels.c

This was breaking the build on debian precise, since it thought that
using a 'const int' to dimension an array made that array
variable-size, and made us not get protection.

Bug not in any released version of Tor.

I will insist that this one wasn't my fault.

"Variables won't. Constants aren't." -- Osborn's Law
---
 src/test/test_channel.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/test/test_channel.c b/src/test/test_channel.c
index f158b1a..862bd6d 100644
--- a/src/test/test_channel.c
+++ b/src/test/test_channel.c
@@ -1772,7 +1772,7 @@ static void
 test_channel_id_map(void *arg)
 {
   (void)arg;
-  const int N_CHAN = 6;
+#define N_CHAN 6
   char rsa_id[N_CHAN][DIGEST_LEN];
   ed25519_public_key_t *ed_id[N_CHAN];
   channel_t *chan[N_CHAN];
@@ -1871,6 +1871,7 @@ test_channel_id_map(void *arg)
 free_fake_channel(chan[i]);
 tor_free(ed_id[i]);
   }
+#undef N_CHAN
 }
 
 struct testcase_t channel_tests[] = {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-greeter-2_completed] Update translations for tails-greeter-2_completed

[translation]

commit 9286e25c00db5d0a7f701228db2395f5ad878586
Author: Translation commit bot 
Date:   Thu Dec 8 22:20:34 2016 +

Update translations for tails-greeter-2_completed
---
 bg/bg.po |  50 +-
 es/es.po |  12 +++
 tr/tr.po | 124 +++
 3 files changed, 83 insertions(+), 103 deletions(-)

diff --git a/bg/bg.po b/bg/bg.po
index 350fc0d..2828094 100644
--- a/bg/bg.po
+++ b/bg/bg.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2016-12-02 12:10+\n"
+"POT-Creation-Date: 2016-12-03 13:14+\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: alexdimitrov , 2016\n"
 "Language-Team: Bulgarian (https://www.transifex.com/otf/teams/1519/bg/)\n"
@@ -57,7 +57,7 @@ msgstr "Windows камуфлаж"
 #: ../data/greeter.ui.h:10
 msgid ""
 "This option makes Tails look like Microsoft Windows 10. This can be useful "
-"to avoid attracting suspiction in public places."
+"to avoid attracting suspicion in public places."
 msgstr ""
 "Тази опция променя Tails визуално, за да 
наподобява Microsoft Windows 10. "
 "Това е полезно за избягване привличане на 
вниманието на публични места."
@@ -147,8 +147,8 @@ msgstr "Настройки на постоянното 
дисково прост
 msgid "Enter your passphrase to unlock the persistent storage"
 msgstr "Въведете паролата за отключване на 
постоянното дисково пространство"
 
-#: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:767
-#: ../tailsgreeter/gui.py:928
+#: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:798
+#: ../tailsgreeter/gui.py:962
 msgid "Unlock"
 msgstr "Отключване"
 
@@ -156,7 +156,7 @@ msgstr "Отключване"
 msgid "Relock Persistent Storage"
 msgstr "Заключване на постоянното дисково 
пространство"
 
-#: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:492
+#: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:514
 msgid "Additional Settings"
 msgstr "Допълнителни настройки"
 
@@ -202,11 +202,11 @@ msgstr ""
 "Настройките по подразбиране са безопасни 
в повечето ситуации. За да зададете"
 " ръчни настройки натиснете \"+\" бутонът 
по-долу."
 
-#: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:690
+#: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:717
 msgid "Off (default)"
 msgstr "Изкл (подразбиране)"
 
-#: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:688
+#: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:715
 msgid "On (default)"
 msgstr "Вкл (подразбиране)"
 
@@ -214,35 +214,35 @@ msgstr "Вкл (подразбиране)"
 msgid "Network Connection"
 msgstr "Връзка с мрежата"
 
-#: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:880
+#: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:914
 msgid "Direct (default)"
 msgstr "Директна (подразбиране)"
 
-#: ../tailsgreeter/gui.py:436
+#: ../tailsgreeter/gui.py:456
 msgid "Shutdown"
 msgstr "Изключване"
 
-#: ../tailsgreeter/gui.py:442
+#: ../tailsgreeter/gui.py:462
 msgid "Start Tails"
 msgstr "Стартиране на Tails"
 
-#: ../tailsgreeter/gui.py:501
+#: ../tailsgreeter/gui.py:523
 msgid "Cancel"
 msgstr "Откажи"
 
-#: ../tailsgreeter/gui.py:505
+#: ../tailsgreeter/gui.py:527
 msgid "Add"
 msgstr "Добави"
 
-#: ../tailsgreeter/gui.py:511
+#: ../tailsgreeter/gui.py:534
 msgid "Back"
 msgstr "Назад"
 
-#: ../tailsgreeter/gui.py:627
+#: ../tailsgreeter/gui.py:652
 msgid "Unlocking…"
 msgstr "Отключване..."
 
-#: ../tailsgreeter/gui.py:653
+#: ../tailsgreeter/gui.py:680
 msgid ""
 "You will configure the Tor bridge and local proxy later on after connecting "
 "to a network."
@@ -250,33 +250,33 @@ msgstr ""
 "Ще настроите Tor мост и локално прокси 
по-късно след установяване на връзка "
 "с мрежата."
 
-#: ../tailsgreeter/gui.py:693
+#: ../tailsgreeter/gui.py:720
 msgid "On"
 msgstr "Вкл"
 
-#: ../tailsgreeter/gui.py:695
+#: ../tailsgreeter/gui.py:722
 msgid "Off"
 msgstr "Изкл"
 
-#: ../tailsgreeter/gui.py:769
+#: ../tailsgreeter/gui.py:801
 msgid "Failed to relock persistent storage."
 msgstr "Неуспешно заключване на постоянното 
дисково пространство."
 
-#: ../tailsgreeter/gui.py:886
+#: ../tailsgreeter/gui.py:920
 msgid "Bridge & Proxy"
 msgstr "Мост & прокси"
 
-#: ../tailsgreeter/gui.py:892
+#: ../tailsgreeter/gui.py:926
 msgid "Offline"
 msgstr "Извън линия"
 
-#: ../tailsgreeter/gui.py:931
+#: 

[tor-commits] [translation/exoneratorproperties] Update translations for exoneratorproperties

[translation]

commit b90ead444a99fb353f59904b69ac9e926bd2202c
Author: Translation commit bot 
Date:   Thu Dec 8 22:20:38 2016 +

Update translations for exoneratorproperties
---
 cs/exonerator.properties | 8 
 fr/exonerator.properties | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/cs/exonerator.properties b/cs/exonerator.properties
index b92c6c1..d5112a8 100644
--- a/cs/exonerator.properties
+++ b/cs/exonerator.properties
@@ -5,13 +5,13 @@ form.search.label=Hledat
 summary.heading=Shrnutí
 summary.serverproblem.dbnoconnect.title=Problém na serveru
 summary.serverproblem.dbnoconnect.body.text=Nemohu se připojit k databázi. 
Zkuste to prosím později. Když bude tento problém přetrvávat prosím %s\!
-summary.serverproblem.dbnoconnect.body.link=let us know
+summary.serverproblem.dbnoconnect.body.link=Kontaktujte nás
 summary.serverproblem.dbempty.title=Problém na serveru
 summary.serverproblem.dbempty.body.text=The database appears to be empty. 
Please try again later. If this problem persists, please %s\!
-summary.serverproblem.dbempty.body.link=let us know
+summary.serverproblem.dbempty.body.link=Kontaktujte nás
 summary.invalidparams.notimestamp.title=No date parameter given
 summary.invalidparams.notimestamp.body=Sorry, you also need to provide a date 
parameter.
-summary.invalidparams.noip.title=No IP address parameter given
+summary.invalidparams.noip.title=Žádná IP adresa není udána 
 summary.invalidparams.noip.body=Sorry, you also need to provide an IP address 
parameter.
 summary.invalidparams.timestamprange.title=Date parameter out of range
 summary.invalidparams.timestamprange.body=Sorry, the database does not contain 
any data from %s. Please pick a date between %s and %s.
@@ -21,7 +21,7 @@ summary.invalidparams.invalidtimestamp.title=Invalid date 
parameter
 summary.invalidparams.invalidtimestamp.body=Sorry, %s is not a valid date. The 
expected date format is %s.
 summary.serverproblem.nodata.title=Problém na serveru
 summary.serverproblem.nodata.body.text=The database does not contain any data 
for the requested date. Please try again later. If this problem persists, 
please %s\!
-summary.serverproblem.nodata.body.link=let us know
+summary.serverproblem.nodata.body.link=Kontaktujte nás
 summary.negativesamenetwork.title=Výsledek je negativní
 summary.negativesamenetwork.body=We did not find IP address %s on or within a 
day of %s. But we did find other IP addresses of Tor relays in the same /%d 
network around the time\:
 summary.positive.title=Výsledek je pozitivní
diff --git a/fr/exonerator.properties b/fr/exonerator.properties
index 0df77cd..c0d2bb1 100644
--- a/fr/exonerator.properties
+++ b/fr/exonerator.properties
@@ -34,7 +34,7 @@ technicaldetails.colheader.timestamp=Horodatage (UTC)
 technicaldetails.colheader.ip=Adresse(s) IP
 technicaldetails.colheader.fingerprint=Empreinte d'identité
 technicaldetails.colheader.nickname=Pseudonyme
-technicaldetails.colheader.exit=Relai de sortie
+technicaldetails.colheader.exit=Relais de sortie
 technicaldetails.nickname.unknown=Inconnu
 technicaldetails.exit.unknown=Inconnu
 technicaldetails.exit.yes=Oui
@@ -46,7 +46,7 @@ footer.abouttor.body.link1=chiffrant les paquets et les 
envoyant via une série
 footer.abouttor.body.link2=en savoir plus sur Tor
 footer.abouttor.body.link3=contacter 'The Tor project, Inc.'
 footer.aboutexonerator.heading=À propos d'ExoneraTor
-footer.aboutexonerator.body=The ExoneraTor service maintains a database of IP 
addresses that have been part of the Tor network. It answers the question 
whether there was a Tor relay running on a given IP address on a given 
date. ExoneraTor may store more than one IP address per relay if relays 
use a different IP address for exiting to the Internet than for registering in 
the Tor network, and it stores whether a relay permitted transit of Tor traffic 
to the open Internet at that time.
+footer.aboutexonerator.body=Le service ExoneraTor gère une base de données 
d'adresses IP qui ont fait partie du réseau Tor. Il répond à la 
question de savoir si un relais Tor fonctionnait pour une adresse IP donnée à 
une date précise. ExoneraTor peut enregistrer plus d'une adresse IP par 
relais si les relais utilisent une adresse IP différente pour se brancher à 
Internet que pour s'enregistrer sur le réseau Tor, et il enregistre si un 
relais permettait le transit du trafic Tor vers l'Internet ouvert à ce moment 
précis.
 footer.trademark.text=« Tor » et le « logo Oignon » sont des %s de The Tor 
Project, Inc.
 footer.trademark.link=marques déposées
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-greeter-2] Update translations for tails-greeter-2

[translation]

commit 85dbbc1f65446a30c081a52cd0c86ce2a99eb33c
Author: Translation commit bot 
Date:   Thu Dec 8 22:20:26 2016 +

Update translations for tails-greeter-2
---
 bg/bg.po |  2 ++
 es/es.po | 12 ++--
 tr/tr.po |  5 -
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/bg/bg.po b/bg/bg.po
index a1cfad9..2828094 100644
--- a/bg/bg.po
+++ b/bg/bg.po
@@ -59,6 +59,8 @@ msgid ""
 "This option makes Tails look like Microsoft Windows 10. This can be useful "
 "to avoid attracting suspicion in public places."
 msgstr ""
+"Тази опция променя Tails визуално, за да 
наподобява Microsoft Windows 10. "
+"Това е полезно за избягване привличане на 
вниманието на публични места."
 
 #. This string will never be displayed in the 1st version of the greeter.
 #: ../data/greeter.ui.h:12
diff --git a/es/es.po b/es/es.po
index f471ec5..abee934 100644
--- a/es/es.po
+++ b/es/es.po
@@ -59,8 +59,8 @@ msgid ""
 "This option makes Tails look like Microsoft Windows 10. This can be useful "
 "to avoid attracting suspicion in public places."
 msgstr ""
-"Esta opción hace que Tails tenga el aspecto de Windows 10. Esto puede ser "
-"útil para evitar atraer sospechas en lugares públicos."
+"Esta opción hace que Tails parezca Windows 10. Esto puede ser útil para "
+"evitar atraer sospechas en lugares públicos."
 
 #. This string will never be displayed in the 1st version of the greeter.
 #: ../data/greeter.ui.h:12
@@ -139,7 +139,7 @@ msgstr "Almacenamiento cifrado permanente"
 
 #: ../data/greeter.ui.h:28
 msgid "Show Passphrase"
-msgstr "Mostrar frase-contraseña"
+msgstr "Mostrar contraseña"
 
 #: ../data/greeter.ui.h:29
 msgid "Configure Persistent Storage"
@@ -169,7 +169,7 @@ msgstr "Guardar configuraciones adicionales "
 
 #: ../data/greeter.ui.h:35
 msgid "Add an additional setting"
-msgstr "Añadir una ajuste adicional"
+msgstr "Añadir un ajuste adicional"
 
 #: ../data/greeter.ui.h:36
 msgid "Network Configuration"
@@ -208,11 +208,11 @@ msgstr ""
 
 #: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:717
 msgid "Off (default)"
-msgstr "Desactivado (predeterminado) "
+msgstr "Desactivada (predeterminado) "
 
 #: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:715
 msgid "On (default)"
-msgstr "Activado (predeterminado) "
+msgstr "Activada (predeterminado) "
 
 #: ../data/greeter.ui.h:44
 msgid "Network Connection"
diff --git a/tr/tr.po b/tr/tr.po
index 8b49166..eeea36f 100644
--- a/tr/tr.po
+++ b/tr/tr.po
@@ -58,6 +58,9 @@ msgid ""
 "This option makes Tails look like Microsoft Windows 10. This can be useful "
 "to avoid attracting suspicion in public places."
 msgstr ""
+"Bu seçenek Tails görünümünün Microsoft Windows 10 gibi olmasını 
sağlar. Bu "
+"özellik, herkese açık yerlerde şüpheli görünmekten kaçınmak için 
kullanışlı "
+"olabilir."
 
 #. This string will never be displayed in the 1st version of the greeter.
 #: ../data/greeter.ui.h:12
@@ -162,7 +165,7 @@ msgstr "Ek Ayarları Kaydet"
 
 #: ../data/greeter.ui.h:35
 msgid "Add an additional setting"
-msgstr ""
+msgstr "Ek bir ayar ekle"
 
 #: ../data/greeter.ui.h:36
 msgid "Network Configuration"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed

[translation]

commit 60ade9c6b23d6a349033caa9f1150f111f24d6f8
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:53 2016 +

Update translations for torbutton-aboutdialogdtd_completed
---
 sk/aboutdialog.dtd | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/sk/aboutdialog.dtd b/sk/aboutdialog.dtd
index 45ab7d5..6f69571 100644
--- a/sk/aboutdialog.dtd
+++ b/sk/aboutdialog.dtd
@@ -1,19 +1,19 @@
-
+
 
-
-
+
+
 
-
+
 
-
+
 
 
-
+
 
 
 
 
-
+
 
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd] Update translations for torbutton-abouttbupdatedtd

[translation]

commit 33e537b2cb4ec3bd94e344e4aa42f73bd3aa6232
Author: Translation commit bot 
Date:   Thu Dec 8 22:18:12 2016 +

Update translations for torbutton-abouttbupdatedtd
---
 sk/abouttbupdate.dtd | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sk/abouttbupdate.dtd b/sk/abouttbupdate.dtd
index 1c5c836..ee5dd22 100644
--- a/sk/abouttbupdate.dtd
+++ b/sk/abouttbupdate.dtd
@@ -1,6 +1,6 @@
 
-
-
-
+
+
+
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttorproperties_completed] Update translations for torbutton-abouttorproperties_completed

[translation]

commit bc498f8475b1881cb87cea0cac251aafc9c949b8
Author: Translation commit bot 
Date:   Thu Dec 8 22:18:01 2016 +

Update translations for torbutton-abouttorproperties_completed
---
 sk/abouttor.properties | 17 +
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/sk/abouttor.properties b/sk/abouttor.properties
index 62ef0db..3f03161 100644
--- a/sk/abouttor.properties
+++ b/sk/abouttor.properties
@@ -2,20 +2,21 @@
 # See LICENSE for licensing information.
 # vim: set sw=2 sts=2 ts=8 et:
 
-aboutTor.searchSP.privacy=Vyhľadávajte bezpečne naúvodnej strane.
-# The following string is a link which replaces %1$S above.
-aboutTor.searchSP.privacy.link=https://startpage.com/eng/protect-privacy.html
-# The following string is a link which replaces %2$S above.
-aboutTor.searchSP.search.link=https://startpage.com/
-
-aboutTor.searchDDG.privacy=Vyhľadávajte bezpečne pomocou 
DuckDuckGo.
+aboutTor.searchDDG.privacy=Môžete použiť aj bezpečné hľadanie cez DuckDuckGo.
 # The following string is a link which replaces %1$S above.
 aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privacy.html
 # The following string is a link which replaces %2$S above.
 aboutTor.searchDDG.search.link=https://duckduckgo.com/
 
-aboutTor.searchDC.privacy=Vyhľadávajte bezpečne pomocou 
Disconnect.me.
+aboutTor.searchDC.privacy=Môžete použiť aj bezpečné hľadanie cez Disconnect.me.
 # The following string is a link which replaces %1$S above.
 aboutTor.searchDC.privacy.link=https://disconnect.me/privacy
 # The following string is a link which replaces %2$S above.
 aboutTor.searchDC.search.link=https://search.disconnect.me/
+
+aboutTor.donationBanner.donate=Prispejte teraz!
+aboutTor.donationBanner.heart=Tor leží v srdci internetovej slobody
+aboutTor.donationBanner.tagline1=Bezpečnosť a súkromie miliónov ľudí 
závisí na Tore
+aboutTor.donationBanner.tagline2=Sieť ľudí, ktorí chránia ľudí
+aboutTor.donationBanner.tagline3=Sledovanie = Útlak
+aboutTor.donationBanner.tagline4=Chránime novinárov, aktivistov a 
whistleblowerov od roku 2006

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-authdtd_completed] Update translations for tor-messenger-authdtd_completed

[translation]

commit 9fd1d5560b70a3fdb053993e6ea417df635d3063
Author: Translation commit bot 
Date:   Thu Dec 8 22:18:30 2016 +

Update translations for tor-messenger-authdtd_completed
---
 pt_BR/auth.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pt_BR/auth.dtd b/pt_BR/auth.dtd
index ca4043c..3d0a78d 100644
--- a/pt_BR/auth.dtd
+++ b/pt_BR/auth.dtd
@@ -16,6 +16,6 @@
 
 
 
-
+
 
 
\ No newline at end of file

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd

[translation]

commit 7f589b876694221fe6cf16e3708af227a41d1904
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:49 2016 +

Update translations for torbutton-aboutdialogdtd
---
 sk/aboutdialog.dtd | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/sk/aboutdialog.dtd b/sk/aboutdialog.dtd
index 45ab7d5..6f69571 100644
--- a/sk/aboutdialog.dtd
+++ b/sk/aboutdialog.dtd
@@ -1,19 +1,19 @@
-
+
 
-
-
+
+
 
-
+
 
-
+
 
 
-
+
 
 
 
 
-
+
 
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttorproperties] Update translations for torbutton-abouttorproperties

[translation]

commit cbf9f33fe2e87cd49371973d5006921028989b5c
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:57 2016 +

Update translations for torbutton-abouttorproperties
---
 sk/abouttor.properties | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/sk/abouttor.properties b/sk/abouttor.properties
index f272bcc..3f03161 100644
--- a/sk/abouttor.properties
+++ b/sk/abouttor.properties
@@ -2,21 +2,21 @@
 # See LICENSE for licensing information.
 # vim: set sw=2 sts=2 ts=8 et:
 
-aboutTor.searchDDG.privacy=Vyhľadávajte bezpečne pomocou 
DuckDuckGo.
+aboutTor.searchDDG.privacy=Môžete použiť aj bezpečné hľadanie cez DuckDuckGo.
 # The following string is a link which replaces %1$S above.
 aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privacy.html
 # The following string is a link which replaces %2$S above.
 aboutTor.searchDDG.search.link=https://duckduckgo.com/
 
-aboutTor.searchDC.privacy=Vyhľadávajte bezpečne pomocou 
Disconnect.me.
+aboutTor.searchDC.privacy=Môžete použiť aj bezpečné hľadanie cez Disconnect.me.
 # The following string is a link which replaces %1$S above.
 aboutTor.searchDC.privacy.link=https://disconnect.me/privacy
 # The following string is a link which replaces %2$S above.
 aboutTor.searchDC.search.link=https://search.disconnect.me/
 
-aboutTor.donationBanner.donate=Donate Now!
-aboutTor.donationBanner.heart=Tor is at the heart of Internet freedom
-aboutTor.donationBanner.tagline1=Millions of People Depend on Tor for Online 
Security & Privacy
-aboutTor.donationBanner.tagline2=A Network of People Protecting People
-aboutTor.donationBanner.tagline3=Surveillance = Oppression
-aboutTor.donationBanner.tagline4=Protecting Journalists, Activists & 
Whistleblowers Since 2006
+aboutTor.donationBanner.donate=Prispejte teraz!
+aboutTor.donationBanner.heart=Tor leží v srdci internetovej slobody
+aboutTor.donationBanner.tagline1=Bezpečnosť a súkromie miliónov ľudí 
závisí na Tore
+aboutTor.donationBanner.tagline2=Sieť ľudí, ktorí chránia ľudí
+aboutTor.donationBanner.tagline3=Sledovanie = Útlak
+aboutTor.donationBanner.tagline4=Chránime novinárov, aktivistov a 
whistleblowerov od roku 2006

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd_completed] Update translations for torbutton-abouttbupdatedtd_completed

[translation]

commit b7a3241cf0abc7d27ee130495abd1b29e70e86e0
Author: Translation commit bot 
Date:   Thu Dec 8 22:18:16 2016 +

Update translations for torbutton-abouttbupdatedtd_completed
---
 sk/abouttbupdate.dtd | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sk/abouttbupdate.dtd b/sk/abouttbupdate.dtd
index 1c5c836..ee5dd22 100644
--- a/sk/abouttbupdate.dtd
+++ b/sk/abouttbupdate.dtd
@@ -1,6 +1,6 @@
 
-
-
-
+
+
+
 
-
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-authdtd] Update translations for tor-messenger-authdtd

[translation]

commit 6a48f7da8dbc1dc74e8f6b84b0c8ae530541d698
Author: Translation commit bot 
Date:   Thu Dec 8 22:18:26 2016 +

Update translations for tor-messenger-authdtd
---
 pt_BR/auth.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pt_BR/auth.dtd b/pt_BR/auth.dtd
index ca4043c..3d0a78d 100644
--- a/pt_BR/auth.dtd
+++ b/pt_BR/auth.dtd
@@ -16,6 +16,6 @@
 
 
 
-
+
 
 
\ No newline at end of file

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties

[translation]

commit 1402ed2456cd1ad51ceb13690b8796e665f7
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:16 2016 +

