[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit d016a81978d204b4dad8c06fdf81524391c724de Author: Translation commit botDate: Fri Dec 9 07:48:19 2016 + Update translations for tor-browser-manual --- nb/nb.po | 48 ++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/nb/nb.po b/nb/nb.po index 3fc5690..7479699 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -438,6 +438,9 @@ msgid "" "Message to @get_tor with the words \"osx en\" in it (you don't need to " "follow the account)." msgstr "" +"For å få lenker til nedlasting av Tor-nettleseren på engelsk for OS X, send " +"en direkte melding til @get_tor inneholdende ordene \"osx en\" (du trenger " +"ikke å følge kontoen)." #: downloading.page:70 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" @@ -745,6 +748,11 @@ msgid "" "trackers, and advertising beacons, all of which can link your activity " "across different sites." msgstr "" +"Når du kobler til en nettside, er det ikke bare operatørene av nettsiden som" +" kan lagre informasjon om ditt besøk. De fleste nettsider bruker flerfoldige" +" tredjepartstjenester, som usosiale nettverkstejesters \"Like\"-knapper, " +"analysesporere, og reklamesignalering, som alle kan lenke sammen din " +"aktivitet på tvers av forskjellige nettsider." #: managing-identities.page:20 msgid "" @@ -792,6 +800,8 @@ msgid "" "You can see a diagram of the circuit that Tor Browser is using for the " "current tab in the onion menu." msgstr "" +"Du kan se et diagram av kretsen Tor-nettleseren bruker for gjeldende fane i " +"løk-menyen." #: managing-identities.page:55 msgid "Logging in over Tor" @@ -940,7 +950,7 @@ msgstr "" #: onionsites.page:46 msgid "How to access an onion service" -msgstr "" +msgstr "Hvordan få tilgang til en løk-tjeneste" #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -1007,6 +1017,13 @@ msgid "" "operators, or to an outside observer. For this reason, Flash is disabled by " "default in Tor Browser, and enabling it is not recommended." msgstr "" +"Videonettsider som Vimeo gjør bruk av programtillegget for Flash-avspilling " +"for å vise videoinnhold. Dessverre kjører denne programvaren uavhengig av " +"Tor-nettleseren og kan ikke enkelt fås til å adlyde Tor-nettleserens " +"mellomtjenerinnstillinger. Derfor kan den avsløre din egentlige plassering " +"og IP-adresse til nettsideoperatørene, eller til en tredjepart som holder " +"øye med deg. Av denne grunnen er Flash avskrudd som forvalg i Tor-" +"nettleseren, og å skru det på er ikke anbefalt." #: plugins.page:23 msgid "" @@ -1014,6 +1031,9 @@ msgid "" "methods that do not use Flash. These methods may be compatible with Tor " "Browser." msgstr "" +"Noen videonettsider (som YouTube) tilbyr alternative videoleveringsmetoder " +"som ikke gjør bruk av flash. Disse metodene kan være kompatible med Tor-" +"nettleseren." #: plugins.page:31 msgid "JavaScript" @@ -1057,13 +1077,15 @@ msgstr "" #: plugins.page:58 msgid "Browser Add-ons" -msgstr "" +msgstr "Programtillegg for nettleser" #: plugins.page:59 msgid "" "Tor Browser is based on Firefox, and any browser add-ons or themes that are " "compatible with Firefox can also be installed in Tor Browser." msgstr "" +"Tor-nettleseren er basert på Firefox, og ethvert programtillegg og enhver " +"drakt kompatibelt med Firefox kan også installeres i Tor-nettleseren." #: plugins.page:64 msgid "" @@ -1073,6 +1095,12 @@ msgid "" " privacy and security. It is strongly discouraged to install additional add-" "ons, and the Tor Project will not offer support for these configurations." msgstr "" +"Dog er de eneste programtilleggene som har blitt testet for bruk med Tor-" +"nettleseren dem som er inkludert som forvalg. Installasjon av andre " +"programtillegg kan knekke funksjonalitet i Tor-nettleseren eller forårsake " +"mer alvorlige problemer som har innvirkning på din sikkerhet eller " +"personvern. Det frarådes sterkt å installere ytterligere programtillegg, og " +"Tor-prosjektet vil ikke tilby støtte for disse oppsettene." #: secure-connections.page:8 msgid "Learn how to protect your data using Tor Browser and HTTPS" @@ -1133,6 +1161,8 @@ msgid "" "When both buttons are grey, you see the data that is visible to observers " "when you don't use either tool." msgstr "" +"Når begge knappene er grået ut, ser du dataen som er synlig for observatører" +" når du ikke bruker hvert av verktøyene." #: secure-connections.page:62 msgid "Potentially visible data" @@ -1178,6 +1208,11 @@ msgid "" "some web pages from functioning properly, so you should weigh your security " "needs against the degree of usability you require." msgstr "" +"Tor-nettleseren inneholder en \"sikkerhetsglidebryter\" som lar deg øke " +"sikkerhetsnivået ved å skru av noen
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit abc2dccf1fb49809427338d65d91fb94f4f39470 Author: Translation commit botDate: Fri Dec 9 07:18:19 2016 + Update translations for tor-browser-manual --- nb/nb.po | 79 +--- 1 file changed, 71 insertions(+), 8 deletions(-) diff --git a/nb/nb.po b/nb/nb.po index 0eb9c8d..3fc5690 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -124,7 +124,7 @@ msgstr "" #: bridges.page:6 msgid "Learn what bridges are and how to get them" -msgstr "" +msgstr "Lær hva broer er og hvordan bruke dem" #: bridges.page:10 msgid "Bridges" @@ -139,6 +139,12 @@ msgid "" " in combination with pluggable transports helps to disguise the fact that " "you are using Tor." msgstr "" +"De fleste Pluggbare transporter, som obfs3 " +"og obfs4 belager seg pÃ¥ \"bro\"-baserte routingstafettoppsett. Som ordinære " +"Tor-routingstafettoppsett, drives broer av frivillige; ulikt vanlige " +"routingstafettoppsett, er de ikke pÃ¥ noen offentlig liste, sÃ¥ en fiendtlig " +"part kan ikke identifisere dem sÃ¥ lett. Bruk av broer i kombinasjon med " +"pluggbare transporter hjelper deg med Ã¥ skjule at du bruker Tor." #: bridges.page:21 msgid "" @@ -146,6 +152,9 @@ msgid "" "techniques that do not rely on bridges. You do not need to obtain bridge " "addresses in order to use these transports." msgstr "" +"Andre pluggbare transporter, som meek, bruker andre antisensur-teknikker som" +" ikke avhenger av broer. Du trenger ikke Ã¥ innhente broadresser for Ã¥ bruke " +"disse transportene." #: bridges.page:28 msgid "Getting bridge addresses" @@ -217,6 +226,10 @@ msgid "" " may be down. Please use one of the above methods to obtain more bridge " "addresses, and try again." msgstr "" +"Klikk \"Koble til\". Bruk av broer kan sakke ned tilkoblingen sett i forhold" +" til bruk av vanlige Tor-routingstafettoppsett. Hvis tilkoblingen feiler, " +"kan det hende at broene du har mottatt er nede. Bruk en av metodene ovenfor " +"for Ã¥ innhente flere broadresser, og prøv igjen." #: circumvention.page:6 msgid "What to do if the Tor network is blocked" @@ -235,6 +248,12 @@ msgid "" "page for more information on the types of transport that are currently " "available." msgstr "" +"Direkte tilgang til Tor-nettverket kan noen ganger være blokkert av din " +"tjenestetilbyder for Internett eller av en myndighet. Tor-nettleseren " +"innehar noen av disse omgÃ¥elsesverktøyene for Ã¥ komme rundt disse " +"blokkeringene. Disse verktøyene heter \"pluggbare transporter\". Se siden " +"for Pluggbare transporter for mer " +"informasjon om transporttypene som er tilgjengelige for tiden." #: circumvention.page:22 msgid "Using pluggable transports" @@ -402,6 +421,12 @@ msgid "" "â32-bitâ or â64-bitâ software: this depends on the model of the computer you" " are using." msgstr "" +"GetTor vil svare med en e-post inneholdende lenker du kan laste ned Tor-" +"nettleserpakken fra, den kryptografiske signaturen (som trengs for Ã¥ " +"bekrefte nedlastingen), fingeravtrykket til nøkkelen som ble brukt til Ã¥ " +"lage signaturen, og pakkens sjekksum. Du vil bli tilbudt et valg mellom " +"\"32-biters\" og \"64-biters\" programvare: dette avhenger av " +"datamaskinmodellen du bruker." #: downloading.page:57 msgid "To use GetTor via Twitter:" @@ -423,6 +448,9 @@ msgid "" "To get links for downloading Tor Browser in Chinese for Linux, send a " "message to get...@torproject.org with the words \"linux zh\" in it." msgstr "" +"For Ã¥ hente lenker for nedlasting av Tor-nettleseren pÃ¥ Kinesisk for Linux, " +"send en melding til get...@torproject.org med ordene \"linux zh\" i " +"brødteksten." #: downloading.page:84 msgid "Satori" @@ -457,6 +485,11 @@ msgid "" "after the name of the program â each one represents a different source from " "which to get the software. Your download will then begin." msgstr "" +"NÃ¥r Satori Ã¥pnes, klikk ditt foretrukne sprÃ¥k. En meny vil Ã¥pnes med " +"tilgjengelige nedlastinger for valgt sprÃ¥k. Finn oppføringen for Tor-" +"nettleseren under navnet pÃ¥ ditt operativsystem. Velg enten \"A\" eller " +"\"B\" etter navnet pÃ¥ programmet â hver av dem representerer en kilde Ã¥ " +"laste ned programmet fra. Din nedlasting vil deretter begynne." #: downloading.page:115 msgid "" @@ -556,6 +589,13 @@ msgid "" "xref=\"circumvention\">Circumvention screen to configure a pluggable " "transport." msgstr "" +"Denne første skjermen spør om tilgang til Tor-nettverket er sensurert eller " +"blokkert pÃ¥ din tilknytning. Hvis du ikke tror dette er tilfellet, velg " +"\"Nei\". Hvis du vet at din tilkobling blir sensurert, eller du har prøvd og" +" feilet i tilkobling til Tor-nettverket, og ingen andre løsninger har " +"virket, velg \"Ja\". Du vil sÃ¥ bli ført til skjermen for OmgÃ¥else for Ã¥ sette opp en pluggbar " +"transport." #: first-time.page:55 msgid "" @@ -565,6 +605,12 @@ msgid "" "ask your
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 01284d3d234622420b395e623c02a48735049339 Author: Translation commit botDate: Fri Dec 9 05:02:43 2016 + Update translations for tor-browser-manual --- nb/nb.po | 56 ++-- 1 file changed, 46 insertions(+), 10 deletions(-) diff --git a/nb/nb.po b/nb/nb.po index d1a89ee..0eb9c8d 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -329,6 +329,10 @@ msgid "" "xref=\"bridges\">Bridges section to learn what bridges are and how to" " obtain them." msgstr "" +"Hvis du prøver alle disse valgene, og ingen av dem fÃ¥r deg pÃ¥ nett, vil du " +"mÃ¥tte skrive inn broadresser manuelt. Les delen om Broer for Ã¥ lære hva broer er og hvordan du henter " +"dem." #: downloading.page:7 msgid "How to download Tor Browser" @@ -363,7 +367,7 @@ msgstr "" #: downloading.page:27 msgid "GetTor" -msgstr "" +msgstr "GetTor" #: downloading.page:28 msgid "" @@ -371,10 +375,13 @@ msgid "" "the latest version of Tor Browser, hosted at a variety of locations, such as" " Dropbox, Google Drive and Github.." msgstr "" +"GetTor er en tjeneste som automatisk svarer pÃ¥ meldinger med lenker til " +"seneste versjon av Tor-nettleseren, delt fra en mengde plasser, som Dropbox," +" Google drive og GitHub." #: downloading.page:34 msgid "To use GetTor via email:" -msgstr "" +msgstr "For Ã¥ bruke GetTor via e-post:" #: downloading.page:39 msgid "" @@ -382,6 +389,9 @@ msgid "" "simply write âwindowsâ, âosxâ, or âlinuxâ, (without quotation marks) " "depending on your operating system." msgstr "" +"Send en e-post til get...@torproject.org, og i fÃ¥ med \"windows\", \"osx\" " +"eller \"linux\" (uten anførselstegn og avhengig av ditt operativsystem) i " +"brødteksten av meldingen." #: downloading.page:46 msgid "" @@ -395,7 +405,7 @@ msgstr "" #: downloading.page:57 msgid "To use GetTor via Twitter:" -msgstr "" +msgstr "For Ã¥ bruke GetTor via Twitter:" #: downloading.page:62 msgid "" @@ -406,7 +416,7 @@ msgstr "" #: downloading.page:70 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" -msgstr "" +msgstr "For Ã¥ bruke GetTor via Jabber/XMPP (Tor messenger, Jitsi, CoyIM):" #: downloading.page:75 msgid "" @@ -416,13 +426,16 @@ msgstr "" #: downloading.page:84 msgid "Satori" -msgstr "" +msgstr "Satori" #: downloading.page:85 msgid "" "Satori is an add-on for the Chrome or Chromium browsers that allows you to " "download several security and privacy programs from different sources." msgstr "" +"Satori er et programtillegg for Chrome- eller Chromium-nettleserne som lar " +"deg laste ned forskjellige sikkerhets- og personverns-programmer fra " +"forskjellige kilder." #: downloading.page:90 msgid "To download Tor Browser using Satori:" @@ -430,11 +443,11 @@ msgstr "For Ã¥ laste ned Tor-nettleseren ved bruk av Satori:" #: downloading.page:95 msgid "Install Satori from the Chrome App Store." -msgstr "" +msgstr "Installer Satori fra Chrome-programbutikken." #: downloading.page:100 msgid "Select Satori from your browserâs Apps menu." -msgstr "" +msgstr "Velg Satori fra din nettlesers programmeny." #: downloading.page:105 msgid "" @@ -450,6 +463,8 @@ msgid "" "Wait for your download to finish, then find the âGenerate Hashâ section in " "Satoriâs menu and click âSelect Filesâ." msgstr "" +"Vent pÃ¥ at nedlastingen skal fullføres, finn sÃ¥ \"Generer sjekksum\"-delen i" +" Satoris meny og klikk \"Velg filer\"." #: downloading.page:121 msgid "" @@ -461,6 +476,13 @@ msgid "" "Browser. If they do not match, you may need to try downloading again," " or from a different source." msgstr "" +"Velg den nedlastede Tor-nettleserfila. Satori vil vise sjekksumen av fila, " +"som du burde jamføre med programvarens orginale sjekksum: du kan finne dette" +" ved Ã¥ klikke ordet \"sjekksum\" som etterfølger lenken du klikket pÃ¥ for Ã¥ " +"starte nedlastingen. Hvis sjekksummene stemmer overens, var nedlastingen " +"vellykket, og du kan sette i gang Ã¥ bruke Tor-" +"nettleseren. Hvis de ikke stemmer overens, kan du prøve Ã¥ laste ned " +"igjen, eller fra en annen kilde." #: first-time.page:7 msgid "Learn how to use Tor Browser for the first time" @@ -476,6 +498,9 @@ msgid "" "Settings window. This offers you the option to connect directly to the Tor " "network, or to configure Tor Browser for your connection." msgstr "" +"NÃ¥r du kjører Tor-nettleseren for første gang, vil du se et vindu for " +"nettverksinnstillinger for Tor-nettverket. Dette lar deg koble til Tor-" +"nettverket direkte, eller sette opp Tor-nettleseren for din tilkobling." #: first-time.page:19 msgid "Connect" @@ -501,6 +526,11 @@ msgid "" "Troubleshooting page for help solving " "the problem." msgstr "" +"I de fleste fall vil \"Koble til\" la deg koble til Tor-nettverket uten " +"videre oppsett. NÃ¥r du har klikket dette, vil en framdriftsindikator komme " +"til syne. Hvis du har
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 19166bd83c858ba5e7a1f277347beffcd1cb21dc Author: Translation commit botDate: Fri Dec 9 04:21:40 2016 + Update translations for tor-browser-manual --- es/es.po | 10 nb/nb.po | 82 2 files changed, 72 insertions(+), 20 deletions(-) diff --git a/es/es.po b/es/es.po index a5fb39a..c3bc177 100644 --- a/es/es.po +++ b/es/es.po @@ -578,6 +578,13 @@ msgid "" "Troubleshooting page for help solving " "the problem." msgstr "" +"En la mayorÃa de los casos, escoger \"Conectar\" le permitirá conectar a la " +"red Tor sin ninguna configuración adicional. Una vez haga clic, aparecerá " +"una barra de estado mostrando el progreso de la conexión de Tor. Si está " +"sobre una conexión relativamente rápida, pero este barra parece haberse " +"quedado fija en un determinado punto, vea la página Solución de problemas en busca de ayuda para" +" solucionar el problema." #: first-time.page:33 msgid "Configure" @@ -589,6 +596,9 @@ msgid "" "select this option. Tor Browser will take you through a series of " "configuration options." msgstr "" +"Si sabe que su conexión está censurada, o usa un proxy, debe seleccionar " +"esta opción. El Navegador Tor le llevará a través de una serie de opciones " +"de configuración." #: first-time.page:44 msgid "" diff --git a/nb/nb.po b/nb/nb.po index 998e238..d1a89ee 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -93,6 +93,11 @@ msgid "" " last relay in the circuit (the âexit relayâ) then sends the traffic out " "onto the public Internet." msgstr "" +"Tor er et nettverk av virtuelle tunneler som forbedrer ditt personvern og " +"din sikkerhet pÃ¥ Internett. Tor fungerer ved Ã¥ sende din internett-trafikk " +"gjennom tre tilfeldig valgte servere (ogsÃ¥ kalt relays) i Tor-" +"nettverket. Det siste rutingstafettoppsettet er det \"utgÃ¥ende " +"rutingstafettoppsettet\" før trafikken sendes ut pÃ¥ det Ã¥pne Internettet." #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -112,6 +117,10 @@ msgid "" "three keys represent the layers of encryption between the user and each " "relay." msgstr "" +"Bildet ovenfor illustrerer en bruker som besøker forskjellige nettsider over" +" Tor. De grønne maskinene i midten representerer rutingstafettoppsett i Tor-" +"nettverket, mens de tre nøklene representerer krypteringslag mellom brukeren" +" og hvert rutingstafettoppsett." #: bridges.page:6 msgid "Learn what bridges are and how to get them" @@ -165,6 +174,8 @@ msgid "" "Email brid...@torproject.org from a Gmail, Yahoo, or Riseup email address, " "or" msgstr "" +"Send en e-post til brid...@torproject.org fra en e-postadresse fra Gmail, " +"Yahoo eller Riseup, alternativt" #: bridges.page:51 msgid "Entering bridge addresses" @@ -245,6 +256,8 @@ msgid "" "To use pluggable transports, click \"Configure\" in the Tor Launcher window " "that appears when you first run Tor Browser." msgstr "" +"For Ã¥ bruke pluggbare transporter, klikk \"Sett opp\" i Tor-" +"oppstartervinduet som kommer opp nÃ¥r du først kjører Tor-nettleseren." #: circumvention.page:33 msgid "" @@ -252,6 +265,9 @@ msgid "" " clicking on the green onion near your address bar and selecting âTor " "Network Settingsâ." msgstr "" +"Du kan ogsÃ¥ sette opp pluggbare transporter mens Tor-nettleseren kjører, ved" +" Ã¥ klikke pÃ¥ den grønne løken nært adressefeltet ditt og velge \"Tor " +"nettverksinnstillinger\"." #: circumvention.page:41 msgid "" @@ -341,6 +357,9 @@ msgid "" "for example, it could be blocked on your network. If this happens, you can " "use one of the alternative download methods listed below." msgstr "" +"Dog kan det være tider der Tor-prosjektets nettside er utilgjengelig: for " +"eksempel kan den være blokkert pÃ¥ ditt nettverk. Hvis dette skjer, kan du " +"bruke en av de alternative nedlastingsmetodene nedenfor." #: downloading.page:27 msgid "GetTor" @@ -407,7 +426,7 @@ msgstr "" #: downloading.page:90 msgid "To download Tor Browser using Satori:" -msgstr "" +msgstr "For Ã¥ laste ned Tor-nettleseren ved bruk av Satori:" #: downloading.page:95 msgid "Install Satori from the Chrome App Store." @@ -621,7 +640,7 @@ msgstr "" #: managing-identities.page:10 msgid "Managing identities" -msgstr "" +msgstr "Behandling av identiteter" #: managing-identities.page:12 msgid "" @@ -705,12 +724,16 @@ msgid "" "When you log in to a website over Tor, there are several points you should " "bear in mind:" msgstr "" +"NÃ¥r du logger pÃ¥ en nettside over Tor, er det flere punkter du bør ha i " +"minnet:" #: managing-identities.page:79 msgid "" "See the Secure Connections page for" " important information on how to secure your connection when logging in." msgstr "" +"Se siden for Sikre tilkoblinger for" +" viktig informasjon om
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 0d543b7c9fea1caba5c0232acdc6c70a77f3610b Author: Translation commit botDate: Fri Dec 9 03:48:20 2016 + Update translations for tor-browser-manual --- es/es.po | 26 -- nb/nb.po | 63 +-- 2 files changed, 77 insertions(+), 12 deletions(-) diff --git a/es/es.po b/es/es.po index 67d5f1c..a5fb39a 100644 --- a/es/es.po +++ b/es/es.po @@ -499,12 +499,20 @@ msgid "" "after the name of the program â each one represents a different source from " "which to get the software. Your download will then begin." msgstr "" +"Cuando Satori se abra, pulse sobre su elección de idioma. Se abrirá un menú " +"listando las descargas disponibles para ese idioma. Busque la entrada para " +"el Navegador Tor (Tor Browser) bajo el nombre de su sistema operativo. " +"Seleccione \"A\" o \"B\" tras el nombre del programa â cada una representa " +"una fuente distinta desde la que obtener el software. Entonces comenzará su " +"descarga." #: downloading.page:115 msgid "" "Wait for your download to finish, then find the âGenerate Hashâ section in " "Satoriâs menu and click âSelect Filesâ." msgstr "" +"Espere a que finalice su descarga, luego busque la sección \"Generar Hash\" " +"en el menú de Satori, y pulse \"Seleccionar ficheros\"." #: downloading.page:121 msgid "" @@ -516,14 +524,22 @@ msgid "" "Browser. If they do not match, you may need to try downloading again," " or from a different source." msgstr "" +"Seleccione el archivo de Navegador Tor descargado. Satori mostrará la suma " +"de verificación (checksum) del fichero, que debe comparar con la suma de " +"verificación del software original: puede encontrarla haciendo clic en " +"palabra \"checksum\" tras el enlace sobre el que hizo clic para iniciar la " +"descarga. Si las sumas de verificación coinciden, su descarga fue exitosa, y" +" puede comenzar a usar el Navegador Tor. Si" +" no coinciden, puede que precise descargarlo de nuevo, o desde una fuente " +"diferente." #: first-time.page:7 msgid "Learn how to use Tor Browser for the first time" -msgstr "" +msgstr "Conozca cómo usar el Navegador Tor por primera vez" #: first-time.page:10 msgid "Running Tor Browser for the first time" -msgstr "" +msgstr "Ejecutar el Navegador Tor por primera vez" #: first-time.page:12 msgid "" @@ -531,6 +547,10 @@ msgid "" "Settings window. This offers you the option to connect directly to the Tor " "network, or to configure Tor Browser for your connection." msgstr "" +"Cuando ejecute el Navegador Tor por primera vez, verá la ventana de " +"Configuración de la Red Tor. Esto le ofrece la opción de conectar " +"directamente a la red Tor, o de configurar el Navegador Tor para su " +"conexión." #: first-time.page:19 msgid "Connect" @@ -546,6 +566,8 @@ msgid "" "external ref='media/first-time/connect.png' " "md5='9d07068f751a3bfd274365a4ba8d90ca'" msgstr "" +"external ref='media/first-time/connect.png' " +"md5='9d07068f751a3bfd274365a4ba8d90ca'" #: first-time.page:23 msgid "" diff --git a/nb/nb.po b/nb/nb.po index 1a0aec1..998e238 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -168,13 +168,15 @@ msgstr "" #: bridges.page:51 msgid "Entering bridge addresses" -msgstr "" +msgstr "Innskriving av bro-adresser" #: bridges.page:52 msgid "" "Once you have obtained some bridge addresses, you will need to enter them " "into Tor Launcher." msgstr "" +"NÃ¥r du har innhentet noen bro-adresser, vil du mÃ¥tte fylle dem inn i Tor-" +"oppstarteren." #: bridges.page:57 msgid "" @@ -182,6 +184,9 @@ msgid "" " to the Tor network. Select âUse custom bridgesâ and enter each bridge " "address on a separate line." msgstr "" +"Velg \"Ja\" nÃ¥r du blir sport om din tjenestetilbyder for Internett " +"blokkerer tilkoblinger til Tor-nettverket. Velg \"egendefinerte broer\" og " +"skriv inn hver bro-adresse pÃ¥ en egen linje." #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -204,7 +209,7 @@ msgstr "" #: circumvention.page:6 msgid "What to do if the Tor network is blocked" -msgstr "" +msgstr "Tiltak for et blokkert Tor-nettverk" #: circumvention.page:10 msgid "Circumvention" @@ -222,7 +227,7 @@ msgstr "" #: circumvention.page:22 msgid "Using pluggable transports" -msgstr "" +msgstr "Bruk av pluggbare transporter" #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -253,6 +258,8 @@ msgid "" "Select âyesâ when asked if your Internet Service Provider blocks connections" " to the Tor network." msgstr "" +"Velg \"Ja\" nÃ¥r du blir sport om din tjenestetilbyder for Internett " +"blokkerer tilkoblinger til Tor-nettverket." #. This is a reference to an external file such as an image or video.
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 7e31b579f468ab9f3b47e3779cc439a36c7ba5be Author: Translation commit botDate: Fri Dec 9 03:18:24 2016 + Update translations for tor-browser-manual --- es/es.po | 11 +++ nb/nb.po | 11 +-- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/es/es.po b/es/es.po index 39595a3..67d5f1c 100644 --- a/es/es.po +++ b/es/es.po @@ -468,25 +468,28 @@ msgstr "" #: downloading.page:84 msgid "Satori" -msgstr "" +msgstr "Satori" #: downloading.page:85 msgid "" "Satori is an add-on for the Chrome or Chromium browsers that allows you to " "download several security and privacy programs from different sources." msgstr "" +"Satori es un complemento para navegadores Chrome y Chromium que le permite " +"descargar varios programas de seguridad y privacidad desde distintas " +"fuentes." #: downloading.page:90 msgid "To download Tor Browser using Satori:" -msgstr "" +msgstr "Para descargar el Navegador Tor usando Satori:" #: downloading.page:95 msgid "Install Satori from the Chrome App Store." -msgstr "" +msgstr "Instale Satori desde la Chrome App Store." #: downloading.page:100 msgid "Select Satori from your browserâs Apps menu." -msgstr "" +msgstr "Seleccione Satori desde su menú Aplicaciones del navegador." #: downloading.page:105 msgid "" diff --git a/nb/nb.po b/nb/nb.po index d00744a..1a0aec1 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -1124,11 +1124,11 @@ msgstr "" #: transports.page:6 transports.page:20 msgid "Types of pluggable transport" -msgstr "" +msgstr "Typer pluggbare transporter" #: transports.page:10 msgid "Pluggable Transports" -msgstr "" +msgstr "Pluggbare transporter" #: transports.page:12 msgid "" @@ -1137,6 +1137,10 @@ msgid "" "Provider or other authority is actively blocking connections to the Tor " "network." msgstr "" +"Pluggbare transporter er verktøy Tor kan bruke for Ã¥ forkle trafikken den " +"sender ut. Dette kan være nyttig i situasjoner der en tjenestetilbyder for " +"Internett eller annen autoritet aktivt blokkerer tilkoblinger til Tor-" +"nettverket." #: transports.page:21 msgid "" @@ -1285,6 +1289,9 @@ msgid "" " computer. Uninstalling Tor Browser will not affect your systemâs software " "or settings." msgstr "" +"Tor-nettleseren har ingen innvirking pÃ¥ innstillinger eller programvare som " +"allerede finnes pÃ¥ maskinen din. Avinstallering av Tor-nettleseren vil " +"heller ikke ha noen innvirkning." #: uninstalling.page:18 msgid "Removing Tor Browser from your system is simple:" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-properties_completed] Update translations for tor-launcher-properties_completed
commit 00a53d38823537a17d96bee9dd5058d706f7d36f Author: Translation commit botDate: Fri Dec 9 03:16:02 2016 + Update translations for tor-launcher-properties_completed --- nb/torlauncher.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/torlauncher.properties b/nb/torlauncher.properties index 2d73760..af07fa9 100644 --- a/nb/torlauncher.properties +++ b/nb/torlauncher.properties @@ -60,4 +60,4 @@ torlauncher.bootstrapWarning.identity=feil identitet torlauncher.bootstrapWarning.timeout=forbindelse tidsavbrutt torlauncher.bootstrapWarning.noroute=ingen rute til vert torlauncher.bootstrapWarning.ioerror=lese/skrive feil -torlauncher.bootstrapWarning.pt_missing=Pluggable Transport mangler +torlauncher.bootstrapWarning.pt_missing=pluggbar transport mangler ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-properties] Update translations for tor-launcher-properties
commit 9e6e1e7fbd8f77f2c90bfec4df7476ff745473f4 Author: Translation commit botDate: Fri Dec 9 03:15:58 2016 + Update translations for tor-launcher-properties --- nb/torlauncher.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/torlauncher.properties b/nb/torlauncher.properties index 2d73760..af07fa9 100644 --- a/nb/torlauncher.properties +++ b/nb/torlauncher.properties @@ -60,4 +60,4 @@ torlauncher.bootstrapWarning.identity=feil identitet torlauncher.bootstrapWarning.timeout=forbindelse tidsavbrutt torlauncher.bootstrapWarning.noroute=ingen rute til vert torlauncher.bootstrapWarning.ioerror=lese/skrive feil -torlauncher.bootstrapWarning.pt_missing=Pluggable Transport mangler +torlauncher.bootstrapWarning.pt_missing=pluggbar transport mangler ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 7698e887121c0902cb08c101b0fa1d6bf7ac1191 Author: Translation commit botDate: Fri Dec 9 02:48:53 2016 + Update translations for tor-browser-manual --- nb/nb.po | 32 +--- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/nb/nb.po b/nb/nb.po index c21b880..d00744a 100644 --- a/nb/nb.po +++ b/nb/nb.po @@ -25,6 +25,8 @@ msgstr "Oversettere" #: about-tor-browser.page:7 msgid "Learn what Tor Browser can do to protect your privacy and anonymity" msgstr "" +"Lær hva Tor-nettleseren kan gjøre for å beskytte ditt personvern og din " +"anonymitet" #: about-tor-browser.page:10 msgid "About Tor Browser" @@ -206,7 +208,7 @@ msgstr "" #: circumvention.page:10 msgid "Circumvention" -msgstr "" +msgstr "Omgåelse" #: circumvention.page:12 msgid "" @@ -1245,7 +1247,7 @@ msgstr "" #: troubleshooting.page:64 msgid "Is your connection censored?" -msgstr "" +msgstr "Er tilknytningen din sensurert?" #: troubleshooting.page:65 msgid "" @@ -1253,10 +1255,13 @@ msgid "" "censoring connections to the Tor network. Read the Circumvention section for possible solutions." msgstr "" +"Hvis du ikke kan koble til, kan det hende at din tjenestetilbyder for " +"Internett sensurerer tilkoblinger til Tor-nettverket. Les Omgåelse-delen for mulige løsninger." #: troubleshooting.page:74 msgid "Known issues" -msgstr "" +msgstr "Kjente problemer" #: troubleshooting.page:75 msgid "" @@ -1268,11 +1273,11 @@ msgstr "" #: uninstalling.page:6 msgid "How to remove Tor Browser from your system" -msgstr "" +msgstr "Hvordan fjerne Tor-nettleseren fra ditt system" #: uninstalling.page:10 msgid "Uninstalling" -msgstr "" +msgstr "Avinstallering" #: uninstalling.page:12 msgid "" @@ -1283,7 +1288,7 @@ msgstr "" #: uninstalling.page:18 msgid "Removing Tor Browser from your system is simple:" -msgstr "" +msgstr "à fjerne Tor-nettleseren fra systemet ditt er enkelt:" #: uninstalling.page:24 msgid "" @@ -1299,7 +1304,7 @@ msgstr "" #: uninstalling.page:35 msgid "Empty your Trash" -msgstr "" +msgstr "Tøm papirkurven din" #: uninstalling.page:39 msgid "" @@ -1308,11 +1313,11 @@ msgstr "" #: updating.page:6 msgid "How to update Tor Browser" -msgstr "" +msgstr "Hvordan oppdatere Tor-nettleseren" #: updating.page:10 msgid "Updating" -msgstr "" +msgstr "Oppdatering" #: updating.page:12 msgid "" @@ -1331,7 +1336,7 @@ msgstr "" #: updating.page:26 msgid "Updating Tor Browser automatically" -msgstr "" +msgstr "Oppdaterer Tor-nettleseren automatisk" #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -1386,13 +1391,15 @@ msgstr "" #: updating.page:58 msgid "Updating Tor Browser manually" -msgstr "" +msgstr "Oppdaterer Tor-nettleseren manuelt" #: updating.page:61 msgid "" "When you are prompted to update Tor Browser, finish the browsing session and" " close the program." msgstr "" +"Når du blir forespurt oppdatering av Tor-nettleseren, fullfør surfeøkta og " +"lukk programmet." #: updating.page:67 msgid "" @@ -1400,6 +1407,9 @@ msgid "" "(see the Uninstalling section for more " "information)." msgstr "" +"Fjern Tor-nettlesren fra systemet ditt ved å slette mappa den ligger i " +"(sjekk Avinstallering-delen for mer " +"informasjon)." #: updating.page:74 msgid "" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/exoneratorproperties_completed] Update translations for exoneratorproperties_completed
commit 811295da847903f32079f102c004818a840efa4d Author: Translation commit botDate: Fri Dec 9 02:48:48 2016 + Update translations for exoneratorproperties_completed --- nb/exonerator.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/exonerator.properties b/nb/exonerator.properties index 3044217..42d0777 100644 --- a/nb/exonerator.properties +++ b/nb/exonerator.properties @@ -47,6 +47,6 @@ footer.abouttor.body.link2=lær mer om Tor footer.abouttor.body.link3=kontakt The Tor Project, Inc. footer.aboutexonerator.heading=Om ExoneraTor footer.aboutexonerator.body=ExoneraTor-tjenesten veldikeholder en database med IP-adresser som har vært en del av Tor-nettverket. Den svarer på spørsmål knyttet til om et Tor-routingstafettoppsett kjørte på en angitt IP-adresse på en gitt dato. ExoneraTor kan lagre mer enn én IP-adresse per routingstafettoppsett hvis de bruker en annen IP-adresse for å trå over til Internett enn for å registrere seg i Tor-nettverket, og den lagrer hvorvidt et routingstafettoppsett tillot Tor-trafikk overgang til det åpne Internett på dette tidspunktet. -footer.trademark.text="Tor" og "Onion-logoen" er %s tilhørende The Tor Project, Inc. +footer.trademark.text="Tor" og "Løk-logoen" er %s tilhørende The Tor Project, Inc. footer.trademark.link=registrerte varemerker ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/exoneratorproperties] Update translations for exoneratorproperties
commit ccbc39088b36382e4a06c8ce18424d0731c6db74 Author: Translation commit botDate: Fri Dec 9 02:48:45 2016 + Update translations for exoneratorproperties --- nb/exonerator.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/exonerator.properties b/nb/exonerator.properties index 3044217..42d0777 100644 --- a/nb/exonerator.properties +++ b/nb/exonerator.properties @@ -47,6 +47,6 @@ footer.abouttor.body.link2=lær mer om Tor footer.abouttor.body.link3=kontakt The Tor Project, Inc. footer.aboutexonerator.heading=Om ExoneraTor footer.aboutexonerator.body=ExoneraTor-tjenesten veldikeholder en database med IP-adresser som har vært en del av Tor-nettverket. Den svarer på spørsmål knyttet til om et Tor-routingstafettoppsett kjørte på en angitt IP-adresse på en gitt dato. ExoneraTor kan lagre mer enn én IP-adresse per routingstafettoppsett hvis de bruker en annen IP-adresse for å trå over til Internett enn for å registrere seg i Tor-nettverket, og den lagrer hvorvidt et routingstafettoppsett tillot Tor-trafikk overgang til det åpne Internett på dette tidspunktet. -footer.trademark.text="Tor" og "Onion-logoen" er %s tilhørende The Tor Project, Inc. +footer.trademark.text="Tor" og "Løk-logoen" er %s tilhørende The Tor Project, Inc. footer.trademark.link=registrerte varemerker ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed
commit 6625f6bfad14d65233803c91ccb2ee35872f1ef6 Author: Translation commit botDate: Fri Dec 9 02:47:23 2016 + Update translations for torbutton-aboutdialogdtd_completed --- nb/aboutdialog.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/aboutdialog.dtd b/nb/aboutdialog.dtd index 62a3a58..fbb2aba 100644 --- a/nb/aboutdialog.dtd +++ b/nb/aboutdialog.dtd @@ -16,4 +16,4 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd
commit f96b1abbae52f01afece93acb3b99c4b3b3dd97a Author: Translation commit botDate: Fri Dec 9 02:47:19 2016 + Update translations for torbutton-aboutdialogdtd --- nb/aboutdialog.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/aboutdialog.dtd b/nb/aboutdialog.dtd index 62a3a58..fbb2aba 100644 --- a/nb/aboutdialog.dtd +++ b/nb/aboutdialog.dtd @@ -16,4 +16,4 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
commit 8dc0969a9ccaaac22754bc7153c16003b727089b Author: Translation commit botDate: Fri Dec 9 02:46:49 2016 + Update translations for torbutton-torbuttonproperties --- nb/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/torbutton.properties b/nb/torbutton.properties index a8422c8..310bf5f 100644 --- a/nb/torbutton.properties +++ b/nb/torbutton.properties @@ -1,6 +1,6 @@ torbutton.circuit_display.internet = Internett torbutton.circuit_display.ip_unknown = Ukjent IP -torbutton.circuit_display.onion_site = Onion-side +torbutton.circuit_display.onion_site = Løk-side torbutton.circuit_display.this_browser = Denne nettleseren torbutton.circuit_display.relay = rutingsstafettoppsett torbutton.circuit_display.tor_bridge = Bro ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbirdy_completed] Update translations for torbirdy_completed
commit 0014683858562677486edd635bad481fa8210ae8 Author: Translation commit botDate: Fri Dec 9 02:45:56 2016 + Update translations for torbirdy_completed --- nb/torbirdy.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/torbirdy.dtd b/nb/torbirdy.dtd index 3b5db95..c5f9673 100644 --- a/nb/torbirdy.dtd +++ b/nb/torbirdy.dtd @@ -50,7 +50,7 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbirdy] Update translations for torbirdy
commit 43a0296316f6edbc74f6c19cf60d31c4c3f1bcc6 Author: Translation commit botDate: Fri Dec 9 02:45:51 2016 + Update translations for torbirdy --- nb/torbirdy.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nb/torbirdy.dtd b/nb/torbirdy.dtd index 3b5db95..c5f9673 100644 --- a/nb/torbirdy.dtd +++ b/nb/torbirdy.dtd @@ -50,7 +50,7 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 8d06c21a8d5aa0e76433f29bda8dfd16b6b0adb6 Author: Translation commit botDate: Fri Dec 9 02:18:59 2016 + Update translations for tor-browser-manual --- es/es.po | 33 - 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/es/es.po b/es/es.po index dc3e620..39595a3 100644 --- a/es/es.po +++ b/es/es.po @@ -379,7 +379,7 @@ msgid "" "makes it much harder for somebody to tamper with." msgstr "" "La forma más fácil y simple de descargar el Navegador Tor es desde el sitio " -"web oficial del Proyecto Tor en https://www.torproject.org. Su conexión al " +"web oficial del Tor Project en https://www.torproject.org. Su conexión al " "sitio será asegurada usando HTTPS, " "que se lo pone mucho más difÃcil a cualquiera para manipularla." @@ -389,10 +389,14 @@ msgid "" "for example, it could be blocked on your network. If this happens, you can " "use one of the alternative download methods listed below." msgstr "" +"Sin embargo, hay muchas ocasiones en las que no puede acceder al sitio web " +"del Tor Project: por ejemplo, podrÃa estar bloqueado en su red. Si esto " +"sucede, puede usar uno de los métodos de descarga alternativos listados " +"debajo." #: downloading.page:27 msgid "GetTor" -msgstr "" +msgstr "GetTor" #: downloading.page:28 msgid "" @@ -400,10 +404,13 @@ msgid "" "the latest version of Tor Browser, hosted at a variety of locations, such as" " Dropbox, Google Drive and Github.." msgstr "" +"GetTor (obtener tor) es un servicio que responde automáticamente a los " +"mensajes con enlaces a la versión más reciente del Navegador Tor, alojada en" +" distintas ubicaciones, como Dropbox, Google Drive y GitHub." #: downloading.page:34 msgid "To use GetTor via email:" -msgstr "" +msgstr "Para usar GetTor vÃa correo electrónico:" #: downloading.page:39 msgid "" @@ -411,6 +418,9 @@ msgid "" "simply write âwindowsâ, âosxâ, or âlinuxâ, (without quotation marks) " "depending on your operating system." msgstr "" +"EnvÃe un correo a get...@torproject.org, y en el cuerpo del mensaje escriba " +"simplemente âwindowsâ, âosxâ, o âlinuxâ, (sin las comillas) dependiendo de " +"su sistema operativo." #: downloading.page:46 msgid "" @@ -421,10 +431,17 @@ msgid "" "â32-bitâ or â64-bitâ software: this depends on the model of the computer you" " are using." msgstr "" +"GetTor responderá con un correo conteniendo enlaces desde los que puede " +"descargar el paquete del Navegador Tor, la firma criptográfica (necesaria " +"para verificar la descarga), la huella de validación (fingerprint) de la " +"clave usada para hacer la firma, y la suma de verificación (checksum) del " +"paquete. Puede que se le ofrezca la elección entre software de \"32-bit\" o " +"de \"64-bit\": la elección dependerá del modelo de la computadora donde se " +"vaya a usar." #: downloading.page:57 msgid "To use GetTor via Twitter:" -msgstr "" +msgstr "Para usar GetTor vÃa Twitter:" #: downloading.page:62 msgid "" @@ -432,16 +449,22 @@ msgid "" "Message to @get_tor with the words \"osx en\" in it (you don't need to " "follow the account)." msgstr "" +"Para obtener enlaces para descargar el Navegador Tor en inglés para OS X, " +"envÃe un Mensaje Directo a @get_tor con las palabras \"osx en\" en él (no " +"necesita seguir la cuenta)." #: downloading.page:70 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" -msgstr "" +msgstr "Para usar GetTor vÃa Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" #: downloading.page:75 msgid "" "To get links for downloading Tor Browser in Chinese for Linux, send a " "message to get...@torproject.org with the words \"linux zh\" in it." msgstr "" +"Para obtener enlaces para descargar el Navegador Tor en chino para Linux, " +"envÃe un mensaje a get...@torproject.org con las palabras \"linux zh\" (sin " +"las comillas) en él." #: downloading.page:84 msgid "Satori" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 4e5a727f21bce880100ba2bbfe10343d3611d3cf Author: Translation commit botDate: Fri Dec 9 01:48:54 2016 + Update translations for tor-browser-manual --- es/es.po | 13 ++--- pt_BR/pt_BR.po | 11 ++- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/es/es.po b/es/es.po index c2a93c7..dc3e620 100644 --- a/es/es.po +++ b/es/es.po @@ -1,7 +1,6 @@ # Translators: # strel , 2016 # JoaquÃn Tita , 2016 -# Diego Contreras <>, 2016 # Lena , 2016 msgid "" msgstr "" @@ -359,14 +358,18 @@ msgid "" "xref=\"bridges\">Bridges section to learn what bridges are and how to" " obtain them." msgstr "" +"Si prueba todas estas opciones, y con ninguna de ellas consigue conectar, " +"necesitará introducir direcciones de puentes de red manualmente. Lea la " +"sección Puentes para conocer qué son los " +"repetidores puente y cómo obtenerlos." #: downloading.page:7 msgid "How to download Tor Browser" -msgstr "" +msgstr "Cómo descargar el Navegador Tor" #: downloading.page:10 msgid "Downloading" -msgstr "Descargando" +msgstr "Descargar" #: downloading.page:12 msgid "" @@ -375,6 +378,10 @@ msgid "" "will be secured using HTTPS, which " "makes it much harder for somebody to tamper with." msgstr "" +"La forma más fácil y simple de descargar el Navegador Tor es desde el sitio " +"web oficial del Proyecto Tor en https://www.torproject.org. Su conexión al " +"sitio será asegurada usando HTTPS, " +"que se lo pone mucho más difÃcil a cualquiera para manipularla." #: downloading.page:19 msgid "" diff --git a/pt_BR/pt_BR.po b/pt_BR/pt_BR.po index 78f7eeb..8ddd24a 100644 --- a/pt_BR/pt_BR.po +++ b/pt_BR/pt_BR.po @@ -1,11 +1,12 @@ # Translators: # Communia , 2016 +# CRISTIANO MARQUES DOS SANTOS , 2016 msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "POT-Creation-Date: 2016-12-06 16:36-0600\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: Communia , 2016\n" +"Last-Translator: CRISTIANO MARQUES DOS SANTOS , 2016\n" "Language-Team: Portuguese (Brazil) (https://www.transifex.com/otf/teams/1519/pt_BR/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -520,6 +521,14 @@ msgid "" "Browser. If they do not match, you may need to try downloading again," " or from a different source." msgstr "" +"Selecione o download do Tor Browser. O Satori exibirá que a soma de " +"verificação do arquivo , que você deve comparar com a soma de verificação do" +" software original: você pode encontrar isto clicando a palavra \"checksum\"" +" depois do link que você clicou para começar o download. Se as somas de " +"vericação for igual, seu download foi um sucesso total, e você poderecomeçar usando o Browser Tor. se eles não " +"forem iguais, você pode precisar tentar baixar novamente, ou de uma fonte " +"diferente." #: first-time.page:7 msgid "Learn how to use Tor Browser for the first time" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual_completed] pulling translations from transifex
commit 3e3bb34cb2936dbd31cfd087cd1ba89b73545308 Author: Translation commit botDate: Fri Dec 9 01:27:13 2016 + pulling translations from transifex --- templates/tor-browser-manual.pot | 1791 ++ 1 file changed, 1791 insertions(+) diff --git a/templates/tor-browser-manual.pot b/templates/tor-browser-manual.pot new file mode 100644 index 000..40b1ed4 --- /dev/null +++ b/templates/tor-browser-manual.pot @@ -0,0 +1,1791 @@ +# +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"POT-Creation-Date: 2016-12-06 16:36-0600\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Put one translator per line, in the form NAME , YEAR1, YEAR2 +msgctxt "_" +msgid "translator-credits" +msgstr "translator-credits" + +#: about-tor-browser.page:7 +msgid "Learn what Tor Browser can do to protect your privacy and anonymity" +msgstr "Learn what Tor Browser can do to protect your privacy and anonymity" + +#: about-tor-browser.page:10 +msgid "About Tor Browser" +msgstr "About Tor Browser" + +#: about-tor-browser.page:12 +msgid "" +"Tor Browser uses the Tor network to protect your privacy and anonymity. " +"Using the Tor network has two main properties:" +msgstr "" +"Tor Browser uses the Tor network to protect your privacy and anonymity. " +"Using the Tor network has two main properties:" + +#: about-tor-browser.page:18 +msgid "" +"Your internet service provider, and anyone watching your connection locally," +" will not be able to track your internet activity, including the names and " +"addresses of the websites you visit." +msgstr "" +"Your internet service provider, and anyone watching your connection locally," +" will not be able to track your internet activity, including the names and " +"addresses of the websites you visit." + +#: about-tor-browser.page:25 +msgid "" +"The operators of the websites and services that you use, and anyone watching" +" them, will see a connection coming from the Tor network instead of your " +"real Internet (IP) address, and will not know who you are unless you " +"explicitly identify yourself." +msgstr "" +"The operators of the websites and services that you use, and anyone watching" +" them, will see a connection coming from the Tor network instead of your " +"real Internet (IP) address, and will not know who you are unless you " +"explicitly identify yourself." + +#: about-tor-browser.page:34 +msgid "" +"In addition, Tor Browser is designed to prevent websites from " +"âfingerprintingâ or identifying you based on your browser configuration." +msgstr "" +"In addition, Tor Browser is designed to prevent websites from " +"âfingerprintingâ or identifying you based on your browser configuration." + +#: about-tor-browser.page:39 +msgid "" +"By default, Tor Browser does not keep any browsing history. Cookies are only" +" valid for a single session (until Tor Browser is exited or a New Identity is requested)." +msgstr "" +"By default, Tor Browser does not keep any browsing history. Cookies are only" +" valid for a single session (until Tor Browser is exited or a New Identity is requested)." + +#: about-tor-browser.page:50 +msgid "How Tor works" +msgstr "How Tor works" + +#: about-tor-browser.page:52 +msgid "" +"Tor is a network of virtual tunnels that allows you to improve your privacy " +"and security on the Internet. Tor works by sending your traffic through " +"three random servers (also known as relays) in the Tor network. The" +" last relay in the circuit (the âexit relayâ) then sends the traffic out " +"onto the public Internet." +msgstr "" +"Tor is a network of virtual tunnels that allows you to improve your privacy " +"and security on the Internet. Tor works by sending your traffic through " +"three random servers (also known as relays) in the Tor network. The" +" last relay in the circuit (the âexit relayâ) then sends the traffic out " +"onto the public Internet." + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: about-tor-browser.page:59 +msgctxt "_" +msgid "" +"external ref='media/how-tor-works.png' " +"md5='6fe4151a88b7a518466f0582e40ccc8c'" +msgstr "" +"external ref='media/how-tor-works.png' " +"md5='6fe4151a88b7a518466f0582e40ccc8c'" + +#: about-tor-browser.page:60 +msgid "" +"The image above illustrates a user browsing to different websites over Tor. " +"The green middle computers represent relays in the Tor network, while the " +"three keys represent the layers of encryption between the user and each " +"relay." +msgstr "" +"The image above
[tor-commits] [sandboxed-tor-browser/master] Re-enable normalizing UID/GID on systems that support it.