Update translations for torbutton-torbuttonproperties
---
 fr/torbutton.properties |  2 +-
 sk/torbutton.properties | 66 -
 2 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/fr/torbutton.properties b/fr/torbutton.properties
index 68655b5..1f175e4 100644
--- a/fr/torbutton.properties
+++ b/fr/torbutton.properties
@@ -3,7 +3,7 @@ torbutton.circuit_display.ip_unknown = IP inconnue
 torbutton.circuit_display.onion_site = Site Oignon
 torbutton.circuit_display.this_browser = Ce navigateur
 torbutton.circuit_display.relay = relayer
-torbutton.circuit_display.tor_bridge = Bridge
+torbutton.circuit_display.tor_bridge = Pont
 torbutton.circuit_display.unknown_country = Pays inconnu
 torbutton.content_sizer.margin_tooltip = Le navigateur Tor ajoute cette marge 
pour rendre la largeur et la hauteur de votre fenêtre moins distinctives, et 
pour réduire par conséquent la possibilité que l'on vous suive à la trace 
en ligne.
 torbutton.panel.tooltip.disabled = Cliquer pour activer Tor
diff --git a/sk/torbutton.properties b/sk/torbutton.properties
index 4ff988b..6d7fac5 100644
--- a/sk/torbutton.properties
+++ b/sk/torbutton.properties
@@ -1,51 +1,51 @@
 torbutton.circuit_display.internet = Internet
 torbutton.circuit_display.ip_unknown = Neznáma IP
-torbutton.circuit_display.onion_site = stránka .onion 
-torbutton.circuit_display.this_browser = Tento prehliadač
-torbutton.circuit_display.relay = relay
+torbutton.circuit_display.onion_site = Sránka cibule
+torbutton.circuit_display.this_browser = Prehliadače
+torbutton.circuit_display.relay = zmena
 torbutton.circuit_display.tor_bridge = Premostenie
 torbutton.circuit_display.unknown_country = Neznáma krajina
-torbutton.content_sizer.margin_tooltip = Prehliadač Tor pridal tento lem aby 
spravil šírku a výšku vášho okna menej charakteristickú a tým teda 
redukuje schopnosť ľudí sledovať vás online.
-torbutton.panel.tooltip.disabled = Kliknite pre zapnutie Tor
-torbutton.panel.tooltip.enabled = Kliknite pre vypnutie Tor
-torbutton.panel.label.disabled = Tor vypnutý
-torbutton.panel.label.enabled = Tor zapnutý
-extensions.torbut...@torproject.org.description = Torbutton provides a button 
to configure Tor settings and quickly and easily clear private browsing data.
-torbutton.popup.external.title = Stiahnuť externý typ súboru?
-torbutton.popup.external.app = Tor Browser nemôže zobraziť tento súbor. 
Budete ho musieť otvoriť pomocou inej aplikácie.\n
-torbutton.popup.external.note = Niektoré typy súborov môžu zapríčiniť 
pripojenie aplikácii k Internetu bez použitia Toru.\n
-torbutton.popup.external.suggest = Ak chcete zostať v bezpečí, mali by ste 
stiahnuté súbory otvárať iba vtedy, keď ste offline, prípadne použiť 
Tor Live CD ako je Tails.\n
-torbutton.popup.launch = Stiahnuť súbor
+torbutton.content_sizer.margin_tooltip = Tor Browser pridá okraj a urobí 
šírku a výšku vášho okna menej charakteristicku, tým znižuje schopnosť 
ľudí, aby vás sledovať on-line.
+torbutton.panel.tooltip.disabled = Kliknutím aktivujem Tor
+torbutton.panel.tooltip.enabled = Kliknutím deaktivujem Torr
+torbutton.panel.label.disabled = Tor je zablokovaný
+torbutton.panel.label.enabled = Tor je aktívny
+extensions.torbut...@torproject.org.description = Torbutton poskytuje 
tlačidlo nastavenia Tora cez ktoré môžete ľahko vynulovať súkromné 
informácie surfovania.
+torbutton.popup.external.title = Načítať externý obsah?
+torbutton.popup.external.app = Externé aplikácie sa musia spracovať:\n\n
+torbutton.popup.external.note = \n\nPOZNÁMKA: Externé aplikácie nie sú 
Torom zabezpečné v predvolenom nastavení vás môžu odmaskovať!\n
+torbutton.popup.external.suggest = \nAk tento súbor je nedôveryhodný, mali 
by ste ho uložiť a zobraziť si ho v režime offline alebo v VM,\nalebo si 
zvážte či by nebolo lepšie použiť proxy Tora, cez Tails LiveCD.\n
+torbutton.popup.launch = Spustiť aplikáciu
 torbutton.popup.cancel = Zrušiť
-torbutton.popup.dontask = Odteraz automaticky sťahovať súbory
-torbutton.popup.prompted_language = To give you more privacy, Torbutton can 
request the English language version of web pages. This may cause web pages 
that you prefer to read in your native language to display in English 
instead.\n\nWould you like to request English language web pages for better 
privacy?
-torbutton.popup.no_newnym = Torbutton cannot safely give you a new identity. 
It does not have access to the Tor Control Port.\n\nAre you running Tor Browser 
Bundle?
-torbutton.title.prompt_torbrowser = Dôležité Torbutton Informácie
-torbutton.popup.prompt_torbrowser = Torbutton works differently now: you can't 
turn it off any more.\n\nWe made this change because it isn't safe to 

[tor-commits] [translation/tor-and-https_completed] Update translations for tor-and-https_completed

[translation]

commit b3874439dc25b43f9954059aa969610fb87b9a48
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:39 2016 +

Update translations for tor-and-https_completed
---
 fr_CA.po | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fr_CA.po b/fr_CA.po
index c830ced..4890689 100644
--- a/fr_CA.po
+++ b/fr_CA.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2014-07-17 14:23+\n"
-"PO-Revision-Date: 2016-11-25 21:51+\n"
+"PO-Revision-Date: 2016-12-08 20:15+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -69,7 +69,7 @@ msgstr "Wi-Fi"
 #: C/tor-and-https.svg:363
 #, no-wrap
 msgid "ISP"
-msgstr "FSI"
+msgstr "FAI"
 
 #. (itstool) path: defs/text
 #. Keep it short: 8em is ok, 9em is max.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-torbuttondtd] Update translations for torbutton-torbuttondtd

[translation]

commit 304c57d0289dc7468ccded21f08666cbd3f569e0
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:21 2016 +

Update translations for torbutton-torbuttondtd
---
 sk/torbutton.dtd | 88 +++-
 tr/torbutton.dtd |  2 +-
 2 files changed, 44 insertions(+), 46 deletions(-)

diff --git a/sk/torbutton.dtd b/sk/torbutton.dtd
index 5b9b21c..3e1bcab 100644
--- a/sk/torbutton.dtd
+++ b/sk/torbutton.dtd
@@ -1,65 +1,63 @@
 
 
-
+
 
-
+
 
-
+
 
-
+
 
-
+
 
-
+
 
-
+
 
-
-
-
-
-
-
+
+
+
+
+
+
 
 
 
-
-
-
+
+
+
 
 
-
+
 
 
-
+
 
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
 
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
 
 
diff --git a/tr/torbutton.dtd b/tr/torbutton.dtd
index 5eadf22..5a7ed17 100644
--- a/tr/torbutton.dtd
+++ b/tr/torbutton.dtd
@@ -59,5 +59,5 @@
 
 
 
-
+
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-and-https] Update translations for tor-and-https

[translation]

commit a3d03916232d47d3f451902aed2f86e6a98d6404
Author: Translation commit bot 
Date:   Thu Dec 8 22:17:36 2016 +

Update translations for tor-and-https
---
 fr_CA.po | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fr_CA.po b/fr_CA.po
index c830ced..4890689 100644
--- a/fr_CA.po
+++ b/fr_CA.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2014-07-17 14:23+\n"
-"PO-Revision-Date: 2016-11-25 21:51+\n"
+"PO-Revision-Date: 2016-12-08 20:15+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -69,7 +69,7 @@ msgstr "Wi-Fi"
 #: C/tor-and-https.svg:363
 #, no-wrap
 msgid "ISP"
-msgstr "FSI"
+msgstr "FAI"
 
 #. (itstool) path: defs/text
 #. Keep it short: 8em is ok, 9em is max.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage

[translation]

commit 35204f3b08b1e56cd6f3ea758e221e63d5787077
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:55 2016 +

Update translations for abouttor-homepage
---
 tr/aboutTor.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd
index b9ecb4d..f9d8588 100644
--- a/tr/aboutTor.dtd
+++ b/tr/aboutTor.dtd
@@ -31,7 +31,7 @@
 
 
 https://www.torproject.org/download/download.html.en#warning;>
-
+
 https://tb-manual.torproject.org;>
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-properties] Update translations for tor-launcher-properties

[translation]

commit 900fc0a85b87309756beda53cbe95a5e72904f9c
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:25 2016 +

Update translations for tor-launcher-properties
---
 fr/torlauncher.properties| 6 +++---
 fr_CA/torlauncher.properties | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fr/torlauncher.properties b/fr/torlauncher.properties
index a2bc7cc..ea6aac6 100644
--- a/fr/torlauncher.properties
+++ b/fr/torlauncher.properties
@@ -24,9 +24,9 @@ torlauncher.ensure_tor_is_running=Veuillez-vous assurer que 
Tor est lancé.
 
 torlauncher.error_proxy_addr_missing=Pour configurer Tor afin qu'il utilise un 
proxy, vous devez spécifier une adresse IP ou un nom d'hôte ainsi qu'un 
numéro de port.
 torlauncher.error_proxy_type_missing=Vous devez sélectionner un type de proxy.
-torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs 
bridges.
-torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un 
type de transport pour les bridges fournis.
-torlauncher.error_bridge_bad_default_type=Aucun des bridges fournis n'a le 
type de transport %S. Merci d'ajuster vos paramètres.
+torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts.
+torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un 
type de transport pour les ponts fournis.
+torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est 
disponible pour le type de transport %S, Veuillez ajuster vos paramètres.
 
 torlauncher.recommended_bridge=(recommandé)
 
diff --git a/fr_CA/torlauncher.properties b/fr_CA/torlauncher.properties
index f1ca86c..13fabbb 100644
--- a/fr_CA/torlauncher.properties
+++ b/fr_CA/torlauncher.properties
@@ -26,7 +26,7 @@ torlauncher.error_proxy_addr_missing=Vous devez spécifier à 
la fois une adress
 torlauncher.error_proxy_type_missing=Vous devez choisir le type de mandataire.
 torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts.
 torlauncher.error_default_bridges_type_missing=Vous devez choisir un type de 
transport pour les ponts fournis.
-torlauncher.error_bridge_bad_default_type=Aucun pont n'est disponible pour le 
type de transport %S, Veuillez ajuster vos paramètres.
+torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est 
disponible pour le type de transport %S, Veuillez ajuster vos paramètres.
 
 torlauncher.recommended_bridge=(recommandé)
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage_completed] Update translations for abouttor-homepage_completed

[translation]

commit 9f6c942ff81751005f8507c280de7b8c193c4878
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:59 2016 +

Update translations for abouttor-homepage_completed
---
 tr/aboutTor.dtd | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd
index f018903..f9d8588 100644
--- a/tr/aboutTor.dtd
+++ b/tr/aboutTor.dtd
@@ -20,7 +20,6 @@
 
 
 
-https://startpage.com/rth/search;>
 https://duckduckgo.com/html/;>
 https://search.disconnect.me/searchTerms/search?ses=Googlelocation_option=USsource=tor;>
 
@@ -32,6 +31,8 @@
 
 
 https://www.torproject.org/download/download.html.en#warning;>
+
+https://tb-manual.torproject.org;>
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-network-settings_completed] Update translations for tor-launcher-network-settings_completed

[translation]

commit 99da78cf9dbd4c93b0570fbb62141932b591ad0f
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:46 2016 +

Update translations for tor-launcher-network-settings_completed
---
 fr/network-settings.dtd| 28 ++--
 fr_CA/network-settings.dtd | 14 +++---
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/fr/network-settings.dtd b/fr/network-settings.dtd
index 4715cfb..662d1bd 100644
--- a/fr/network-settings.dtd
+++ b/fr/network-settings.dtd
@@ -13,7 +13,7 @@
 
 
 
-
+
 
 
 
@@ -26,10 +26,10 @@
 
 
 
-
-
-
-
+
+
+
+
 
 
 
@@ -37,7 +37,7 @@
 
 
 
-
+
 
 
 
@@ -54,20 +54,20 @@
 
 
 
-
-
-
+
+
+
 
 
-
+
 
 
 
-
-
-
+
+
+
 
-https://bridges.torproject.org;>
+https://bridges.torproject.org;>
 
 
 https://www.riseup.net, 
https://mail.google.com, ou https://mail.yahoo.com;>
diff --git a/fr_CA/network-settings.dtd b/fr_CA/network-settings.dtd
index ace8b3b..c5b5dbe 100644
--- a/fr_CA/network-settings.dtd
+++ b/fr_CA/network-settings.dtd
@@ -26,8 +26,8 @@
 
 
 
-
-
+
+
 
 
 
@@ -54,20 +54,20 @@
 
 
 
-
+
 
-
+
 
 
 
 
 
 
-
+
 
 
-
-https://bridges.torproject.org;>
+
+https://bridges.torproject.org;>
 
 
 https://www.riseup.net, 
https://mail.google.com ou https://mail.yahoo.com;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-network-settings] Update translations for tor-launcher-network-settings

[translation]

commit aa7350dd09539d88798c0a59bd7077d83060520e
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:41 2016 +

Update translations for tor-launcher-network-settings
---
 fr/network-settings.dtd| 28 ++--
 fr_CA/network-settings.dtd | 14 +++---
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/fr/network-settings.dtd b/fr/network-settings.dtd
index 4715cfb..662d1bd 100644
--- a/fr/network-settings.dtd
+++ b/fr/network-settings.dtd
@@ -13,7 +13,7 @@
 
 
 
-
+
 
 
 
@@ -26,10 +26,10 @@
 
 
 
-
-
-
-
+
+
+
+
 
 
 
@@ -37,7 +37,7 @@
 
 
 
-
+
 
 
 
@@ -54,20 +54,20 @@
 
 
 
-
-
-
+
+
+
 
 
-
+
 
 
 
-
-
-
+
+
+
 
-https://bridges.torproject.org;>
+https://bridges.torproject.org;>
 
 
 https://www.riseup.net, 
https://mail.google.com, ou https://mail.yahoo.com;>
diff --git a/fr_CA/network-settings.dtd b/fr_CA/network-settings.dtd
index ace8b3b..c5b5dbe 100644
--- a/fr_CA/network-settings.dtd
+++ b/fr_CA/network-settings.dtd
@@ -26,8 +26,8 @@
 
 
 
-
-
+
+
 
 
 
@@ -54,20 +54,20 @@
 
 
 
-
+
 
-
+
 
 
 
 
 
 
-
+
 
 
-
-https://bridges.torproject.org;>
+
+https://bridges.torproject.org;>
 
 
 https://www.riseup.net, 
https://mail.google.com ou https://mail.yahoo.com;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-properties_completed] Update translations for tor-launcher-properties_completed

[translation]

commit a82ed330dee742aa01cea952879236ad4a5f05eb
Author: Translation commit bot 
Date:   Thu Dec 8 22:16:30 2016 +

Update translations for tor-launcher-properties_completed
---
 fr/torlauncher.properties| 6 +++---
 fr_CA/torlauncher.properties | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fr/torlauncher.properties b/fr/torlauncher.properties
index a2bc7cc..ea6aac6 100644
--- a/fr/torlauncher.properties
+++ b/fr/torlauncher.properties
@@ -24,9 +24,9 @@ torlauncher.ensure_tor_is_running=Veuillez-vous assurer que 
Tor est lancé.
 
 torlauncher.error_proxy_addr_missing=Pour configurer Tor afin qu'il utilise un 
proxy, vous devez spécifier une adresse IP ou un nom d'hôte ainsi qu'un 
numéro de port.
 torlauncher.error_proxy_type_missing=Vous devez sélectionner un type de proxy.
-torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs 
bridges.
-torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un 
type de transport pour les bridges fournis.
-torlauncher.error_bridge_bad_default_type=Aucun des bridges fournis n'a le 
type de transport %S. Merci d'ajuster vos paramètres.
+torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts.
+torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un 
type de transport pour les ponts fournis.
+torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est 
disponible pour le type de transport %S, Veuillez ajuster vos paramètres.
 
 torlauncher.recommended_bridge=(recommandé)
 
diff --git a/fr_CA/torlauncher.properties b/fr_CA/torlauncher.properties
index f1ca86c..13fabbb 100644
--- a/fr_CA/torlauncher.properties
+++ b/fr_CA/torlauncher.properties
@@ -26,7 +26,7 @@ torlauncher.error_proxy_addr_missing=Vous devez spécifier à 
la fois une adress
 torlauncher.error_proxy_type_missing=Vous devez choisir le type de mandataire.
 torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts.
 torlauncher.error_default_bridges_type_missing=Vous devez choisir un type de 
transport pour les ponts fournis.
-torlauncher.error_bridge_bad_default_type=Aucun pont n'est disponible pour le 
type de transport %S, Veuillez ajuster vos paramètres.
+torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est 
disponible pour le type de transport %S, Veuillez ajuster vos paramètres.
 
 torlauncher.recommended_bridge=(recommandé)
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/whisperback] Update translations for whisperback

[translation]

commit 08865bc56bfd12e6f0da5b2587695610980bb186
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:28 2016 +

Update translations for whisperback
---
 es/es.po   | 2 +-
 fr/fr.po   | 4 ++--
 fr_CA/fr_CA.po | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/es/es.po b/es/es.po
index 9c80434..ed02339 100644
--- a/es/es.po
+++ b/es/es.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-03-21 16:28+\n"
+"PO-Revision-Date: 2016-12-08 18:15+\n"
 "Last-Translator: Noel Torres \n"
 "Language-Team: Spanish 
(http://www.transifex.com/otf/torproject/language/es/)\n"
 "MIME-Version: 1.0\n"
diff --git a/fr/fr.po b/fr/fr.po
index ae53e98..2df71c8 100644
--- a/fr/fr.po
+++ b/fr/fr.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-11-25 22:31+\n"
+"PO-Revision-Date: 2016-12-08 16:46+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -129,7 +129,7 @@ msgstr "Développeurs de Tails "
 
 #: ../whisperBack/gui.py:385
 msgid "translator-credits"
-msgstr "traducteurs"
+msgstr "traducteurs - crédits"
 
 #: ../whisperBack/gui.py:412
 msgid "This doesn't seem to be a valid URL or OpenPGP key."
diff --git a/fr_CA/fr_CA.po b/fr_CA/fr_CA.po
index 5b164f1..74a7dfc 100644
--- a/fr_CA/fr_CA.po
+++ b/fr_CA/fr_CA.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-11-25 22:31+\n"
+"PO-Revision-Date: 2016-12-08 16:46+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -129,7 +129,7 @@ msgstr "Développeurs de Tails "
 
 #: ../whisperBack/gui.py:385
 msgid "translator-credits"
-msgstr "crédits de traduction"
+msgstr "traducteurs - crédits"
 
 #: ../whisperBack/gui.py:412
 msgid "This doesn't seem to be a valid URL or OpenPGP key."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/whisperback_completed] Update translations for whisperback_completed

[translation]

commit 997a0cd671ae7eb37cb6facd83b988ea5a62e5c5
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:33 2016 +

Update translations for whisperback_completed
---
 es/es.po   | 2 +-
 fr/fr.po   | 4 ++--
 fr_CA/fr_CA.po | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/es/es.po b/es/es.po
index 9c80434..ed02339 100644
--- a/es/es.po
+++ b/es/es.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-03-21 16:28+\n"
+"PO-Revision-Date: 2016-12-08 18:15+\n"
 "Last-Translator: Noel Torres \n"
 "Language-Team: Spanish 
(http://www.transifex.com/otf/torproject/language/es/)\n"
 "MIME-Version: 1.0\n"
diff --git a/fr/fr.po b/fr/fr.po
index ae53e98..2df71c8 100644
--- a/fr/fr.po
+++ b/fr/fr.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-11-25 22:31+\n"
+"PO-Revision-Date: 2016-12-08 16:46+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -129,7 +129,7 @@ msgstr "Développeurs de Tails "
 
 #: ../whisperBack/gui.py:385
 msgid "translator-credits"
-msgstr "traducteurs"
+msgstr "traducteurs - crédits"
 
 #: ../whisperBack/gui.py:412
 msgid "This doesn't seem to be a valid URL or OpenPGP key."
diff --git a/fr_CA/fr_CA.po b/fr_CA/fr_CA.po
index 5b164f1..74a7dfc 100644
--- a/fr_CA/fr_CA.po
+++ b/fr_CA/fr_CA.po
@@ -15,7 +15,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-12-16 19:54+0100\n"
-"PO-Revision-Date: 2016-11-25 22:31+\n"
+"PO-Revision-Date: 2016-12-08 16:46+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -129,7 +129,7 @@ msgstr "Développeurs de Tails "
 
 #: ../whisperBack/gui.py:385
 msgid "translator-credits"
-msgstr "crédits de traduction"
+msgstr "traducteurs - crédits"
 
 #: ../whisperBack/gui.py:412
 msgid "This doesn't seem to be a valid URL or OpenPGP key."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck_completed] Update translations for torcheck_completed

[translation]

commit b185d951a6826a293c72c3da41ee1c98277d896b
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:22 2016 +

Update translations for torcheck_completed
---
 fr/torcheck.po| 4 ++--
 fr_CA/torcheck.po | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fr/torcheck.po b/fr/torcheck.po
index 7c2c701..e21546f 100644
--- a/fr/torcheck.po
+++ b/fr/torcheck.po
@@ -17,7 +17,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2016-11-25 22:37+\n"
+"PO-Revision-Date: 2016-12-08 17:22+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -72,7 +72,7 @@ msgid "This page is also available in the following 
languages:"
 msgstr "Cette page est également disponible dans les langues suivantes :"
 
 msgid "For more information about this exit relay, see:"
-msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :"
+msgstr "Pour plus d'informations sur ce relais de sortie, voir :"
 
 msgid ""
 "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, "
diff --git a/fr_CA/torcheck.po b/fr_CA/torcheck.po
index ebba87b..216b5df 100644
--- a/fr_CA/torcheck.po
+++ b/fr_CA/torcheck.po
@@ -13,7 +13,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2016-11-25 22:38+\n"
+"PO-Revision-Date: 2016-12-08 17:22+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -68,7 +68,7 @@ msgid "This page is also available in the following 
languages:"
 msgstr "Cette page est également proposée dans les langues suivantes : "
 
 msgid "For more information about this exit relay, see:"
-msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :"
+msgstr "Pour plus d'informations sur ce relais de sortie, voir :"
 
 msgid ""
 "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, "

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit d8e536cd3153d6b263278cdf9f23cff6c23444f6
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:39 2016 +

Update translations for https_everywhere
---
 is/ssl-observatory.dtd | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/is/ssl-observatory.dtd b/is/ssl-observatory.dtd
index aeb156d..92068d4 100644
--- a/is/ssl-observatory.dtd
+++ b/is/ssl-observatory.dtd
@@ -1,6 +1,6 @@
 
-
-
+
+
 
 
 
 
-
+
 
 
@@ -84,14 +84,14 @@ looked at.  Mouseover the options for further details:">
 
 
-
+
 
-
+
 
-
+
 
-
-
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/liveusb-creator] Update translations for liveusb-creator

[translation]

commit 9eaeb4a73b2762da9239ed02e0a1a9b34cb911c8
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:49 2016 +

Update translations for liveusb-creator
---
 lt/lt.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lt/lt.po b/lt/lt.po
index 27e066a..f3049a8 100644
--- a/lt/lt.po
+++ b/lt/lt.po
@@ -13,7 +13,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-11-02 21:23+0100\n"
-"PO-Revision-Date: 2016-11-23 22:54+\n"
+"PO-Revision-Date: 2016-12-05 21:45+\n"
 "Last-Translator: Moo\n"
 "Language-Team: Lithuanian 
(http://www.transifex.com/otf/torproject/language/lt/)\n"
 "MIME-Version: 1.0\n"
@@ -129,7 +129,7 @@ msgstr "Nepavyko rasti"
 #: ../liveusb/creator.py:560
 #, python-format
 msgid "Cannot find device %s"
-msgstr ""
+msgstr "Nepavyksta rasti įrenginio %s"
 
 #: ../liveusb/creator.py:417
 #, python-format
@@ -490,7 +490,7 @@ msgstr "Nežinoma dbus išimtis, bandant prijungti 
įrenginį: %(message)s"
 
 #: ../liveusb/creator.py:791 ../liveusb/creator.py:964
 msgid "Unknown filesystem.  Your device may need to be reformatted."
-msgstr ""
+msgstr "Nežinoma failų sistema. Gali būti, kad jūsų įrenginys turi būti 
iš naujo formatuotas."
 
 #: ../liveusb/gui.py:85
 #, python-format

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck] Update translations for torcheck

[translation]

commit 0b709c8377e52504312f060ac8851e12bf784312
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:18 2016 +

Update translations for torcheck
---
 fr/torcheck.po| 4 ++--
 fr_CA/torcheck.po | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fr/torcheck.po b/fr/torcheck.po
index 7c2c701..e21546f 100644
--- a/fr/torcheck.po
+++ b/fr/torcheck.po
@@ -17,7 +17,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2016-11-25 22:37+\n"
+"PO-Revision-Date: 2016-12-08 17:22+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -72,7 +72,7 @@ msgid "This page is also available in the following 
languages:"
 msgstr "Cette page est également disponible dans les langues suivantes :"
 
 msgid "For more information about this exit relay, see:"
-msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :"
+msgstr "Pour plus d'informations sur ce relais de sortie, voir :"
 
 msgid ""
 "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, "
diff --git a/fr_CA/torcheck.po b/fr_CA/torcheck.po
index ebba87b..216b5df 100644
--- a/fr_CA/torcheck.po
+++ b/fr_CA/torcheck.po
@@ -13,7 +13,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2016-11-25 22:38+\n"
+"PO-Revision-Date: 2016-12-08 17:22+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French (Canada) 
(http://www.transifex.com/otf/torproject/language/fr_CA/)\n"
 "MIME-Version: 1.0\n"
@@ -68,7 +68,7 @@ msgid "This page is also available in the following 
languages:"
 msgstr "Cette page est également proposée dans les langues suivantes : "
 
 msgid "For more information about this exit relay, see:"
-msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :"
+msgstr "Pour plus d'informations sur ce relais de sortie, voir :"
 
 msgid ""
 "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, "

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed

[translation]

commit ebdccaaf8d7b9201ecd7f8a11062749d5d1ea796
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:12 2016 +

Update translations for bridgedb_completed
---
 fr/LC_MESSAGES/bridgedb.po| 48 +--
 fr_CA/LC_MESSAGES/bridgedb.po | 18 
 nb/LC_MESSAGES/bridgedb.po|  4 ++--
 pt_BR/LC_MESSAGES/bridgedb.po |  4 ++--
 4 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/fr/LC_MESSAGES/bridgedb.po b/fr/LC_MESSAGES/bridgedb.po
index 65f4d64..dfac7cf 100644
--- a/fr/LC_MESSAGES/bridgedb.po
+++ b/fr/LC_MESSAGES/bridgedb.po
@@ -28,7 +28,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2016-12-02 23:21+\n"
+"PO-Revision-Date: 2016-12-08 20:32+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -79,7 +79,7 @@ msgstr "Afficher le QRCode"
 
 #: bridgedb/https/templates/bridges.html:52
 msgid "QRCode for your bridge lines"
-msgstr "QRCode pour vos lignes de bridges"
+msgstr "Code QR pour vos lignes de ponts"
 
 #. TRANSLATORS: Please translate this into some silly way to say
 #. "There was a problem!" in your language. For example,
@@ -102,14 +102,14 @@ msgstr "Ce QRCode contient vos lignes de ponts. 
Scannez-le avec un lecteur de QR
 
 #: bridgedb/https/templates/bridges.html:131
 msgid "There currently aren't any bridges available..."
-msgstr "Il n'y a pas de bridge disponible en ce moment…"
+msgstr "Aucun pont n'est disponible actuellement…"
 
 #: bridgedb/https/templates/bridges.html:132
 #, python-format
 msgid ""
 " Perhaps you should try %s going back %s and choosing a different bridge "
 "type!"
-msgstr "Peut-être devriez-vous revenir %s en arrière %s et choisir un type 
de bridge différent !"
+msgstr "Vous devriez peut-être %s revenir en arrière %s et choisir un 
différent type de pont !"
 
 #: bridgedb/https/templates/index.html:11
 #, python-format
@@ -129,7 +129,7 @@ msgstr "Étape %s2%s"
 #: bridgedb/https/templates/index.html:27
 #, python-format
 msgid "Get %s bridges %s"
-msgstr "Récupérez les %s addresses de bridge %s"
+msgstr "Récupérez les %s ponts %s"
 
 #: bridgedb/https/templates/index.html:36
 #, python-format
@@ -139,7 +139,7 @@ msgstr "Étape %s3%s"
 #: bridgedb/https/templates/index.html:38
 #, python-format
 msgid "Now %s add the bridges to Tor Browser %s"
-msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s"
+msgstr "Maintenant %s ajoutez les ponts au navigateur Tor %s"
 
 #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the
 #. beginning of words are present in your final translation. Thanks!
@@ -148,7 +148,7 @@ msgstr "Maintenant %s ajoutez les bridges au navigateur Tor 
%s"
 #: bridgedb/https/templates/options.html:38
 #, python-format
 msgid "%sJ%sust give me bridges!"
-msgstr "Donnez-moi %sj%suste des bridges !"
+msgstr "Donnez-moi %sj%suste des ponts !"
 
 #: bridgedb/https/templates/options.html:51
 msgid "Advanced Options"
@@ -176,7 +176,7 @@ msgstr "%sO%sui!"
 #: bridgedb/https/templates/options.html:147
 #, python-format
 msgid "%sG%set Bridges"
-msgstr "%sO%sbtenir des bridges"
+msgstr "%sO%sbtenir des ponts"
 
 #: bridgedb/strings.py:43
 msgid "[This is an automated message; please do not reply.]"
@@ -184,7 +184,7 @@ msgstr "[Ceci est un message automatique, merci de ne pas y 
répondre.]"
 
 #: bridgedb/strings.py:45
 msgid "Here are your bridges:"
-msgstr "Voici vos bridges :"
+msgstr "Voici vos ponts :"
 
 #: bridgedb/strings.py:47
 #, python-format
@@ -251,7 +251,7 @@ msgid ""
 "Some bridges with IPv6 addresses are also available, though some Pluggable\n"
 "Transports aren't IPv6 compatible.\n"
 "\n"
-msgstr "Certains ponts (bridges) sont aussi proposés avec des adresses IPv6, 
bien que certains transports enfichables ne soient pas compatibles avec 
l'IPv6.\n"
+msgstr "Certains ponts sont aussi proposés avec des adresses IPv6, bien que 
certains transports enfichables ne soient pas compatibles avec IPv6.\n"
 
 #. TRANSLATORS: Please DO NOT translate "BridgeDB".
 #. TRANSLATORS: The phrase "plain-ol'-vanilla" means "plain, boring,
@@ -265,20 +265,20 @@ msgid ""
 "Pluggable Transports %s which maybe doesn't sound as cool, but they can 
still\n"
 "help to circumvent internet censorship in many cases.\n"
 "\n"
-msgstr "De plus, BridgeDB contient de nombreux ponts « classiques » %s sans 
aucun transports enfichables %s qui ne semblent pas être aussi efficaces, mais 
qui peuvent toutefois dans des nombreux cas aider à contourner la censure sur 
Internet.\n"
+msgstr "De plus, BridgeDB propose de nombreux ponts traditionnels %s sans 
transport enfichable %s qui 

[tor-commits] [translation/bridgedb] Update translations for bridgedb

[translation]

commit da6f8fa487954ca73122b56ea729aca72559044b
Author: Translation commit bot 
Date:   Thu Dec 8 22:15:06 2016 +

Update translations for bridgedb
---
 fr/LC_MESSAGES/bridgedb.po| 48 +--
 fr_CA/LC_MESSAGES/bridgedb.po | 18 
 nb/LC_MESSAGES/bridgedb.po|  4 ++--
 pt_BR/LC_MESSAGES/bridgedb.po |  4 ++--
 4 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/fr/LC_MESSAGES/bridgedb.po b/fr/LC_MESSAGES/bridgedb.po
index 65f4d64..dfac7cf 100644
--- a/fr/LC_MESSAGES/bridgedb.po
+++ b/fr/LC_MESSAGES/bridgedb.po
@@ -28,7 +28,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2016-12-02 23:21+\n"
+"PO-Revision-Date: 2016-12-08 20:32+\n"
 "Last-Translator: French language coordinator \n"
 "Language-Team: French 
(http://www.transifex.com/otf/torproject/language/fr/)\n"
 "MIME-Version: 1.0\n"
@@ -79,7 +79,7 @@ msgstr "Afficher le QRCode"
 
 #: bridgedb/https/templates/bridges.html:52
 msgid "QRCode for your bridge lines"
-msgstr "QRCode pour vos lignes de bridges"
+msgstr "Code QR pour vos lignes de ponts"
 
 #. TRANSLATORS: Please translate this into some silly way to say
 #. "There was a problem!" in your language. For example,
@@ -102,14 +102,14 @@ msgstr "Ce QRCode contient vos lignes de ponts. 
Scannez-le avec un lecteur de QR
 
 #: bridgedb/https/templates/bridges.html:131
 msgid "There currently aren't any bridges available..."
-msgstr "Il n'y a pas de bridge disponible en ce moment…"
+msgstr "Aucun pont n'est disponible actuellement…"
 
 #: bridgedb/https/templates/bridges.html:132
 #, python-format
 msgid ""
 " Perhaps you should try %s going back %s and choosing a different bridge "
 "type!"
-msgstr "Peut-être devriez-vous revenir %s en arrière %s et choisir un type 
de bridge différent !"
+msgstr "Vous devriez peut-être %s revenir en arrière %s et choisir un 
différent type de pont !"
 
 #: bridgedb/https/templates/index.html:11
 #, python-format
@@ -129,7 +129,7 @@ msgstr "Étape %s2%s"
 #: bridgedb/https/templates/index.html:27
 #, python-format
 msgid "Get %s bridges %s"
-msgstr "Récupérez les %s addresses de bridge %s"
+msgstr "Récupérez les %s ponts %s"
 
 #: bridgedb/https/templates/index.html:36
 #, python-format
@@ -139,7 +139,7 @@ msgstr "Étape %s3%s"
 #: bridgedb/https/templates/index.html:38
 #, python-format
 msgid "Now %s add the bridges to Tor Browser %s"
-msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s"
+msgstr "Maintenant %s ajoutez les ponts au navigateur Tor %s"
 
 #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the
 #. beginning of words are present in your final translation. Thanks!
@@ -148,7 +148,7 @@ msgstr "Maintenant %s ajoutez les bridges au navigateur Tor 
%s"
 #: bridgedb/https/templates/options.html:38
 #, python-format
 msgid "%sJ%sust give me bridges!"
-msgstr "Donnez-moi %sj%suste des bridges !"
+msgstr "Donnez-moi %sj%suste des ponts !"
 
 #: bridgedb/https/templates/options.html:51
 msgid "Advanced Options"
@@ -176,7 +176,7 @@ msgstr "%sO%sui!"
 #: bridgedb/https/templates/options.html:147
 #, python-format
 msgid "%sG%set Bridges"
-msgstr "%sO%sbtenir des bridges"
+msgstr "%sO%sbtenir des ponts"
 
 #: bridgedb/strings.py:43
 msgid "[This is an automated message; please do not reply.]"
@@ -184,7 +184,7 @@ msgstr "[Ceci est un message automatique, merci de ne pas y 
répondre.]"
 
 #: bridgedb/strings.py:45
 msgid "Here are your bridges:"
-msgstr "Voici vos bridges :"
+msgstr "Voici vos ponts :"
 
 #: bridgedb/strings.py:47
 #, python-format
@@ -251,7 +251,7 @@ msgid ""
 "Some bridges with IPv6 addresses are also available, though some Pluggable\n"
 "Transports aren't IPv6 compatible.\n"
 "\n"
-msgstr "Certains ponts (bridges) sont aussi proposés avec des adresses IPv6, 
bien que certains transports enfichables ne soient pas compatibles avec 
l'IPv6.\n"
+msgstr "Certains ponts sont aussi proposés avec des adresses IPv6, bien que 
certains transports enfichables ne soient pas compatibles avec IPv6.\n"
 
 #. TRANSLATORS: Please DO NOT translate "BridgeDB".
 #. TRANSLATORS: The phrase "plain-ol'-vanilla" means "plain, boring,
@@ -265,20 +265,20 @@ msgid ""
 "Pluggable Transports %s which maybe doesn't sound as cool, but they can 
still\n"
 "help to circumvent internet censorship in many cases.\n"
 "\n"
-msgstr "De plus, BridgeDB contient de nombreux ponts « classiques » %s sans 
aucun transports enfichables %s qui ne semblent pas être aussi efficaces, mais 
qui peuvent toutefois dans des nombreux cas aider à contourner la censure sur 
Internet.\n"
+msgstr "De plus, BridgeDB propose de nombreux ponts traditionnels %s sans 
transport enfichable %s qui peuvent quand 

[tor-commits] [tor/master] Update to trunnel 1.5.1

[nickm]

commit bc68eedd79286420f8dcab5fa4ed83401299c89c
Author: Nick Mathewson 
Date:   Thu Dec 8 16:56:24 2016 -0500

Update to trunnel 1.5.1
---
 scripts/codegen/run_trunnel.sh|  6 --
 src/ext/trunnel/trunnel-impl.h|  2 +-
 src/ext/trunnel/trunnel.c |  2 +-
 src/ext/trunnel/trunnel.h |  2 +-
 src/trunnel/ed25519_cert.c| 40 +--
 src/trunnel/ed25519_cert.h| 40 +--
 src/trunnel/hs/cell_common.c  |  8 +++
 src/trunnel/hs/cell_common.h  |  8 +++
 src/trunnel/hs/cell_establish_intro.c |  8 +++
 src/trunnel/hs/cell_establish_intro.h |  8 +++
 src/trunnel/hs/cell_introduce1.c  | 14 ++--
 src/trunnel/hs/cell_introduce1.h  | 14 ++--
 src/trunnel/link_handshake.c  | 16 +++---
 src/trunnel/link_handshake.h  | 16 +++---
 src/trunnel/pwbox.c   |  8 +++
 src/trunnel/pwbox.h   |  8 +++
 16 files changed, 101 insertions(+), 99 deletions(-)

diff --git a/scripts/codegen/run_trunnel.sh b/scripts/codegen/run_trunnel.sh
index c574ea8..4288043 100755
--- a/scripts/codegen/run_trunnel.sh
+++ b/scripts/codegen/run_trunnel.sh
@@ -5,11 +5,13 @@ if test "x$TRUNNEL_PATH" != "x"; then
   export PYTHONPATH
 fi
 
+OPTIONS="--require-version=1.5.1"
+
 # Get all .trunnel files recursively from that directory so we can support
 # multiple sub-directories.
 for file in `find ./src/trunnel/ -name '*.trunnel'`; do
-  python -m trunnel --require-version=1.4 $file
+  python -m trunnel ${OPTIONS} $file
 done
 
-python -m trunnel --require-version=1.4 --write-c-files 
--target-dir=./src/ext/trunnel/
+python -m trunnel ${OPTIONS} --write-c-files --target-dir=./src/ext/trunnel/
 
diff --git a/src/ext/trunnel/trunnel-impl.h b/src/ext/trunnel/trunnel-impl.h
index 0cbd4f5..bc80585 100644
--- a/src/ext/trunnel/trunnel-impl.h
+++ b/src/ext/trunnel/trunnel-impl.h
@@ -1,4 +1,4 @@
-/* trunnel-impl.h -- copied from Trunnel v1.5
+/* trunnel-impl.h -- copied from Trunnel v1.5.1
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
diff --git a/src/ext/trunnel/trunnel.c b/src/ext/trunnel/trunnel.c
index f80a587..a008fb9 100644
--- a/src/ext/trunnel/trunnel.c
+++ b/src/ext/trunnel/trunnel.c
@@ -1,4 +1,4 @@
-/* trunnel.c -- copied from Trunnel v1.5
+/* trunnel.c -- copied from Trunnel v1.5.1
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
diff --git a/src/ext/trunnel/trunnel.h b/src/ext/trunnel/trunnel.h
index afd404d..85bbcc5 100644
--- a/src/ext/trunnel/trunnel.h
+++ b/src/ext/trunnel/trunnel.h
@@ -1,4 +1,4 @@
-/* trunnel.h -- copied from Trunnel v1.5
+/* trunnel.h -- copied from Trunnel v1.5.1
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
diff --git a/src/trunnel/ed25519_cert.c b/src/trunnel/ed25519_cert.c
index e4e4d68..ee02fda 100644
--- a/src/trunnel/ed25519_cert.c
+++ b/src/trunnel/ed25519_cert.c
@@ -1,4 +1,4 @@
-/* ed25519_cert.c -- generated by Trunnel v1.5.
+/* ed25519_cert.c -- generated by Trunnel v1.5.1.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
@@ -58,7 +58,7 @@ create2_cell_body_free(create2_cell_body_t *obj)
 }
 
 uint16_t
-create2_cell_body_get_handshake_type(create2_cell_body_t *inp)
+create2_cell_body_get_handshake_type(const create2_cell_body_t *inp)
 {
   return inp->handshake_type;
 }
@@ -69,7 +69,7 @@ create2_cell_body_set_handshake_type(create2_cell_body_t 
*inp, uint16_t val)
   return 0;
 }
 uint16_t
-create2_cell_body_get_handshake_len(create2_cell_body_t *inp)
+create2_cell_body_get_handshake_len(const create2_cell_body_t *inp)
 {
   return inp->handshake_len;
 }
@@ -333,7 +333,7 @@ ed25519_cert_extension_free(ed25519_cert_extension_t *obj)
 }
 
 uint16_t
-ed25519_cert_extension_get_ext_length(ed25519_cert_extension_t *inp)
+ed25519_cert_extension_get_ext_length(const ed25519_cert_extension_t *inp)
 {
   return inp->ext_length;
 }
@@ -344,7 +344,7 @@ 
ed25519_cert_extension_set_ext_length(ed25519_cert_extension_t *inp, uint16_t va
   return 0;
 }
 uint8_t
-ed25519_cert_extension_get_ext_type(ed25519_cert_extension_t *inp)
+ed25519_cert_extension_get_ext_type(const ed25519_cert_extension_t *inp)
 {
   return inp->ext_type;
 }
@@ -355,7 +355,7 @@ 
ed25519_cert_extension_set_ext_type(ed25519_cert_extension_t *inp, uint8_t val)
   return 0;
 }
 uint8_t
-ed25519_cert_extension_get_ext_flags(ed25519_cert_extension_t *inp)
+ed25519_cert_extension_get_ext_flags(const ed25519_cert_extension_t *inp)
 {
   return inp->ext_flags;
 }
@@ -733,7 +733,7 @@ extend1_cell_body_free(extend1_cell_body_t *obj)
 }
 
 uint32_t
-extend1_cell_body_get_ipv4addr(extend1_cell_body_t *inp)
+extend1_cell_body_get_ipv4addr(const extend1_cell_body_t *inp)
 {
   return inp->ipv4addr;
 }
@@ -744,7 +744,7 @@ 

[tor-commits] [tor/master] Tell channel_set_identity_digest() that ed keys can be NULL

[nickm]

commit 68acf8f12e61891f19160a58b45bad98de208df1
Author: Nick Mathewson 
Date:   Thu Nov 10 16:03:41 2016 -0500

Tell channel_set_identity_digest() that ed keys can be NULL
---
 src/or/channel.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/or/channel.c b/src/or/channel.c
index e9bda24..0a96f23 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -1468,7 +1468,6 @@ channel_clear_identity_digest(channel_t *chan)
  * This function sets the identity digest of the remote endpoint for a
  * channel; this is intended for use by the lower layer.
  */
-
 void
 channel_set_identity_digest(channel_t *chan,
 const char *identity_digest,
@@ -1513,6 +1512,8 @@ channel_set_identity_digest(channel_t *chan,
   }
   if (ed_identity) {
 memcpy(>ed25519_identity, ed_identity, sizeof(*ed_identity));
+  } else {
+memset(>ed25519_identity, 0, sizeof(*ed_identity));
   }
 
   /* Put it in the digest map if we should */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add some unit testing for ed25519 IDs in extend2 cells.

[nickm]

commit 835b04819ab75224b876c9b9ad9925f7f7b24229
Author: Nick Mathewson 
Date:   Fri Nov 11 14:28:15 2016 -0500

Add some unit testing for ed25519 IDs in extend2 cells.
---
 src/test/test_cell_formats.c | 35 ++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c
index f839a5b..bbcff38 100644
--- a/src/test/test_cell_formats.c
+++ b/src/test/test_cell_formats.c
@@ -11,6 +11,7 @@
 #include "channel.h"
 #include "connection_edge.h"
 #include "connection_or.h"
+#include "config.h"
 #include "onion.h"
 #include "onion_tap.h"
 #include "onion_fast.h"
@@ -698,6 +699,7 @@ test_cfmt_extend_cells(void *arg)
   tt_int_op(61681, OP_EQ, ec.orport_ipv4.port);
   tt_str_op("2002::f0:c51e", OP_EQ, fmt_addr(_ipv6.addr));
   tt_int_op(4370, OP_EQ, ec.orport_ipv6.port);
+  tt_assert(ed25519_public_key_is_zero(_pubkey));
   tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20);
   tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2);
   tt_int_op(cc->handshake_type, OP_EQ, 0x105);
@@ -717,6 +719,37 @@ test_cfmt_extend_cells(void *arg)
   tt_mem_op(p2+1+8+22+4,OP_EQ, b, 99+20);
   tt_int_op(0, OP_EQ, create_cell_format_relayed(, cc));
 
+  /* Now let's add an ed25519 key to that extend2 cell. */
+  memcpy(ec.ed_pubkey.pubkey,
+ "brownshoesdontmakeit/brownshoesd", 32);
+
+  /* As before, since we aren't extending by ed25519. */
+  get_options_mutable()->ExtendByEd25519ID = 0;
+  tt_int_op(0, OP_EQ, extend_cell_format(_cmd, _len, p2, ));
+  tt_int_op(p2_len, OP_EQ, 89+99-34-20);
+  test_memeq_hex(p2,
+ "02000612F40001F0F1"
+ "0214616e7468726f706f6d6f727068697a6174696f6e"
+ "01050063");
+
+  /* Now try with the ed25519 ID. */
+  get_options_mutable()->ExtendByEd25519ID = 1;
+  tt_int_op(0, OP_EQ, extend_cell_format(_cmd, _len, p2, ));
+  tt_int_op(p2_len, OP_EQ, 89+99-34-20 + 34);
+  test_memeq_hex(p2,
+ "03000612F40001F0F1"
+ "0214616e7468726f706f6d6f727068697a6174696f6e"
+ // ed digest follows:
+ "0320" "62726f776e73686f6573646f6e746d616b656"
+"9742f62726f776e73686f657364"
+ "01050063");
+  /* Can we parse that? Did the key come through right? */
+  memset(, 0, sizeof(ec));
+  tt_int_op(0, OP_EQ, extend_cell_parse(, RELAY_COMMAND_EXTEND2,
+p2, p2_len));
+  tt_mem_op("brownshoesdontmakeit/brownshoesd", OP_EQ,
+ec.ed_pubkey.pubkey, 32);
+
   /* == Now try parsing some junk */
 
   /* Try a too-long handshake */
@@ -1257,7 +1290,7 @@ struct testcase_t cell_format_tests[] = {
   TEST(connected_cells, 0),
   TEST(create_cells, 0),
   TEST(created_cells, 0),
-  TEST(extend_cells, 0),
+  TEST(extend_cells, TT_FORK),
   TEST(extended_cells, 0),
   TEST(resolved_cells, 0),
   TEST(is_destroy, 0),



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Tiny cleanup of chan handling when setting connection ID digests

[nickm]

commit 5eef00eb049606bf5b5610af8e3ce9514bd95882
Author: Nick Mathewson 
Date:   Wed Dec 7 13:03:21 2016 -0500

Tiny cleanup of chan handling when setting connection ID digests
---
 src/or/connection_or.c | 9 -
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 046865d..f0292bc 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -153,8 +153,8 @@ connection_or_set_identity_digest(or_connection_t *conn,
   /* If the identity was set previously, remove the old mapping. */
   if (rsa_id_was_set) {
 connection_or_clear_identity(conn);
-if (conn->chan)
-  channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan));
+if (chan)
+  channel_clear_identity_digest(chan);
   }
 
   memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN);
@@ -165,9 +165,8 @@ connection_or_set_identity_digest(or_connection_t *conn,
 return;
 
   /* Deal with channels */
-  if (conn->chan)
-channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan),
-rsa_digest, ed_id);
+  if (chan)
+channel_set_identity_digest(chan, rsa_digest, ed_id);
 }
 
 /** Remove the Extended ORPort identifier of conn from the



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix comment on connection_or_client_learned_peer_id().