commit 1f82276f539a9033f6c80dd94f1b77749fa6504c Author: Yawning AngelDate: Fri Dec 9 01:23:56 2016 + Re-enable normalizing UID/GID on systems that support it. USER_NS considered harmful, but if the user is running a kernel that supports it, use it. --- .../internal/sandbox/hugbox.go | 49 +++--- 1 file changed, 34 insertions(+), 15 deletions(-) diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index c52c879..bbc4333 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -71,26 +71,27 @@ type hugbox struct { cmd string cmdArgs []string - hostname string - runtimeDir string - homeDirstring - chdir string - mountProc bool - unshareunshareOpts - stdin io.Reader - stdout io.Writer - stderr io.Writer - seccompFn func(*os.File) error - pdeathSig syscall.Signal + hostname string + homeDir string + chdir string + mountProc bool + unshare unshareOpts + stdin io.Reader + stdoutio.Writer + stderrio.Writer + seccompFn func(*os.File) error + pdeathSig syscall.Signal fakeDbus bool standardLibs bool - // Internal options, not to be modified except via helpers, unless you + // Internal options, not to be *modified* except via helpers, unless you // know what you are doing. bwrapPath string args []string fileData [][]byte + + runtimeDir string // Set at creation time. } func (h *hugbox) setenv(k, v string) { @@ -224,8 +225,17 @@ func (h *hugbox) run() (*exec.Cmd, error) { if h.chdir != "" { fdArgs = append(fdArgs, "--chdir", h.chdir) } - passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid()) - groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid()) + + uid, gid := os.Getuid(), os.Getgid() + if h.unshare.user { + uid, gid = 1000, 1000 + fdArgs = append(fdArgs, []string{ + "--uid", "1000", + "--gid", "1000", + }...) + } + passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live User,,,:/home/amnesia:/bin/bash\n", uid, gid) + groupBody := fmt.Sprintf("amnesia:x:%d:\n", gid) h.file("/etc/passwd", []byte(passwdBody)) h.file("/etc/group", []byte(groupBody)) @@ -371,7 +381,7 @@ type bwrapInfo struct { func newHugbox() (*hugbox, error) { h := { unshare: unshareOpts{ - user: false, // No point, not enough USER_NS support. + user: false, ipc:true, pid:true, net:true, @@ -386,6 +396,15 @@ func newHugbox() (*hugbox, error) { standardLibs: true, } + // This option is considered dangerous and leads to things like + // CVE-2016-8655. But if the user is running with this enabled, + // then might as well take advantage of it. + if FileExists("/proc/self/ns/user") { + Debugf("sandbox: User namespace support detected.") + h.unshare.user = true + h.runtimeDir = "/run/user/1000" + } + // Look for the bwrap binary in sensible locations. bwrapPaths := []string{ "/usr/bin/bwrap", ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation-tools/master] Add tor-browser-manual and tor-browser-manual_completed
commit f445383db0f6d7f04843961d92f9a92998585773 Author: Colin ChildsDate: Thu Dec 8 19:14:04 2016 -0600 Add tor-browser-manual and tor-browser-manual_completed --- config | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config b/config index 27815d9..d2348ec 100644 --- a/config +++ b/config @@ -36,7 +36,8 @@ tor-messenger-privdtd tor-messenger-privdtd_completed tor-messenger-privproperties tor-messenger-privproperties_completed tor-messenger-uiproperties tor-messenger-uiproperties_completed tails-greeter-2 tails-greeter-2_completed exoneratorproperties -exoneratorproperties_completed" +exoneratorproperties_completed tor-browser-manual +tor-browser-manual_completed" PIDFILE=/srv/translation.torproject.org/run/update_translations.pid ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [sandboxed-tor-browser/master] Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4
commit 031521f8aebc75fb29d1b02f16125ed4a3d77647 Author: Yawning AngelDate: Fri Dec 9 00:49:11 2016 + Mostly revert 7ad0525c601aa45414f56193760e3d08dd9cdae4 I forgot why I didn't do this in the first place, till I remembered that all my systems I've been testing on recently have USER_NS in one form or another. --- data/group | 1 - data/passwd| 1 - .../internal/sandbox/hugbox.go | 22 ++ 3 files changed, 10 insertions(+), 14 deletions(-) diff --git a/data/group b/data/group deleted file mode 100644 index cbaebb5..000 --- a/data/group +++ /dev/null @@ -1 +0,0 @@ -amnesia:x:1000: diff --git a/data/passwd b/data/passwd deleted file mode 100644 index bed4f72..000 --- a/data/passwd +++ /dev/null @@ -1 +0,0 @@ -amnesia:x:1000:1000:Debian Live User,,,:/home/amnesia:/bin/bash diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index 98b2ec7..c52c879 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -35,7 +35,7 @@ import ( ) type unshareOpts struct { - // user bool + user bool ipcbool pidbool netbool @@ -46,10 +46,9 @@ type unshareOpts struct { func (u *unshareOpts) toArgs() []string { var args []string - // A new user namespace is created unconditionally, so that gid/uids - // can be normalized. - args = append(args, "--unshare-user") - + if u.user { + args = append(args, "--unshare-user") + } if u.ipc { args = append(args, "--unshare-ipc") } @@ -225,11 +224,10 @@ func (h *hugbox) run() (*exec.Cmd, error) { if h.chdir != "" { fdArgs = append(fdArgs, "--chdir", h.chdir) } - - fdArgs = append(fdArgs, "--uid", "1000") - fdArgs = append(fdArgs, "--gid", "1000") - h.assetFile("/etc/passwd", "passwd") - h.assetFile("/etc/group", "group") + passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid()) + groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid()) + h.file("/etc/passwd", []byte(passwdBody)) + h.file("/etc/group", []byte(groupBody)) if h.fakeDbus { h.setupDbus() @@ -373,7 +371,7 @@ type bwrapInfo struct { func newHugbox() (*hugbox, error) { h := { unshare: unshareOpts{ - // user: true, + user: false, // No point, not enough USER_NS support. ipc:true, pid:true, net:true, @@ -382,7 +380,7 @@ func newHugbox() (*hugbox, error) { }, hostname: "amnesia", mountProc:true, - runtimeDir: filepath.Join("/run", "user", "1000"), + runtimeDir: filepath.Join("/run", "user", fmt.Sprintf("%d", os.Getuid())), homeDir: "/home/amnesia", pdeathSig:syscall.SIGTERM, standardLibs: true, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-greeter] Update translations for tails-greeter
commit 89440e2410b6d19da006c047c52cd08794c19101 Author: Translation commit botDate: Thu Dec 8 23:45:40 2016 + Update translations for tails-greeter --- es/es.po | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/es/es.po b/es/es.po index aa724df..adb6002 100644 --- a/es/es.po +++ b/es/es.po @@ -5,6 +5,7 @@ # Translators: # Carlos Marin , 2016 # her_tor_es_ar , 2014 +# eulalio barbero espinosa , 2016 # Animalcustomize , 2014 # Noel Torres , 2013 # ROSA CRUELLS , 2015 @@ -15,8 +16,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-09-02 14:43+0200\n" -"PO-Revision-Date: 2016-11-19 18:52+\n" -"Last-Translator: Carlos Marin \n" +"PO-Revision-Date: 2016-12-08 23:37+\n" +"Last-Translator: eulalio barbero espinosa \n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -26,7 +27,7 @@ msgstr "" #: ../glade/persistencewindow.glade.h:1 msgid "Forward" -msgstr "Continuar" +msgstr "Adelante" #: ../glade/persistencewindow.glade.h:2 ../glade/optionswindow.glade.h:1 msgid "Login" @@ -169,7 +170,7 @@ msgstr "Diseño" msgid "" "live-persist failed with return code %(returncode)s:\n" "%(stderr)s" -msgstr "live-persist falló con el código de retorno %(returncode)s: \n%(stderr)s" +msgstr "ve-persist falló devolviendo el código %(returncode)s: %(stderr)s" #: ../tailsgreeter/persistence.py:99 #, python-format @@ -185,7 +186,7 @@ msgid "" "live-persist failed with return code %(returncode)s:\n" "%(stdout)s\n" "%(stderr)s" -msgstr "live-persist falló con el código de retorno %(returncode)s: \n%(stdout)s \n%(stderr)s" +msgstr "live-persist falló devolviendo el código %(returncode)s: \n%(stdout)s \n%(stderr)s" #: ../tailsgreeter/langpanel.py:142 ../tailsgreeter/langpanel.py:169 #: ../tailsgreeter/langpanel.py:202 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-greeter_completed] Update translations for tails-greeter_completed
commit 9ec2995955e191811f64ab5caedef8e396fb5822 Author: Translation commit botDate: Thu Dec 8 23:45:44 2016 + Update translations for tails-greeter_completed --- es/es.po | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/es/es.po b/es/es.po index aa724df..adb6002 100644 --- a/es/es.po +++ b/es/es.po @@ -5,6 +5,7 @@ # Translators: # Carlos Marin , 2016 # her_tor_es_ar , 2014 +# eulalio barbero espinosa , 2016 # Animalcustomize , 2014 # Noel Torres , 2013 # ROSA CRUELLS , 2015 @@ -15,8 +16,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2016-09-02 14:43+0200\n" -"PO-Revision-Date: 2016-11-19 18:52+\n" -"Last-Translator: Carlos Marin \n" +"PO-Revision-Date: 2016-12-08 23:37+\n" +"Last-Translator: eulalio barbero espinosa \n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -26,7 +27,7 @@ msgstr "" #: ../glade/persistencewindow.glade.h:1 msgid "Forward" -msgstr "Continuar" +msgstr "Adelante" #: ../glade/persistencewindow.glade.h:2 ../glade/optionswindow.glade.h:1 msgid "Login" @@ -169,7 +170,7 @@ msgstr "Diseño" msgid "" "live-persist failed with return code %(returncode)s:\n" "%(stderr)s" -msgstr "live-persist falló con el código de retorno %(returncode)s: \n%(stderr)s" +msgstr "ve-persist falló devolviendo el código %(returncode)s: %(stderr)s" #: ../tailsgreeter/persistence.py:99 #, python-format @@ -185,7 +186,7 @@ msgid "" "live-persist failed with return code %(returncode)s:\n" "%(stdout)s\n" "%(stderr)s" -msgstr "live-persist falló con el código de retorno %(returncode)s: \n%(stdout)s \n%(stderr)s" +msgstr "live-persist falló devolviendo el código %(returncode)s: \n%(stdout)s \n%(stderr)s" #: ../tailsgreeter/langpanel.py:142 ../tailsgreeter/langpanel.py:169 #: ../tailsgreeter/langpanel.py:202 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a completely stupid stack-protector warning in test_channels.c
commit 39f455468731d4746adb729a67597927beaca4b8 Author: Nick MathewsonDate: Thu Dec 8 17:50:01 2016 -0500 Fix a completely stupid stack-protector warning in test_channels.c This was breaking the build on debian precise, since it thought that using a 'const int' to dimension an array made that array variable-size, and made us not get protection. Bug not in any released version of Tor. I will insist that this one wasn't my fault. "Variables won't. Constants aren't." -- Osborn's Law --- src/test/test_channel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/test/test_channel.c b/src/test/test_channel.c index f158b1a..862bd6d 100644 --- a/src/test/test_channel.c +++ b/src/test/test_channel.c @@ -1772,7 +1772,7 @@ static void test_channel_id_map(void *arg) { (void)arg; - const int N_CHAN = 6; +#define N_CHAN 6 char rsa_id[N_CHAN][DIGEST_LEN]; ed25519_public_key_t *ed_id[N_CHAN]; channel_t *chan[N_CHAN]; @@ -1871,6 +1871,7 @@ test_channel_id_map(void *arg) free_fake_channel(chan[i]); tor_free(ed_id[i]); } +#undef N_CHAN } struct testcase_t channel_tests[] = { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-greeter-2_completed] Update translations for tails-greeter-2_completed
commit 9286e25c00db5d0a7f701228db2395f5ad878586 Author: Translation commit botDate: Thu Dec 8 22:20:34 2016 + Update translations for tails-greeter-2_completed --- bg/bg.po | 50 +- es/es.po | 12 +++ tr/tr.po | 124 +++ 3 files changed, 83 insertions(+), 103 deletions(-) diff --git a/bg/bg.po b/bg/bg.po index 350fc0d..2828094 100644 --- a/bg/bg.po +++ b/bg/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-12-02 12:10+\n" +"POT-Creation-Date: 2016-12-03 13:14+\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: alexdimitrov , 2016\n" "Language-Team: Bulgarian (https://www.transifex.com/otf/teams/1519/bg/)\n" @@ -57,7 +57,7 @@ msgstr "Windows камÑÑлаж" #: ../data/greeter.ui.h:10 msgid "" "This option makes Tails look like Microsoft Windows 10. This can be useful " -"to avoid attracting suspiction in public places." +"to avoid attracting suspicion in public places." msgstr "" "Тази опÑÐ¸Ñ Ð¿ÑÐ¾Ð¼ÐµÐ½Ñ Tails визÑално, за да наподобÑва Microsoft Windows 10. " "Това е полезно за избÑгване пÑивлиÑане на вниманиеÑо на пÑблиÑни меÑÑа." @@ -147,8 +147,8 @@ msgstr "ÐаÑÑÑойки на поÑÑоÑнноÑо диÑково пÑоÑÑ msgid "Enter your passphrase to unlock the persistent storage" msgstr "ÐÑведеÑе паÑолаÑа за оÑклÑÑване на поÑÑоÑнноÑо диÑково пÑоÑÑÑанÑÑво" -#: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:767 -#: ../tailsgreeter/gui.py:928 +#: ../data/greeter.ui.h:31 ../tailsgreeter/gui.py:798 +#: ../tailsgreeter/gui.py:962 msgid "Unlock" msgstr "ÐÑклÑÑване" @@ -156,7 +156,7 @@ msgstr "ÐÑклÑÑване" msgid "Relock Persistent Storage" msgstr "ÐаклÑÑване на поÑÑоÑнноÑо диÑково пÑоÑÑÑанÑÑво" -#: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:492 +#: ../data/greeter.ui.h:33 ../tailsgreeter/gui.py:514 msgid "Additional Settings" msgstr "ÐопÑлниÑелни наÑÑÑойки" @@ -202,11 +202,11 @@ msgstr "" "ÐаÑÑÑойкиÑе по подÑазбиÑане Ñа безопаÑни в повеÑеÑо ÑиÑÑаÑии. Ðа да зададеÑе" " ÑÑÑни наÑÑÑойки наÑиÑнеÑе \"+\" бÑÑонÑÑ Ð¿Ð¾-долÑ." -#: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:690 +#: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:717 msgid "Off (default)" msgstr "Ðзкл (подÑазбиÑане)" -#: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:688 +#: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:715 msgid "On (default)" msgstr "Ðкл (подÑазбиÑане)" @@ -214,35 +214,35 @@ msgstr "Ðкл (подÑазбиÑане)" msgid "Network Connection" msgstr "ÐÑÑзка Ñ Ð¼ÑежаÑа" -#: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:880 +#: ../data/greeter.ui.h:45 ../tailsgreeter/gui.py:914 msgid "Direct (default)" msgstr "ÐиÑекÑна (подÑазбиÑане)" -#: ../tailsgreeter/gui.py:436 +#: ../tailsgreeter/gui.py:456 msgid "Shutdown" msgstr "ÐзклÑÑване" -#: ../tailsgreeter/gui.py:442 +#: ../tailsgreeter/gui.py:462 msgid "Start Tails" msgstr "СÑаÑÑиÑане на Tails" -#: ../tailsgreeter/gui.py:501 +#: ../tailsgreeter/gui.py:523 msgid "Cancel" msgstr "ÐÑкажи" -#: ../tailsgreeter/gui.py:505 +#: ../tailsgreeter/gui.py:527 msgid "Add" msgstr "Ðобави" -#: ../tailsgreeter/gui.py:511 +#: ../tailsgreeter/gui.py:534 msgid "Back" msgstr "Ðазад" -#: ../tailsgreeter/gui.py:627 +#: ../tailsgreeter/gui.py:652 msgid "Unlockingâ¦" msgstr "ÐÑклÑÑване..." -#: ../tailsgreeter/gui.py:653 +#: ../tailsgreeter/gui.py:680 msgid "" "You will configure the Tor bridge and local proxy later on after connecting " "to a network." @@ -250,33 +250,33 @@ msgstr "" "Ще наÑÑÑоиÑе Tor моÑÑ Ð¸ локално пÑокÑи по-кÑÑно Ñлед ÑÑÑановÑване на вÑÑзка " "Ñ Ð¼ÑежаÑа." -#: ../tailsgreeter/gui.py:693 +#: ../tailsgreeter/gui.py:720 msgid "On" msgstr "Ðкл" -#: ../tailsgreeter/gui.py:695 +#: ../tailsgreeter/gui.py:722 msgid "Off" msgstr "Ðзкл" -#: ../tailsgreeter/gui.py:769 +#: ../tailsgreeter/gui.py:801 msgid "Failed to relock persistent storage." msgstr "ÐеÑÑпеÑно заклÑÑване на поÑÑоÑнноÑо диÑково пÑоÑÑÑанÑÑво." -#: ../tailsgreeter/gui.py:886 +#: ../tailsgreeter/gui.py:920 msgid "Bridge & Proxy" msgstr "ÐоÑÑ & пÑокÑи" -#: ../tailsgreeter/gui.py:892 +#: ../tailsgreeter/gui.py:926 msgid "Offline" msgstr "ÐзвÑн линиÑ" -#: ../tailsgreeter/gui.py:931 +#:
[tor-commits] [translation/exoneratorproperties] Update translations for exoneratorproperties
commit b90ead444a99fb353f59904b69ac9e926bd2202c Author: Translation commit botDate: Thu Dec 8 22:20:38 2016 + Update translations for exoneratorproperties --- cs/exonerator.properties | 8 fr/exonerator.properties | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cs/exonerator.properties b/cs/exonerator.properties index b92c6c1..d5112a8 100644 --- a/cs/exonerator.properties +++ b/cs/exonerator.properties @@ -5,13 +5,13 @@ form.search.label=Hledat summary.heading=Shrnutà summary.serverproblem.dbnoconnect.title=Problém na serveru summary.serverproblem.dbnoconnect.body.text=Nemohu se pÅipojit k databázi. Zkuste to prosÃm pozdÄji. Když bude tento problém pÅetrvávat prosÃm %s\! -summary.serverproblem.dbnoconnect.body.link=let us know +summary.serverproblem.dbnoconnect.body.link=Kontaktujte nás summary.serverproblem.dbempty.title=Problém na serveru summary.serverproblem.dbempty.body.text=The database appears to be empty. Please try again later. If this problem persists, please %s\! -summary.serverproblem.dbempty.body.link=let us know +summary.serverproblem.dbempty.body.link=Kontaktujte nás summary.invalidparams.notimestamp.title=No date parameter given summary.invalidparams.notimestamp.body=Sorry, you also need to provide a date parameter. -summary.invalidparams.noip.title=No IP address parameter given +summary.invalidparams.noip.title=Žádná IP adresa nenà udána summary.invalidparams.noip.body=Sorry, you also need to provide an IP address parameter. summary.invalidparams.timestamprange.title=Date parameter out of range summary.invalidparams.timestamprange.body=Sorry, the database does not contain any data from %s. Please pick a date between %s and %s. @@ -21,7 +21,7 @@ summary.invalidparams.invalidtimestamp.title=Invalid date parameter summary.invalidparams.invalidtimestamp.body=Sorry, %s is not a valid date. The expected date format is %s. summary.serverproblem.nodata.title=Problém na serveru summary.serverproblem.nodata.body.text=The database does not contain any data for the requested date. Please try again later. If this problem persists, please %s\! -summary.serverproblem.nodata.body.link=let us know +summary.serverproblem.nodata.body.link=Kontaktujte nás summary.negativesamenetwork.title=Výsledek je negativnà summary.negativesamenetwork.body=We did not find IP address %s on or within a day of %s. But we did find other IP addresses of Tor relays in the same /%d network around the time\: summary.positive.title=Výsledek je pozitivnà diff --git a/fr/exonerator.properties b/fr/exonerator.properties index 0df77cd..c0d2bb1 100644 --- a/fr/exonerator.properties +++ b/fr/exonerator.properties @@ -34,7 +34,7 @@ technicaldetails.colheader.timestamp=Horodatage (UTC) technicaldetails.colheader.ip=Adresse(s) IP technicaldetails.colheader.fingerprint=Empreinte d'identité technicaldetails.colheader.nickname=Pseudonyme -technicaldetails.colheader.exit=Relai de sortie +technicaldetails.colheader.exit=Relais de sortie technicaldetails.nickname.unknown=Inconnu technicaldetails.exit.unknown=Inconnu technicaldetails.exit.yes=Oui @@ -46,7 +46,7 @@ footer.abouttor.body.link1=chiffrant les paquets et les envoyant via une série footer.abouttor.body.link2=en savoir plus sur Tor footer.abouttor.body.link3=contacter 'The Tor project, Inc.' footer.aboutexonerator.heading=à propos d'ExoneraTor -footer.aboutexonerator.body=The ExoneraTor service maintains a database of IP addresses that have been part of the Tor network. It answers the question whether there was a Tor relay running on a given IP address on a given date. ExoneraTor may store more than one IP address per relay if relays use a different IP address for exiting to the Internet than for registering in the Tor network, and it stores whether a relay permitted transit of Tor traffic to the open Internet at that time. +footer.aboutexonerator.body=Le service ExoneraTor gère une base de données d'adresses IP qui ont fait partie du réseau Tor. Il répond à la question de savoir si un relais Tor fonctionnait pour une adresse IP donnée à une date précise. ExoneraTor peut enregistrer plus d'une adresse IP par relais si les relais utilisent une adresse IP différente pour se brancher à Internet que pour s'enregistrer sur le réseau Tor, et il enregistre si un relais permettait le transit du trafic Tor vers l'Internet ouvert à ce moment précis. footer.trademark.text=« Tor » et le « logo Oignon » sont des %s de The Tor Project, Inc. footer.trademark.link=marques déposées ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-greeter-2] Update translations for tails-greeter-2