[nickm]

commit d0b76f5099cb21c3f2d688d7e812f349dc06b695
Author: Nick Mathewson 
Date:   Wed Dec 7 13:08:51 2016 -0500

Fix comment  on connection_or_client_learned_peer_id().
---
 src/or/connection_or.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index f0292bc..635d3e4 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1588,9 +1588,10 @@ connection_or_check_valid_tls_handshake(or_connection_t 
*conn,
 
 /** Called when we (as a connection initiator) have definitively,
  * authenticatedly, learned that ID of the Tor instance on the other
- * side of conn is peer_id.  For v1 and v2 handshakes,
+ * side of conn is rsa_peer_id and optionally ed_peer_id.
+ * For v1 and v2 handshakes,
  * this is right after we get a certificate chain in a TLS handshake
- * or renegotiation.  For v3 handshakes, this is right after we get a
+ * or renegotiation.  For v3+ handshakes, this is right after we get a
  * certificate chain in a CERTS cell.
  *
  * If we did not know the ID before, record the one we got.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add a few more debug/info-level logs for ed25519 link handshake stuff

[nickm]

commit e0ab293837c76ee95b8b94f461aefe0f1ac6eff0
Author: Nick Mathewson 
Date:   Thu Nov 10 12:55:42 2016 -0500

Add a few more debug/info-level logs for ed25519 link handshake stuff
---
 src/or/channeltls.c| 14 --
 src/or/connection_or.c |  8 
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index fafa08c..aef0143 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1993,12 +1993,15 @@ channel_tls_process_certs_cell(var_cell_t *cell, 
channel_tls_t *chan)
  checked_ed_id, sizeof(ed25519_public_key_t));
 }
 
+log_debug(LD_HANDSHAKE, "calling client_learned_peer_id from "
+  "process_certs_cell");
+
 if (connection_or_client_learned_peer_id(chan->conn,
   chan->conn->handshake_state->authenticated_rsa_peer_id,
   checked_ed_id) < 0)
   ERR("Problem setting or checking peer id");
 
-log_info(LD_OR,
+log_info(LD_HANDSHAKE,
  "Got some good certificates from %s:%d: Authenticated it with "
  "RSA%s",
  safe_str(chan->conn->base_.address), chan->conn->base_.port,
@@ -2334,6 +2337,13 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, 
channel_tls_t *chan)
chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
 crypto_pk_free(identity_rcvd);
 
+log_debug(LD_HANDSHAKE,
+  "Calling connection_or_init_conn_from_address for %s "
+  " from %s, with%s ed25519 id.",
+  safe_str(chan->conn->base_.address),
+  __func__,
+  ed_identity_received ? "" : "out");
+
 connection_or_init_conn_from_address(chan->conn,
   &(chan->conn->base_.addr),
   chan->conn->base_.port,
@@ -2342,7 +2352,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, 
channel_tls_t *chan)
   ed_identity_received,
   0);
 
-log_info(LD_OR,
+log_debug(LD_HANDSHAKE,
  "Got an AUTHENTICATE cell from %s:%d, type %d: Looks good.",
  safe_str(chan->conn->base_.address),
  chan->conn->base_.port,
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 0caf8a9..e10eaaf 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -831,6 +831,12 @@ connection_or_init_conn_from_address(or_connection_t *conn,
  const ed25519_public_key_t *ed_id,
  int started_here)
 {
+  log_debug(LD_HANDSHAKE, "init conn from address %s: %s, %s (%d)",
+fmt_addr(addr),
+hex_str((const char*)id_digest, DIGEST_LEN),
+ed25519_fmt(ed_id),
+started_here);
+
   const node_t *r = node_get_by_id(id_digest);
   connection_or_set_identity_digest(conn, id_digest, ed_id);
   connection_or_update_token_buckets_helper(conn, 1, get_options());
@@ -1510,6 +1516,8 @@ connection_or_check_valid_tls_handshake(or_connection_t 
*conn,
   if (started_here) {
 /* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL
  * here. */
+log_debug(LD_HANDSHAKE, "Calling client_learned_peer_id from "
+  "check_valid_tls_handshake");
 return connection_or_client_learned_peer_id(conn,
 (const uint8_t*)digest_rcvd_out,
 NULL);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Enforce directionality in connection_or_set_identity_digest().

[nickm]

commit 5ada24957954163f68e77b300925d445ccbe7e55
Author: Nick Mathewson 
Date:   Thu Nov 10 16:07:55 2016 -0500

Enforce directionality in connection_or_set_identity_digest().

This function has never gotten testing for the case where an
identity had been set, and then got set to something else.  Rather
than make it handle those cases, we forbid them.
---
 src/or/connection_or.c | 42 +-
 1 file changed, 37 insertions(+), 5 deletions(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index e10eaaf..2889bb7 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -105,20 +105,51 @@ connection_or_clear_identity_map(void)
 }
 
 /** Change conn->identity_digest to digest, and add conn into
- * orconn_digest_map. */
+ * the appropriate digest maps.
+ *
+ * NOTE that this function only allows two kinds of transitions: from
+ * unset identity to set identity, and from idempotent re-settings
+ * of the same identity.  It's not allowed to clear an identity or to
+ * change an identity.  Return 0 on success, and -1 if the transition
+ * is not allowed.
+ **/
 static void
 connection_or_set_identity_digest(or_connection_t *conn,
   const char *rsa_digest,
   const ed25519_public_key_t *ed_id)
 {
+  channel_t *chan = NULL;
   tor_assert(conn);
   tor_assert(rsa_digest);
 
-  if (tor_memeq(conn->identity_digest, rsa_digest, DIGEST_LEN))
+  if (conn->chan)
+chan = TLS_CHAN_TO_BASE(conn->chan);
+
+  log_info(LD_HANDSHAKE, "Set identity digest for %p (%s): %s %s.",
+   conn,
+   escaped_safe_str(conn->base_.address),
+   hex_str(rsa_digest, DIGEST_LEN),
+   ed25519_fmt(ed_id));
+  log_info(LD_HANDSHAKE, "   (Previously: %s %s)",
+   hex_str(conn->identity_digest, DIGEST_LEN),
+   chan ? ed25519_fmt(>ed25519_identity) : "");
+
+  const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest);
+  const int ed_id_was_set =
+chan && !ed25519_public_key_is_zero(>ed25519_identity);
+  const int rsa_changed =
+tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN);
+  const int ed_changed = ed_id_was_set &&
+(!ed_id || !ed25519_pubkey_eq(ed_id, >ed25519_identity));
+
+  tor_assert(!rsa_changed || !rsa_id_was_set);
+  tor_assert(!ed_changed || !ed_id_was_set);
+
+  if (!rsa_changed && !ed_changed)
 return;
 
   /* If the identity was set previously, remove the old mapping. */
-  if (! tor_digest_is_zero(conn->identity_digest)) {
+  if (rsa_id_was_set) {
 connection_or_clear_identity(conn);
 if (conn->chan)
   channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan));
@@ -126,8 +157,9 @@ connection_or_set_identity_digest(or_connection_t *conn,
 
   memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN);
 
-  /* If we're setting the ID to zero, don't add a mapping. */
-  if (tor_digest_is_zero(rsa_digest))
+  /* If we're initializing the IDs to zero, don't add a mapping yet. */
+  if (tor_digest_is_zero(rsa_digest) &&
+  (!ed_id || ed25519_public_key_is_zero(ed_id)))
 return;
 
   /* Deal with channels */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Adding some assertions to onion.c

[nickm]

commit 236e8b605e6aebf87787951ca05f5c75ad530c8a
Author: Nick Mathewson 
Date:   Wed Dec 7 13:19:37 2016 -0500

Adding some assertions to onion.c
---
 src/or/onion.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/src/or/onion.c b/src/or/onion.c
index 8e0896f..42b9ca4 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -879,6 +879,7 @@ extend_cell_from_extend1_cell_body(extend_cell_t *cell_out,
const extend1_cell_body_t *cell)
 {
   tor_assert(cell_out);
+  tor_assert(cell);
   memset(cell_out, 0, sizeof(*cell_out));
   tor_addr_make_unspec(_out->orport_ipv4.addr);
   tor_addr_make_unspec(_out->orport_ipv6.addr);
@@ -908,6 +909,7 @@ create_cell_from_create2_cell_body(create_cell_t *cell_out,
const create2_cell_body_t *cell)
 {
   tor_assert(cell_out);
+  tor_assert(cell);
   memset(cell_out, 0, sizeof(create_cell_t));
   if (BUG(cell->handshake_len > sizeof(cell_out->onionskin))) {
 /* This should be impossible because there just isn't enough room in the
@@ -930,6 +932,7 @@ extend_cell_from_extend2_cell_body(extend_cell_t *cell_out,
const extend2_cell_body_t *cell)
 {
   tor_assert(cell_out);
+  tor_assert(cell);
   int found_ipv4 = 0, found_ipv6 = 0, found_rsa_id = 0, found_ed_id = 0;
   memset(cell_out, 0, sizeof(*cell_out));
   tor_addr_make_unspec(_out->orport_ipv4.addr);
@@ -988,6 +991,9 @@ extend_cell_parse(extend_cell_t *cell_out, const uint8_t 
command,
   const uint8_t *payload, size_t payload_length)
 {
 
+  tor_assert(cell_out);
+  tor_assert(payload);
+
   if (payload_length > RELAY_PAYLOAD_SIZE)
 return -1;
 
@@ -1033,6 +1039,7 @@ extend_cell_parse(extend_cell_t *cell_out, const uint8_t 
command,
 static int
 check_extended_cell(const extended_cell_t *cell)
 {
+  tor_assert(cell);
   if (cell->created_cell.cell_type == CELL_CREATED) {
 if (cell->cell_type != RELAY_COMMAND_EXTENDED)
   return -1;
@@ -1054,6 +1061,9 @@ extended_cell_parse(extended_cell_t *cell_out,
 const uint8_t command, const uint8_t *payload,
 size_t payload_len)
 {
+  tor_assert(cell_out);
+  tor_assert(payload);
+
   memset(cell_out, 0, sizeof(*cell_out));
   if (payload_len > RELAY_PAYLOAD_SIZE)
 return -1;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] helper to test a node for matching an ed25519 ID.

[nickm]

commit 424ae9e18bc902e6c96a0e49b609f40868174af8
Author: Nick Mathewson 
Date:   Fri Nov 11 12:37:58 2016 -0500

helper to test a node for matching an ed25519 ID.
---
 src/or/nodelist.c | 12 
 src/or/nodelist.h |  2 ++
 2 files changed, 14 insertions(+)

diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 1f993e4..d8d2dbb 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -671,6 +671,18 @@ node_get_ed25519_id(const node_t *node)
   return NULL;
 }
 
+/** Return true iff this node's Ed25519 identity matches id.
+ * (An absent Ed25519 identity matches NULL or zero.) */
+int
+node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
+{
+  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
+  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
+return id == NULL || ed25519_public_key_is_zero(id);
+  } else {
+return id && ed25519_pubkey_eq(node_id, id);
+  }
+}
 
 /** Return true iff node supports authenticating itself
  * by ed25519 ID during the link handshake in a way that we can understand
diff --git a/src/or/nodelist.h b/src/or/nodelist.h
index 57c3b43..31fdc64 100644
--- a/src/or/nodelist.h
+++ b/src/or/nodelist.h
@@ -56,6 +56,8 @@ long node_get_declared_uptime(const node_t *node);
 time_t node_get_published_on(const node_t *node);
 const smartlist_t *node_get_declared_family(const node_t *node);
 const ed25519_public_key_t *node_get_ed25519_id(const node_t *node);
+int node_ed25519_id_matches(const node_t *node,
+const ed25519_public_key_t *id);
 int node_supports_ed25519_link_authentication(const node_t *node);
 const uint8_t *node_get_rsa_id_digest(const node_t *node);
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Changes file for feature 15056 (prop220, extend cell side)

[nickm]

commit a7cae7f8f7075da1856c619d141b54c56bfc5f31
Author: Nick Mathewson 
Date:   Fri Nov 11 15:39:29 2016 -0500

Changes file for feature 15056 (prop220, extend cell side)
---
 changes/feature15056 | 28 
 1 file changed, 28 insertions(+)

diff --git a/changes/feature15056 b/changes/feature15056
new file mode 100644
index 000..46226f8
--- /dev/null
+++ b/changes/feature15056
@@ -0,0 +1,28 @@
+  o Major features (ed25519 identity keys):
+- Relays now understand requests to extend to other relays
+  by their Ed25519 identity keys. When an Ed25519 identity key
+  is included in an EXTEND2 cell, the relay will only extend
+  the circuit if the other relay can prove ownership of that identity.
+  Implements part of ticket 15056; part of proposal 220.
+- Clients now support including Ed25519 identity keys in the EXTEND2
+  cells they generate.  By default, this is controlled by a consensus
+  parameter, currently disabled.  You can turn this feature on for
+  testing by setting ExtendByEd25519ID in your configuration. This might
+  make your traffic appear different than the traffic generated by other
+  users, however.
+  Implements part of ticket 15056; part of proposal 220.
+
+  o Code simplification and refactoring:
+- The code to generate and parse EXTEND and EXTEND2 cells has
+  been replaced with code automatically generated by the "trunnel"
+  utility.
+- Remove data structures that were used to index or_connection objects by
+  their RSA identity digests. These structures are fully redundant with
+  the similar structures used in the channel abstraction.
+
+  o Minor features (directory authority):
+- Add a new authority-only AuthDirTestEd25519LinkKeys option (on by
+  default) to control whether authorities should try to probe relays by
+  their Ed25519 link keys.  This option will go away in a few
+  releases--unless we encounter major trouble in our ed25519 link
+  protocol rollout, in which case it will serve as a safety option.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add an ed25519_copy; use it in a couple of places dgoulet suggested.

[nickm]

commit 937aef48eeae4b81528de3e04b39047d0f826d9b
Author: Nick Mathewson 
Date:   Mon Dec 5 12:55:52 2016 -0500

Add an ed25519_copy; use it in a couple of places dgoulet suggested.
---
 src/common/crypto_ed25519.c | 12 
 src/common/crypto_ed25519.h |  3 +++
 src/or/circuitbuild.c   |  5 ++---
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 809ad12..b7c8311 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -628,6 +628,18 @@ ed25519_pubkey_eq(const ed25519_public_key_t *key1,
   return tor_memeq(key1->pubkey, key2->pubkey, ED25519_PUBKEY_LEN);
 }
 
+/**
+ * Set dest to contain the same key as src.
+ */
+void
+ed25519_pubkey_copy(ed25519_public_key_t *dest,
+const ed25519_public_key_t *src)
+{
+  tor_assert(dest);
+  tor_assert(src);
+  memcpy(dest, src, sizeof(ed25519_public_key_t));
+}
+
 /** Check whether the given Ed25519 implementation seems to be working.
  * If so, return 0; otherwise return -1. */
 static int
diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h
index 5d63d90..929b2b5 100644
--- a/src/common/crypto_ed25519.h
+++ b/src/common/crypto_ed25519.h
@@ -121,6 +121,9 @@ void ed25519_keypair_free(ed25519_keypair_t *kp);
 
 int ed25519_pubkey_eq(const ed25519_public_key_t *key1,
   const ed25519_public_key_t *key2);
+void ed25519_pubkey_copy(ed25519_public_key_t *dest,
+ const ed25519_public_key_t *src);
+
 
 void ed25519_set_impl_params(int use_donna);
 void ed25519_init(void);
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index bac68bb..96bd472 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1045,8 +1045,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
 memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN);
 /* Set the ED25519 identity too -- it will only get included
  * in the extend2 cell if we're configured to use it, though. */
-memcpy(_pubkey, >extend_info->ed_identity,
-   sizeof(ed25519_public_key_t));
+ed25519_pubkey_copy(_pubkey, >extend_info->ed_identity);
 
 len = onion_skin_create(ec.create_cell.handshake_type,
 hop->extend_info,
@@ -1183,7 +1182,7 @@ circuit_extend(cell_t *cell, circuit_t *circ)
 if (node &&
 node_supports_ed25519_link_authentication(node) &&
 (node_ed_id = node_get_ed25519_id(node))) {
-  memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN);
+  ed25519_pubkey_copy(_pubkey, node_ed_id);
 }
   }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'feature15056_v1_squashed'

[nickm]

commit e93234af70da5cf3d513e57b12e4934b1c4d9529
Merge: e33c85a 236e8b6
Author: Nick Mathewson 
Date:   Thu Dec 8 16:49:24 2016 -0500

Merge branch 'feature15056_v1_squashed'

 changes/feature15056 |  28 ++
 doc/tor.1.txt|  14 +
 src/common/crypto_ed25519.c  |  20 +
 src/common/crypto_ed25519.h  |   6 +
 src/common/crypto_format.c   |  16 +
 src/common/crypto_format.h   |   1 +
 src/or/channel.c | 151 ++-
 src/or/channel.h |  40 +-
 src/or/channeltls.c  |  18 +-
 src/or/circuitbuild.c|  98 +++--
 src/or/circuitbuild.h|   6 +-
 src/or/circuituse.c  |  11 +-
 src/or/config.c  |   2 +
 src/or/connection.c  |   4 +-
 src/or/connection_or.c   | 299 -
 src/or/connection_or.h   |   5 +-
 src/or/dirserv.c |  35 +-
 src/or/dirserv.h |   3 +-
 src/or/entrynodes.c  |  33 +-
 src/or/entrynodes.h  |   3 +-
 src/or/main.c|   4 +-
 src/or/nodelist.c|  70 +++
 src/or/nodelist.h|   5 +
 src/or/onion.c   | 314 +-
 src/or/onion.h   |   2 +
 src/or/or.h  |  18 +-
 src/or/router.c  |   7 +
 src/or/routerkeys.c  |   8 +
 src/or/routerkeys.h  |   2 +
 src/test/test_cell_formats.c |  35 +-
 src/test/test_channel.c  | 106 +
 src/test/test_link_handshake.c   |  10 +-
 src/trunnel/ed25519_cert.c   | 911 ++-
 src/trunnel/ed25519_cert.h   | 318 ++
 src/trunnel/ed25519_cert.trunnel |  53 +--
 35 files changed, 2299 insertions(+), 357 deletions(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] whitespace cleanups

[nickm]

commit e1f00c5f8620f46f97ac58b2a1787852891c8981
Author: Nick Mathewson 
Date:   Thu Dec 8 16:53:29 2016 -0500

whitespace cleanups
---
 src/common/crypto_ed25519.h | 2 --
 src/or/nodelist.c   | 1 -
 2 files changed, 3 deletions(-)

diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h
index 929b2b5..a58b416 100644
--- a/src/common/crypto_ed25519.h
+++ b/src/common/crypto_ed25519.h
@@ -68,7 +68,6 @@ ed25519_checksig_prefixed(const ed25519_signature_t 
*signature,
 
 int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey);
 
-
 /**
  * A collection of information necessary to check an Ed25519 signature. Used
  * for batch verification.
@@ -124,7 +123,6 @@ int ed25519_pubkey_eq(const ed25519_public_key_t *key1,
 void ed25519_pubkey_copy(ed25519_public_key_t *dest,
  const ed25519_public_key_t *src);
 
-
 void ed25519_set_impl_params(int use_donna);
 void ed25519_init(void);
 
diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 6117b86..3f2e111 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -715,7 +715,6 @@ node_get_rsa_id_digest(const node_t *node)
   return (const uint8_t*)node->identity;
 }
 
-
 /** Return the nickname of node, or NULL if we can't find one. */
 const char *
 node_get_nickname(const node_t *node)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Canonicity update for ed25519.

[nickm]

commit cd741cc595d705daef3aa9158bc7822fff935846
Author: Nick Mathewson 
Date:   Fri Nov 11 12:38:11 2016 -0500

Canonicity update for ed25519.

If a node can prove its Ed25519 identity, don't consider connections
to it canonical unless they match both identities.

Includes link handshake changes needed to avoid crashing with bug
warnings, since the tests now reach more parts of the code.

Closes ticket 20355
---
 src/or/connection_or.c | 41 -
 src/test/test_link_handshake.c |  4 
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 953e9df..088900c 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -75,6 +75,9 @@ static void 
connection_or_mark_bad_for_new_circs(or_connection_t *or_conn);
 
 static void connection_or_change_state(or_connection_t *conn, uint8_t state);
 
+static void connection_or_check_canonicity(or_connection_t *conn,
+   int started_here);
+
 /**/
 
 /** Global map between Extended ORPort identifiers and OR
@@ -869,13 +872,38 @@ connection_or_init_conn_from_address(or_connection_t 
*conn,
 ed25519_fmt(ed_id),
 started_here);
 
-  const node_t *r = node_get_by_id(id_digest);
   connection_or_set_identity_digest(conn, id_digest, ed_id);
   connection_or_update_token_buckets_helper(conn, 1, get_options());
 
   conn->base_.port = port;
   tor_addr_copy(>base_.addr, addr);
   tor_addr_copy(>real_addr, addr);
+
+  connection_or_check_canonicity(conn, started_here);
+}
+
+/** Check whether the identity of conn matches a known node.  If it
+ * does, check whether the address of conn matches the expected address, and
+ * update the connection's is_canonical flag, nickname, and address fields as
+ * appropriate. */
+static void
+connection_or_check_canonicity(or_connection_t *conn, int started_here)
+{
+  const char *id_digest = conn->identity_digest;
+  const ed25519_public_key_t *ed_id = NULL;
+  const tor_addr_t *addr = >real_addr;
+  if (conn->chan)
+ed_id = & TLS_CHAN_TO_BASE(conn->chan)->ed25519_identity;
+
+  const node_t *r = node_get_by_id(id_digest);
+  if (r &&
+  node_supports_ed25519_link_authentication(r) &&
+  ! node_ed25519_id_matches(r, ed_id)) {
+/* If this node is capable of proving an ed25519 ID,
+ * we can't call this a canonical connection unless both IDs match. */
+ r = NULL;
+  }
+
   if (r) {
 tor_addr_port_t node_ap;
 node_get_pref_orport(r, _ap);
@@ -897,10 +925,12 @@ connection_or_init_conn_from_address(or_connection_t 
*conn,
   tor_addr_copy(>base_.addr, _ap.addr);
   conn->base_.port = node_ap.port;
 }
+tor_free(conn->nickname);
 conn->nickname = tor_strdup(node_get_nickname(r));
 tor_free(conn->base_.address);
 conn->base_.address = tor_addr_to_str_dup(_ap.addr);
   } else {
+tor_free(conn->nickname);
 conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
 conn->nickname[0] = '$';
 base16_encode(conn->nickname+1, HEX_DIGEST_LEN+1,
@@ -1589,6 +1619,7 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
   const or_options_t *options = get_options();
   channel_tls_t *chan_tls = conn->chan;
   channel_t *chan = channel_tls_to_base(chan_tls);
+  int changed_identity = 0;
   tor_assert(chan);
 
   const int expected_rsa_key =
@@ -1619,6 +1650,7 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
  * we do -- remember it for future attempts. */
 learned_router_identity(>base_.addr, conn->base_.port,
 (const char*)rsa_peer_id, ed_peer_id);
+changed_identity = 1;
   }
 
   const int rsa_mismatch = expected_rsa_key &&
@@ -1706,6 +1738,13 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
  "connection.");
 connection_or_set_identity_digest(conn,
   (const char*)rsa_peer_id, ed_peer_id);
+changed_identity = 1;
+  }
+
+  if (changed_identity) {
+/* If we learned an identity for this connection, then we might have
+ * just discovered it to be canonical. */
+connection_or_check_canonicity(conn, conn->handshake_state->started_here);
   }
 
   if (authdir_mode_tests_reachability(options)) {
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 9931702..421f3aa 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -117,6 +117,9 @@ test_link_handshake_certs_ok(void *arg)
   crypto_pk_t *key1 = NULL, *key2 = NULL;
   const int with_ed = !strcmp((const char *)arg, "Ed25519");
 
+  tor_addr_from_ipv4h(>base_.addr, 0x7f01);
+  tor_addr_from_ipv4h(>base_.addr, 0x7f01);
+
   scheduler_init();
 
   MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key);
@@ -354,6 +357,7 @@ recv_certs_setup(const 

[tor-commits] [tor/master] Teach channel_rsa_id_group_set_badness_() about Ed25519

[nickm]

commit 3b1e04fe4505ccbd7d93061dccb5673523519c64
Author: Nick Mathewson 
Date:   Thu Nov 10 16:38:04 2016 -0500

Teach channel_rsa_id_group_set_badness_() about Ed25519

(Only run the connection_or_group_set_badness_() function on groups
of channels that have the same RSA and Ed25519 identities.)

There's a possible opportunity here where we might want to set a
channel to "bad" if it has no ed25519 identity and some other
channel has some.  Also there's an opportunity to add a warning if
we ever have an Ed mismatch on open connections with the same RSA
ID.
---
 src/or/channel.c   | 41 ++---
 src/or/connection_or.c |  6 +++---
 2 files changed, 37 insertions(+), 10 deletions(-)

diff --git a/src/or/channel.c b/src/or/channel.c
index 0a96f23..7984558 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -4551,18 +4551,45 @@ channel_set_circid_type,(channel_t *chan,
 static void
 channel_rsa_id_group_set_badness(struct channel_list_s *lst, int force)
 {
+  /* This function should really be about channels. 15056 */
   channel_t *chan;
 
-  smartlist_t *or_conns = smartlist_new();
+  /* First, get a minimal list of the ed25519 identites */
+  smartlist_t *ed_identities = smartlist_new();
   TOR_LIST_FOREACH(chan, lst, next_with_same_id) {
-channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan);
-or_connection_t *orconn = chantls->conn;
-if (orconn)
-  smartlist_add(or_conns, orconn);
+uint8_t *id_copy =
+  tor_memdup(>ed25519_identity.pubkey, DIGEST256_LEN);
+smartlist_add(ed_identities, id_copy);
   }
-  /* This function should really be about channels. 15056 */
-  connection_or_group_set_badness_(or_conns, force);
+  smartlist_sort_digests256(ed_identities);
+  smartlist_uniq_digests256(ed_identities);
+
+  /* Now, for each Ed identity, build a smartlist and find the best entry on
+   * it.  */
+  smartlist_t *or_conns = smartlist_new();
+  SMARTLIST_FOREACH_BEGIN(ed_identities, const uint8_t *, ed_id) {
+TOR_LIST_FOREACH(chan, lst, next_with_same_id) {
+  channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan);
+  if (tor_memneq(ed_id, >ed25519_identity.pubkey, DIGEST256_LEN))
+continue;
+  or_connection_t *orconn = chantls->conn;
+  if (orconn) {
+tor_assert(orconn->chan == chantls);
+smartlist_add(or_conns, orconn);
+  }
+}
+
+connection_or_group_set_badness_(or_conns, force);
+smartlist_clear(or_conns);
+  } SMARTLIST_FOREACH_END(ed_id);
+
+  /*  15056 we may want to do something special with connections that have
+   * no set Ed25519 identity! */
+
   smartlist_free(or_conns);
+
+  SMARTLIST_FOREACH(ed_identities, uint8_t *, ed_id, tor_free(ed_id));
+  smartlist_free(ed_identities);
 }
 
 /** Go through all the channels (or if digest is non-NULL, just
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 2889bb7..953e9df 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -966,9 +966,9 @@ connection_or_mark_bad_for_new_circs(or_connection_t 
*or_conn)
 void
 connection_or_group_set_badness_(smartlist_t *group, int force)
 {
-  /*  this should be entirely about channels, not OR connections.  15056*/
-  /*  Look at Ed25519 ids too! 15056 */
-  
+  /*  this function should be entirely about channels, not OR
+   *  connections. */
+
   or_connection_t *best = NULL;
   int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0;
   time_t now = time(NULL);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Use connection_or_clear_identity in connection_or_clear_identity_map.

[nickm]

commit 9bf9e34a01a5b0b8d28ff2486c73e243561b4e3e
Author: Nick Mathewson 
Date:   Wed Dec 7 12:57:51 2016 -0500

Use connection_or_clear_identity in connection_or_clear_identity_map.
---
 src/or/connection_or.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 088900c..046865d 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -101,8 +101,7 @@ connection_or_clear_identity_map(void)
   SMARTLIST_FOREACH(conns, connection_t *, conn,
   {
 if (conn->type == CONN_TYPE_OR) {
-  or_connection_t *or_conn = TO_OR_CONN(conn);
-  memset(or_conn->identity_digest, 0, DIGEST_LEN);
+  connection_or_clear_identity(TO_OR_CONN(conn));
 }
   });
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Unit tests for channel identity map code

[nickm]

commit 921ac5c548789af348b2a0cadfc738b7fbfbf84a
Author: Nick Mathewson 
Date:   Fri Nov 11 13:09:25 2016 -0500

Unit tests for channel identity map code
---
 src/test/test_channel.c | 106 
 1 file changed, 106 insertions(+)

diff --git a/src/test/test_channel.c b/src/test/test_channel.c
index e87f99e..f158b1a 100644
--- a/src/test/test_channel.c
+++ b/src/test/test_channel.c
@@ -1768,6 +1768,111 @@ test_channel_write(void *arg)
   return;
 }
 
+static void
+test_channel_id_map(void *arg)
+{
+  (void)arg;
+  const int N_CHAN = 6;
+  char rsa_id[N_CHAN][DIGEST_LEN];
+  ed25519_public_key_t *ed_id[N_CHAN];
+  channel_t *chan[N_CHAN];
+  int i;
+  ed25519_public_key_t ed_zero;
+  memset(_zero, 0, sizeof(ed_zero));
+
+  tt_assert(sizeof(rsa_id[0]) == DIGEST_LEN); // Do I remember C?
+
+  for (i = 0; i < N_CHAN; ++i) {
+crypto_rand(rsa_id[i], DIGEST_LEN);
+ed_id[i] = tor_malloc_zero(sizeof(*ed_id[i]));
+crypto_rand((char*)ed_id[i]->pubkey, sizeof(ed_id[i]->pubkey));
+  }
+
+  /* For channel 3, have no Ed identity. */
+  tor_free(ed_id[3]);
+
+  /* Channel 2 and 4 have same ROSA identity */
+  memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN);
+
+  /* Channel 2 and 4 and 5 have same RSA identity */
+  memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN);
+  memcpy(rsa_id[5], rsa_id[2], DIGEST_LEN);
+
+  /* Channels 2 and 5 have same Ed25519 identity */
+  memcpy(ed_id[5], ed_id[2], sizeof(*ed_id[2]));
+
+  for (i = 0; i < N_CHAN; ++i) {
+chan[i] = new_fake_channel();
+channel_register(chan[i]);
+channel_set_identity_digest(chan[i], rsa_id[i], ed_id[i]);
+  }
+
+  /* Lookup by RSA id only */
+  tt_ptr_op(chan[0], OP_EQ,
+channel_find_by_remote_identity(rsa_id[0], NULL));
+  tt_ptr_op(chan[1], OP_EQ,
+channel_find_by_remote_identity(rsa_id[1], NULL));
+  tt_ptr_op(chan[3], OP_EQ,
+channel_find_by_remote_identity(rsa_id[3], NULL));
+  channel_t *ch;
+  ch = channel_find_by_remote_identity(rsa_id[2], NULL);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == NULL);
+
+  /* As above, but with zero Ed25519 ID (meaning "any ID") */
+  tt_ptr_op(chan[0], OP_EQ,
+channel_find_by_remote_identity(rsa_id[0], _zero));
+  tt_ptr_op(chan[1], OP_EQ,
+channel_find_by_remote_identity(rsa_id[1], _zero));
+  tt_ptr_op(chan[3], OP_EQ,
+channel_find_by_remote_identity(rsa_id[3], _zero));
+  ch = channel_find_by_remote_identity(rsa_id[2], _zero);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]);
+  ch = channel_next_with_rsa_identity(ch);
+  tt_assert(ch == NULL);
+
+  /* Lookup nonexistent RSA identity */
+  tt_ptr_op(NULL, OP_EQ,
+channel_find_by_remote_identity("", NULL));
+
+  /* Look up by full identity pair */
+  tt_ptr_op(chan[0], OP_EQ,
+channel_find_by_remote_identity(rsa_id[0], ed_id[0]));
+  tt_ptr_op(chan[1], OP_EQ,
+channel_find_by_remote_identity(rsa_id[1], ed_id[1]));
+  tt_ptr_op(chan[3], OP_EQ,
+channel_find_by_remote_identity(rsa_id[3], ed_id[3] /*NULL*/));
+  tt_ptr_op(chan[4], OP_EQ,
+channel_find_by_remote_identity(rsa_id[4], ed_id[4]));
+  ch = channel_find_by_remote_identity(rsa_id[2], ed_id[2]);
+  tt_assert(ch == chan[2] || ch == chan[5]);
+
+  /* Look up RSA identity with wrong ed25519 identity */
+  tt_ptr_op(NULL, OP_EQ,
+channel_find_by_remote_identity(rsa_id[4], ed_id[0]));
+  tt_ptr_op(NULL, OP_EQ,
+channel_find_by_remote_identity(rsa_id[2], ed_id[1]));
+  tt_ptr_op(NULL, OP_EQ,
+channel_find_by_remote_identity(rsa_id[3], ed_id[1]));
+
+ done:
+  for (i = 0; i < N_CHAN; ++i) {
+channel_clear_identity_digest(chan[i]);
+channel_unregister(chan[i]);
+free_fake_channel(chan[i]);
+tor_free(ed_id[i]);
+  }
+}
+
 struct testcase_t channel_tests[] = {
   { "dumpstats", test_channel_dumpstats, TT_FORK, NULL, NULL },
   { "flush", test_channel_flush, TT_FORK, NULL, NULL },
@@ -1780,6 +1885,7 @@ struct testcase_t channel_tests[] = {
   { "queue_incoming", test_channel_queue_incoming, TT_FORK, NULL, NULL },
   { "queue_size", test_channel_queue_size, TT_FORK, NULL, NULL },
   { "write", test_channel_write, TT_FORK, NULL, NULL },
+  { "id_map", test_channel_id_map, TT_FORK, NULL, NULL },
   END_OF_TESTCASES
 };
 



___
tor-commits mailing list
tor-commits@lists.torproject.org

[tor-commits] [tor/master] Migrate extend2/create2 cell encoding to Trunnel

[nickm]

commit e054211237e88cace9f7d7ff403600c192df9a31
Author: Nick Mathewson 
Date:   Wed Sep 14 16:00:23 2016 -0400

Migrate extend2/create2 cell encoding to Trunnel

(Not extended2/created2; that's too simple.)

Incidentally, add ed25519 identities to the mix when we have them.
---
 src/or/circuitbuild.c |  10 +-
 src/or/onion.c| 289 ++
 src/or/onion.h|   2 +
 3 files changed, 185 insertions(+), 116 deletions(-)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index a767f40..e578a94 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1041,6 +1041,10 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
 ec.orport_ipv4.port = hop->extend_info->port;
 tor_addr_make_unspec(_ipv6.addr);
 memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN);
+/* 15056 Either here or in the onion.c encoding code, we should make an
+ * option to decide whether we declare the ED identity (if we know one) */
+memcpy(_pubkey, >extend_info->ed_identity,
+   sizeof(ed25519_public_key_t));
 
 len = onion_skin_create(ec.create_cell.handshake_type,
 hop->extend_info,
@@ -1181,7 +1185,7 @@ circuit_extend(cell_t *cell, circuit_t *circ)
   }
 
   n_chan = channel_get_for_extend((const char*)ec.node_id,
-  /* ed25519 ID: put it here. 15056 */
+  /*_id 15056 */
   _ipv4.addr,
   ,
   _launch);
@@ -1193,7 +1197,7 @@ circuit_extend(cell_t *cell, circuit_t *circ)
 
 circ->n_hop = extend_info_new(NULL /*nickname*/,
   (const char*)ec.node_id,
-  NULL, /*ed25519 ID: get from ec. 15056*/
+  _pubkey,
   NULL, /*onion_key*/
   NULL, /*curve25519_key*/
   _ipv4.addr,
@@ -2367,7 +2371,7 @@ extend_info_new(const char *nickname,
 {
   extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t));
   memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN);
-  if (ed_id)
+  if (ed_id && !ed25519_public_key_is_zero(ed_id))
 memcpy(>ed_identity, ed_id, sizeof(ed25519_public_key_t));
   if (nickname)
 strlcpy(info->nickname, nickname, sizeof(info->nickname));
diff --git a/src/or/onion.c b/src/or/onion.c
index a987883..f49707f 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -76,6 +76,9 @@
 #include "rephist.h"
 #include "router.h"
 
+// trunnel
+#include "ed25519_cert.h"
+
 /** Type for a linked list of circuits that are waiting for a free CPU worker
  * to process a waiting onion handshake. */
 typedef struct onion_queue_t {
@@ -871,13 +874,111 @@ check_extend_cell(const extend_cell_t *cell)
   return check_create_cell(>create_cell, 1);
 }
 
-/** Protocol constants for specifier types in EXTEND2
- * @{
- */
-#define SPECTYPE_IPV4 0
-#define SPECTYPE_IPV6 1
-#define SPECTYPE_LEGACY_ID 2
-/** @} */
+static int
+extend_cell_from_extend1_cell_body(extend_cell_t *cell_out,
+   const extend1_cell_body_t *cell)
+{
+  tor_assert(cell_out);
+  memset(cell_out, 0, sizeof(*cell_out));
+  tor_addr_make_unspec(_out->orport_ipv4.addr);
+  tor_addr_make_unspec(_out->orport_ipv6.addr);
+
+  cell_out->cell_type = RELAY_COMMAND_EXTEND;
+  tor_addr_from_ipv4h(_out->orport_ipv4.addr, cell->ipv4addr);
+  cell_out->orport_ipv4.port = cell->port;
+  if (tor_memeq(cell->onionskin, NTOR_CREATE_MAGIC, 16)) {
+cell_out->create_cell.cell_type = CELL_CREATE2;
+cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_NTOR;
+cell_out->create_cell.handshake_len = NTOR_ONIONSKIN_LEN;
+memcpy(cell_out->create_cell.onionskin, cell->onionskin + 16,
+   NTOR_ONIONSKIN_LEN);
+  } else {
+cell_out->create_cell.cell_type = CELL_CREATE;
+cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_TAP;
+cell_out->create_cell.handshake_len = TAP_ONIONSKIN_CHALLENGE_LEN;
+memcpy(cell_out->create_cell.onionskin, cell->onionskin,
+   TAP_ONIONSKIN_CHALLENGE_LEN);
+  }
+  memcpy(cell_out->node_id, cell->identity, DIGEST_LEN);
+  return 0;
+}
+
+static int
+create_cell_from_create2_cell_body(create_cell_t *cell_out,
+   const create2_cell_body_t *cell)
+{
+  tor_assert(cell_out);
+  memset(cell_out, 0, sizeof(create_cell_t));
+  if (BUG(cell->handshake_len > sizeof(cell_out->onionskin))) {
+/* This should be impossible because there just isn't enough room in the
+ * input cell to make the handshake_len this large and provide a
+ * handshake_data to match. */
+return -1;
+  }
+
+  cell_out->cell_type = CELL_CREATE2;
+  cell_out->handshake_type = cell->handshake_type;
+  cell_out->handshake_len = 

[tor-commits] [tor/master] When attempting to find a channel by ID, consider Ed ID.

[nickm]

commit ef5158b2d2f67a1d70e6194b0fde291f853d485e
Author: Nick Mathewson 
Date:   Sun Sep 18 20:06:48 2016 -0400

When attempting to find a channel by ID, consider Ed ID.

Right now, there's only a mechanism to look for a channel where the
RSA ID matches *and* the ED ID matches. We can add a separate map
later if we want.
---
 src/or/channel.c   | 67 --
 src/or/channel.h   | 21 +++-
 src/or/channeltls.c|  1 -
 src/or/circuitbuild.c  | 21 +---
 src/or/connection_or.c |  4 +--
 5 files changed, 83 insertions(+), 31 deletions(-)

diff --git a/src/or/channel.c b/src/or/channel.c
index af58107..d484e71 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -733,27 +733,62 @@ channel_find_by_global_id(uint64_t global_identifier)
   return rv;
 }
 
+/** Return true iff chan matches rsa_id_digest and ed_id.
+ * as its identity keys.  If either is NULL, do not check for a match. */
+static int
+channel_remote_identity_matches(const channel_t *chan,
+const char *rsa_id_digest,
+const ed25519_public_key_t *ed_id)
+{
+  if (BUG(!chan))
+return 0;
+  if (rsa_id_digest) {
+if (tor_memneq(rsa_id_digest, chan->identity_digest, DIGEST_LEN))
+  return 0;
+  }
+  if (ed_id) {
+if (tor_memneq(ed_id->pubkey, chan->ed25519_identity.pubkey,
+   ED25519_PUBKEY_LEN))
+  return 0;
+  }
+  return 1;
+}
+
 /**
- * Find channel by digest of the remote endpoint
+ * Find channel by RSA/Ed25519 identity of of the remote endpoint
  *
- * This function looks up a channel by the digest of its remote endpoint in
- * the channel digest map.  It's possible that more than one channel to a
- * given endpoint exists.  Use channel_next_with_digest() to walk the list.
+ * This function looks up a channel by the digest of its remote endpoint's RSA
+ * identity key.  If ed_id is provided and nonzero, only a channel
+ * matching the ed_id will be returned.
+ *
+ * It's possible that more than one channel to a given endpoint exists.  Use
+ * channel_next_with_rsa_identity() to walk the list of channels; make sure
+ * to test for Ed25519 identity match too (as appropriate)
  */
-
 channel_t *
-channel_find_by_remote_digest(const char *identity_digest)
+channel_find_by_remote_identity(const char *rsa_id_digest,
+const ed25519_public_key_t *ed_id)
 {
   channel_t *rv = NULL;
   channel_idmap_entry_t *ent, search;
 
-  tor_assert(identity_digest);
+  tor_assert(rsa_id_digest); /* For now, we require that every channel have
+  * an RSA identity, and that every lookup
+  * contain an RSA identity */
+  if (ed_id && ed25519_public_key_is_zero(ed_id)) {
+/* Treat zero as meaning "We don't care about the presence or absence of
+ * an Ed key", not "There must be no Ed key". */
+ed_id = NULL;
+  }
 
-  memcpy(search.digest, identity_digest, DIGEST_LEN);
+  memcpy(search.digest, rsa_id_digest, DIGEST_LEN);
   ent = HT_FIND(channel_idmap, _identity_map, );
   if (ent) {
 rv = TOR_LIST_FIRST(>channel_list);
   }
+  while (rv && ! channel_remote_identity_matches(rv, rsa_id_digest, ed_id)) {
+rv = channel_next_with_rsa_identity(rv);
+  }
 
   return rv;
 }
@@ -766,7 +801,7 @@ channel_find_by_remote_digest(const char *identity_digest)
  */
 
 channel_t *
-channel_next_with_digest(channel_t *chan)
+channel_next_with_rsa_identity(channel_t *chan)
 {
   tor_assert(chan);
 
@@ -3296,7 +3331,8 @@ channel_is_better(time_t now, channel_t *a, channel_t *b,
  */
 
 channel_t *
-channel_get_for_extend(const char *digest,
+channel_get_for_extend(const char *rsa_id_digest,
+   const ed25519_public_key_t *ed_id,
const tor_addr_t *target_addr,
const char **msg_out,
int *launch_out)
@@ -3309,14 +3345,14 @@ channel_get_for_extend(const char *digest,
   tor_assert(msg_out);
   tor_assert(launch_out);
 
-  chan = channel_find_by_remote_digest(digest);
+  chan = channel_find_by_remote_identity(rsa_id_digest, ed_id);
 
   /* Walk the list, unrefing the old one and refing the new at each
* iteration.
*/
-  for (; chan; chan = channel_next_with_digest(chan)) {
+  for (; chan; chan = channel_next_with_rsa_identity(chan)) {
 tor_assert(tor_memeq(chan->identity_digest,
- digest, DIGEST_LEN));
+ rsa_id_digest, DIGEST_LEN));
 
if (CHANNEL_CONDEMNED(chan))
   continue;
@@ -3327,6 +3363,11 @@ channel_get_for_extend(const char *digest,
   continue;
 }
 
+/* The Ed25519 key has to match too */
+if (!channel_remote_identity_matches(chan, rsa_id_digest, ed_id)) {
+  continue;
+}
+
 /* Never return a non-open connection. */
 if (!CHANNEL_IS_OPEN(chan)) {
   /* If the address 

[tor-commits] [tor/master] Dirauth: Don't treat a router as reachable if the Ed25519 key didn't match

[nickm]

commit ae6b73e847c64b7902a259f9f43f056ab41c0eb4
Author: Nick Mathewson 
Date:   Fri Oct 28 16:22:44 2016 -0400

Dirauth: Don't treat a router as reachable if the Ed25519 key didn't match
---
 src/or/dirserv.c | 17 -
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 54b434d..b141a5d 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3173,7 +3173,6 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
 const char *digest_rcvd,
 const ed25519_public_key_t *ed_id_rcvd)
 {
-  (void)ed_id_rcvd; //  15056 use this.
   node_t *node = NULL;
   tor_addr_port_t orport;
   routerinfo_t *ri = NULL;
@@ -3184,8 +3183,24 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
   node = node_get_mutable_by_id(digest_rcvd);
   if (node == NULL || node->ri == NULL)
 return;
+
   ri = node->ri;
 
+  if (ri->cache_info.signing_key_cert) {
+/* We allow the node to have an ed25519 key if we haven't been told one in
+ * the routerinfo, but if we *HAVE* been told one in the routerinfo, it
+ * needs to match. */
+const ed25519_public_key_t *expected_id =
+  >cache_info.signing_key_cert->signing_key;
+tor_assert(!ed25519_public_key_is_zero(expected_id));
+if (! ed_id_rcvd || ! ed25519_pubkey_eq(ed_id_rcvd, expected_id)) {
+  log_info(LD_DIRSERV, "Router at %s:%d with RSA ID %s "
+   "did not present expected Ed25519 ID.",
+   fmt_addr(addr), or_port, hex_str(digest_rcvd, DIGEST_LEN));
+  return; /* Don't mark it as reachable. */
+}
+  }
+
   tor_addr_copy(, addr);
   orport.port = or_port;
   if (router_has_orport(ri, )) {



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Teach circuit_extend() more about Ed25519 identities.

[nickm]

commit c83778686839c4596504ea392854e9e95884fcfa
Author: Nick Mathewson 
Date:   Sat Sep 24 11:04:47 2016 -0700

Teach circuit_extend() more about Ed25519 identities.

- forbid extending to the previous hop by Ed25519 ID.
- If we know the Ed25519 ID for the next hop and the client doesn't,
  insist on the one from the consensus.
---
 src/or/circuitbuild.c | 21 ++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 887b8ec..e833fcb 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1175,6 +1175,16 @@ circuit_extend(cell_t *cell, circuit_t *circ)
 return -1;
   }
 
+  /* Fill in ed_pubkey if it was not provided and we can infer it from
+   * our networkstatus */
+  if (ed25519_public_key_is_zero(_pubkey)) {
+const node_t *node = node_get_by_id((const char*)ec.node_id);
+const ed25519_public_key_t *node_ed_id = NULL;
+if (node && (node_ed_id = node_get_ed25519_id(node))) {
+  memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN);
+}
+  }
+
   /* Next, check if we're being asked to connect to the hop that the
* extend cell came from. There isn't any reason for that, and it can
* assist circular-path attacks. */
@@ -1185,10 +1195,15 @@ circuit_extend(cell_t *cell, circuit_t *circ)
"Client asked me to extend back to the previous hop.");
 return -1;
   }
-  // XXX 15056 check prev-hop Ed ID too
 
-  // XXX 15056 Fill in ed_pubkey if it was not provided and we can infer
-  // XXX 15056 it from the networkstatus.
+  /* Check the previous hop Ed25519 ID too */
+  if (! ed25519_public_key_is_zero(_pubkey) &&
+  ed25519_pubkey_eq(_pubkey,
+_OR_CIRCUIT(circ)->p_chan->ed25519_identity)) {
+log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+   "Client asked me to extend back to the previous hop "
+   "(by Ed25519 ID).");
+  }
 
   n_chan = channel_get_for_extend((const char*)ec.node_id,
   _pubkey,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Migrate main data loop for set_bad_connections to use channel structures

[nickm]

commit a20c8a81d717852ad3a2bf261ec68efba692f0d7
Author: Nick Mathewson 
Date:   Mon Sep 19 16:14:28 2016 -0400

Migrate main data loop for set_bad_connections to use channel structures

This was the last user of our or_connections-by-ID map.  It also had
a tendency to be O(N) in cases that only had to be O(1).
---
 src/or/channel.c   | 48 
 src/or/channel.h   |  2 ++
 src/or/connection_or.c | 46 +-
 src/or/connection_or.h |  3 ++-
 src/or/entrynodes.c|  4 ++--
 src/or/main.c  |  2 +-
 6 files changed, 68 insertions(+), 37 deletions(-)

diff --git a/src/or/channel.c b/src/or/channel.c
index d484e71..4712891 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -4539,6 +4539,54 @@ channel_set_circid_type,(channel_t *chan,
   }
 }
 
+/** Helper for channel_update_bad_for_new_circs(): Perform the
+ * channel_update_bad_for_new_circs operation on all channels in lst,
+ * all of which MUST have the same RSA ID.  (They MAY have different
+ * Ed25519 IDs.) */
+static void
+channel_rsa_id_group_set_badness(struct channel_list_s *lst, int force)
+{
+  channel_t *chan;
+
+  smartlist_t *or_conns = smartlist_new();
+  TOR_LIST_FOREACH(chan, lst, next_with_same_id) {
+channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan);
+or_connection_t *orconn = chantls->conn;
+if (orconn)
+  smartlist_add(or_conns, orconn);
+  }
+  /* This function should really be about channels. 15056 */
+  connection_or_group_set_badness_(or_conns, force);
+  smartlist_free(or_conns);
+}
+
+/** Go through all the channels (or if digest is non-NULL, just
+ * the OR connections with that digest), and set the is_bad_for_new_circs
+ * flag based on the rules in connection_or_group_set_badness() (or just
+ * always set it if force is true).
+ */
+void
+channel_update_bad_for_new_circs(const char *digest, int force)
+{
+  if (digest) {
+channel_idmap_entry_t *ent;
+channel_idmap_entry_t search;
+memset(, 0, sizeof(search));
+memcpy(search.digest, digest, DIGEST_LEN);
+ent = HT_FIND(channel_idmap, _identity_map, );
+if (ent) {
+  channel_rsa_id_group_set_badness(>channel_list, force);
+}
+return;
+  }
+
+  /* no digest; just look at everything. */
+  channel_idmap_entry_t **iter;
+  HT_FOREACH(iter, channel_idmap, _identity_map) {
+channel_rsa_id_group_set_badness(&(*iter)->channel_list, force);
+  }
+}
+
 /**
  * Update the estimated number of bytes queued to transmit for this channel,
  * and notify the scheduler.  The estimate includes both the channel queue and
diff --git a/src/or/channel.h b/src/or/channel.h
index 39a4d05..3f0bb37 100644
--- a/src/or/channel.h
+++ b/src/or/channel.h
@@ -601,6 +601,8 @@ void channel_listener_dump_statistics(channel_listener_t 
*chan_l,
 void channel_listener_dump_transport_statistics(channel_listener_t *chan_l,
 int severity);
 
+void channel_update_bad_for_new_circs(const char *digest, int force);
+
 /* Flow control queries */
 uint64_t channel_get_global_queue_estimate(void);
 int channel_num_cells_writeable(channel_t *chan);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index d0cd9c0..ca5f300 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -961,7 +961,7 @@ connection_or_mark_bad_for_new_circs(or_connection_t 
*or_conn)
  * too old for new circuits? */
 #define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7)
 
-/** Given the head of the linked list for all the or_connections with a given
+/** Given a list of all the or_connections with a given
  * identity, set elements of that list as is_bad_for_new_circs as
  * appropriate. Helper for connection_or_set_bad_connections().
  *
@@ -978,19 +978,19 @@ connection_or_mark_bad_for_new_circs(or_connection_t 
*or_conn)
  * See channel_is_better() in channel.c for our idea of what makes one OR
  * connection better than another.
  */
-static void
-connection_or_group_set_badness(or_connection_t *head, int force)
+void
+connection_or_group_set_badness_(smartlist_t *group, int force)
 {
-  //  15056 we should make this about channels instead, so we
-  //can finally remove orconn_identity_map.
-
-  or_connection_t *or_conn = NULL, *best = NULL;
+  /*  this should be entirely about channels, not OR connections.  15056*/
+  /*  Look at Ed25519 ids too! 15056 */
+  
+  or_connection_t *best = NULL;
   int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0;
   time_t now = time(NULL);
 
   /* Pass 1: expire everything that's old, and see what the status of
* everything else is. */
-  for (or_conn = head; or_conn; or_conn = or_conn->next_with_same_id) {
+  SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) {
 if (or_conn->base_.marked_for_close ||
 connection_or_is_bad_for_new_circs(or_conn))
   continue;
@@ -1014,11 +1014,11 @@ 

[tor-commits] [tor/master] Add an option to disable dirauth ed25519 link key checks.