commit 85dbbc1f65446a30c081a52cd0c86ce2a99eb33c Author: Translation commit botDate: Thu Dec 8 22:20:26 2016 + Update translations for tails-greeter-2 --- bg/bg.po | 2 ++ es/es.po | 12 ++-- tr/tr.po | 5 - 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/bg/bg.po b/bg/bg.po index a1cfad9..2828094 100644 --- a/bg/bg.po +++ b/bg/bg.po @@ -59,6 +59,8 @@ msgid "" "This option makes Tails look like Microsoft Windows 10. This can be useful " "to avoid attracting suspicion in public places." msgstr "" +"Тази опÑÐ¸Ñ Ð¿ÑÐ¾Ð¼ÐµÐ½Ñ Tails визÑално, за да наподобÑва Microsoft Windows 10. " +"Това е полезно за избÑгване пÑивлиÑане на вниманиеÑо на пÑблиÑни меÑÑа." #. This string will never be displayed in the 1st version of the greeter. #: ../data/greeter.ui.h:12 diff --git a/es/es.po b/es/es.po index f471ec5..abee934 100644 --- a/es/es.po +++ b/es/es.po @@ -59,8 +59,8 @@ msgid "" "This option makes Tails look like Microsoft Windows 10. This can be useful " "to avoid attracting suspicion in public places." msgstr "" -"Esta opción hace que Tails tenga el aspecto de Windows 10. Esto puede ser " -"útil para evitar atraer sospechas en lugares públicos." +"Esta opción hace que Tails parezca Windows 10. Esto puede ser útil para " +"evitar atraer sospechas en lugares públicos." #. This string will never be displayed in the 1st version of the greeter. #: ../data/greeter.ui.h:12 @@ -139,7 +139,7 @@ msgstr "Almacenamiento cifrado permanente" #: ../data/greeter.ui.h:28 msgid "Show Passphrase" -msgstr "Mostrar frase-contraseña" +msgstr "Mostrar contraseña" #: ../data/greeter.ui.h:29 msgid "Configure Persistent Storage" @@ -169,7 +169,7 @@ msgstr "Guardar configuraciones adicionales " #: ../data/greeter.ui.h:35 msgid "Add an additional setting" -msgstr "Añadir una ajuste adicional" +msgstr "Añadir un ajuste adicional" #: ../data/greeter.ui.h:36 msgid "Network Configuration" @@ -208,11 +208,11 @@ msgstr "" #: ../data/greeter.ui.h:42 ../tailsgreeter/gui.py:717 msgid "Off (default)" -msgstr "Desactivado (predeterminado) " +msgstr "Desactivada (predeterminado) " #: ../data/greeter.ui.h:43 ../tailsgreeter/gui.py:715 msgid "On (default)" -msgstr "Activado (predeterminado) " +msgstr "Activada (predeterminado) " #: ../data/greeter.ui.h:44 msgid "Network Connection" diff --git a/tr/tr.po b/tr/tr.po index 8b49166..eeea36f 100644 --- a/tr/tr.po +++ b/tr/tr.po @@ -58,6 +58,9 @@ msgid "" "This option makes Tails look like Microsoft Windows 10. This can be useful " "to avoid attracting suspicion in public places." msgstr "" +"Bu seçenek Tails görünümünün Microsoft Windows 10 gibi olmasını saÄlar. Bu " +"özellik, herkese açık yerlerde Åüpheli görünmekten kaçınmak için kullanıÅlı " +"olabilir." #. This string will never be displayed in the 1st version of the greeter. #: ../data/greeter.ui.h:12 @@ -162,7 +165,7 @@ msgstr "Ek Ayarları Kaydet" #: ../data/greeter.ui.h:35 msgid "Add an additional setting" -msgstr "" +msgstr "Ek bir ayar ekle" #: ../data/greeter.ui.h:36 msgid "Network Configuration" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed
commit 60ade9c6b23d6a349033caa9f1150f111f24d6f8 Author: Translation commit botDate: Thu Dec 8 22:17:53 2016 + Update translations for torbutton-aboutdialogdtd_completed --- sk/aboutdialog.dtd | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/sk/aboutdialog.dtd b/sk/aboutdialog.dtd index 45ab7d5..6f69571 100644 --- a/sk/aboutdialog.dtd +++ b/sk/aboutdialog.dtd @@ -1,19 +1,19 @@ - + - - + + - + - + - + - + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-abouttbupdatedtd] Update translations for torbutton-abouttbupdatedtd
commit 33e537b2cb4ec3bd94e344e4aa42f73bd3aa6232 Author: Translation commit botDate: Thu Dec 8 22:18:12 2016 + Update translations for torbutton-abouttbupdatedtd --- sk/abouttbupdate.dtd | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sk/abouttbupdate.dtd b/sk/abouttbupdate.dtd index 1c5c836..ee5dd22 100644 --- a/sk/abouttbupdate.dtd +++ b/sk/abouttbupdate.dtd @@ -1,6 +1,6 @@ - - - + + + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-abouttorproperties_completed] Update translations for torbutton-abouttorproperties_completed
commit bc498f8475b1881cb87cea0cac251aafc9c949b8 Author: Translation commit botDate: Thu Dec 8 22:18:01 2016 + Update translations for torbutton-abouttorproperties_completed --- sk/abouttor.properties | 17 + 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/sk/abouttor.properties b/sk/abouttor.properties index 62ef0db..3f03161 100644 --- a/sk/abouttor.properties +++ b/sk/abouttor.properties @@ -2,20 +2,21 @@ # See LICENSE for licensing information. # vim: set sw=2 sts=2 ts=8 et: -aboutTor.searchSP.privacy=Vyhľadávajte bezpeÄne naúvodnej strane. -# The following string is a link which replaces %1$S above. -aboutTor.searchSP.privacy.link=https://startpage.com/eng/protect-privacy.html -# The following string is a link which replaces %2$S above. -aboutTor.searchSP.search.link=https://startpage.com/ - -aboutTor.searchDDG.privacy=Vyhľadávajte bezpeÄne pomocou DuckDuckGo. +aboutTor.searchDDG.privacy=Môžete použiÅ¥ aj bezpeÄné hľadanie cez DuckDuckGo. # The following string is a link which replaces %1$S above. aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privacy.html # The following string is a link which replaces %2$S above. aboutTor.searchDDG.search.link=https://duckduckgo.com/ -aboutTor.searchDC.privacy=Vyhľadávajte bezpeÄne pomocou Disconnect.me. +aboutTor.searchDC.privacy=Môžete použiÅ¥ aj bezpeÄné hľadanie cez Disconnect.me. # The following string is a link which replaces %1$S above. aboutTor.searchDC.privacy.link=https://disconnect.me/privacy # The following string is a link which replaces %2$S above. aboutTor.searchDC.search.link=https://search.disconnect.me/ + +aboutTor.donationBanner.donate=Prispejte teraz! +aboutTor.donationBanner.heart=Tor ležà v srdci internetovej slobody +aboutTor.donationBanner.tagline1=BezpeÄnosÅ¥ a súkromie miliónov ľudà závisà na Tore +aboutTor.donationBanner.tagline2=SieÅ¥ ľudÃ, ktorà chránia ľudà +aboutTor.donationBanner.tagline3=Sledovanie = Ãtlak +aboutTor.donationBanner.tagline4=Chránime novinárov, aktivistov a whistleblowerov od roku 2006 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-authdtd_completed] Update translations for tor-messenger-authdtd_completed
commit 9fd1d5560b70a3fdb053993e6ea417df635d3063 Author: Translation commit botDate: Thu Dec 8 22:18:30 2016 + Update translations for tor-messenger-authdtd_completed --- pt_BR/auth.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pt_BR/auth.dtd b/pt_BR/auth.dtd index ca4043c..3d0a78d 100644 --- a/pt_BR/auth.dtd +++ b/pt_BR/auth.dtd @@ -16,6 +16,6 @@ - + \ No newline at end of file ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd
commit 7f589b876694221fe6cf16e3708af227a41d1904 Author: Translation commit botDate: Thu Dec 8 22:17:49 2016 + Update translations for torbutton-aboutdialogdtd --- sk/aboutdialog.dtd | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/sk/aboutdialog.dtd b/sk/aboutdialog.dtd index 45ab7d5..6f69571 100644 --- a/sk/aboutdialog.dtd +++ b/sk/aboutdialog.dtd @@ -1,19 +1,19 @@ - + - - + + - + - + - + - + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-abouttorproperties] Update translations for torbutton-abouttorproperties
commit cbf9f33fe2e87cd49371973d5006921028989b5c Author: Translation commit botDate: Thu Dec 8 22:17:57 2016 + Update translations for torbutton-abouttorproperties --- sk/abouttor.properties | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/sk/abouttor.properties b/sk/abouttor.properties index f272bcc..3f03161 100644 --- a/sk/abouttor.properties +++ b/sk/abouttor.properties @@ -2,21 +2,21 @@ # See LICENSE for licensing information. # vim: set sw=2 sts=2 ts=8 et: -aboutTor.searchDDG.privacy=Vyhľadávajte bezpeÄne pomocou DuckDuckGo. +aboutTor.searchDDG.privacy=Môžete použiÅ¥ aj bezpeÄné hľadanie cez DuckDuckGo. # The following string is a link which replaces %1$S above. aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privacy.html # The following string is a link which replaces %2$S above. aboutTor.searchDDG.search.link=https://duckduckgo.com/ -aboutTor.searchDC.privacy=Vyhľadávajte bezpeÄne pomocou Disconnect.me. +aboutTor.searchDC.privacy=Môžete použiÅ¥ aj bezpeÄné hľadanie cez Disconnect.me. # The following string is a link which replaces %1$S above. aboutTor.searchDC.privacy.link=https://disconnect.me/privacy # The following string is a link which replaces %2$S above. aboutTor.searchDC.search.link=https://search.disconnect.me/ -aboutTor.donationBanner.donate=Donate Now! -aboutTor.donationBanner.heart=Tor is at the heart of Internet freedom -aboutTor.donationBanner.tagline1=Millions of People Depend on Tor for Online Security & Privacy -aboutTor.donationBanner.tagline2=A Network of People Protecting People -aboutTor.donationBanner.tagline3=Surveillance = Oppression -aboutTor.donationBanner.tagline4=Protecting Journalists, Activists & Whistleblowers Since 2006 +aboutTor.donationBanner.donate=Prispejte teraz! +aboutTor.donationBanner.heart=Tor ležà v srdci internetovej slobody +aboutTor.donationBanner.tagline1=BezpeÄnosÅ¥ a súkromie miliónov ľudà závisà na Tore +aboutTor.donationBanner.tagline2=SieÅ¥ ľudÃ, ktorà chránia ľudà +aboutTor.donationBanner.tagline3=Sledovanie = Ãtlak +aboutTor.donationBanner.tagline4=Chránime novinárov, aktivistov a whistleblowerov od roku 2006 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-abouttbupdatedtd_completed] Update translations for torbutton-abouttbupdatedtd_completed
commit b7a3241cf0abc7d27ee130495abd1b29e70e86e0 Author: Translation commit botDate: Thu Dec 8 22:18:16 2016 + Update translations for torbutton-abouttbupdatedtd_completed --- sk/abouttbupdate.dtd | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sk/abouttbupdate.dtd b/sk/abouttbupdate.dtd index 1c5c836..ee5dd22 100644 --- a/sk/abouttbupdate.dtd +++ b/sk/abouttbupdate.dtd @@ -1,6 +1,6 @@ - - - + + + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-authdtd] Update translations for tor-messenger-authdtd
commit 6a48f7da8dbc1dc74e8f6b84b0c8ae530541d698 Author: Translation commit botDate: Thu Dec 8 22:18:26 2016 + Update translations for tor-messenger-authdtd --- pt_BR/auth.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pt_BR/auth.dtd b/pt_BR/auth.dtd index ca4043c..3d0a78d 100644 --- a/pt_BR/auth.dtd +++ b/pt_BR/auth.dtd @@ -16,6 +16,6 @@ - + \ No newline at end of file ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
commit 1402ed2456cd1ad51ceb13690b8796e665f7 Author: Translation commit botDate: Thu Dec 8 22:17:16 2016 + Update translations for torbutton-torbuttonproperties --- fr/torbutton.properties | 2 +- sk/torbutton.properties | 66 - 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/fr/torbutton.properties b/fr/torbutton.properties index 68655b5..1f175e4 100644 --- a/fr/torbutton.properties +++ b/fr/torbutton.properties @@ -3,7 +3,7 @@ torbutton.circuit_display.ip_unknown = IP inconnue torbutton.circuit_display.onion_site = Site Oignon torbutton.circuit_display.this_browser = Ce navigateur torbutton.circuit_display.relay = relayer -torbutton.circuit_display.tor_bridge = Bridge +torbutton.circuit_display.tor_bridge = Pont torbutton.circuit_display.unknown_country = Pays inconnu torbutton.content_sizer.margin_tooltip = Le navigateur Tor ajoute cette marge pour rendre la largeur et la hauteur de votre fenêtre moins distinctives, et pour réduire par conséquent la possibilité que l'on vous suive à la trace en ligne. torbutton.panel.tooltip.disabled = Cliquer pour activer Tor diff --git a/sk/torbutton.properties b/sk/torbutton.properties index 4ff988b..6d7fac5 100644 --- a/sk/torbutton.properties +++ b/sk/torbutton.properties @@ -1,51 +1,51 @@ torbutton.circuit_display.internet = Internet torbutton.circuit_display.ip_unknown = Neznáma IP -torbutton.circuit_display.onion_site = stránka .onion -torbutton.circuit_display.this_browser = Tento prehliadaÄ -torbutton.circuit_display.relay = relay +torbutton.circuit_display.onion_site = Sránka cibule +torbutton.circuit_display.this_browser = PrehliadaÄe +torbutton.circuit_display.relay = zmena torbutton.circuit_display.tor_bridge = Premostenie torbutton.circuit_display.unknown_country = Neznáma krajina -torbutton.content_sizer.margin_tooltip = PrehliadaÄ Tor pridal tento lem aby spravil Å¡Ãrku a výšku vášho okna menej charakteristickú a tým teda redukuje schopnosÅ¥ ľudà sledovaÅ¥ vás online. -torbutton.panel.tooltip.disabled = Kliknite pre zapnutie Tor -torbutton.panel.tooltip.enabled = Kliknite pre vypnutie Tor -torbutton.panel.label.disabled = Tor vypnutý -torbutton.panel.label.enabled = Tor zapnutý -extensions.torbut...@torproject.org.description = Torbutton provides a button to configure Tor settings and quickly and easily clear private browsing data. -torbutton.popup.external.title = StiahnuÅ¥ externý typ súboru? -torbutton.popup.external.app = Tor Browser nemôže zobraziÅ¥ tento súbor. Budete ho musieÅ¥ otvoriÅ¥ pomocou inej aplikácie.\n -torbutton.popup.external.note = Niektoré typy súborov môžu zaprÃÄiniÅ¥ pripojenie aplikácii k Internetu bez použitia Toru.\n -torbutton.popup.external.suggest = Ak chcete zostaÅ¥ v bezpeÄÃ, mali by ste stiahnuté súbory otváraÅ¥ iba vtedy, keÄ ste offline, prÃpadne použiÅ¥ Tor Live CD ako je Tails.\n -torbutton.popup.launch = StiahnuÅ¥ súbor +torbutton.content_sizer.margin_tooltip = Tor Browser pridá okraj a urobà šÃrku a výšku vášho okna menej charakteristicku, tým znižuje schopnosÅ¥ ľudÃ, aby vás sledovaÅ¥ on-line. +torbutton.panel.tooltip.disabled = KliknutÃm aktivujem Tor +torbutton.panel.tooltip.enabled = KliknutÃm deaktivujem Torr +torbutton.panel.label.disabled = Tor je zablokovaný +torbutton.panel.label.enabled = Tor je aktÃvny +extensions.torbut...@torproject.org.description = Torbutton poskytuje tlaÄidlo nastavenia Tora cez ktoré môžete ľahko vynulovaÅ¥ súkromné informácie surfovania. +torbutton.popup.external.title = NaÄÃtaÅ¥ externý obsah? +torbutton.popup.external.app = Externé aplikácie sa musia spracovaÅ¥:\n\n +torbutton.popup.external.note = \n\nPOZNÃMKA: Externé aplikácie nie sú Torom zabezpeÄné v predvolenom nastavenà vás môžu odmaskovaÅ¥!\n +torbutton.popup.external.suggest = \nAk tento súbor je nedôveryhodný, mali by ste ho uložiÅ¥ a zobraziÅ¥ si ho v režime offline alebo v VM,\nalebo si zvážte Äi by nebolo lepÅ¡ie použiÅ¥ proxy Tora, cez Tails LiveCD.\n +torbutton.popup.launch = SpustiÅ¥ aplikáciu torbutton.popup.cancel = ZruÅ¡iÅ¥ -torbutton.popup.dontask = Odteraz automaticky sÅ¥ahovaÅ¥ súbory -torbutton.popup.prompted_language = To give you more privacy, Torbutton can request the English language version of web pages. This may cause web pages that you prefer to read in your native language to display in English instead.\n\nWould you like to request English language web pages for better privacy? -torbutton.popup.no_newnym = Torbutton cannot safely give you a new identity. It does not have access to the Tor Control Port.\n\nAre you running Tor Browser Bundle? -torbutton.title.prompt_torbrowser = Dôležité Torbutton Informácie -torbutton.popup.prompt_torbrowser = Torbutton works differently now: you can't turn it off any more.\n\nWe made this change because it isn't safe to
[tor-commits] [translation/tor-and-https_completed] Update translations for tor-and-https_completed
commit b3874439dc25b43f9954059aa969610fb87b9a48 Author: Translation commit botDate: Thu Dec 8 22:17:39 2016 + Update translations for tor-and-https_completed --- fr_CA.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fr_CA.po b/fr_CA.po index c830ced..4890689 100644 --- a/fr_CA.po +++ b/fr_CA.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2014-07-17 14:23+\n" -"PO-Revision-Date: 2016-11-25 21:51+\n" +"PO-Revision-Date: 2016-12-08 20:15+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -69,7 +69,7 @@ msgstr "Wi-Fi" #: C/tor-and-https.svg:363 #, no-wrap msgid "ISP" -msgstr "FSI" +msgstr "FAI" #. (itstool) path: defs/text #. Keep it short: 8em is ok, 9em is max. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-torbuttondtd] Update translations for torbutton-torbuttondtd
commit 304c57d0289dc7468ccded21f08666cbd3f569e0 Author: Translation commit botDate: Thu Dec 8 22:17:21 2016 + Update translations for torbutton-torbuttondtd --- sk/torbutton.dtd | 88 +++- tr/torbutton.dtd | 2 +- 2 files changed, 44 insertions(+), 46 deletions(-) diff --git a/sk/torbutton.dtd b/sk/torbutton.dtd index 5b9b21c..3e1bcab 100644 --- a/sk/torbutton.dtd +++ b/sk/torbutton.dtd @@ -1,65 +1,63 @@ - + - + - + - + - + - + - + - - - - - - + + + + + + - - - + + + - + - + - - - - - - - - - - - - - + + + + + + + + + + + + + - - - - - - - - - - - - + + + + + + + + + + + + diff --git a/tr/torbutton.dtd b/tr/torbutton.dtd index 5eadf22..5a7ed17 100644 --- a/tr/torbutton.dtd +++ b/tr/torbutton.dtd @@ -59,5 +59,5 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-and-https] Update translations for tor-and-https
commit a3d03916232d47d3f451902aed2f86e6a98d6404 Author: Translation commit botDate: Thu Dec 8 22:17:36 2016 + Update translations for tor-and-https --- fr_CA.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fr_CA.po b/fr_CA.po index c830ced..4890689 100644 --- a/fr_CA.po +++ b/fr_CA.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2014-07-17 14:23+\n" -"PO-Revision-Date: 2016-11-25 21:51+\n" +"PO-Revision-Date: 2016-12-08 20:15+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -69,7 +69,7 @@ msgstr "Wi-Fi" #: C/tor-and-https.svg:363 #, no-wrap msgid "ISP" -msgstr "FSI" +msgstr "FAI" #. (itstool) path: defs/text #. Keep it short: 8em is ok, 9em is max. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage
commit 35204f3b08b1e56cd6f3ea758e221e63d5787077 Author: Translation commit botDate: Thu Dec 8 22:16:55 2016 + Update translations for abouttor-homepage --- tr/aboutTor.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd index b9ecb4d..f9d8588 100644 --- a/tr/aboutTor.dtd +++ b/tr/aboutTor.dtd @@ -31,7 +31,7 @@ https://www.torproject.org/download/download.html.en#warning;> - + https://tb-manual.torproject.org;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-properties] Update translations for tor-launcher-properties