[nickm]

commit 3d7e485402752d21d01cdf36ae1102d4b013fe85
Author: Nick Mathewson 
Date:   Thu Nov 10 12:41:17 2016 -0500

Add an option to disable dirauth ed25519 link key checks.

If there is some horrible bug in our ed25519 link authentication
code that causes us to label every single ed25519-having node as
non-running, we'll be glad we had this.  Otherwise we can remove it
later.
---
 doc/tor.1.txt| 7 +++
 src/or/config.c  | 1 +
 src/or/dirserv.c | 7 +--
 src/or/or.h  | 5 +
 4 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 1071168..9f6f958 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2270,6 +2270,13 @@ on the public Tor network.
 (default), the flag "shared-rand-participate" is added to the authority
 vote indicating participation in the protocol. (Default: 1)
 
+[[AuthDirTestEd25519LinkKeys]] **AuthDirTestEd25519LinkKeys**  **0**|**1**::
+Authoritative directories only. If this option is set to 0, then we treat
+relays as "Running" if their RSA key is correct when we probe them,
+regardless of their Ed25519 key. We should only ever set this option to 0
+if there is some major bug in Ed25519 link authentication that causes us
+to label all the relays as not Running.  (Default: 1)
+
 [[BridgePassword]] **BridgePassword** __Password__::
 If set, contains an HTTP authenticator that tells a bridge authority to
 serve all requested bridge information. Used by the (only partially
diff --git a/src/or/config.c b/src/or/config.c
index 51c6290..d100af8 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -498,6 +498,7 @@ static config_var_t option_vars_[] = {
   V(User,STRING,   NULL),
   OBSOLETE("UserspaceIOCPBuffers"),
   V(AuthDirSharedRandomness, BOOL, "1"),
+  V(AuthDirTestEd25519LinkKeys,  BOOL, "1"),
   OBSOLETE("V1AuthoritativeDirectory"),
   OBSOLETE("V2AuthoritativeDirectory"),
   VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d060b29..0b896a2 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3186,7 +3186,8 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
 
   ri = node->ri;
 
-  if (ri->cache_info.signing_key_cert) {
+  if (get_options()->AuthDirTestEd25519LinkKeys &&
+  ri->cache_info.signing_key_cert) {
 /* We allow the node to have an ed25519 key if we haven't been told one in
  * the routerinfo, but if we *HAVE* been told one in the routerinfo, it
  * needs to match. */
@@ -3256,6 +3257,7 @@ dirserv_should_launch_reachability_test(const 
routerinfo_t *ri,
 void
 dirserv_single_reachability_test(time_t now, routerinfo_t *router)
 {
+  const or_options_t *options = get_options();
   channel_t *chan = NULL;
   node_t *node = NULL;
   tor_addr_t router_addr;
@@ -3266,7 +3268,8 @@ dirserv_single_reachability_test(time_t now, routerinfo_t 
*router)
   node = node_get_mutable_by_id(router->cache_info.identity_digest);
   tor_assert(node);
 
-  if (node_supports_ed25519_link_authentication(node)) {
+  if (options->AuthDirTestEd25519LinkKeys &&
+  node_supports_ed25519_link_authentication(node)) {
 ed_id_key = >cache_info.signing_key_cert->signing_key;
   } else {
 ed_id_key = NULL;
diff --git a/src/or/or.h b/src/or/or.h
index 14c2dd8..7e11bf0 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4577,6 +4577,11 @@ typedef struct {
   /** Autobool: Should we include Ed25519 identities in extend2 cells?
* If -1, we should do whatever the consensus parameter says. */
   int ExtendByEd25519ID;
+
+  /** Bool (default: 1): When testing routerinfos as a directory authority,
+   * do we enforce Ed25519 identity match? */
+  /* NOTE: remove this option someday. */
+  int AuthDirTestEd25519LinkKeys;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Propagate Ed25519 identities downwards into more functions.

[nickm]

commit 6788418f28930467121537f31c4b43f981ae6ca8
Author: Nick Mathewson 
Date:   Sat Sep 24 11:25:48 2016 -0700

Propagate Ed25519 identities downwards into more functions.

Actually set ed25519 identities on channels when we set a channel's
identity.
---
 src/or/channel.c   |  6 +-
 src/or/channel.h   |  3 ++-
 src/or/connection_or.c | 28 +---
 src/or/dirserv.c   |  4 +++-
 src/or/dirserv.h   |  3 ++-
 src/or/entrynodes.c| 24 +---
 src/or/entrynodes.h|  3 ++-
 7 files changed, 52 insertions(+), 19 deletions(-)

diff --git a/src/or/channel.c b/src/or/channel.c
index 4712891..e9bda24 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -1471,7 +1471,8 @@ channel_clear_identity_digest(channel_t *chan)
 
 void
 channel_set_identity_digest(channel_t *chan,
-const char *identity_digest)
+const char *identity_digest,
+const ed25519_public_key_t *ed_identity)
 {
   int was_in_digest_map, should_be_in_digest_map, state_not_in_map;
 
@@ -1510,6 +1511,9 @@ channel_set_identity_digest(channel_t *chan,
 memset(chan->identity_digest, 0,
sizeof(chan->identity_digest));
   }
+  if (ed_identity) {
+memcpy(>ed25519_identity, ed_identity, sizeof(*ed_identity));
+  }
 
   /* Put it in the digest map if we should */
   if (should_be_in_digest_map)
diff --git a/src/or/channel.h b/src/or/channel.h
index 3f0bb37..26aa93b 100644
--- a/src/or/channel.h
+++ b/src/or/channel.h
@@ -443,7 +443,8 @@ void channel_mark_incoming(channel_t *chan);
 void channel_mark_outgoing(channel_t *chan);
 void channel_mark_remote(channel_t *chan);
 void channel_set_identity_digest(channel_t *chan,
- const char *identity_digest);
+ const char *identity_digest,
+ const ed25519_public_key_t *ed_identity);
 void channel_set_remote_end(channel_t *chan,
 const char *identity_digest,
 const char *nickname);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 4449d3f..a22c4ad 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -111,7 +111,6 @@ connection_or_set_identity_digest(or_connection_t *conn,
   const char *rsa_digest,
   const ed25519_public_key_t *ed_id)
 {
-  (void) ed_id; // DOCDOC //  not implemented yet. 15056
   tor_assert(conn);
   tor_assert(rsa_digest);
 
@@ -133,7 +132,8 @@ connection_or_set_identity_digest(or_connection_t *conn,
 
   /* Deal with channels */
   if (conn->chan)
-channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), rsa_digest);
+channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan),
+rsa_digest, ed_id);
 }
 
 /** Remove the Extended ORPort identifier of conn from the
@@ -831,7 +831,6 @@ connection_or_init_conn_from_address(or_connection_t *conn,
  const ed25519_public_key_t *ed_id,
  int started_here)
 {
-  (void) ed_id; // not fully used yet. 15056
   const node_t *r = node_get_by_id(id_digest);
   connection_or_set_identity_digest(conn, id_digest, ed_id);
   connection_or_update_token_buckets_helper(conn, 1, get_options());
@@ -1116,7 +1115,6 @@ connection_or_connect, (const tor_addr_t *_addr, uint16_t 
port,
 const ed25519_public_key_t *ed_id,
 channel_tls_t *chan))
 {
-  (void) ed_id; //  not fully used yet. 15056
   or_connection_t *conn;
   const or_options_t *options = get_options();
   int socket_error = 0;
@@ -1135,6 +1133,11 @@ connection_or_connect, (const tor_addr_t *_addr, 
uint16_t port,
 log_info(LD_PROTOCOL,"Client asked me to connect to myself. Refusing.");
 return NULL;
   }
+  if (server_mode(options) && router_ed25519_id_is_me(ed_id)) {
+log_info(LD_PROTOCOL,"Client asked me to connect to myself by Ed25519 "
+ "identity. Refusing.");
+return NULL;
+  }
 
   conn = or_connection_new(CONN_TYPE_OR, tor_addr_family());
 
@@ -1504,11 +1507,13 @@ connection_or_check_valid_tls_handshake(or_connection_t 
*conn,
 
   crypto_pk_free(identity_rcvd);
 
-  if (started_here)
+  if (started_here) {
+/* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL
+ * here. */
 return connection_or_client_learned_peer_id(conn,
 (const uint8_t*)digest_rcvd_out,
-NULL // Ed25519 ID 15056
-);
+NULL);
+  }
 
   return 0;
 }
@@ -1541,8 +1546,6 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
  const uint8_t *rsa_peer_id,

[tor-commits] [tor/master] Helper function for logging ed25519 public keys.

[nickm]

commit 2cdd24ddd69a3cde2deae3eb69c24ae179d83834
Author: Nick Mathewson 
Date:   Thu Nov 10 10:43:28 2016 -0500

Helper function for logging ed25519 public keys.
---
 src/common/crypto_format.c | 16 
 src/common/crypto_format.h |  1 +
 2 files changed, 17 insertions(+)

diff --git a/src/common/crypto_format.c b/src/common/crypto_format.c
index 2f6d847..483013e 100644
--- a/src/common/crypto_format.c
+++ b/src/common/crypto_format.c
@@ -161,6 +161,22 @@ curve25519_public_from_base64(curve25519_public_key_t 
*pkey,
   }
 }
 
+/** For convenience: Convert pkey to a statically allocated base64
+ * string and return it. Not threadsafe. Subsequent calls invalidate
+ * previous returns. */
+const char *
+ed25519_fmt(const ed25519_public_key_t *pkey)
+{
+  static char formatted[ED25519_BASE64_LEN+1];
+  if (pkey) {
+int r = ed25519_public_to_base64(formatted, pkey);
+tor_assert(!r);
+  } else {
+strlcpy(formatted, "", sizeof(formatted));
+  }
+  return formatted;
+}
+
 /** Try to decode the string input into an ed25519 public key. On
  * success, store the value in pkey and return 0. Otherwise return
  * -1. */
diff --git a/src/common/crypto_format.h b/src/common/crypto_format.h
index 012e228..86c29d3 100644
--- a/src/common/crypto_format.h
+++ b/src/common/crypto_format.h
@@ -28,6 +28,7 @@ int ed25519_public_from_base64(ed25519_public_key_t *pkey,
const char *input);
 int ed25519_public_to_base64(char *output,
  const ed25519_public_key_t *pkey);
+const char *ed25519_fmt(const ed25519_public_key_t *pkey);
 
 /*  move these to crypto_format.h */
 #define ED25519_SIG_BASE64_LEN 86



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add a bunch of work-in-progress comments for 15056 planning

[nickm]

commit bfff729728e04d404533be7b86426833ca8d4a32
Author: Nick Mathewson 
Date:   Sun Sep 18 20:21:08 2016 -0400

Add a bunch of work-in-progress comments for 15056 planning
---
 src/or/channel.h   | 22 --
 src/or/channeltls.c|  3 ++-
 src/or/circuitbuild.c  |  4 
 src/or/connection_or.c | 16 +++-
 4 files changed, 33 insertions(+), 12 deletions(-)

diff --git a/src/or/channel.h b/src/or/channel.h
index 2747e52..39a4d05 100644
--- a/src/or/channel.h
+++ b/src/or/channel.h
@@ -153,13 +153,23 @@ struct channel_s {
   int (*write_var_cell)(channel_t *, var_cell_t *);
 
   /**
-   * Hash of the public RSA key for the other side's RSA identity key, or
-   * zeroes if the other side hasn't shown us a valid RSA identity key.
+   * Hash of the public RSA key for the other side's RSA identity key -- or
+   * zeroes if we don't have an RSA identity in mind for the other side, and
+   * it hasn't shown us one.
+   *
+   * Note that this is the RSA identity that we hope the other side has -- not
+   * necessarily its true identity.  Don't believe this identity unless
+   * authentication has happened.
*/
   char identity_digest[DIGEST_LEN];
   /**
-   * The Ed25519 public identity key for the other side, or zeros if the other
-   * size hasn't shown us a valid Ed25519 identity key
+   * Ed25519 key for the other side of this channel -- or zeroes if we don't
+   * have an Ed25519 identity in mind for the other side, and it hasn't shown
+   * us one.
+   *
+   * Note that this is the identity that we hope the other side has -- not
+   * necessarily its true identity.  Don't believe this identity unless
+   * authentication has happened.
*/
   ed25519_public_key_t ed25519_identity;
 
@@ -167,8 +177,8 @@ struct channel_s {
   char *nickname;
 
   /**
-   * Linked list of channels with the same identity digest, for the
-   * digest->channel map
+   * Linked list of channels with the same RSA identity digest, for use with
+   * the digest->channel map
*/
   TOR_LIST_ENTRY(channel_s) next_with_same_id;
 
diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index 8384576..fafa08c 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1651,9 +1651,10 @@ channel_tls_process_netinfo_cell(cell_t *cell, 
channel_tls_t *chan)
 connection_or_init_conn_from_address(chan->conn,
   &(chan->conn->base_.addr),
   chan->conn->base_.port,
+  /* zero, checked above */
   (const char*)(chan->conn->handshake_state->
 authenticated_rsa_peer_id),
-  NULL, //  Ed key
+  NULL, /* Ed25519 ID: Also checked as zero */
   0);
   }
 }
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 9a3af40..887b8ec 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1185,6 +1185,10 @@ circuit_extend(cell_t *cell, circuit_t *circ)
"Client asked me to extend back to the previous hop.");
 return -1;
   }
+  // XXX 15056 check prev-hop Ed ID too
+
+  // XXX 15056 Fill in ed_pubkey if it was not provided and we can infer
+  // XXX 15056 it from the networkstatus.
 
   n_chan = channel_get_for_extend((const char*)ec.node_id,
   _pubkey,
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index e83dca2..d0cd9c0 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -80,7 +80,7 @@ static void connection_or_change_state(or_connection_t *conn, 
uint8_t state);
 /** Map from identity digest of connected OR or desired OR to a connection_t
  * with that identity digest.  If there is more than one such connection_t,
  * they form a linked list, with next_with_same_id as the next pointer. */
-static digestmap_t *orconn_identity_map = NULL;
+static digestmap_t *orconn_identity_map = NULL; //  15056 disused.
 
 /** Global map between Extended ORPort identifiers and OR
  *  connections. */
@@ -883,7 +883,7 @@ connection_or_init_conn_from_address(or_connection_t *conn,
  const ed25519_public_key_t *ed_id,
  int started_here)
 {
-  (void) ed_id; // not fully used yet.
+  (void) ed_id; // not fully used yet. 15056
   const node_t *r = node_get_by_id(id_digest);
   connection_or_set_identity_digest(conn, id_digest, ed_id);
   connection_or_update_token_buckets_helper(conn, 1, get_options());
@@ -981,6 +981,9 @@ connection_or_mark_bad_for_new_circs(or_connection_t 
*or_conn)
 static void
 connection_or_group_set_badness(or_connection_t *head, int force)
 {
+  //  15056 we should make this about channels instead, so we
+  //can finally remove orconn_identity_map.
+
   or_connection_t *or_conn = NULL, *best = NULL;
   int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0;
   time_t now = time(NULL);
@@ -1109,6 +1112,9 @@ 

[tor-commits] [tor/master] Remove orconn_identity_map.

[nickm]

commit cdce221e68489cddad579da0ce804ce2eb5804b3
Author: Nick Mathewson 
Date:   Mon Sep 19 16:24:09 2016 -0400

Remove orconn_identity_map.

It is no longer needed; look up channels by identity instead.
---
 src/or/connection_or.c | 58 +++---
 src/or/or.h|  2 --
 2 files changed, 3 insertions(+), 57 deletions(-)

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index ca5f300..dbeab26 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -77,54 +77,20 @@ static void connection_or_change_state(or_connection_t 
*conn, uint8_t state);
 
 /**/
 
-/** Map from identity digest of connected OR or desired OR to a connection_t
- * with that identity digest.  If there is more than one such connection_t,
- * they form a linked list, with next_with_same_id as the next pointer. */
-static digestmap_t *orconn_identity_map = NULL; //  15056 disused.
-
 /** Global map between Extended ORPort identifiers and OR
  *  connections. */
 static digestmap_t *orconn_ext_or_id_map = NULL;
 
-/** If conn is listed in orconn_identity_map, remove it, and clear
- * conn->identity_digest.  Otherwise do nothing. */
+/** Clear clear conn->identity_digest and update other data
+ * structures as appropriate.*/
 void
 connection_or_remove_from_identity_map(or_connection_t *conn)
 {
-  or_connection_t *tmp;
   tor_assert(conn);
-  if (!orconn_identity_map)
-return;
-  tmp = digestmap_get(orconn_identity_map, conn->identity_digest);
-  if (!tmp) {
-if (!tor_digest_is_zero(conn->identity_digest)) {
-  log_warn(LD_BUG, "Didn't find connection '%s' on identity map when "
-   "trying to remove it.",
-   conn->nickname ? conn->nickname : "NULL");
-}
-return;
-  }
-  if (conn == tmp) {
-if (conn->next_with_same_id)
-  digestmap_set(orconn_identity_map, conn->identity_digest,
-conn->next_with_same_id);
-else
-  digestmap_remove(orconn_identity_map, conn->identity_digest);
-  } else {
-while (tmp->next_with_same_id) {
-  if (tmp->next_with_same_id == conn) {
-tmp->next_with_same_id = conn->next_with_same_id;
-break;
-  }
-  tmp = tmp->next_with_same_id;
-}
-  }
   memset(conn->identity_digest, 0, DIGEST_LEN);
-  conn->next_with_same_id = NULL;
 }
 
-/** Remove all entries from the identity-to-orconn map, and clear
- * all identities in OR conns.*/
+/** Clear all identities in OR conns.*/
 void
 connection_or_clear_identity_map(void)
 {
@@ -134,12 +100,8 @@ connection_or_clear_identity_map(void)
 if (conn->type == CONN_TYPE_OR) {
   or_connection_t *or_conn = TO_OR_CONN(conn);
   memset(or_conn->identity_digest, 0, DIGEST_LEN);
-  or_conn->next_with_same_id = NULL;
 }
   });
-
-  digestmap_free(orconn_identity_map, NULL);
-  orconn_identity_map = NULL;
 }
 
 /** Change conn->identity_digest to digest, and add conn into
@@ -150,12 +112,9 @@ connection_or_set_identity_digest(or_connection_t *conn,
   const ed25519_public_key_t *ed_id)
 {
   (void) ed_id; // DOCDOC //  not implemented yet. 15056
-  or_connection_t *tmp;
   tor_assert(conn);
   tor_assert(rsa_digest);
 
-  if (!orconn_identity_map)
-orconn_identity_map = digestmap_new();
   if (tor_memeq(conn->identity_digest, rsa_digest, DIGEST_LEN))
 return;
 
@@ -172,20 +131,9 @@ connection_or_set_identity_digest(or_connection_t *conn,
   if (tor_digest_is_zero(rsa_digest))
 return;
 
-  tmp = digestmap_set(orconn_identity_map, rsa_digest, conn);
-  conn->next_with_same_id = tmp;
-
   /* Deal with channels */
   if (conn->chan)
 channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), rsa_digest);
-
-#if 1
-  /* Testing code to check for bugs in representation. */
-  for (; tmp; tmp = tmp->next_with_same_id) {
-tor_assert(tor_memeq(tmp->identity_digest, rsa_digest, DIGEST_LEN));
-tor_assert(tmp != conn);
-  }
-#endif
 }
 
 /** Remove the Extended ORPort identifier of conn from the
diff --git a/src/or/or.h b/src/or/or.h
index d9d3ec7..32c194a 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1581,8 +1581,6 @@ typedef struct or_connection_t {
 * bandwidthburst. (OPEN ORs only) */
   int write_bucket; /**< When this hits 0, stop writing. Like read_bucket. */
 
-  struct or_connection_t *next_with_same_id; /**< Next connection with same
-  * identity digest as this one. */
   /** Last emptied read token bucket in msec since midnight; only used if
* TB_EMPTY events are enabled. */
   uint32_t read_emptied_time;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add an ed25519 identity to extend_info

[nickm]

commit b5e75ae7dd536f17f96179fc7744031131fb97b2
Author: Nick Mathewson 
Date:   Wed Sep 14 14:34:25 2016 -0400

Add an ed25519 identity to extend_info
---
 src/or/circuitbuild.c | 44 +++-
 src/or/circuitbuild.h |  6 --
 src/or/circuituse.c   |  6 --
 src/or/entrynodes.c   |  5 -
 src/or/or.h   |  5 -
 src/or/router.c   |  7 +++
 6 files changed, 50 insertions(+), 23 deletions(-)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 0881f23..a767f40 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1181,6 +1181,7 @@ circuit_extend(cell_t *cell, circuit_t *circ)
   }
 
   n_chan = channel_get_for_extend((const char*)ec.node_id,
+  /* ed25519 ID: put it here. 15056 */
   _ipv4.addr,
   ,
   _launch);
@@ -1192,8 +1193,9 @@ circuit_extend(cell_t *cell, circuit_t *circ)
 
 circ->n_hop = extend_info_new(NULL /*nickname*/,
   (const char*)ec.node_id,
-  NULL /*onion_key*/,
-  NULL /*curve25519_key*/,
+  NULL, /*ed25519 ID: get from ec. 15056*/
+  NULL, /*onion_key*/
+  NULL, /*curve25519_key*/
   _ipv4.addr,
   ec.orport_ipv4.port);
 
@@ -2356,19 +2358,23 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t 
*choice)
 
 /** Allocate a new extend_info object based on the various arguments. */
 extend_info_t *
-extend_info_new(const char *nickname, const char *digest,
+extend_info_new(const char *nickname,
+const char *rsa_id_digest,
+const ed25519_public_key_t *ed_id,
 crypto_pk_t *onion_key,
-const curve25519_public_key_t *curve25519_key,
+const curve25519_public_key_t *ntor_key,
 const tor_addr_t *addr, uint16_t port)
 {
   extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t));
-  memcpy(info->identity_digest, digest, DIGEST_LEN);
+  memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN);
+  if (ed_id)
+memcpy(>ed_identity, ed_id, sizeof(ed25519_public_key_t));
   if (nickname)
 strlcpy(info->nickname, nickname, sizeof(info->nickname));
   if (onion_key)
 info->onion_key = crypto_pk_dup_key(onion_key);
-  if (curve25519_key)
-memcpy(>curve25519_onion_key, curve25519_key,
+  if (ntor_key)
+memcpy(>curve25519_onion_key, ntor_key,
sizeof(curve25519_public_key_t));
   tor_addr_copy(>addr, addr);
   info->port = port;
@@ -2418,20 +2424,24 @@ extend_info_from_node(const node_t *node, int 
for_direct_connect)
 return NULL;
   }
 
+  const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node);
+
   if (valid_addr && node->ri)
 return extend_info_new(node->ri->nickname,
- node->identity,
- node->ri->onion_pkey,
- node->ri->onion_curve25519_pkey,
- ,
- ap.port);
+   node->identity,
+   ed_pubkey,
+   node->ri->onion_pkey,
+   node->ri->onion_curve25519_pkey,
+   ,
+   ap.port);
   else if (valid_addr && node->rs && node->md)
 return extend_info_new(node->rs->nickname,
- node->identity,
- node->md->onion_pkey,
- node->md->onion_curve25519_pkey,
- ,
- ap.port);
+   node->identity,
+   ed_pubkey,
+   node->md->onion_pkey,
+   node->md->onion_curve25519_pkey,
+   ,
+   ap.port);
   else
 return NULL;
 }
diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h
index 1244601..f71c116 100644
--- a/src/or/circuitbuild.h
+++ b/src/or/circuitbuild.h
@@ -46,9 +46,11 @@ int circuit_all_predicted_ports_handled(time_t now, int 
*need_uptime,
 int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info);
 int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info);
 void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop);
-extend_info_t *extend_info_new(const char *nickname, const char *digest,
+extend_info_t *extend_info_new(const char *nickname,
+   const char *rsa_id_digest,
+   const ed25519_public_key_t *ed_id,
crypto_pk_t *onion_key,
-   const 

[tor-commits] [tor/master] Trunnel-side: start migrating extend/extend2 to trunnel

[nickm]

commit 1be671f505554e0c3e9577a60d7c94e45c9a2759
Author: Nick Mathewson 
Date:   Wed Sep 14 15:34:13 2016 -0400

Trunnel-side: start migrating extend/extend2 to trunnel
---
 src/trunnel/ed25519_cert.c   | 911 ++-
 src/trunnel/ed25519_cert.h   | 318 ++
 src/trunnel/ed25519_cert.trunnel |  53 +--
 3 files changed, 1239 insertions(+), 43 deletions(-)

diff --git a/src/trunnel/ed25519_cert.c b/src/trunnel/ed25519_cert.c
index dd5088b..e4e4d68 100644
--- a/src/trunnel/ed25519_cert.c
+++ b/src/trunnel/ed25519_cert.c
@@ -28,6 +28,281 @@ int edcert_deadcode_dummy__ = 0;
 }\
   } while (0)
 
+create2_cell_body_t *
+create2_cell_body_new(void)
+{
+  create2_cell_body_t *val = trunnel_calloc(1, sizeof(create2_cell_body_t));
+  if (NULL == val)
+return NULL;
+  return val;
+}
+
+/** Release all storage held inside 'obj', but do not free 'obj'.
+ */
+static void
+create2_cell_body_clear(create2_cell_body_t *obj)
+{
+  (void) obj;
+  TRUNNEL_DYNARRAY_WIPE(>handshake_data);
+  TRUNNEL_DYNARRAY_CLEAR(>handshake_data);
+}
+
+void
+create2_cell_body_free(create2_cell_body_t *obj)
+{
+  if (obj == NULL)
+return;
+  create2_cell_body_clear(obj);
+  trunnel_memwipe(obj, sizeof(create2_cell_body_t));
+  trunnel_free_(obj);
+}
+
+uint16_t
+create2_cell_body_get_handshake_type(create2_cell_body_t *inp)
+{
+  return inp->handshake_type;
+}
+int
+create2_cell_body_set_handshake_type(create2_cell_body_t *inp, uint16_t val)
+{
+  inp->handshake_type = val;
+  return 0;
+}
+uint16_t
+create2_cell_body_get_handshake_len(create2_cell_body_t *inp)
+{
+  return inp->handshake_len;
+}
+int
+create2_cell_body_set_handshake_len(create2_cell_body_t *inp, uint16_t val)
+{
+  inp->handshake_len = val;
+  return 0;
+}
+size_t
+create2_cell_body_getlen_handshake_data(const create2_cell_body_t *inp)
+{
+  return TRUNNEL_DYNARRAY_LEN(>handshake_data);
+}
+
+uint8_t
+create2_cell_body_get_handshake_data(create2_cell_body_t *inp, size_t idx)
+{
+  return TRUNNEL_DYNARRAY_GET(>handshake_data, idx);
+}
+
+uint8_t
+create2_cell_body_getconst_handshake_data(const create2_cell_body_t *inp, 
size_t idx)
+{
+  return create2_cell_body_get_handshake_data((create2_cell_body_t*)inp, idx);
+}
+int
+create2_cell_body_set_handshake_data(create2_cell_body_t *inp, size_t idx, 
uint8_t elt)
+{
+  TRUNNEL_DYNARRAY_SET(>handshake_data, idx, elt);
+  return 0;
+}
+int
+create2_cell_body_add_handshake_data(create2_cell_body_t *inp, uint8_t elt)
+{
+#if SIZE_MAX >= UINT16_MAX
+  if (inp->handshake_data.n_ == UINT16_MAX)
+goto trunnel_alloc_failed;
+#endif
+  TRUNNEL_DYNARRAY_ADD(uint8_t, >handshake_data, elt, {});
+  return 0;
+ trunnel_alloc_failed:
+  TRUNNEL_SET_ERROR_CODE(inp);
+  return -1;
+}
+
+uint8_t *
+create2_cell_body_getarray_handshake_data(create2_cell_body_t *inp)
+{
+  return inp->handshake_data.elts_;
+}
+const uint8_t  *
+create2_cell_body_getconstarray_handshake_data(const create2_cell_body_t *inp)
+{
+  return (const uint8_t  
*)create2_cell_body_getarray_handshake_data((create2_cell_body_t*)inp);
+}
+int
+create2_cell_body_setlen_handshake_data(create2_cell_body_t *inp, size_t 
newlen)
+{
+  uint8_t *newptr;
+#if UINT16_MAX < SIZE_MAX
+  if (newlen > UINT16_MAX)
+goto trunnel_alloc_failed;
+#endif
+  newptr = trunnel_dynarray_setlen(>handshake_data.allocated_,
+ >handshake_data.n_, inp->handshake_data.elts_, newlen,
+ sizeof(inp->handshake_data.elts_[0]), (trunnel_free_fn_t) 
NULL,
+ >trunnel_error_code_);
+  if (newlen != 0 && newptr == NULL)
+goto trunnel_alloc_failed;
+  inp->handshake_data.elts_ = newptr;
+  return 0;
+ trunnel_alloc_failed:
+  TRUNNEL_SET_ERROR_CODE(inp);
+  return -1;
+}
+const char *
+create2_cell_body_check(const create2_cell_body_t *obj)
+{
+  if (obj == NULL)
+return "Object was NULL";
+  if (obj->trunnel_error_code_)
+return "A set function failed on this object";
+  if (TRUNNEL_DYNARRAY_LEN(>handshake_data) != obj->handshake_len)
+return "Length mismatch for handshake_data";
+  return NULL;
+}
+
+ssize_t
+create2_cell_body_encoded_len(const create2_cell_body_t *obj)
+{
+  ssize_t result = 0;
+
+  if (NULL != create2_cell_body_check(obj))
+ return -1;
+
+
+  /* Length of u16 handshake_type */
+  result += 2;
+
+  /* Length of u16 handshake_len */
+  result += 2;
+
+  /* Length of u8 handshake_data[handshake_len] */
+  result += TRUNNEL_DYNARRAY_LEN(>handshake_data);
+  return result;
+}
+int
+create2_cell_body_clear_errors(create2_cell_body_t *obj)
+{
+  int r = obj->trunnel_error_code_;
+  obj->trunnel_error_code_ = 0;
+  return r;
+}
+ssize_t
+create2_cell_body_encode(uint8_t *output, const size_t avail, const 
create2_cell_body_t *obj)
+{
+  ssize_t result = 0;
+  size_t written = 0;
+  uint8_t *ptr = output;
+  const char *msg;
+#ifdef TRUNNEL_CHECK_ENCODED_LEN
+  const ssize_t encoded_len = 

[tor-commits] [tor/master] Rename connection_or_remove_from_identity_map

[nickm]

commit 6aa239df363a9739df96cc4c4660b7aee8a7bef9
Author: Nick Mathewson 
Date:   Mon Sep 19 16:26:27 2016 -0400

Rename connection_or_remove_from_identity_map
---
 src/or/connection.c| 4 ++--
 src/or/connection_or.c | 4 ++--
 src/or/connection_or.h | 2 +-
 src/or/main.c  | 2 +-
 src/test/test_link_handshake.c | 6 +++---
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/or/connection.c b/src/or/connection.c
index 2e3df34..f806021 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -644,7 +644,7 @@ connection_free_(connection_t *conn)
   if (conn->type == CONN_TYPE_OR &&
   !tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
 log_warn(LD_BUG, "called on OR conn with non-zeroed identity_digest");
-connection_or_remove_from_identity_map(TO_OR_CONN(conn));
+connection_or_clear_identity(TO_OR_CONN(conn));
   }
   if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) {
 connection_or_remove_from_ext_or_id_map(TO_OR_CONN(conn));
@@ -675,7 +675,7 @@ connection_free,(connection_t *conn))
   }
   if (connection_speaks_cells(conn)) {
 if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
-  connection_or_remove_from_identity_map(TO_OR_CONN(conn));
+  connection_or_clear_identity(TO_OR_CONN(conn));
 }
   }
   if (conn->type == CONN_TYPE_CONTROL) {
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index dbeab26..4449d3f 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -84,7 +84,7 @@ static digestmap_t *orconn_ext_or_id_map = NULL;
 /** Clear clear conn->identity_digest and update other data
  * structures as appropriate.*/
 void
-connection_or_remove_from_identity_map(or_connection_t *conn)
+connection_or_clear_identity(or_connection_t *conn)
 {
   tor_assert(conn);
   memset(conn->identity_digest, 0, DIGEST_LEN);
@@ -120,7 +120,7 @@ connection_or_set_identity_digest(or_connection_t *conn,
 
   /* If the identity was set previously, remove the old mapping. */
   if (! tor_digest_is_zero(conn->identity_digest)) {
-connection_or_remove_from_identity_map(conn);
+connection_or_clear_identity(conn);
 if (conn->chan)
   channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan));
   }
diff --git a/src/or/connection_or.h b/src/or/connection_or.h
index b35bcdd..80a5bdd 100644
--- a/src/or/connection_or.h
+++ b/src/or/connection_or.h
@@ -12,7 +12,7 @@
 #ifndef TOR_CONNECTION_OR_H
 #define TOR_CONNECTION_OR_H
 
-void connection_or_remove_from_identity_map(or_connection_t *conn);
+void connection_or_clear_identity(or_connection_t *conn);
 void connection_or_clear_identity_map(void);
 void clear_broken_connection_map(int disable);
 or_connection_t *connection_or_get_for_extend(const char *digest,
diff --git a/src/or/main.c b/src/or/main.c
index 30adb16..8239606 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -362,7 +362,7 @@ connection_unlink(connection_t *conn)
   }
   if (conn->type == CONN_TYPE_OR) {
 if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest))
-  connection_or_remove_from_identity_map(TO_OR_CONN(conn));
+  connection_or_clear_identity(TO_OR_CONN(conn));
 /* connection_unlink() can only get called if the connection
  * was already on the closeable list, and it got there by
  * connection_mark_for_close(), which was called from
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 9899e54..9931702 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -323,7 +323,7 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj)
   if (d) {
 tor_free(d->cell);
 certs_cell_free(d->ccell);
-connection_or_remove_from_identity_map(d->c);
+connection_or_clear_identity(d->c);
 connection_free_(TO_CONN(d->c));
 circuitmux_free(d->chan->base_.cmux);
 tor_free(d->chan);
@@ -1133,8 +1133,8 @@ authenticate_data_cleanup(const struct testcase_t *test, 
void *arg)
   authenticate_data_t *d = arg;
   if (d) {
 tor_free(d->cell);
-connection_or_remove_from_identity_map(d->c1);
-connection_or_remove_from_identity_map(d->c2);
+connection_or_clear_identity(d->c1);
+connection_or_clear_identity(d->c2);
 connection_free_(TO_CONN(d->c1));
 connection_free_(TO_CONN(d->c2));
 circuitmux_free(d->chan2->base_.cmux);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Accessor functions to get a node's ID keys.

[nickm]

commit 8406677a5e6db74bd593a7d43868054b54b147df
Author: Nick Mathewson 
Date:   Wed Sep 14 14:28:11 2016 -0400

Accessor functions to get a node's ID keys.
---
 src/or/nodelist.c | 33 +
 src/or/nodelist.h |  2 ++
 2 files changed, 35 insertions(+)

diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 2802d5b..9486224 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -53,6 +53,7 @@
 #include "router.h"
 #include "routerlist.h"
 #include "routerset.h"
+#include "torcert.h"
 
 #include 
 
@@ -646,6 +647,38 @@ node_get_by_nickname,(const char *nickname, int 
warn_if_unnamed))
   }
 }
 
+/** Return the Ed25519 identity key for the provided node, or NULL if it
+ * doesn't have one. */
+const ed25519_public_key_t *
+node_get_ed25519_id(const node_t *node)
+{
+  if (node->ri) {
+if (node->ri->cache_info.signing_key_cert) {
+  const ed25519_public_key_t *pk =
+>ri->cache_info.signing_key_cert->signing_key;
+  if (BUG(ed25519_public_key_is_zero(pk)))
+goto try_the_md;
+  return pk;
+}
+  }
+ try_the_md:
+  if (node->md) {
+if (node->md->ed25519_identity_pkey) {
+  return node->md->ed25519_identity_pkey;
+}
+  }
+  return NULL;
+}
+
+/** Return the RSA ID key's SHA1 digest for the provided node. */
+const uint8_t *
+node_get_rsa_id_digest(const node_t *node)
+{
+  tor_assert(node);
+  return (const uint8_t*)node->identity;
+}
+
+
 /** Return the nickname of node, or NULL if we can't find one. */
 const char *
 node_get_nickname(const node_t *node)
diff --git a/src/or/nodelist.h b/src/or/nodelist.h
index 71a91e1..2cdcdce 100644
--- a/src/or/nodelist.h
+++ b/src/or/nodelist.h
@@ -55,6 +55,8 @@ void node_get_address_string(const node_t *node, char *cp, 
size_t len);
 long node_get_declared_uptime(const node_t *node);
 time_t node_get_published_on(const node_t *node);
 const smartlist_t *node_get_declared_family(const node_t *node);
+const ed25519_public_key_t *node_get_ed25519_id(const node_t *node);
+const uint8_t *node_get_rsa_id_digest(const node_t *node);
 
 int node_has_ipv6_addr(const node_t *node);
 int node_has_ipv6_orport(const node_t *node);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add ExtendByEd25519ID consensus parameter/torrc option

[nickm]

commit 9e840e6c7d10a3dfa188d2186ce3c67ca1d698f5
Author: Nick Mathewson 
Date:   Fri Oct 28 11:15:21 2016 -0400

Add ExtendByEd25519ID consensus parameter/torrc option

I need to be able to turn on Ed25519 support in client generation
of  extend cells so I can test it, but leave it off-by-default until
enough clients support it for us to turn it on for a bunch at once.

This is part of #15056 / prop#220.
---
 doc/tor.1.txt |  7 +++
 src/or/circuitbuild.c |  4 ++--
 src/or/config.c   |  1 +
 src/or/onion.c| 15 +++
 src/or/or.h   |  4 
 5 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index cbc7ac1..1071168 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -717,6 +717,13 @@ GENERAL OPTIONS
 127.0.0.1 or 10.0.0.1.  This is mostly useful for debugging
 rate-limiting.  (Default: 0)
 
+[[ExtendByEd25519ID]] **ExtendByEd25519ID** **0**|**1**|**auto**::
+If this option is set to 1, we always try to include a relay's Ed25519 ID
+when telling the proceeding relay in a circuit to extend to it.
+If this option is set to 0, we never include Ed25519 IDs when extending
+circuits.  If the option is set to "default", we obey a
+parameter in the consensus document. (Default: auto)
+
 CLIENT OPTIONS
 --
 
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index e833fcb..bdbbacd 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1043,8 +1043,8 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
 ec.orport_ipv4.port = hop->extend_info->port;
 tor_addr_make_unspec(_ipv6.addr);
 memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN);
-/* 15056 Either here or in the onion.c encoding code, we should make an
- * option to decide whether we declare the ED identity (if we know one) */
+/* Set the ED25519 identity too -- it will only get included
+ * in the extend2 cell if we're configured to use it, though. */
 memcpy(_pubkey, >extend_info->ed_identity,
sizeof(ed25519_public_key_t));
 
diff --git a/src/or/config.c b/src/or/config.c
index 9553822..51c6290 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -305,6 +305,7 @@ static config_var_t option_vars_[] = {
   V(ExtORPortCookieAuthFile, STRING,   NULL),
   V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
   V(ExtraInfoStatistics, BOOL, "1"),
+  V(ExtendByEd25519ID,   AUTOBOOL, "auto"),
   V(FallbackDir, LINELIST, NULL),
   V(UseDefaultFallbackDirs,  BOOL, "1"),
 
diff --git a/src/or/onion.c b/src/or/onion.c
index f49707f..8e0896f 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -1170,6 +1170,21 @@ created_cell_format(cell_t *cell_out, const 
created_cell_t *cell_in)
   return 0;
 }
 
+/** Return true iff we are configured (by torrc or by the networkstatus
+ * parameters) to use Ed25519 identities in our Extend2 cells. */
+static int
+should_include_ed25519_id_extend_cells(const networkstatus_t *ns,
+   const or_options_t *options)
+{
+  if (options->ExtendByEd25519ID != -1)
+return options->ExtendByEd25519ID; /* The user has an opinion. */
+
+  return (int) networkstatus_get_param(ns, "ExtendByEd25519ID",
+   0 /* default */,
+   0 /* min */,
+   1 /*max*/);
+}
+
 /** Format the EXTEND{,2} cell in cell_in, storing its relay payload in
  * payload_out, the number of bytes used in *len_out, and the
  * relay command in *command_out. The payload_out must have
diff --git a/src/or/or.h b/src/or/or.h
index 32c194a..0ebeda2 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4571,6 +4571,10 @@ typedef struct {
 
   /** If 1, we skip all OOS checks. */
   int DisableOOSCheck;
+
+  /** Autobool: Should we include Ed25519 identities in extend2 cells?
+   * If -1, we should do whatever the consensus parameter says. */
+  int ExtendByEd25519ID;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Comment-only: note some places where we want to propagate Ed25519 info

[nickm]

commit 88252b2d76f94de587d49144177e9e339699d1c5
Author: Nick Mathewson 
Date:   Fri Oct 28 16:11:05 2016 -0400

Comment-only: note some places where we want to propagate Ed25519 info

This is not for 15056, since it's about UI, and not about circuit
extension.
---
 src/or/circuituse.c | 7 ++-
 src/or/or.h | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index eda53b4..eaecfd9 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -2088,6 +2088,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
   if (want_onehop && conn->chosen_exit_name[0] == '$') {
 /* We're asking for a one-hop circuit to a router that
  * we don't have a routerinfo about. Make up an extend_info. */
+/* XXX prop220: we need to make chosen_exit_name able to
+ * encode both key formats. This is not absolutely critical
+ * since this is just for one-hop circuits, but we should
+ * still get it done */
 char digest[DIGEST_LEN];
 char *hexdigest = conn->chosen_exit_name+1;
 tor_addr_t addr;
@@ -2102,9 +2106,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
escaped_safe_str_client(conn->socks_request->address));
   return -1;
 }
+/*  prop220 add a workaround for ed25519 ID below*/
 extend_info = extend_info_new(conn->chosen_exit_name+1,
   digest,
-  NULL, /* Ed25519 ID 15056, add a 
workaround.*/
+  NULL, /* Ed25519 ID */
   NULL, NULL, /* onion keys */
   , conn->socks_request->port);
   } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */
diff --git a/src/or/or.h b/src/or/or.h
index 0ebeda2..14c2dd8 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1658,6 +1658,8 @@ typedef struct entry_connection_t {
   edge_connection_t edge_;
 
   /** Nickname of planned exit node -- used with .exit support. */
+  /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too.
+   * That's logically part of the UI parts for prop220 though. */
   char *chosen_exit_name;
 
   socks_request_t *socks_request; /**< SOCKS structure describing request (AP



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Helper function to see if an ed25519 pk is set.

[nickm]

commit 431565e0531eb6cfdaabd2bba8912655898f079b
Author: Nick Mathewson 
Date:   Wed Sep 14 14:27:44 2016 -0400

Helper function to see if an ed25519 pk is set.
---
 src/common/crypto_ed25519.c | 8 
 src/common/crypto_ed25519.h | 3 +++
 2 files changed, 11 insertions(+)

diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 30ed772..809ad12 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -211,6 +211,14 @@ ed25519_keypair_generate(ed25519_keypair_t *keypair_out, 
int extra_strong)
   return 0;
 }
 
+/** Return true iff 'pubkey' is set to zero (eg to indicate that it is not
+ * set). */
+int
+ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
+{
+  return tor_mem_is_zero((char*)pubkey->pubkey, ED25519_PUBKEY_LEN);
+}
+
 /* Return a heap-allocated array that contains msg prefixed by the
  * string prefix_str. Set final_msg_len_out to the size of the
  * final array. If an error occured, return NULL. It's the resonsibility of the
diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h
index 31afc49..5d63d90 100644
--- a/src/common/crypto_ed25519.h
+++ b/src/common/crypto_ed25519.h
@@ -66,6 +66,9 @@ ed25519_checksig_prefixed(const ed25519_signature_t 
*signature,
   const char *prefix_str,
   const ed25519_public_key_t *pubkey);
 
+int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey);
+
+
 /**
  * A collection of information necessary to check an Ed25519 signature. Used
  * for batch verification.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add a function to check whether a given ed id key is ours

[nickm]

commit af3af494083f041c3ce9f722e4989ecd4b4e6304
Author: Nick Mathewson 
Date:   Sat Sep 24 11:25:10 2016 -0700

Add a function to check whether a given ed id key is ours
---
 src/or/routerkeys.c | 8 
 src/or/routerkeys.h | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 8d9a132..ab78dbe 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -1091,6 +1091,14 @@ get_master_identity_key(void)
   return _identity_key->pubkey;
 }
 
+/** Return true iff id is our Ed25519 master identity key. */
+int
+router_ed25519_id_is_me(const ed25519_public_key_t *id)
+{
+  return id && master_identity_key &&
+ed25519_pubkey_eq(id, _identity_key->pubkey);
+}
+
 #ifdef TOR_UNIT_TESTS
 /* only exists for the unit tests, since otherwise the identity key
  * should be used to sign nothing but the signing key. */
diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h
index 307a1cd..98894cd 100644
--- a/src/or/routerkeys.h
+++ b/src/or/routerkeys.h
@@ -45,6 +45,8 @@ const struct tor_cert_st *get_current_auth_key_cert(void);
 void get_master_rsa_crosscert(const uint8_t **cert_out,
   size_t *size_out);
 
+int router_ed25519_id_is_me(const ed25519_public_key_t *id);
+
 struct tor_cert_st *make_ntor_onion_key_crosscert(
   const curve25519_keypair_t *onion_key,
   const ed25519_public_key_t *master_id_key,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Enforce Ed25519 identities (client-side)

[nickm]

commit 7daf15217240acefaf2ef802b6d89e04f4e51cae
Author: Nick Mathewson 
Date:   Thu Nov 10 12:24:07 2016 -0500

Enforce Ed25519 identities (client-side)

This patch makes two absolutely critical changes:
  - If an ed25519 identity is not as expected when creating a channel,
we call that channel unsuccessful and close it.
  - When a client creating a channel or an extend cell for a circuit, we
only include the ed25519 identity if we believe that the node on
the other side supports ed25519 link authentication (from
#15055).  Otherwise we will insist on nodes without the right
link protocol authenticating themselves.
  - When deciding to extend to another relay, we only upgrade the
extend to extend by ed25519 ID when we know the ed25519 ID _and_
we know that the other side can authenticate.

This patch also tells directory servers, when probing nodes, to
try to check their ed25519 identities too (if they can authenticate
by ed25519 identity).