commit 900fc0a85b87309756beda53cbe95a5e72904f9c Author: Translation commit botDate: Thu Dec 8 22:16:25 2016 + Update translations for tor-launcher-properties --- fr/torlauncher.properties| 6 +++--- fr_CA/torlauncher.properties | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fr/torlauncher.properties b/fr/torlauncher.properties index a2bc7cc..ea6aac6 100644 --- a/fr/torlauncher.properties +++ b/fr/torlauncher.properties @@ -24,9 +24,9 @@ torlauncher.ensure_tor_is_running=Veuillez-vous assurer que Tor est lancé. torlauncher.error_proxy_addr_missing=Pour configurer Tor afin qu'il utilise un proxy, vous devez spécifier une adresse IP ou un nom d'hôte ainsi qu'un numéro de port. torlauncher.error_proxy_type_missing=Vous devez sélectionner un type de proxy. -torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs bridges. -torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un type de transport pour les bridges fournis. -torlauncher.error_bridge_bad_default_type=Aucun des bridges fournis n'a le type de transport %S. Merci d'ajuster vos paramètres. +torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts. +torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un type de transport pour les ponts fournis. +torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. torlauncher.recommended_bridge=(recommandé) diff --git a/fr_CA/torlauncher.properties b/fr_CA/torlauncher.properties index f1ca86c..13fabbb 100644 --- a/fr_CA/torlauncher.properties +++ b/fr_CA/torlauncher.properties @@ -26,7 +26,7 @@ torlauncher.error_proxy_addr_missing=Vous devez spécifier à la fois une adress torlauncher.error_proxy_type_missing=Vous devez choisir le type de mandataire. torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts. torlauncher.error_default_bridges_type_missing=Vous devez choisir un type de transport pour les ponts fournis. -torlauncher.error_bridge_bad_default_type=Aucun pont n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. +torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. torlauncher.recommended_bridge=(recommandé) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/abouttor-homepage_completed] Update translations for abouttor-homepage_completed
commit 9f6c942ff81751005f8507c280de7b8c193c4878 Author: Translation commit botDate: Thu Dec 8 22:16:59 2016 + Update translations for abouttor-homepage_completed --- tr/aboutTor.dtd | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tr/aboutTor.dtd b/tr/aboutTor.dtd index f018903..f9d8588 100644 --- a/tr/aboutTor.dtd +++ b/tr/aboutTor.dtd @@ -20,7 +20,6 @@ -https://startpage.com/rth/search;> https://duckduckgo.com/html/;> https://search.disconnect.me/searchTerms/search?ses=Googlelocation_option=USsource=tor;> @@ -32,6 +31,8 @@ https://www.torproject.org/download/download.html.en#warning;> + +https://tb-manual.torproject.org;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-network-settings_completed] Update translations for tor-launcher-network-settings_completed
commit 99da78cf9dbd4c93b0570fbb62141932b591ad0f Author: Translation commit botDate: Thu Dec 8 22:16:46 2016 + Update translations for tor-launcher-network-settings_completed --- fr/network-settings.dtd| 28 ++-- fr_CA/network-settings.dtd | 14 +++--- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/fr/network-settings.dtd b/fr/network-settings.dtd index 4715cfb..662d1bd 100644 --- a/fr/network-settings.dtd +++ b/fr/network-settings.dtd @@ -13,7 +13,7 @@ - + @@ -26,10 +26,10 @@ - - - - + + + + @@ -37,7 +37,7 @@ - + @@ -54,20 +54,20 @@ - - - + + + - + - - - + + + -https://bridges.torproject.org;> +https://bridges.torproject.org;> https://www.riseup.net, https://mail.google.com, ou https://mail.yahoo.com;> diff --git a/fr_CA/network-settings.dtd b/fr_CA/network-settings.dtd index ace8b3b..c5b5dbe 100644 --- a/fr_CA/network-settings.dtd +++ b/fr_CA/network-settings.dtd @@ -26,8 +26,8 @@ - - + + @@ -54,20 +54,20 @@ - + - + - + - -https://bridges.torproject.org;> + +https://bridges.torproject.org;> https://www.riseup.net, https://mail.google.com ou https://mail.yahoo.com;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-network-settings] Update translations for tor-launcher-network-settings
commit aa7350dd09539d88798c0a59bd7077d83060520e Author: Translation commit botDate: Thu Dec 8 22:16:41 2016 + Update translations for tor-launcher-network-settings --- fr/network-settings.dtd| 28 ++-- fr_CA/network-settings.dtd | 14 +++--- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/fr/network-settings.dtd b/fr/network-settings.dtd index 4715cfb..662d1bd 100644 --- a/fr/network-settings.dtd +++ b/fr/network-settings.dtd @@ -13,7 +13,7 @@ - + @@ -26,10 +26,10 @@ - - - - + + + + @@ -37,7 +37,7 @@ - + @@ -54,20 +54,20 @@ - - - + + + - + - - - + + + -https://bridges.torproject.org;> +https://bridges.torproject.org;> https://www.riseup.net, https://mail.google.com, ou https://mail.yahoo.com;> diff --git a/fr_CA/network-settings.dtd b/fr_CA/network-settings.dtd index ace8b3b..c5b5dbe 100644 --- a/fr_CA/network-settings.dtd +++ b/fr_CA/network-settings.dtd @@ -26,8 +26,8 @@ - - + + @@ -54,20 +54,20 @@ - + - + - + - -https://bridges.torproject.org;> + +https://bridges.torproject.org;> https://www.riseup.net, https://mail.google.com ou https://mail.yahoo.com;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-launcher-properties_completed] Update translations for tor-launcher-properties_completed
commit a82ed330dee742aa01cea952879236ad4a5f05eb Author: Translation commit botDate: Thu Dec 8 22:16:30 2016 + Update translations for tor-launcher-properties_completed --- fr/torlauncher.properties| 6 +++--- fr_CA/torlauncher.properties | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fr/torlauncher.properties b/fr/torlauncher.properties index a2bc7cc..ea6aac6 100644 --- a/fr/torlauncher.properties +++ b/fr/torlauncher.properties @@ -24,9 +24,9 @@ torlauncher.ensure_tor_is_running=Veuillez-vous assurer que Tor est lancé. torlauncher.error_proxy_addr_missing=Pour configurer Tor afin qu'il utilise un proxy, vous devez spécifier une adresse IP ou un nom d'hôte ainsi qu'un numéro de port. torlauncher.error_proxy_type_missing=Vous devez sélectionner un type de proxy. -torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs bridges. -torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un type de transport pour les bridges fournis. -torlauncher.error_bridge_bad_default_type=Aucun des bridges fournis n'a le type de transport %S. Merci d'ajuster vos paramètres. +torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts. +torlauncher.error_default_bridges_type_missing=Vous devez sélectionner un type de transport pour les ponts fournis. +torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. torlauncher.recommended_bridge=(recommandé) diff --git a/fr_CA/torlauncher.properties b/fr_CA/torlauncher.properties index f1ca86c..13fabbb 100644 --- a/fr_CA/torlauncher.properties +++ b/fr_CA/torlauncher.properties @@ -26,7 +26,7 @@ torlauncher.error_proxy_addr_missing=Vous devez spécifier à la fois une adress torlauncher.error_proxy_type_missing=Vous devez choisir le type de mandataire. torlauncher.error_bridges_missing=Vous devez spécifier un ou plusieurs ponts. torlauncher.error_default_bridges_type_missing=Vous devez choisir un type de transport pour les ponts fournis. -torlauncher.error_bridge_bad_default_type=Aucun pont n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. +torlauncher.error_bridge_bad_default_type=Aucun des pont fournis n'est disponible pour le type de transport %S, Veuillez ajuster vos paramètres. torlauncher.recommended_bridge=(recommandé) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/whisperback] Update translations for whisperback
commit 08865bc56bfd12e6f0da5b2587695610980bb186 Author: Translation commit botDate: Thu Dec 8 22:15:28 2016 + Update translations for whisperback --- es/es.po | 2 +- fr/fr.po | 4 ++-- fr_CA/fr_CA.po | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/es/es.po b/es/es.po index 9c80434..ed02339 100644 --- a/es/es.po +++ b/es/es.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-03-21 16:28+\n" +"PO-Revision-Date: 2016-12-08 18:15+\n" "Last-Translator: Noel Torres \n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" diff --git a/fr/fr.po b/fr/fr.po index ae53e98..2df71c8 100644 --- a/fr/fr.po +++ b/fr/fr.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-11-25 22:31+\n" +"PO-Revision-Date: 2016-12-08 16:46+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -129,7 +129,7 @@ msgstr "Développeurs de Tails " #: ../whisperBack/gui.py:385 msgid "translator-credits" -msgstr "traducteurs" +msgstr "traducteurs - crédits" #: ../whisperBack/gui.py:412 msgid "This doesn't seem to be a valid URL or OpenPGP key." diff --git a/fr_CA/fr_CA.po b/fr_CA/fr_CA.po index 5b164f1..74a7dfc 100644 --- a/fr_CA/fr_CA.po +++ b/fr_CA/fr_CA.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-11-25 22:31+\n" +"PO-Revision-Date: 2016-12-08 16:46+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -129,7 +129,7 @@ msgstr "Développeurs de Tails " #: ../whisperBack/gui.py:385 msgid "translator-credits" -msgstr "crédits de traduction" +msgstr "traducteurs - crédits" #: ../whisperBack/gui.py:412 msgid "This doesn't seem to be a valid URL or OpenPGP key." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/whisperback_completed] Update translations for whisperback_completed
commit 997a0cd671ae7eb37cb6facd83b988ea5a62e5c5 Author: Translation commit botDate: Thu Dec 8 22:15:33 2016 + Update translations for whisperback_completed --- es/es.po | 2 +- fr/fr.po | 4 ++-- fr_CA/fr_CA.po | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/es/es.po b/es/es.po index 9c80434..ed02339 100644 --- a/es/es.po +++ b/es/es.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-03-21 16:28+\n" +"PO-Revision-Date: 2016-12-08 18:15+\n" "Last-Translator: Noel Torres \n" "Language-Team: Spanish (http://www.transifex.com/otf/torproject/language/es/)\n" "MIME-Version: 1.0\n" diff --git a/fr/fr.po b/fr/fr.po index ae53e98..2df71c8 100644 --- a/fr/fr.po +++ b/fr/fr.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-11-25 22:31+\n" +"PO-Revision-Date: 2016-12-08 16:46+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -129,7 +129,7 @@ msgstr "Développeurs de Tails " #: ../whisperBack/gui.py:385 msgid "translator-credits" -msgstr "traducteurs" +msgstr "traducteurs - crédits" #: ../whisperBack/gui.py:412 msgid "This doesn't seem to be a valid URL or OpenPGP key." diff --git a/fr_CA/fr_CA.po b/fr_CA/fr_CA.po index 5b164f1..74a7dfc 100644 --- a/fr_CA/fr_CA.po +++ b/fr_CA/fr_CA.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-12-16 19:54+0100\n" -"PO-Revision-Date: 2016-11-25 22:31+\n" +"PO-Revision-Date: 2016-12-08 16:46+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -129,7 +129,7 @@ msgstr "Développeurs de Tails " #: ../whisperBack/gui.py:385 msgid "translator-credits" -msgstr "crédits de traduction" +msgstr "traducteurs - crédits" #: ../whisperBack/gui.py:412 msgid "This doesn't seem to be a valid URL or OpenPGP key." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck_completed] Update translations for torcheck_completed
commit b185d951a6826a293c72c3da41ee1c98277d896b Author: Translation commit botDate: Thu Dec 8 22:15:22 2016 + Update translations for torcheck_completed --- fr/torcheck.po| 4 ++-- fr_CA/torcheck.po | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fr/torcheck.po b/fr/torcheck.po index 7c2c701..e21546f 100644 --- a/fr/torcheck.po +++ b/fr/torcheck.po @@ -17,7 +17,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2016-11-25 22:37+\n" +"PO-Revision-Date: 2016-12-08 17:22+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -72,7 +72,7 @@ msgid "This page is also available in the following languages:" msgstr "Cette page est également disponible dans les langues suivantes :" msgid "For more information about this exit relay, see:" -msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :" +msgstr "Pour plus d'informations sur ce relais de sortie, voir :" msgid "" "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, " diff --git a/fr_CA/torcheck.po b/fr_CA/torcheck.po index ebba87b..216b5df 100644 --- a/fr_CA/torcheck.po +++ b/fr_CA/torcheck.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2016-11-25 22:38+\n" +"PO-Revision-Date: 2016-12-08 17:22+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -68,7 +68,7 @@ msgid "This page is also available in the following languages:" msgstr "Cette page est également proposée dans les langues suivantes : " msgid "For more information about this exit relay, see:" -msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :" +msgstr "Pour plus d'informations sur ce relais de sortie, voir :" msgid "" "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, " ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere] Update translations for https_everywhere
commit d8e536cd3153d6b263278cdf9f23cff6c23444f6 Author: Translation commit botDate: Thu Dec 8 22:15:39 2016 + Update translations for https_everywhere --- is/ssl-observatory.dtd | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/is/ssl-observatory.dtd b/is/ssl-observatory.dtd index aeb156d..92068d4 100644 --- a/is/ssl-observatory.dtd +++ b/is/ssl-observatory.dtd @@ -1,6 +1,6 @@ - - + + - + @@ -84,14 +84,14 @@ looked at. Mouseover the options for further details:"> - + - + - + - - + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/liveusb-creator] Update translations for liveusb-creator
commit 9eaeb4a73b2762da9239ed02e0a1a9b34cb911c8 Author: Translation commit botDate: Thu Dec 8 22:15:49 2016 + Update translations for liveusb-creator --- lt/lt.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lt/lt.po b/lt/lt.po index 27e066a..f3049a8 100644 --- a/lt/lt.po +++ b/lt/lt.po @@ -13,7 +13,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-11-02 21:23+0100\n" -"PO-Revision-Date: 2016-11-23 22:54+\n" +"PO-Revision-Date: 2016-12-05 21:45+\n" "Last-Translator: Moo\n" "Language-Team: Lithuanian (http://www.transifex.com/otf/torproject/language/lt/)\n" "MIME-Version: 1.0\n" @@ -129,7 +129,7 @@ msgstr "Nepavyko rasti" #: ../liveusb/creator.py:560 #, python-format msgid "Cannot find device %s" -msgstr "" +msgstr "Nepavyksta rasti įrenginio %s" #: ../liveusb/creator.py:417 #, python-format @@ -490,7 +490,7 @@ msgstr "Nežinoma dbus išimtis, bandant prijungti įrenginį: %(message)s" #: ../liveusb/creator.py:791 ../liveusb/creator.py:964 msgid "Unknown filesystem. Your device may need to be reformatted." -msgstr "" +msgstr "Nežinoma failų sistema. Gali būti, kad jūsų įrenginys turi būti iš naujo formatuotas." #: ../liveusb/gui.py:85 #, python-format ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck] Update translations for torcheck
commit 0b709c8377e52504312f060ac8851e12bf784312 Author: Translation commit botDate: Thu Dec 8 22:15:18 2016 + Update translations for torcheck --- fr/torcheck.po| 4 ++-- fr_CA/torcheck.po | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/fr/torcheck.po b/fr/torcheck.po index 7c2c701..e21546f 100644 --- a/fr/torcheck.po +++ b/fr/torcheck.po @@ -17,7 +17,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2016-11-25 22:37+\n" +"PO-Revision-Date: 2016-12-08 17:22+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -72,7 +72,7 @@ msgid "This page is also available in the following languages:" msgstr "Cette page est également disponible dans les langues suivantes :" msgid "For more information about this exit relay, see:" -msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :" +msgstr "Pour plus d'informations sur ce relais de sortie, voir :" msgid "" "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, " diff --git a/fr_CA/torcheck.po b/fr_CA/torcheck.po index ebba87b..216b5df 100644 --- a/fr_CA/torcheck.po +++ b/fr_CA/torcheck.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2016-11-25 22:38+\n" +"PO-Revision-Date: 2016-12-08 17:22+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (Canada) (http://www.transifex.com/otf/torproject/language/fr_CA/)\n" "MIME-Version: 1.0\n" @@ -68,7 +68,7 @@ msgid "This page is also available in the following languages:" msgstr "Cette page est également proposée dans les langues suivantes : " msgid "For more information about this exit relay, see:" -msgstr "Pour plus d'informations à propos de ce relais de sortie, voir :" +msgstr "Pour plus d'informations sur ce relais de sortie, voir :" msgid "" "The Tor Project is a US 501(c)(3) non-profit dedicated to the research, " ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed
commit ebdccaaf8d7b9201ecd7f8a11062749d5d1ea796 Author: Translation commit botDate: Thu Dec 8 22:15:12 2016 + Update translations for bridgedb_completed --- fr/LC_MESSAGES/bridgedb.po| 48 +-- fr_CA/LC_MESSAGES/bridgedb.po | 18 nb/LC_MESSAGES/bridgedb.po| 4 ++-- pt_BR/LC_MESSAGES/bridgedb.po | 4 ++-- 4 files changed, 37 insertions(+), 37 deletions(-) diff --git a/fr/LC_MESSAGES/bridgedb.po b/fr/LC_MESSAGES/bridgedb.po index 65f4d64..dfac7cf 100644 --- a/fr/LC_MESSAGES/bridgedb.po +++ b/fr/LC_MESSAGES/bridgedb.po @@ -28,7 +28,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2016-12-02 23:21+\n" +"PO-Revision-Date: 2016-12-08 20:32+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -79,7 +79,7 @@ msgstr "Afficher le QRCode" #: bridgedb/https/templates/bridges.html:52 msgid "QRCode for your bridge lines" -msgstr "QRCode pour vos lignes de bridges" +msgstr "Code QR pour vos lignes de ponts" #. TRANSLATORS: Please translate this into some silly way to say #. "There was a problem!" in your language. For example, @@ -102,14 +102,14 @@ msgstr "Ce QRCode contient vos lignes de ponts. Scannez-le avec un lecteur de QR #: bridgedb/https/templates/bridges.html:131 msgid "There currently aren't any bridges available..." -msgstr "Il n'y a pas de bridge disponible en ce momentâ¦" +msgstr "Aucun pont n'est disponible actuellementâ¦" #: bridgedb/https/templates/bridges.html:132 #, python-format msgid "" " Perhaps you should try %s going back %s and choosing a different bridge " "type!" -msgstr "Peut-être devriez-vous revenir %s en arrière %s et choisir un type de bridge différent !" +msgstr "Vous devriez peut-être %s revenir en arrière %s et choisir un différent type de pont !" #: bridgedb/https/templates/index.html:11 #, python-format @@ -129,7 +129,7 @@ msgstr "Ãtape %s2%s" #: bridgedb/https/templates/index.html:27 #, python-format msgid "Get %s bridges %s" -msgstr "Récupérez les %s addresses de bridge %s" +msgstr "Récupérez les %s ponts %s" #: bridgedb/https/templates/index.html:36 #, python-format @@ -139,7 +139,7 @@ msgstr "Ãtape %s3%s" #: bridgedb/https/templates/index.html:38 #, python-format msgid "Now %s add the bridges to Tor Browser %s" -msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s" +msgstr "Maintenant %s ajoutez les ponts au navigateur Tor %s" #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the #. beginning of words are present in your final translation. Thanks! @@ -148,7 +148,7 @@ msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s" #: bridgedb/https/templates/options.html:38 #, python-format msgid "%sJ%sust give me bridges!" -msgstr "Donnez-moi %sj%suste des bridges !" +msgstr "Donnez-moi %sj%suste des ponts !" #: bridgedb/https/templates/options.html:51 msgid "Advanced Options" @@ -176,7 +176,7 @@ msgstr "%sO%sui!" #: bridgedb/https/templates/options.html:147 #, python-format msgid "%sG%set Bridges" -msgstr "%sO%sbtenir des bridges" +msgstr "%sO%sbtenir des ponts" #: bridgedb/strings.py:43 msgid "[This is an automated message; please do not reply.]" @@ -184,7 +184,7 @@ msgstr "[Ceci est un message automatique, merci de ne pas y répondre.]" #: bridgedb/strings.py:45 msgid "Here are your bridges:" -msgstr "Voici vos bridges :" +msgstr "Voici vos ponts :" #: bridgedb/strings.py:47 #, python-format @@ -251,7 +251,7 @@ msgid "" "Some bridges with IPv6 addresses are also available, though some Pluggable\n" "Transports aren't IPv6 compatible.\n" "\n" -msgstr "Certains ponts (bridges) sont aussi proposés avec des adresses IPv6, bien que certains transports enfichables ne soient pas compatibles avec l'IPv6.\n" +msgstr "Certains ponts sont aussi proposés avec des adresses IPv6, bien que certains transports enfichables ne soient pas compatibles avec IPv6.\n" #. TRANSLATORS: Please DO NOT translate "BridgeDB". #. TRANSLATORS: The phrase "plain-ol'-vanilla" means "plain, boring, @@ -265,20 +265,20 @@ msgid "" "Pluggable Transports %s which maybe doesn't sound as cool, but they can still\n" "help to circumvent internet censorship in many cases.\n" "\n" -msgstr "De plus, BridgeDB contient de nombreux ponts « classiques » %s sans aucun transports enfichables %s qui ne semblent pas être aussi efficaces, mais qui peuvent toutefois dans des nombreux cas aider à contourner la censure sur Internet.\n" +msgstr "De plus, BridgeDB propose de nombreux ponts traditionnels %s sans transport enfichable %s qui
[tor-commits] [translation/bridgedb] Update translations for bridgedb
commit da6f8fa487954ca73122b56ea729aca72559044b Author: Translation commit botDate: Thu Dec 8 22:15:06 2016 + Update translations for bridgedb --- fr/LC_MESSAGES/bridgedb.po| 48 +-- fr_CA/LC_MESSAGES/bridgedb.po | 18 nb/LC_MESSAGES/bridgedb.po| 4 ++-- pt_BR/LC_MESSAGES/bridgedb.po | 4 ++-- 4 files changed, 37 insertions(+), 37 deletions(-) diff --git a/fr/LC_MESSAGES/bridgedb.po b/fr/LC_MESSAGES/bridgedb.po index 65f4d64..dfac7cf 100644 --- a/fr/LC_MESSAGES/bridgedb.po +++ b/fr/LC_MESSAGES/bridgedb.po @@ -28,7 +28,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB=bridgedb-reported,msgid=isis,sysrqb=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2016-12-02 23:21+\n" +"PO-Revision-Date: 2016-12-08 20:32+\n" "Last-Translator: French language coordinator \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -79,7 +79,7 @@ msgstr "Afficher le QRCode" #: bridgedb/https/templates/bridges.html:52 msgid "QRCode for your bridge lines" -msgstr "QRCode pour vos lignes de bridges" +msgstr "Code QR pour vos lignes de ponts" #. TRANSLATORS: Please translate this into some silly way to say #. "There was a problem!" in your language. For example, @@ -102,14 +102,14 @@ msgstr "Ce QRCode contient vos lignes de ponts. Scannez-le avec un lecteur de QR #: bridgedb/https/templates/bridges.html:131 msgid "There currently aren't any bridges available..." -msgstr "Il n'y a pas de bridge disponible en ce momentâ¦" +msgstr "Aucun pont n'est disponible actuellementâ¦" #: bridgedb/https/templates/bridges.html:132 #, python-format msgid "" " Perhaps you should try %s going back %s and choosing a different bridge " "type!" -msgstr "Peut-être devriez-vous revenir %s en arrière %s et choisir un type de bridge différent !" +msgstr "Vous devriez peut-être %s revenir en arrière %s et choisir un différent type de pont !" #: bridgedb/https/templates/index.html:11 #, python-format @@ -129,7 +129,7 @@ msgstr "Ãtape %s2%s" #: bridgedb/https/templates/index.html:27 #, python-format msgid "Get %s bridges %s" -msgstr "Récupérez les %s addresses de bridge %s" +msgstr "Récupérez les %s ponts %s" #: bridgedb/https/templates/index.html:36 #, python-format @@ -139,7 +139,7 @@ msgstr "Ãtape %s3%s" #: bridgedb/https/templates/index.html:38 #, python-format msgid "Now %s add the bridges to Tor Browser %s" -msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s" +msgstr "Maintenant %s ajoutez les ponts au navigateur Tor %s" #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the #. beginning of words are present in your final translation. Thanks! @@ -148,7 +148,7 @@ msgstr "Maintenant %s ajoutez les bridges au navigateur Tor %s" #: bridgedb/https/templates/options.html:38 #, python-format msgid "%sJ%sust give me bridges!" -msgstr "Donnez-moi %sj%suste des bridges !" +msgstr "Donnez-moi %sj%suste des ponts !" #: bridgedb/https/templates/options.html:51 msgid "Advanced Options" @@ -176,7 +176,7 @@ msgstr "%sO%sui!" #: bridgedb/https/templates/options.html:147 #, python-format msgid "%sG%set Bridges" -msgstr "%sO%sbtenir des bridges" +msgstr "%sO%sbtenir des ponts" #: bridgedb/strings.py:43 msgid "[This is an automated message; please do not reply.]" @@ -184,7 +184,7 @@ msgstr "[Ceci est un message automatique, merci de ne pas y répondre.]" #: bridgedb/strings.py:45 msgid "Here are your bridges:" -msgstr "Voici vos bridges :" +msgstr "Voici vos ponts :" #: bridgedb/strings.py:47 #, python-format @@ -251,7 +251,7 @@ msgid "" "Some bridges with IPv6 addresses are also available, though some Pluggable\n" "Transports aren't IPv6 compatible.\n" "\n" -msgstr "Certains ponts (bridges) sont aussi proposés avec des adresses IPv6, bien que certains transports enfichables ne soient pas compatibles avec l'IPv6.\n" +msgstr "Certains ponts sont aussi proposés avec des adresses IPv6, bien que certains transports enfichables ne soient pas compatibles avec IPv6.\n" #. TRANSLATORS: Please DO NOT translate "BridgeDB". #. TRANSLATORS: The phrase "plain-ol'-vanilla" means "plain, boring, @@ -265,20 +265,20 @@ msgid "" "Pluggable Transports %s which maybe doesn't sound as cool, but they can still\n" "help to circumvent internet censorship in many cases.\n" "\n" -msgstr "De plus, BridgeDB contient de nombreux ponts « classiques » %s sans aucun transports enfichables %s qui ne semblent pas être aussi efficaces, mais qui peuvent toutefois dans des nombreux cas aider à contourner la censure sur Internet.\n" +msgstr "De plus, BridgeDB propose de nombreux ponts traditionnels %s sans transport enfichable %s qui peuvent quand
[tor-commits] [tor/master] Update to trunnel 1.5.1
commit bc68eedd79286420f8dcab5fa4ed83401299c89c Author: Nick MathewsonDate: Thu Dec 8 16:56:24 2016 -0500 Update to trunnel 1.5.1 --- scripts/codegen/run_trunnel.sh| 6 -- src/ext/trunnel/trunnel-impl.h| 2 +- src/ext/trunnel/trunnel.c | 2 +- src/ext/trunnel/trunnel.h | 2 +- src/trunnel/ed25519_cert.c| 40 +-- src/trunnel/ed25519_cert.h| 40 +-- src/trunnel/hs/cell_common.c | 8 +++ src/trunnel/hs/cell_common.h | 8 +++ src/trunnel/hs/cell_establish_intro.c | 8 +++ src/trunnel/hs/cell_establish_intro.h | 8 +++ src/trunnel/hs/cell_introduce1.c | 14 ++-- src/trunnel/hs/cell_introduce1.h | 14 ++-- src/trunnel/link_handshake.c | 16 +++--- src/trunnel/link_handshake.h | 16 +++--- src/trunnel/pwbox.c | 8 +++ src/trunnel/pwbox.h | 8 +++ 16 files changed, 101 insertions(+), 99 deletions(-) diff --git a/scripts/codegen/run_trunnel.sh b/scripts/codegen/run_trunnel.sh index c574ea8..4288043 100755 --- a/scripts/codegen/run_trunnel.sh +++ b/scripts/codegen/run_trunnel.sh @@ -5,11 +5,13 @@ if test "x$TRUNNEL_PATH" != "x"; then export PYTHONPATH fi +OPTIONS="--require-version=1.5.1" + # Get all .trunnel files recursively from that directory so we can support # multiple sub-directories. for file in `find ./src/trunnel/ -name '*.trunnel'`; do - python -m trunnel --require-version=1.4 $file + python -m trunnel ${OPTIONS} $file done -python -m trunnel --require-version=1.4 --write-c-files --target-dir=./src/ext/trunnel/ +python -m trunnel ${OPTIONS} --write-c-files --target-dir=./src/ext/trunnel/ diff --git a/src/ext/trunnel/trunnel-impl.h b/src/ext/trunnel/trunnel-impl.h index 0cbd4f5..bc80585 100644 --- a/src/ext/trunnel/trunnel-impl.h +++ b/src/ext/trunnel/trunnel-impl.h @@ -1,4 +1,4 @@ -/* trunnel-impl.h -- copied from Trunnel v1.5 +/* trunnel-impl.h -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ diff --git a/src/ext/trunnel/trunnel.c b/src/ext/trunnel/trunnel.c index f80a587..a008fb9 100644 --- a/src/ext/trunnel/trunnel.c +++ b/src/ext/trunnel/trunnel.c @@ -1,4 +1,4 @@ -/* trunnel.c -- copied from Trunnel v1.5 +/* trunnel.c -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ diff --git a/src/ext/trunnel/trunnel.h b/src/ext/trunnel/trunnel.h index afd404d..85bbcc5 100644 --- a/src/ext/trunnel/trunnel.h +++ b/src/ext/trunnel/trunnel.h @@ -1,4 +1,4 @@ -/* trunnel.h -- copied from Trunnel v1.5 +/* trunnel.h -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ diff --git a/src/trunnel/ed25519_cert.c b/src/trunnel/ed25519_cert.c index e4e4d68..ee02fda 100644 --- a/src/trunnel/ed25519_cert.c +++ b/src/trunnel/ed25519_cert.c @@ -1,4 +1,4 @@ -/* ed25519_cert.c -- generated by Trunnel v1.5. +/* ed25519_cert.c -- generated by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -58,7 +58,7 @@ create2_cell_body_free(create2_cell_body_t *obj) } uint16_t -create2_cell_body_get_handshake_type(create2_cell_body_t *inp) +create2_cell_body_get_handshake_type(const create2_cell_body_t *inp) { return inp->handshake_type; } @@ -69,7 +69,7 @@ create2_cell_body_set_handshake_type(create2_cell_body_t *inp, uint16_t val) return 0; } uint16_t -create2_cell_body_get_handshake_len(create2_cell_body_t *inp) +create2_cell_body_get_handshake_len(const create2_cell_body_t *inp) { return inp->handshake_len; } @@ -333,7 +333,7 @@ ed25519_cert_extension_free(ed25519_cert_extension_t *obj) } uint16_t -ed25519_cert_extension_get_ext_length(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_length(const ed25519_cert_extension_t *inp) { return inp->ext_length; } @@ -344,7 +344,7 @@ ed25519_cert_extension_set_ext_length(ed25519_cert_extension_t *inp, uint16_t va return 0; } uint8_t -ed25519_cert_extension_get_ext_type(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_type(const ed25519_cert_extension_t *inp) { return inp->ext_type; } @@ -355,7 +355,7 @@ ed25519_cert_extension_set_ext_type(ed25519_cert_extension_t *inp, uint8_t val) return 0; } uint8_t -ed25519_cert_extension_get_ext_flags(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_flags(const ed25519_cert_extension_t *inp) { return inp->ext_flags; } @@ -733,7 +733,7 @@ extend1_cell_body_free(extend1_cell_body_t *obj) } uint32_t -extend1_cell_body_get_ipv4addr(extend1_cell_body_t *inp) +extend1_cell_body_get_ipv4addr(const extend1_cell_body_t *inp) { return inp->ipv4addr; } @@ -744,7 +744,7 @@
[tor-commits] [tor/master] Tell channel_set_identity_digest() that ed keys can be NULL
commit 68acf8f12e61891f19160a58b45bad98de208df1 Author: Nick MathewsonDate: Thu Nov 10 16:03:41 2016 -0500 Tell channel_set_identity_digest() that ed keys can be NULL --- src/or/channel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/or/channel.c b/src/or/channel.c index e9bda24..0a96f23 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -1468,7 +1468,6 @@ channel_clear_identity_digest(channel_t *chan) * This function sets the identity digest of the remote endpoint for a * channel; this is intended for use by the lower layer. */ - void channel_set_identity_digest(channel_t *chan, const char *identity_digest, @@ -1513,6 +1512,8 @@ channel_set_identity_digest(channel_t *chan, } if (ed_identity) { memcpy(>ed25519_identity, ed_identity, sizeof(*ed_identity)); + } else { +memset(>ed25519_identity, 0, sizeof(*ed_identity)); } /* Put it in the digest map if we should */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add some unit testing for ed25519 IDs in extend2 cells.
commit 835b04819ab75224b876c9b9ad9925f7f7b24229 Author: Nick MathewsonDate: Fri Nov 11 14:28:15 2016 -0500 Add some unit testing for ed25519 IDs in extend2 cells. --- src/test/test_cell_formats.c | 35 ++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c index f839a5b..bbcff38 100644 --- a/src/test/test_cell_formats.c +++ b/src/test/test_cell_formats.c @@ -11,6 +11,7 @@ #include "channel.h" #include "connection_edge.h" #include "connection_or.h" +#include "config.h" #include "onion.h" #include "onion_tap.h" #include "onion_fast.h" @@ -698,6 +699,7 @@ test_cfmt_extend_cells(void *arg) tt_int_op(61681, OP_EQ, ec.orport_ipv4.port); tt_str_op("2002::f0:c51e", OP_EQ, fmt_addr(_ipv6.addr)); tt_int_op(4370, OP_EQ, ec.orport_ipv6.port); + tt_assert(ed25519_public_key_is_zero(_pubkey)); tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20); tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); tt_int_op(cc->handshake_type, OP_EQ, 0x105); @@ -717,6 +719,37 @@ test_cfmt_extend_cells(void *arg) tt_mem_op(p2+1+8+22+4,OP_EQ, b, 99+20); tt_int_op(0, OP_EQ, create_cell_format_relayed(, cc)); + /* Now let's add an ed25519 key to that extend2 cell. */ + memcpy(ec.ed_pubkey.pubkey, + "brownshoesdontmakeit/brownshoesd", 32); + + /* As before, since we aren't extending by ed25519. */ + get_options_mutable()->ExtendByEd25519ID = 0; + tt_int_op(0, OP_EQ, extend_cell_format(_cmd, _len, p2, )); + tt_int_op(p2_len, OP_EQ, 89+99-34-20); + test_memeq_hex(p2, + "02000612F40001F0F1" + "0214616e7468726f706f6d6f727068697a6174696f6e" + "01050063"); + + /* Now try with the ed25519 ID. */ + get_options_mutable()->ExtendByEd25519ID = 1; + tt_int_op(0, OP_EQ, extend_cell_format(_cmd, _len, p2, )); + tt_int_op(p2_len, OP_EQ, 89+99-34-20 + 34); + test_memeq_hex(p2, + "03000612F40001F0F1" + "0214616e7468726f706f6d6f727068697a6174696f6e" + // ed digest follows: + "0320" "62726f776e73686f6573646f6e746d616b656" +"9742f62726f776e73686f657364" + "01050063"); + /* Can we parse that? Did the key come through right? */ + memset(, 0, sizeof(ec)); + tt_int_op(0, OP_EQ, extend_cell_parse(, RELAY_COMMAND_EXTEND2, +p2, p2_len)); + tt_mem_op("brownshoesdontmakeit/brownshoesd", OP_EQ, +ec.ed_pubkey.pubkey, 32); + /* == Now try parsing some junk */ /* Try a too-long handshake */ @@ -1257,7 +1290,7 @@ struct testcase_t cell_format_tests[] = { TEST(connected_cells, 0), TEST(create_cells, 0), TEST(created_cells, 0), - TEST(extend_cells, 0), + TEST(extend_cells, TT_FORK), TEST(extended_cells, 0), TEST(resolved_cells, 0), TEST(is_destroy, 0), ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Tiny cleanup of chan handling when setting connection ID digests
commit 5eef00eb049606bf5b5610af8e3ce9514bd95882 Author: Nick MathewsonDate: Wed Dec 7 13:03:21 2016 -0500 Tiny cleanup of chan handling when setting connection ID digests --- src/or/connection_or.c | 9 - 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 046865d..f0292bc 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -153,8 +153,8 @@ connection_or_set_identity_digest(or_connection_t *conn, /* If the identity was set previously, remove the old mapping. */ if (rsa_id_was_set) { connection_or_clear_identity(conn); -if (conn->chan) - channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan)); +if (chan) + channel_clear_identity_digest(chan); } memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN); @@ -165,9 +165,8 @@ connection_or_set_identity_digest(or_connection_t *conn, return; /* Deal with channels */ - if (conn->chan) -channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), -rsa_digest, ed_id); + if (chan) +channel_set_identity_digest(chan, rsa_digest, ed_id); } /** Remove the Extended ORPort identifier of conn from the ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix comment on connection_or_client_learned_peer_id().
commit d0b76f5099cb21c3f2d688d7e812f349dc06b695 Author: Nick MathewsonDate: Wed Dec 7 13:08:51 2016 -0500 Fix comment on connection_or_client_learned_peer_id(). --- src/or/connection_or.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index f0292bc..635d3e4 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1588,9 +1588,10 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, /** Called when we (as a connection initiator) have definitively, * authenticatedly, learned that ID of the Tor instance on the other - * side of conn is peer_id. For v1 and v2 handshakes, + * side of conn is rsa_peer_id and optionally ed_peer_id. + * For v1 and v2 handshakes, * this is right after we get a certificate chain in a TLS handshake - * or renegotiation. For v3 handshakes, this is right after we get a + * or renegotiation. For v3+ handshakes, this is right after we get a * certificate chain in a CERTS cell. * * If we did not know the ID before, record the one we got. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add a few more debug/info-level logs for ed25519 link handshake stuff
commit e0ab293837c76ee95b8b94f461aefe0f1ac6eff0 Author: Nick MathewsonDate: Thu Nov 10 12:55:42 2016 -0500 Add a few more debug/info-level logs for ed25519 link handshake stuff --- src/or/channeltls.c| 14 -- src/or/connection_or.c | 8 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/or/channeltls.c b/src/or/channeltls.c index fafa08c..aef0143 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -1993,12 +1993,15 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) checked_ed_id, sizeof(ed25519_public_key_t)); } +log_debug(LD_HANDSHAKE, "calling client_learned_peer_id from " + "process_certs_cell"); + if (connection_or_client_learned_peer_id(chan->conn, chan->conn->handshake_state->authenticated_rsa_peer_id, checked_ed_id) < 0) ERR("Problem setting or checking peer id"); -log_info(LD_OR, +log_info(LD_HANDSHAKE, "Got some good certificates from %s:%d: Authenticated it with " "RSA%s", safe_str(chan->conn->base_.address), chan->conn->base_.port, @@ -2334,6 +2337,13 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); crypto_pk_free(identity_rcvd); +log_debug(LD_HANDSHAKE, + "Calling connection_or_init_conn_from_address for %s " + " from %s, with%s ed25519 id.", + safe_str(chan->conn->base_.address), + __func__, + ed_identity_received ? "" : "out"); + connection_or_init_conn_from_address(chan->conn, &(chan->conn->base_.addr), chan->conn->base_.port, @@ -2342,7 +2352,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) ed_identity_received, 0); -log_info(LD_OR, +log_debug(LD_HANDSHAKE, "Got an AUTHENTICATE cell from %s:%d, type %d: Looks good.", safe_str(chan->conn->base_.address), chan->conn->base_.port, diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 0caf8a9..e10eaaf 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -831,6 +831,12 @@ connection_or_init_conn_from_address(or_connection_t *conn, const ed25519_public_key_t *ed_id, int started_here) { + log_debug(LD_HANDSHAKE, "init conn from address %s: %s, %s (%d)", +fmt_addr(addr), +hex_str((const char*)id_digest, DIGEST_LEN), +ed25519_fmt(ed_id), +started_here); + const node_t *r = node_get_by_id(id_digest); connection_or_set_identity_digest(conn, id_digest, ed_id); connection_or_update_token_buckets_helper(conn, 1, get_options()); @@ -1510,6 +1516,8 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, if (started_here) { /* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL * here. */ +log_debug(LD_HANDSHAKE, "Calling client_learned_peer_id from " + "check_valid_tls_handshake"); return connection_or_client_learned_peer_id(conn, (const uint8_t*)digest_rcvd_out, NULL); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Enforce directionality in connection_or_set_identity_digest().
commit 5ada24957954163f68e77b300925d445ccbe7e55 Author: Nick MathewsonDate: Thu Nov 10 16:07:55 2016 -0500 Enforce directionality in connection_or_set_identity_digest(). This function has never gotten testing for the case where an identity had been set, and then got set to something else. Rather than make it handle those cases, we forbid them. --- src/or/connection_or.c | 42 +- 1 file changed, 37 insertions(+), 5 deletions(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index e10eaaf..2889bb7 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -105,20 +105,51 @@ connection_or_clear_identity_map(void) } /** Change conn->identity_digest to digest, and add conn into - * orconn_digest_map. */ + * the appropriate digest maps. + * + * NOTE that this function only allows two kinds of transitions: from + * unset identity to set identity, and from idempotent re-settings + * of the same identity. It's not allowed to clear an identity or to + * change an identity. Return 0 on success, and -1 if the transition + * is not allowed. + **/ static void connection_or_set_identity_digest(or_connection_t *conn, const char *rsa_digest, const ed25519_public_key_t *ed_id) { + channel_t *chan = NULL; tor_assert(conn); tor_assert(rsa_digest); - if (tor_memeq(conn->identity_digest, rsa_digest, DIGEST_LEN)) + if (conn->chan) +chan = TLS_CHAN_TO_BASE(conn->chan); + + log_info(LD_HANDSHAKE, "Set identity digest for %p (%s): %s %s.", + conn, + escaped_safe_str(conn->base_.address), + hex_str(rsa_digest, DIGEST_LEN), + ed25519_fmt(ed_id)); + log_info(LD_HANDSHAKE, " (Previously: %s %s)", + hex_str(conn->identity_digest, DIGEST_LEN), + chan ? ed25519_fmt(>ed25519_identity) : ""); + + const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest); + const int ed_id_was_set = +chan && !ed25519_public_key_is_zero(>ed25519_identity); + const int rsa_changed = +tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN); + const int ed_changed = ed_id_was_set && +(!ed_id || !ed25519_pubkey_eq(ed_id, >ed25519_identity)); + + tor_assert(!rsa_changed || !rsa_id_was_set); + tor_assert(!ed_changed || !ed_id_was_set); + + if (!rsa_changed && !ed_changed) return; /* If the identity was set previously, remove the old mapping. */ - if (! tor_digest_is_zero(conn->identity_digest)) { + if (rsa_id_was_set) { connection_or_clear_identity(conn); if (conn->chan) channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan)); @@ -126,8 +157,9 @@ connection_or_set_identity_digest(or_connection_t *conn, memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN); - /* If we're setting the ID to zero, don't add a mapping. */ - if (tor_digest_is_zero(rsa_digest)) + /* If we're initializing the IDs to zero, don't add a mapping yet. */ + if (tor_digest_is_zero(rsa_digest) && + (!ed_id || ed25519_public_key_is_zero(ed_id))) return; /* Deal with channels */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Adding some assertions to onion.c
commit 236e8b605e6aebf87787951ca05f5c75ad530c8a Author: Nick MathewsonDate: Wed Dec 7 13:19:37 2016 -0500 Adding some assertions to onion.c --- src/or/onion.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/src/or/onion.c b/src/or/onion.c index 8e0896f..42b9ca4 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -879,6 +879,7 @@ extend_cell_from_extend1_cell_body(extend_cell_t *cell_out, const extend1_cell_body_t *cell) { tor_assert(cell_out); + tor_assert(cell); memset(cell_out, 0, sizeof(*cell_out)); tor_addr_make_unspec(_out->orport_ipv4.addr); tor_addr_make_unspec(_out->orport_ipv6.addr); @@ -908,6 +909,7 @@ create_cell_from_create2_cell_body(create_cell_t *cell_out, const create2_cell_body_t *cell) { tor_assert(cell_out); + tor_assert(cell); memset(cell_out, 0, sizeof(create_cell_t)); if (BUG(cell->handshake_len > sizeof(cell_out->onionskin))) { /* This should be impossible because there just isn't enough room in the @@ -930,6 +932,7 @@ extend_cell_from_extend2_cell_body(extend_cell_t *cell_out, const extend2_cell_body_t *cell) { tor_assert(cell_out); + tor_assert(cell); int found_ipv4 = 0, found_ipv6 = 0, found_rsa_id = 0, found_ed_id = 0; memset(cell_out, 0, sizeof(*cell_out)); tor_addr_make_unspec(_out->orport_ipv4.addr); @@ -988,6 +991,9 @@ extend_cell_parse(extend_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_length) { + tor_assert(cell_out); + tor_assert(payload); + if (payload_length > RELAY_PAYLOAD_SIZE) return -1; @@ -1033,6 +1039,7 @@ extend_cell_parse(extend_cell_t *cell_out, const uint8_t command, static int check_extended_cell(const extended_cell_t *cell) { + tor_assert(cell); if (cell->created_cell.cell_type == CELL_CREATED) { if (cell->cell_type != RELAY_COMMAND_EXTENDED) return -1; @@ -1054,6 +1061,9 @@ extended_cell_parse(extended_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_len) { + tor_assert(cell_out); + tor_assert(payload); + memset(cell_out, 0, sizeof(*cell_out)); if (payload_len > RELAY_PAYLOAD_SIZE) return -1; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] helper to test a node for matching an ed25519 ID.
commit 424ae9e18bc902e6c96a0e49b609f40868174af8 Author: Nick MathewsonDate: Fri Nov 11 12:37:58 2016 -0500 helper to test a node for matching an ed25519 ID. --- src/or/nodelist.c | 12 src/or/nodelist.h | 2 ++ 2 files changed, 14 insertions(+) diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 1f993e4..d8d2dbb 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -671,6 +671,18 @@ node_get_ed25519_id(const node_t *node) return NULL; } +/** Return true iff this node's Ed25519 identity matches id. + * (An absent Ed25519 identity matches NULL or zero.) */ +int +node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id) +{ + const ed25519_public_key_t *node_id = node_get_ed25519_id(node); + if (node_id == NULL || ed25519_public_key_is_zero(node_id)) { +return id == NULL || ed25519_public_key_is_zero(id); + } else { +return id && ed25519_pubkey_eq(node_id, id); + } +} /** Return true iff node supports authenticating itself * by ed25519 ID during the link handshake in a way that we can understand diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 57c3b43..31fdc64 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -56,6 +56,8 @@ long node_get_declared_uptime(const node_t *node); time_t node_get_published_on(const node_t *node); const smartlist_t *node_get_declared_family(const node_t *node); const ed25519_public_key_t *node_get_ed25519_id(const node_t *node); +int node_ed25519_id_matches(const node_t *node, +const ed25519_public_key_t *id); int node_supports_ed25519_link_authentication(const node_t *node); const uint8_t *node_get_rsa_id_digest(const node_t *node); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Changes file for feature 15056 (prop220, extend cell side)
commit a7cae7f8f7075da1856c619d141b54c56bfc5f31 Author: Nick MathewsonDate: Fri Nov 11 15:39:29 2016 -0500 Changes file for feature 15056 (prop220, extend cell side) --- changes/feature15056 | 28 1 file changed, 28 insertions(+) diff --git a/changes/feature15056 b/changes/feature15056 new file mode 100644 index 000..46226f8 --- /dev/null +++ b/changes/feature15056 @@ -0,0 +1,28 @@ + o Major features (ed25519 identity keys): +- Relays now understand requests to extend to other relays + by their Ed25519 identity keys. When an Ed25519 identity key + is included in an EXTEND2 cell, the relay will only extend + the circuit if the other relay can prove ownership of that identity. + Implements part of ticket 15056; part of proposal 220. +- Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This might + make your traffic appear different than the traffic generated by other + users, however. + Implements part of ticket 15056; part of proposal 220. + + o Code simplification and refactoring: +- The code to generate and parse EXTEND and EXTEND2 cells has + been replaced with code automatically generated by the "trunnel" + utility. +- Remove data structures that were used to index or_connection objects by + their RSA identity digests. These structures are fully redundant with + the similar structures used in the channel abstraction. + + o Minor features (directory authority): +- Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays by + their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add an ed25519_copy; use it in a couple of places dgoulet suggested.
commit 937aef48eeae4b81528de3e04b39047d0f826d9b Author: Nick MathewsonDate: Mon Dec 5 12:55:52 2016 -0500 Add an ed25519_copy; use it in a couple of places dgoulet suggested. --- src/common/crypto_ed25519.c | 12 src/common/crypto_ed25519.h | 3 +++ src/or/circuitbuild.c | 5 ++--- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 809ad12..b7c8311 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -628,6 +628,18 @@ ed25519_pubkey_eq(const ed25519_public_key_t *key1, return tor_memeq(key1->pubkey, key2->pubkey, ED25519_PUBKEY_LEN); } +/** + * Set dest to contain the same key as src. + */ +void +ed25519_pubkey_copy(ed25519_public_key_t *dest, +const ed25519_public_key_t *src) +{ + tor_assert(dest); + tor_assert(src); + memcpy(dest, src, sizeof(ed25519_public_key_t)); +} + /** Check whether the given Ed25519 implementation seems to be working. * If so, return 0; otherwise return -1. */ static int diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h index 5d63d90..929b2b5 100644 --- a/src/common/crypto_ed25519.h +++ b/src/common/crypto_ed25519.h @@ -121,6 +121,9 @@ void ed25519_keypair_free(ed25519_keypair_t *kp); int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2); +void ed25519_pubkey_copy(ed25519_public_key_t *dest, + const ed25519_public_key_t *src); + void ed25519_set_impl_params(int use_donna); void ed25519_init(void); diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index bac68bb..96bd472 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1045,8 +1045,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN); /* Set the ED25519 identity too -- it will only get included * in the extend2 cell if we're configured to use it, though. */ -memcpy(_pubkey, >extend_info->ed_identity, - sizeof(ed25519_public_key_t)); +ed25519_pubkey_copy(_pubkey, >extend_info->ed_identity); len = onion_skin_create(ec.create_cell.handshake_type, hop->extend_info, @@ -1183,7 +1182,7 @@ circuit_extend(cell_t *cell, circuit_t *circ) if (node && node_supports_ed25519_link_authentication(node) && (node_ed_id = node_get_ed25519_id(node))) { - memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN); + ed25519_pubkey_copy(_pubkey, node_ed_id); } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'feature15056_v1_squashed'
commit e93234af70da5cf3d513e57b12e4934b1c4d9529 Merge: e33c85a 236e8b6 Author: Nick MathewsonDate: Thu Dec 8 16:49:24 2016 -0500 Merge branch 'feature15056_v1_squashed' changes/feature15056 | 28 ++ doc/tor.1.txt| 14 + src/common/crypto_ed25519.c | 20 + src/common/crypto_ed25519.h | 6 + src/common/crypto_format.c | 16 + src/common/crypto_format.h | 1 + src/or/channel.c | 151 ++- src/or/channel.h | 40 +- src/or/channeltls.c | 18 +- src/or/circuitbuild.c| 98 +++-- src/or/circuitbuild.h| 6 +- src/or/circuituse.c | 11 +- src/or/config.c | 2 + src/or/connection.c | 4 +- src/or/connection_or.c | 299 - src/or/connection_or.h | 5 +- src/or/dirserv.c | 35 +- src/or/dirserv.h | 3 +- src/or/entrynodes.c | 33 +- src/or/entrynodes.h | 3 +- src/or/main.c| 4 +- src/or/nodelist.c| 70 +++ src/or/nodelist.h| 5 + src/or/onion.c | 314 +- src/or/onion.h | 2 + src/or/or.h | 18 +- src/or/router.c | 7 + src/or/routerkeys.c | 8 + src/or/routerkeys.h | 2 + src/test/test_cell_formats.c | 35 +- src/test/test_channel.c | 106 + src/test/test_link_handshake.c | 10 +- src/trunnel/ed25519_cert.c | 911 ++- src/trunnel/ed25519_cert.h | 318 ++ src/trunnel/ed25519_cert.trunnel | 53 +-- 35 files changed, 2299 insertions(+), 357 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] whitespace cleanups
commit e1f00c5f8620f46f97ac58b2a1787852891c8981 Author: Nick MathewsonDate: Thu Dec 8 16:53:29 2016 -0500 whitespace cleanups --- src/common/crypto_ed25519.h | 2 -- src/or/nodelist.c | 1 - 2 files changed, 3 deletions(-) diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h index 929b2b5..a58b416 100644 --- a/src/common/crypto_ed25519.h +++ b/src/common/crypto_ed25519.h @@ -68,7 +68,6 @@ ed25519_checksig_prefixed(const ed25519_signature_t *signature, int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey); - /** * A collection of information necessary to check an Ed25519 signature. Used * for batch verification. @@ -124,7 +123,6 @@ int ed25519_pubkey_eq(const ed25519_public_key_t *key1, void ed25519_pubkey_copy(ed25519_public_key_t *dest, const ed25519_public_key_t *src); - void ed25519_set_impl_params(int use_donna); void ed25519_init(void); diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 6117b86..3f2e111 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -715,7 +715,6 @@ node_get_rsa_id_digest(const node_t *node) return (const uint8_t*)node->identity; } - /** Return the nickname of node, or NULL if we can't find one. */ const char * node_get_nickname(const node_t *node) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Canonicity update for ed25519.
commit cd741cc595d705daef3aa9158bc7822fff935846 Author: Nick MathewsonDate: Fri Nov 11 12:38:11 2016 -0500 Canonicity update for ed25519. If a node can prove its Ed25519 identity, don't consider connections to it canonical unless they match both identities. Includes link handshake changes needed to avoid crashing with bug warnings, since the tests now reach more parts of the code. Closes ticket 20355 --- src/or/connection_or.c | 41 - src/test/test_link_handshake.c | 4 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 953e9df..088900c 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -75,6 +75,9 @@ static void connection_or_mark_bad_for_new_circs(or_connection_t *or_conn); static void connection_or_change_state(or_connection_t *conn, uint8_t state); +static void connection_or_check_canonicity(or_connection_t *conn, + int started_here); + /**/ /** Global map between Extended ORPort identifiers and OR @@ -869,13 +872,38 @@ connection_or_init_conn_from_address(or_connection_t *conn, ed25519_fmt(ed_id), started_here); - const node_t *r = node_get_by_id(id_digest); connection_or_set_identity_digest(conn, id_digest, ed_id); connection_or_update_token_buckets_helper(conn, 1, get_options()); conn->base_.port = port; tor_addr_copy(>base_.addr, addr); tor_addr_copy(>real_addr, addr); + + connection_or_check_canonicity(conn, started_here); +} + +/** Check whether the identity of conn matches a known node. If it + * does, check whether the address of conn matches the expected address, and + * update the connection's is_canonical flag, nickname, and address fields as + * appropriate. */ +static void +connection_or_check_canonicity(or_connection_t *conn, int started_here) +{ + const char *id_digest = conn->identity_digest; + const ed25519_public_key_t *ed_id = NULL; + const tor_addr_t *addr = >real_addr; + if (conn->chan) +ed_id = & TLS_CHAN_TO_BASE(conn->chan)->ed25519_identity; + + const node_t *r = node_get_by_id(id_digest); + if (r && + node_supports_ed25519_link_authentication(r) && + ! node_ed25519_id_matches(r, ed_id)) { +/* If this node is capable of proving an ed25519 ID, + * we can't call this a canonical connection unless both IDs match. */ + r = NULL; + } + if (r) { tor_addr_port_t node_ap; node_get_pref_orport(r, _ap); @@ -897,10 +925,12 @@ connection_or_init_conn_from_address(or_connection_t *conn, tor_addr_copy(>base_.addr, _ap.addr); conn->base_.port = node_ap.port; } +tor_free(conn->nickname); conn->nickname = tor_strdup(node_get_nickname(r)); tor_free(conn->base_.address); conn->base_.address = tor_addr_to_str_dup(_ap.addr); } else { +tor_free(conn->nickname); conn->nickname = tor_malloc(HEX_DIGEST_LEN+2); conn->nickname[0] = '$'; base16_encode(conn->nickname+1, HEX_DIGEST_LEN+1, @@ -1589,6 +1619,7 @@ connection_or_client_learned_peer_id(or_connection_t *conn, const or_options_t *options = get_options(); channel_tls_t *chan_tls = conn->chan; channel_t *chan = channel_tls_to_base(chan_tls); + int changed_identity = 0; tor_assert(chan); const int expected_rsa_key = @@ -1619,6 +1650,7 @@ connection_or_client_learned_peer_id(or_connection_t *conn, * we do -- remember it for future attempts. */ learned_router_identity(>base_.addr, conn->base_.port, (const char*)rsa_peer_id, ed_peer_id); +changed_identity = 1; } const int rsa_mismatch = expected_rsa_key && @@ -1706,6 +1738,13 @@ connection_or_client_learned_peer_id(or_connection_t *conn, "connection."); connection_or_set_identity_digest(conn, (const char*)rsa_peer_id, ed_peer_id); +changed_identity = 1; + } + + if (changed_identity) { +/* If we learned an identity for this connection, then we might have + * just discovered it to be canonical. */ +connection_or_check_canonicity(conn, conn->handshake_state->started_here); } if (authdir_mode_tests_reachability(options)) { diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 9931702..421f3aa 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -117,6 +117,9 @@ test_link_handshake_certs_ok(void *arg) crypto_pk_t *key1 = NULL, *key2 = NULL; const int with_ed = !strcmp((const char *)arg, "Ed25519"); + tor_addr_from_ipv4h(>base_.addr, 0x7f01); + tor_addr_from_ipv4h(>base_.addr, 0x7f01); + scheduler_init(); MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key); @@ -354,6 +357,7 @@ recv_certs_setup(const
[tor-commits] [tor/master] Teach channel_rsa_id_group_set_badness_() about Ed25519
commit 3b1e04fe4505ccbd7d93061dccb5673523519c64 Author: Nick MathewsonDate: Thu Nov 10 16:38:04 2016 -0500 Teach channel_rsa_id_group_set_badness_() about Ed25519 (Only run the connection_or_group_set_badness_() function on groups of channels that have the same RSA and Ed25519 identities.) There's a possible opportunity here where we might want to set a channel to "bad" if it has no ed25519 identity and some other channel has some. Also there's an opportunity to add a warning if we ever have an Ed mismatch on open connections with the same RSA ID. --- src/or/channel.c | 41 ++--- src/or/connection_or.c | 6 +++--- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/src/or/channel.c b/src/or/channel.c index 0a96f23..7984558 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -4551,18 +4551,45 @@ channel_set_circid_type,(channel_t *chan, static void channel_rsa_id_group_set_badness(struct channel_list_s *lst, int force) { + /* This function should really be about channels. 15056 */ channel_t *chan; - smartlist_t *or_conns = smartlist_new(); + /* First, get a minimal list of the ed25519 identites */ + smartlist_t *ed_identities = smartlist_new(); TOR_LIST_FOREACH(chan, lst, next_with_same_id) { -channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan); -or_connection_t *orconn = chantls->conn; -if (orconn) - smartlist_add(or_conns, orconn); +uint8_t *id_copy = + tor_memdup(>ed25519_identity.pubkey, DIGEST256_LEN); +smartlist_add(ed_identities, id_copy); } - /* This function should really be about channels. 15056 */ - connection_or_group_set_badness_(or_conns, force); + smartlist_sort_digests256(ed_identities); + smartlist_uniq_digests256(ed_identities); + + /* Now, for each Ed identity, build a smartlist and find the best entry on + * it. */ + smartlist_t *or_conns = smartlist_new(); + SMARTLIST_FOREACH_BEGIN(ed_identities, const uint8_t *, ed_id) { +TOR_LIST_FOREACH(chan, lst, next_with_same_id) { + channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan); + if (tor_memneq(ed_id, >ed25519_identity.pubkey, DIGEST256_LEN)) +continue; + or_connection_t *orconn = chantls->conn; + if (orconn) { +tor_assert(orconn->chan == chantls); +smartlist_add(or_conns, orconn); + } +} + +connection_or_group_set_badness_(or_conns, force); +smartlist_clear(or_conns); + } SMARTLIST_FOREACH_END(ed_id); + + /* 15056 we may want to do something special with connections that have + * no set Ed25519 identity! */ + smartlist_free(or_conns); + + SMARTLIST_FOREACH(ed_identities, uint8_t *, ed_id, tor_free(ed_id)); + smartlist_free(ed_identities); } /** Go through all the channels (or if digest is non-NULL, just diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 2889bb7..953e9df 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -966,9 +966,9 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) void connection_or_group_set_badness_(smartlist_t *group, int force) { - /* this should be entirely about channels, not OR connections. 15056*/ - /* Look at Ed25519 ids too! 15056 */ - + /* this function should be entirely about channels, not OR + * connections. */ + or_connection_t *best = NULL; int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0; time_t now = time(NULL); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Use connection_or_clear_identity in connection_or_clear_identity_map.
commit 9bf9e34a01a5b0b8d28ff2486c73e243561b4e3e Author: Nick MathewsonDate: Wed Dec 7 12:57:51 2016 -0500 Use connection_or_clear_identity in connection_or_clear_identity_map. --- src/or/connection_or.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 088900c..046865d 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -101,8 +101,7 @@ connection_or_clear_identity_map(void) SMARTLIST_FOREACH(conns, connection_t *, conn, { if (conn->type == CONN_TYPE_OR) { - or_connection_t *or_conn = TO_OR_CONN(conn); - memset(or_conn->identity_digest, 0, DIGEST_LEN); + connection_or_clear_identity(TO_OR_CONN(conn)); } }); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Unit tests for channel identity map code
commit 921ac5c548789af348b2a0cadfc738b7fbfbf84a Author: Nick MathewsonDate: Fri Nov 11 13:09:25 2016 -0500 Unit tests for channel identity map code --- src/test/test_channel.c | 106 1 file changed, 106 insertions(+) diff --git a/src/test/test_channel.c b/src/test/test_channel.c index e87f99e..f158b1a 100644 --- a/src/test/test_channel.c +++ b/src/test/test_channel.c @@ -1768,6 +1768,111 @@ test_channel_write(void *arg) return; } +static void +test_channel_id_map(void *arg) +{ + (void)arg; + const int N_CHAN = 6; + char rsa_id[N_CHAN][DIGEST_LEN]; + ed25519_public_key_t *ed_id[N_CHAN]; + channel_t *chan[N_CHAN]; + int i; + ed25519_public_key_t ed_zero; + memset(_zero, 0, sizeof(ed_zero)); + + tt_assert(sizeof(rsa_id[0]) == DIGEST_LEN); // Do I remember C? + + for (i = 0; i < N_CHAN; ++i) { +crypto_rand(rsa_id[i], DIGEST_LEN); +ed_id[i] = tor_malloc_zero(sizeof(*ed_id[i])); +crypto_rand((char*)ed_id[i]->pubkey, sizeof(ed_id[i]->pubkey)); + } + + /* For channel 3, have no Ed identity. */ + tor_free(ed_id[3]); + + /* Channel 2 and 4 have same ROSA identity */ + memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN); + + /* Channel 2 and 4 and 5 have same RSA identity */ + memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN); + memcpy(rsa_id[5], rsa_id[2], DIGEST_LEN); + + /* Channels 2 and 5 have same Ed25519 identity */ + memcpy(ed_id[5], ed_id[2], sizeof(*ed_id[2])); + + for (i = 0; i < N_CHAN; ++i) { +chan[i] = new_fake_channel(); +channel_register(chan[i]); +channel_set_identity_digest(chan[i], rsa_id[i], ed_id[i]); + } + + /* Lookup by RSA id only */ + tt_ptr_op(chan[0], OP_EQ, +channel_find_by_remote_identity(rsa_id[0], NULL)); + tt_ptr_op(chan[1], OP_EQ, +channel_find_by_remote_identity(rsa_id[1], NULL)); + tt_ptr_op(chan[3], OP_EQ, +channel_find_by_remote_identity(rsa_id[3], NULL)); + channel_t *ch; + ch = channel_find_by_remote_identity(rsa_id[2], NULL); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == NULL); + + /* As above, but with zero Ed25519 ID (meaning "any ID") */ + tt_ptr_op(chan[0], OP_EQ, +channel_find_by_remote_identity(rsa_id[0], _zero)); + tt_ptr_op(chan[1], OP_EQ, +channel_find_by_remote_identity(rsa_id[1], _zero)); + tt_ptr_op(chan[3], OP_EQ, +channel_find_by_remote_identity(rsa_id[3], _zero)); + ch = channel_find_by_remote_identity(rsa_id[2], _zero); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == NULL); + + /* Lookup nonexistent RSA identity */ + tt_ptr_op(NULL, OP_EQ, +channel_find_by_remote_identity("", NULL)); + + /* Look up by full identity pair */ + tt_ptr_op(chan[0], OP_EQ, +channel_find_by_remote_identity(rsa_id[0], ed_id[0])); + tt_ptr_op(chan[1], OP_EQ, +channel_find_by_remote_identity(rsa_id[1], ed_id[1])); + tt_ptr_op(chan[3], OP_EQ, +channel_find_by_remote_identity(rsa_id[3], ed_id[3] /*NULL*/)); + tt_ptr_op(chan[4], OP_EQ, +channel_find_by_remote_identity(rsa_id[4], ed_id[4])); + ch = channel_find_by_remote_identity(rsa_id[2], ed_id[2]); + tt_assert(ch == chan[2] || ch == chan[5]); + + /* Look up RSA identity with wrong ed25519 identity */ + tt_ptr_op(NULL, OP_EQ, +channel_find_by_remote_identity(rsa_id[4], ed_id[0])); + tt_ptr_op(NULL, OP_EQ, +channel_find_by_remote_identity(rsa_id[2], ed_id[1])); + tt_ptr_op(NULL, OP_EQ, +channel_find_by_remote_identity(rsa_id[3], ed_id[1])); + + done: + for (i = 0; i < N_CHAN; ++i) { +channel_clear_identity_digest(chan[i]); +channel_unregister(chan[i]); +free_fake_channel(chan[i]); +tor_free(ed_id[i]); + } +} + struct testcase_t channel_tests[] = { { "dumpstats", test_channel_dumpstats, TT_FORK, NULL, NULL }, { "flush", test_channel_flush, TT_FORK, NULL, NULL }, @@ -1780,6 +1885,7 @@ struct testcase_t channel_tests[] = { { "queue_incoming", test_channel_queue_incoming, TT_FORK, NULL, NULL }, { "queue_size", test_channel_queue_size, TT_FORK, NULL, NULL }, { "write", test_channel_write, TT_FORK, NULL, NULL }, + { "id_map", test_channel_id_map, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; ___ tor-commits mailing list tor-commits@lists.torproject.org
[tor-commits] [tor/master] Migrate extend2/create2 cell encoding to Trunnel
commit e054211237e88cace9f7d7ff403600c192df9a31 Author: Nick MathewsonDate: Wed Sep 14 16:00:23 2016 -0400 Migrate extend2/create2 cell encoding to Trunnel (Not extended2/created2; that's too simple.) Incidentally, add ed25519 identities to the mix when we have them. --- src/or/circuitbuild.c | 10 +- src/or/onion.c| 289 ++ src/or/onion.h| 2 + 3 files changed, 185 insertions(+), 116 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index a767f40..e578a94 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1041,6 +1041,10 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) ec.orport_ipv4.port = hop->extend_info->port; tor_addr_make_unspec(_ipv6.addr); memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN); +/* 15056 Either here or in the onion.c encoding code, we should make an + * option to decide whether we declare the ED identity (if we know one) */ +memcpy(_pubkey, >extend_info->ed_identity, + sizeof(ed25519_public_key_t)); len = onion_skin_create(ec.create_cell.handshake_type, hop->extend_info, @@ -1181,7 +1185,7 @@ circuit_extend(cell_t *cell, circuit_t *circ) } n_chan = channel_get_for_extend((const char*)ec.node_id, - /* ed25519 ID: put it here. 15056 */ + /*_id 15056 */ _ipv4.addr, , _launch); @@ -1193,7 +1197,7 @@ circuit_extend(cell_t *cell, circuit_t *circ) circ->n_hop = extend_info_new(NULL /*nickname*/, (const char*)ec.node_id, - NULL, /*ed25519 ID: get from ec. 15056*/ + _pubkey, NULL, /*onion_key*/ NULL, /*curve25519_key*/ _ipv4.addr, @@ -2367,7 +2371,7 @@ extend_info_new(const char *nickname, { extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t)); memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN); - if (ed_id) + if (ed_id && !ed25519_public_key_is_zero(ed_id)) memcpy(>ed_identity, ed_id, sizeof(ed25519_public_key_t)); if (nickname) strlcpy(info->nickname, nickname, sizeof(info->nickname)); diff --git a/src/or/onion.c b/src/or/onion.c index a987883..f49707f 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -76,6 +76,9 @@ #include "rephist.h" #include "router.h" +// trunnel +#include "ed25519_cert.h" + /** Type for a linked list of circuits that are waiting for a free CPU worker * to process a waiting onion handshake. */ typedef struct onion_queue_t { @@ -871,13 +874,111 @@ check_extend_cell(const extend_cell_t *cell) return check_create_cell(>create_cell, 1); } -/** Protocol constants for specifier types in EXTEND2 - * @{ - */ -#define SPECTYPE_IPV4 0 -#define SPECTYPE_IPV6 1 -#define SPECTYPE_LEGACY_ID 2 -/** @} */ +static int +extend_cell_from_extend1_cell_body(extend_cell_t *cell_out, + const extend1_cell_body_t *cell) +{ + tor_assert(cell_out); + memset(cell_out, 0, sizeof(*cell_out)); + tor_addr_make_unspec(_out->orport_ipv4.addr); + tor_addr_make_unspec(_out->orport_ipv6.addr); + + cell_out->cell_type = RELAY_COMMAND_EXTEND; + tor_addr_from_ipv4h(_out->orport_ipv4.addr, cell->ipv4addr); + cell_out->orport_ipv4.port = cell->port; + if (tor_memeq(cell->onionskin, NTOR_CREATE_MAGIC, 16)) { +cell_out->create_cell.cell_type = CELL_CREATE2; +cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_NTOR; +cell_out->create_cell.handshake_len = NTOR_ONIONSKIN_LEN; +memcpy(cell_out->create_cell.onionskin, cell->onionskin + 16, + NTOR_ONIONSKIN_LEN); + } else { +cell_out->create_cell.cell_type = CELL_CREATE; +cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_TAP; +cell_out->create_cell.handshake_len = TAP_ONIONSKIN_CHALLENGE_LEN; +memcpy(cell_out->create_cell.onionskin, cell->onionskin, + TAP_ONIONSKIN_CHALLENGE_LEN); + } + memcpy(cell_out->node_id, cell->identity, DIGEST_LEN); + return 0; +} + +static int +create_cell_from_create2_cell_body(create_cell_t *cell_out, + const create2_cell_body_t *cell) +{ + tor_assert(cell_out); + memset(cell_out, 0, sizeof(create_cell_t)); + if (BUG(cell->handshake_len > sizeof(cell_out->onionskin))) { +/* This should be impossible because there just isn't enough room in the + * input cell to make the handshake_len this large and provide a + * handshake_data to match. */ +return -1; + } + + cell_out->cell_type = CELL_CREATE2; + cell_out->handshake_type = cell->handshake_type; + cell_out->handshake_len =
[tor-commits] [tor/master] When attempting to find a channel by ID, consider Ed ID.
commit ef5158b2d2f67a1d70e6194b0fde291f853d485e Author: Nick MathewsonDate: Sun Sep 18 20:06:48 2016 -0400 When attempting to find a channel by ID, consider Ed ID. Right now, there's only a mechanism to look for a channel where the RSA ID matches *and* the ED ID matches. We can add a separate map later if we want. --- src/or/channel.c | 67 -- src/or/channel.h | 21 +++- src/or/channeltls.c| 1 - src/or/circuitbuild.c | 21 +--- src/or/connection_or.c | 4 +-- 5 files changed, 83 insertions(+), 31 deletions(-) diff --git a/src/or/channel.c b/src/or/channel.c index af58107..d484e71 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -733,27 +733,62 @@ channel_find_by_global_id(uint64_t global_identifier) return rv; } +/** Return true iff chan matches rsa_id_digest and ed_id. + * as its identity keys. If either is NULL, do not check for a match. */ +static int +channel_remote_identity_matches(const channel_t *chan, +const char *rsa_id_digest, +const ed25519_public_key_t *ed_id) +{ + if (BUG(!chan)) +return 0; + if (rsa_id_digest) { +if (tor_memneq(rsa_id_digest, chan->identity_digest, DIGEST_LEN)) + return 0; + } + if (ed_id) { +if (tor_memneq(ed_id->pubkey, chan->ed25519_identity.pubkey, + ED25519_PUBKEY_LEN)) + return 0; + } + return 1; +} + /** - * Find channel by digest of the remote endpoint + * Find channel by RSA/Ed25519 identity of of the remote endpoint * - * This function looks up a channel by the digest of its remote endpoint in - * the channel digest map. It's possible that more than one channel to a - * given endpoint exists. Use channel_next_with_digest() to walk the list. + * This function looks up a channel by the digest of its remote endpoint's RSA + * identity key. If ed_id is provided and nonzero, only a channel + * matching the ed_id will be returned. + * + * It's possible that more than one channel to a given endpoint exists. Use + * channel_next_with_rsa_identity() to walk the list of channels; make sure + * to test for Ed25519 identity match too (as appropriate) */ - channel_t * -channel_find_by_remote_digest(const char *identity_digest) +channel_find_by_remote_identity(const char *rsa_id_digest, +const ed25519_public_key_t *ed_id) { channel_t *rv = NULL; channel_idmap_entry_t *ent, search; - tor_assert(identity_digest); + tor_assert(rsa_id_digest); /* For now, we require that every channel have + * an RSA identity, and that every lookup + * contain an RSA identity */ + if (ed_id && ed25519_public_key_is_zero(ed_id)) { +/* Treat zero as meaning "We don't care about the presence or absence of + * an Ed key", not "There must be no Ed key". */ +ed_id = NULL; + } - memcpy(search.digest, identity_digest, DIGEST_LEN); + memcpy(search.digest, rsa_id_digest, DIGEST_LEN); ent = HT_FIND(channel_idmap, _identity_map, ); if (ent) { rv = TOR_LIST_FIRST(>channel_list); } + while (rv && ! channel_remote_identity_matches(rv, rsa_id_digest, ed_id)) { +rv = channel_next_with_rsa_identity(rv); + } return rv; } @@ -766,7 +801,7 @@ channel_find_by_remote_digest(const char *identity_digest) */ channel_t * -channel_next_with_digest(channel_t *chan) +channel_next_with_rsa_identity(channel_t *chan) { tor_assert(chan); @@ -3296,7 +3331,8 @@ channel_is_better(time_t now, channel_t *a, channel_t *b, */ channel_t * -channel_get_for_extend(const char *digest, +channel_get_for_extend(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, const tor_addr_t *target_addr, const char **msg_out, int *launch_out) @@ -3309,14 +3345,14 @@ channel_get_for_extend(const char *digest, tor_assert(msg_out); tor_assert(launch_out); - chan = channel_find_by_remote_digest(digest); + chan = channel_find_by_remote_identity(rsa_id_digest, ed_id); /* Walk the list, unrefing the old one and refing the new at each * iteration. */ - for (; chan; chan = channel_next_with_digest(chan)) { + for (; chan; chan = channel_next_with_rsa_identity(chan)) { tor_assert(tor_memeq(chan->identity_digest, - digest, DIGEST_LEN)); + rsa_id_digest, DIGEST_LEN)); if (CHANNEL_CONDEMNED(chan)) continue; @@ -3327,6 +3363,11 @@ channel_get_for_extend(const char *digest, continue; } +/* The Ed25519 key has to match too */ +if (!channel_remote_identity_matches(chan, rsa_id_digest, ed_id)) { + continue; +} + /* Never return a non-open connection. */ if (!CHANNEL_IS_OPEN(chan)) { /* If the address
[tor-commits] [tor/master] Dirauth: Don't treat a router as reachable if the Ed25519 key didn't match
commit ae6b73e847c64b7902a259f9f43f056ab41c0eb4 Author: Nick MathewsonDate: Fri Oct 28 16:22:44 2016 -0400 Dirauth: Don't treat a router as reachable if the Ed25519 key didn't match --- src/or/dirserv.c | 17 - 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 54b434d..b141a5d 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -3173,7 +3173,6 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, const char *digest_rcvd, const ed25519_public_key_t *ed_id_rcvd) { - (void)ed_id_rcvd; // 15056 use this. node_t *node = NULL; tor_addr_port_t orport; routerinfo_t *ri = NULL; @@ -3184,8 +3183,24 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, node = node_get_mutable_by_id(digest_rcvd); if (node == NULL || node->ri == NULL) return; + ri = node->ri; + if (ri->cache_info.signing_key_cert) { +/* We allow the node to have an ed25519 key if we haven't been told one in + * the routerinfo, but if we *HAVE* been told one in the routerinfo, it + * needs to match. */ +const ed25519_public_key_t *expected_id = + >cache_info.signing_key_cert->signing_key; +tor_assert(!ed25519_public_key_is_zero(expected_id)); +if (! ed_id_rcvd || ! ed25519_pubkey_eq(ed_id_rcvd, expected_id)) { + log_info(LD_DIRSERV, "Router at %s:%d with RSA ID %s " + "did not present expected Ed25519 ID.", + fmt_addr(addr), or_port, hex_str(digest_rcvd, DIGEST_LEN)); + return; /* Don't mark it as reachable. */ +} + } + tor_addr_copy(, addr); orport.port = or_port; if (router_has_orport(ri, )) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Teach circuit_extend() more about Ed25519 identities.
commit c83778686839c4596504ea392854e9e95884fcfa Author: Nick MathewsonDate: Sat Sep 24 11:04:47 2016 -0700 Teach circuit_extend() more about Ed25519 identities. - forbid extending to the previous hop by Ed25519 ID. - If we know the Ed25519 ID for the next hop and the client doesn't, insist on the one from the consensus. --- src/or/circuitbuild.c | 21 ++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 887b8ec..e833fcb 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1175,6 +1175,16 @@ circuit_extend(cell_t *cell, circuit_t *circ) return -1; } + /* Fill in ed_pubkey if it was not provided and we can infer it from + * our networkstatus */ + if (ed25519_public_key_is_zero(_pubkey)) { +const node_t *node = node_get_by_id((const char*)ec.node_id); +const ed25519_public_key_t *node_ed_id = NULL; +if (node && (node_ed_id = node_get_ed25519_id(node))) { + memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN); +} + } + /* Next, check if we're being asked to connect to the hop that the * extend cell came from. There isn't any reason for that, and it can * assist circular-path attacks. */ @@ -1185,10 +1195,15 @@ circuit_extend(cell_t *cell, circuit_t *circ) "Client asked me to extend back to the previous hop."); return -1; } - // XXX 15056 check prev-hop Ed ID too - // XXX 15056 Fill in ed_pubkey if it was not provided and we can infer - // XXX 15056 it from the networkstatus. + /* Check the previous hop Ed25519 ID too */ + if (! ed25519_public_key_is_zero(_pubkey) && + ed25519_pubkey_eq(_pubkey, +_OR_CIRCUIT(circ)->p_chan->ed25519_identity)) { +log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Client asked me to extend back to the previous hop " + "(by Ed25519 ID)."); + } n_chan = channel_get_for_extend((const char*)ec.node_id, _pubkey, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Migrate main data loop for set_bad_connections to use channel structures
commit a20c8a81d717852ad3a2bf261ec68efba692f0d7 Author: Nick MathewsonDate: Mon Sep 19 16:14:28 2016 -0400 Migrate main data loop for set_bad_connections to use channel structures This was the last user of our or_connections-by-ID map. It also had a tendency to be O(N) in cases that only had to be O(1). --- src/or/channel.c | 48 src/or/channel.h | 2 ++ src/or/connection_or.c | 46 +- src/or/connection_or.h | 3 ++- src/or/entrynodes.c| 4 ++-- src/or/main.c | 2 +- 6 files changed, 68 insertions(+), 37 deletions(-) diff --git a/src/or/channel.c b/src/or/channel.c index d484e71..4712891 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -4539,6 +4539,54 @@ channel_set_circid_type,(channel_t *chan, } } +/** Helper for channel_update_bad_for_new_circs(): Perform the + * channel_update_bad_for_new_circs operation on all channels in lst, + * all of which MUST have the same RSA ID. (They MAY have different + * Ed25519 IDs.) */ +static void +channel_rsa_id_group_set_badness(struct channel_list_s *lst, int force) +{ + channel_t *chan; + + smartlist_t *or_conns = smartlist_new(); + TOR_LIST_FOREACH(chan, lst, next_with_same_id) { +channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan); +or_connection_t *orconn = chantls->conn; +if (orconn) + smartlist_add(or_conns, orconn); + } + /* This function should really be about channels. 15056 */ + connection_or_group_set_badness_(or_conns, force); + smartlist_free(or_conns); +} + +/** Go through all the channels (or if digest is non-NULL, just + * the OR connections with that digest), and set the is_bad_for_new_circs + * flag based on the rules in connection_or_group_set_badness() (or just + * always set it if force is true). + */ +void +channel_update_bad_for_new_circs(const char *digest, int force) +{ + if (digest) { +channel_idmap_entry_t *ent; +channel_idmap_entry_t search; +memset(, 0, sizeof(search)); +memcpy(search.digest, digest, DIGEST_LEN); +ent = HT_FIND(channel_idmap, _identity_map, ); +if (ent) { + channel_rsa_id_group_set_badness(>channel_list, force); +} +return; + } + + /* no digest; just look at everything. */ + channel_idmap_entry_t **iter; + HT_FOREACH(iter, channel_idmap, _identity_map) { +channel_rsa_id_group_set_badness(&(*iter)->channel_list, force); + } +} + /** * Update the estimated number of bytes queued to transmit for this channel, * and notify the scheduler. The estimate includes both the channel queue and diff --git a/src/or/channel.h b/src/or/channel.h index 39a4d05..3f0bb37 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -601,6 +601,8 @@ void channel_listener_dump_statistics(channel_listener_t *chan_l, void channel_listener_dump_transport_statistics(channel_listener_t *chan_l, int severity); +void channel_update_bad_for_new_circs(const char *digest, int force); + /* Flow control queries */ uint64_t channel_get_global_queue_estimate(void); int channel_num_cells_writeable(channel_t *chan); diff --git a/src/or/connection_or.c b/src/or/connection_or.c index d0cd9c0..ca5f300 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -961,7 +961,7 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) * too old for new circuits? */ #define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7) -/** Given the head of the linked list for all the or_connections with a given +/** Given a list of all the or_connections with a given * identity, set elements of that list as is_bad_for_new_circs as * appropriate. Helper for connection_or_set_bad_connections(). * @@ -978,19 +978,19 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) * See channel_is_better() in channel.c for our idea of what makes one OR * connection better than another. */ -static void -connection_or_group_set_badness(or_connection_t *head, int force) +void +connection_or_group_set_badness_(smartlist_t *group, int force) { - // 15056 we should make this about channels instead, so we - //can finally remove orconn_identity_map. - - or_connection_t *or_conn = NULL, *best = NULL; + /* this should be entirely about channels, not OR connections. 15056*/ + /* Look at Ed25519 ids too! 15056 */ + + or_connection_t *best = NULL; int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0; time_t now = time(NULL); /* Pass 1: expire everything that's old, and see what the status of * everything else is. */ - for (or_conn = head; or_conn; or_conn = or_conn->next_with_same_id) { + SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) { if (or_conn->base_.marked_for_close || connection_or_is_bad_for_new_circs(or_conn)) continue; @@ -1014,11 