Also, handle the case where we connect by RSA Id, and learn the
ED25519 ID for the node in doing so.
---
 src/or/circuitbuild.c  | 17 +++--
 src/or/connection_or.c | 67 +-
 src/or/dirserv.c   | 13 +++---
 src/or/nodelist.c  | 25 +++
 src/or/nodelist.h  |  1 +
 5 files changed, 106 insertions(+), 17 deletions(-)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index bdbbacd..bac68bb 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1180,7 +1180,9 @@ circuit_extend(cell_t *cell, circuit_t *circ)
   if (ed25519_public_key_is_zero(_pubkey)) {
 const node_t *node = node_get_by_id((const char*)ec.node_id);
 const ed25519_public_key_t *node_ed_id = NULL;
-if (node && (node_ed_id = node_get_ed25519_id(node))) {
+if (node &&
+node_supports_ed25519_link_authentication(node) &&
+(node_ed_id = node_get_ed25519_id(node))) {
   memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN);
 }
   }
@@ -2450,7 +2452,18 @@ extend_info_from_node(const node_t *node, int 
for_direct_connect)
 return NULL;
   }
 
-  const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node);
+  const ed25519_public_key_t *ed_pubkey = NULL;
+
+  /* Don't send the ed25519 pubkey unless the target node actually supports
+   * authenticating with it. */
+  if (node_supports_ed25519_link_authentication(node)) {
+log_info(LD_CIRC, "Including Ed25519 ID for %s", node_describe(node));
+ed_pubkey = node_get_ed25519_id(node);
+  } else if (node_get_ed25519_id(node)) {
+log_info(LD_CIRC, "Not including the ed25519 ID for %s, since it won't "
+ " be able to authenticate it.",
+ node_describe(node));
+  }
 
   if (valid_addr && node->ri)
 return extend_info_new(node->ri->nickname,
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index a22c4ad..0caf8a9 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1547,8 +1547,24 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
  const ed25519_public_key_t *ed_peer_id)
 {
   const or_options_t *options = get_options();
-
-  if (tor_digest_is_zero(conn->identity_digest)) {
+  channel_tls_t *chan_tls = conn->chan;
+  channel_t *chan = channel_tls_to_base(chan_tls);
+  tor_assert(chan);
+
+  const int expected_rsa_key =
+! tor_digest_is_zero(conn->identity_digest);
+  const int expected_ed_key =
+! ed25519_public_key_is_zero(>ed25519_identity);
+
+  log_info(LD_HANDSHAKE, "learned peer id for %p (%s): %s, %s",
+   conn,
+   safe_str_client(conn->base_.address),
+   hex_str((const char*)rsa_peer_id, DIGEST_LEN),
+   ed25519_fmt(ed_peer_id));
+
+  if (! expected_rsa_key && ! expected_ed_key) {
+log_info(LD_HANDSHAKE, "(we had no ID in mind when we made this "
+ "connection.");
 connection_or_set_identity_digest(conn,
   (const char*)rsa_peer_id, ed_peer_id);
 tor_free(conn->nickname);
@@ -1565,13 +1581,35 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
 (const char*)rsa_peer_id, ed_peer_id);
   }
 
-  if (tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN)) {
+  const int rsa_mismatch = expected_rsa_key &&
+tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN);
+  /* It only counts as an ed25519 mismatch if we wanted an ed25519 identity
+   * and didn't get it. It's okay if we get one that we didn't ask for. */
+  const int ed25519_mismatch =
+expected_ed_key &&
+(ed_peer_id == NULL ||
+ ! ed25519_pubkey_eq(>ed25519_identity, ed_peer_id));
+
+  if (rsa_mismatch || ed25519_mismatch) {
 /* I was aiming for a particular digest. I didn't get it! */
-char seen[HEX_DIGEST_LEN+1];
-char 

[tor-commits] [translation/tor-messenger-otrproperties] Update translations for tor-messenger-otrproperties

[translation]

commit 1cce50711b32f412842339bda2707d75c060ca11
Author: Translation commit bot 
Date:   Thu Dec 8 21:51:15 2016 +

Update translations for tor-messenger-otrproperties
---
 cs/otr.properties | 36 ++--
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/cs/otr.properties b/cs/otr.properties
index 584799c..c6cc7c9 100644
--- a/cs/otr.properties
+++ b/cs/otr.properties
@@ -1,31 +1,31 @@
-msgevent.encryption_required_part1=You attempted to send an unencrypted 
message to %S. As a policy, unencrypted messages are not allowed.
+msgevent.encryption_required_part1=Pokusili jste se zaslat %S nesifrovanou 
zprávu. Nešifrované zprávy nejsou podle našich zásad povoleny.
 msgevent.encryption_required_part2=Spouští se soukromá konverzace. Vaše 
zpráva bude odeslána, jakmile se konverzace spustí.
 msgevent.encryption_error=Při šifrování zprávy se vyskytla chyba. Zpráva 
nebyla odeslána.
-msgevent.connection_ended=%S has already closed their private connection to 
you. Your message was not sent. Either end your private conversation, or 
restart it.
+msgevent.connection_ended=%S již uzavřeli jejich soukromé spojení s Vámi. 
Vaše zpráva nebyla odeslána. Buď ukončete Vaši soukromou konverzaci, nebo 
ji restartujte.
 msgevent.setup_error=Při spouštění soukromé konverzace s %S se vyskytla 
chyba.
-msgevent.msg_reflected=You are receiving your own OTR messages. You are either 
trying to talk to yourself, or someone is reflecting your messages back at you.
+msgevent.msg_reflected=Dostáváte Vaše vlastní šifrované zprávy. Buď se 
snažíte mluvit sám se sebou, nebo se Vám vrací zpátky od někoho jiného.
 msgevent.msg_resent=Poslední zpráva pro %S byla odeslána znovu.
 msgevent.rcvdmsg_not_private=Šifrovaná zpráva od %S je nečitelná, 
protože s ním nekomunikujete soukromě.
 msgevent.rcvdmsg_unreadable=Dostali jsme nečitelnou, zašifrovanou zprávu od 
%S.
-msgevent.rcvdmsg_malformed=We received a malformed data message from %S.
+msgevent.rcvdmsg_malformed=Obdrželi jsme zprávu od %S obsahující chybný 
obsah.
 msgevent.log_heartbeat_rcvd=Heartbeat received from %S.
 msgevent.log_heartbeat_sent=Heartbeat sent to %S.
 msgevent.rcvdmsg_general_err=V OTR se vyskytla chyba.
 msgevent.rcvdmsg_unecrypted=Následující zpráva přijata od %S není 
šifrovaná: %S
-msgevent.rcvdmsg_unrecognized=We received an unrecognized OTR message from %S.
-msgevent.rcvdmsg_for_other_instance=%S has sent a message intended for a 
different session. If you are logged in multiple times, another session may 
have received the message.
+msgevent.rcvdmsg_unrecognized=Obdrželi jsme nerozeznatelnou OTR zprávu od %S
+msgevent.rcvdmsg_for_other_instance=%S poslal/a zprávu určené pro jiné 
sezení. Pokud jste přihlášeni vícekrát, zpráva může být doručena do 
jiného sezení.
 context.gone_secure_private=Soukromá konverzace s %S spuštěna.
-context.gone_secure_unverified=Private conversation with %S started. However, 
their identity has not been verified.
-context.still_secure=Successfully refreshed the private conversation with %S.
+context.gone_secure_unverified=Začala soukromá konverzace s %S. Jejich 
indentita však nebyla ověřena.
+context.still_secure=Soukromá konverzace s %S uspěšně obnovena.
 error.enc=Vyskytla se chyba v šifrování zprávy.
-error.not_priv=You sent encrypted data to %S, who wasn't expecting it.
-error.unreadable=You transmitted an unreadable encrypted message.
-error.malformed=You transmitted a malformed data message.
-resent=[resent]
+error.not_priv=Odeslali jste šifrovaný obsah uživateli %S, kterýto 
neočekával.
+error.unreadable=Odeslali jste nečitelnou šifrovanou zprávu.
+error.malformed=Odeslali jste zprávu s chybným obsahem.
+resent=[odesláno]
 tlv.disconnected=Kontakt %S ukončil konverzaci. Měli byste udělat totéž.
-query.msg=%S has requested an Off-the Record private conversation. However, 
you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for 
more information.
-trust.unused=Unused
-trust.not_private=Not Private
-trust.unverified=Unverified
-trust.private=Private
-trust.finished=Finished
+query.msg=%S si vyžádala soukromou OTR konverzaci. Bohužel ale nemáte 
potřebný doplňek. Více informací najdete na http://otr.cypherpunks.ca/.
+trust.unused=Nepoužité
+trust.not_private=Nesoukromé
+trust.unverified=Neověřené 
+trust.private=Soukromé 
+trust.finished=Hotové

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-authproperties] Update translations for tor-messenger-authproperties

[translation]

commit 441448358d172765eafa16f80d8c8fb78b9a7a54
Author: Translation commit bot 
Date:   Thu Dec 8 21:51:04 2016 +

Update translations for tor-messenger-authproperties
---
 pt_BR/auth.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pt_BR/auth.properties b/pt_BR/auth.properties
index 4ed3eff..e04cbee 100644
--- a/pt_BR/auth.properties
+++ b/pt_BR/auth.properties
@@ -3,5 +3,5 @@ auth.yourFingerprint=Impressão digital para você, %S:\n %S
 auth.theirFingerprint=Simular impressão digital para %S:\n%S
 auth.help=Verificar a identidade de um contato ajuda a se assegurar de que a 
pessoa com quem você estiver conversando seja realmente quem ela pretende ser. 
 
 auth.helpTitle=Ajuda para verificação
-auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInsira a 
resposta secreta aqui (case sensitive):
+auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInserir a 
resposta secreta aqui (diferencia maiúsculas e minúsculas):
 auth.secret=Insira o segredo aqui:

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-authproperties_completed] Update translations for tor-messenger-authproperties_completed

[translation]

commit a37969465e5b91aeda32a4d5caaa3f23e95e2d1e
Author: Translation commit bot 
Date:   Thu Dec 8 21:51:00 2016 +

Update translations for tor-messenger-authproperties_completed
---
 pt_BR/auth.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pt_BR/auth.properties b/pt_BR/auth.properties
index 4ed3eff..e04cbee 100644
--- a/pt_BR/auth.properties
+++ b/pt_BR/auth.properties
@@ -3,5 +3,5 @@ auth.yourFingerprint=Impressão digital para você, %S:\n %S
 auth.theirFingerprint=Simular impressão digital para %S:\n%S
 auth.help=Verificar a identidade de um contato ajuda a se assegurar de que a 
pessoa com quem você estiver conversando seja realmente quem ela pretende ser. 
 
 auth.helpTitle=Ajuda para verificação
-auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInsira a 
resposta secreta aqui (case sensitive):
+auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInserir a 
resposta secreta aqui (diferencia maiúsculas e minúsculas):
 auth.secret=Insira o segredo aqui:

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [sandboxed-tor-browser/master] When running the hardened bundle, load libasan.so before the stub.

[yawning]

commit 8f671b6f5261063085fe4eccc99a03ebe0f4be26
Author: Yawning Angel 
Date:   Thu Dec 8 20:37:08 2016 +

When running the hardened bundle, load libasan.so before the stub.

Sort of silly, but it demands this of us or it dumps alarming looking
warnings to the log.  While I'm here, the stub living in /tmp is silly,
so move/rename it and jam it in the user's home directory.
---
 .../internal/sandbox/application.go   | 19 +--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go 
b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
index 4cd4ca0..6de8a5e 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
@@ -45,7 +45,7 @@ func RunTorBrowser(cfg *config.Config, manif 
*config.Manifest, tor *tor.Tor) (cm
const (
profileSubDir = "TorBrowser/Data/Browser/profile.default"
cachesSubDir  = "TorBrowser/Data/Browser/Caches"
-   stubPath  = "/tmp/tbb_stub.so"
+   stubPath  = "/home/amnesia/.tbb_stub.so"
controlSocket = "control"
socksSocket   = "socks"
)
@@ -165,13 +165,28 @@ func RunTorBrowser(cfg *config.Config, manif 
*config.Manifest, tor *tor.Tor) (cm
// supply the relevant args required for functionality.
ctrlPath := filepath.Join(h.runtimeDir, controlSocket)
socksPath := filepath.Join(h.runtimeDir, socksSocket)
-   h.setenv("LD_PRELOAD", stubPath)
h.setenv("TOR_STUB_CONTROL_SOCKET", ctrlPath)
h.setenv("TOR_STUB_SOCKS_SOCKET", socksPath)
h.bind(tor.CtrlSurrogatePath(), ctrlPath, false)
h.bind(tor.SocksSurrogatePath(), socksPath, false)
h.assetFile(stubPath, "tbb_stub.so")
 
+   ldPreload := stubPath
+   if manif.Channel == "hardened" {
+   // ASAN wants to be the first entry on LD_PRELOAD, so placate 
it.
+   matches, err := filepath.Glob(filepath.Join(realBrowserHome, 
"TorBrowser", "Tor") + "/libasan.so*")
+   if err != nil {
+   return nil, err
+   }
+   if len(matches) < 1 {
+   log.Printf("sandbox: Failed to find 'libasan.so.*'")
+   } else {
+   _, f := filepath.Split(matches[0])
+   ldPreload = f + ":" + ldPreload
+   }
+   }
+   h.setenv("LD_PRELOAD", ldPreload)
+
// Hardware accelerated OpenGL will not work, and never will.
h.setenv("LIBGL_ALWAYS_SOFTWARE", "1")
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [sandboxed-tor-browser/master] Normalize the sandbox UID/GID to 1000/1000.

[yawning]

commit 7ad0525c601aa45414f56193760e3d08dd9cdae4
Author: Yawning Angel 
Date:   Thu Dec 8 19:51:51 2016 +

Normalize the sandbox UID/GID to 1000/1000.

 * Always unshare the USER namespace (Yes, I know this is scary, but
   all caps are dropped by bwrap prior to exec()ing the command in the
   container, and PR_SET_NO_NEW_PRIVS is called).
 * Make the PulseAudio socket finder do the right thing, when
   XDG_RUNTIME_DIR is set to something non-standard.
 * Switch the container /etc/passwd and /etc/group files to be
   go-bindata-ed since they are now static.
---
 data/group |  1 +
 data/passwd|  1 +
 .../internal/sandbox/hugbox.go | 23 --
 .../internal/sandbox/pulse.go  |  7 ++-
 4 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/data/group b/data/group
new file mode 100644
index 000..cbaebb5
--- /dev/null
+++ b/data/group
@@ -0,0 +1 @@
+amnesia:x:1000:
diff --git a/data/passwd b/data/passwd
new file mode 100644
index 000..bed4f72
--- /dev/null
+++ b/data/passwd
@@ -0,0 +1 @@
+amnesia:x:1000:1000:Debian Live User,,,:/home/amnesia:/bin/bash
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go 
b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
index 0707c57..98b2ec7 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go
@@ -35,7 +35,7 @@ import (
 )
 
 type unshareOpts struct {
-   user   bool
+   // user   bool
ipcbool
pidbool
netbool
@@ -45,9 +45,11 @@ type unshareOpts struct {
 
 func (u *unshareOpts) toArgs() []string {
var args []string
-   if u.user {
-   args = append(args, "--unshare-user-try")
-   }
+
+   // A new user namespace is created unconditionally, so that gid/uids
+   // can be normalized.
+   args = append(args, "--unshare-user")
+
if u.ipc {
args = append(args, "--unshare-ipc")
}
@@ -223,10 +225,11 @@ func (h *hugbox) run() (*exec.Cmd, error) {
if h.chdir != "" {
fdArgs = append(fdArgs, "--chdir", h.chdir)
}
-   passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live 
User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid())
-   groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid())
-   h.file("/etc/passwd", []byte(passwdBody))
-   h.file("/etc/group", []byte(groupBody))
+
+   fdArgs = append(fdArgs, "--uid", "1000")
+   fdArgs = append(fdArgs, "--gid", "1000")
+   h.assetFile("/etc/passwd", "passwd")
+   h.assetFile("/etc/group", "group")
 
if h.fakeDbus {
h.setupDbus()
@@ -370,7 +373,7 @@ type bwrapInfo struct {
 func newHugbox() (*hugbox, error) {
h := {
unshare: unshareOpts{
-   user:   true,
+   // user:   true,
ipc:true,
pid:true,
net:true,
@@ -379,7 +382,7 @@ func newHugbox() (*hugbox, error) {
},
hostname: "amnesia",
mountProc:true,
-   runtimeDir:   filepath.Join("/run", "user", fmt.Sprintf("%d", 
os.Getuid())),
+   runtimeDir:   filepath.Join("/run", "user", "1000"),
homeDir:  "/home/amnesia",
pdeathSig:syscall.SIGTERM,
standardLibs: true,
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go 
b/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go
index 5a005a5..6cb2ce1 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go
@@ -43,7 +43,12 @@ func (h *hugbox) enablePulseAudio() error {
// along with the modern default locations.
sockPath := os.Getenv(pulseServer)
if sockPath == "" {
-   sockPath = filepath.Join(h.runtimeDir, "pulse", "native")
+   hostRuntimeDir := os.Getenv("XDG_RUNTIME_DIR")
+   if hostRuntimeDir == "" {
+   // Should never happen, the app requires/uses 
XDG_RUNTIME_DIR.
+   return fmt.Errorf("hugbox: BUG: Couldn't determine 
XDG_RUNTIME_DIR")
+   }
+   sockPath = filepath.Join(hostRuntimeDir, "pulse", "native")
} else if strings.HasPrefix(sockPath, unixPrefix) {
sockPath = strings.TrimPrefix(sockPath, unixPrefix)
} else {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [sandboxed-tor-browser/master] Add `readlink` to the tor seccomp whitelist.

[yawning]

commit d32f30726e97ee6c151cb45fb008177b68e9d58d
Author: Yawning Angel 
Date:   Thu Dec 8 19:23:25 2016 +

Add `readlink` to the tor seccomp whitelist.

ASAN calls readlink("/proc/self/exe"), because fuck you.
---
 src/cmd/gen-seccomp/seccomp_tor.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/cmd/gen-seccomp/seccomp_tor.go 
b/src/cmd/gen-seccomp/seccomp_tor.go
index 7300b64..26b4b14 100644
--- a/src/cmd/gen-seccomp/seccomp_tor.go
+++ b/src/cmd/gen-seccomp/seccomp_tor.go
@@ -103,6 +103,8 @@ func compileTorSeccompProfile(fd *os.File, useBridges bool, 
is386 bool) error {
"set_tid_address",
"unshare",
"rt_sigaction", // Tor filters this but libc does more.
+
+   "readlink", // ASAN needs this.
}
if is386 {
allowedNoArgs386 := []string{

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.9] Forward-port 0.2.8.11 notes (release-0.2.9)

[nickm]

commit 4f62b68df42947539d9c89e0b6172d93dfe658ad
Author: Nick Mathewson 
Date:   Thu Dec 8 11:09:36 2016 -0500

Forward-port 0.2.8.11 notes (release-0.2.9)
---
 ChangeLog| 19 +++
 ReleaseNotes | 19 +++
 2 files changed, 38 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index a98b6ac..08e8025 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,25 @@
 Changes in version 0.2.9.7-rc - 2016-12-??
 
 
+Changes in version 0.2.8.11 - 2016-12-08
+  Tor 0.2.8.11 backports fixes for additional portability issues that
+  could prevent Tor from building correctly on OSX Sierra, or with
+  OpenSSL 1.1. Affected users should upgrade; others can safely stay
+  with 0.2.8.10.
+
+  o Minor bugfixes (portability):
+- Avoid compilation errors when building on OSX Sierra. Sierra began
+  to support the getentropy() and clock_gettime() APIs, but created
+  a few problems in doing so. Tor 0.2.9 has a more thorough set of
+  workarounds; in 0.2.8, we are just using the /dev/urandom and mach
+  monotonic time interfaces. Fixes bug 20865. Bugfix
+  on 0.2.8.1-alpha.
+
+  o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
+- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
+  architectures. Closes ticket 20588.
+
+
 Changes in version 0.2.8.10 - 2016-12-02
   Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
   unusable after they left standby mode. It also backports fixes for
diff --git a/ReleaseNotes b/ReleaseNotes
index 312b213..eaa81b0 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -2,6 +2,25 @@ This document summarizes new features and bugfixes in each 
stable release
 of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
+Changes in version 0.2.8.11 - 2016-12-08
+  Tor 0.2.8.11 backports fixes for additional portability issues that
+  could prevent Tor from building correctly on OSX Sierra, or with
+  OpenSSL 1.1. Affected users should upgrade; others can safely stay
+  with 0.2.8.10.
+
+  o Minor bugfixes (portability):
+- Avoid compilation errors when building on OSX Sierra. Sierra began
+  to support the getentropy() and clock_gettime() APIs, but created
+  a few problems in doing so. Tor 0.2.9 has a more thorough set of
+  workarounds; in 0.2.8, we are just using the /dev/urandom and mach
+  monotonic time interfaces. Fixes bug 20865. Bugfix
+  on 0.2.8.1-alpha.
+
+  o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
+- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
+  architectures. Closes ticket 20588.
+
+
 Changes in version 0.2.8.10 - 2016-12-02
   Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
   unusable after they left standby mode. It also backports fixes for

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Forward-port 0.2.8.11 notes (master)

[nickm]

commit e33c85a450c4819cdad30acfc280aece7c521d6e
Author: Nick Mathewson 
Date:   Thu Dec 8 11:09:42 2016 -0500

Forward-port 0.2.8.11 notes (master)
---
 ChangeLog| 19 +++
 ReleaseNotes | 20 
 2 files changed, 39 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 4e7e987..b620316 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,25 @@
 Changes in version 0.3.0.1-alpha - 2016-??-??
 
 
+Changes in version 0.2.8.11 - 2016-12-08
+  Tor 0.2.8.11 backports fixes for additional portability issues that
+  could prevent Tor from building correctly on OSX Sierra, or with
+  OpenSSL 1.1. Affected users should upgrade; others can safely stay
+  with 0.2.8.10.
+
+  o Minor bugfixes (portability):
+- Avoid compilation errors when building on OSX Sierra. Sierra began
+  to support the getentropy() and clock_gettime() APIs, but created
+  a few problems in doing so. Tor 0.2.9 has a more thorough set of
+  workarounds; in 0.2.8, we are just using the /dev/urandom and mach
+  monotonic time interfaces. Fixes bug 20865. Bugfix
+  on 0.2.8.1-alpha.
+
+  o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
+- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
+  architectures. Closes ticket 20588.
+
+
 Changes in version 0.2.8.10 - 2016-12-02
   Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
   unusable after they left standby mode. It also backports fixes for
diff --git a/ReleaseNotes b/ReleaseNotes
index 312b213..97db5af 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -2,6 +2,26 @@ This document summarizes new features and bugfixes in each 
stable release
 of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
+
+Changes in version 0.2.8.11 - 2016-12-08
+  Tor 0.2.8.11 backports fixes for additional portability issues that
+  could prevent Tor from building correctly on OSX Sierra, or with
+  OpenSSL 1.1. Affected users should upgrade; others can safely stay
+  with 0.2.8.10.
+
+  o Minor bugfixes (portability):
+- Avoid compilation errors when building on OSX Sierra. Sierra began
+  to support the getentropy() and clock_gettime() APIs, but created
+  a few problems in doing so. Tor 0.2.9 has a more thorough set of
+  workarounds; in 0.2.8, we are just using the /dev/urandom and mach
+  monotonic time interfaces. Fixes bug 20865. Bugfix
+  on 0.2.8.1-alpha.
+
+  o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
+- Fix compilation with OpenSSL 1.1 and less commonly-used CPU
+  architectures. Closes ticket 20588.
+
+
 Changes in version 0.2.8.10 - 2016-12-02
   Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients
   unusable after they left standby mode. It also backports fixes for

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.9] Merge branch 'maint-0.2.8' into maint-0.2.9

[nickm]

commit f9636ebc2f70544f8b86eb7e3a86a85c81349f8e
Merge: 5d4ff91 d47c52b
Author: Nick Mathewson 
Date:   Thu Dec 8 11:03:08 2016 -0500

Merge branch 'maint-0.2.8' into maint-0.2.9

"Ours" merge to avoid bumping version.




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.9] Merge remote-tracking branch 'origin/maint-0.2.8' into maint-0.2.8

[nickm]

commit 9c899dad31c9b172ed19804d64dd6ee0e2cefa8a
Merge: 4732e15 10baf2c
Author: Nick Mathewson 
Date:   Thu Dec 8 09:07:28 2016 -0500

Merge remote-tracking branch 'origin/maint-0.2.8' into maint-0.2.8

 src/common/compat_pthreads.c | 5 +
 1 file changed, 5 insertions(+)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits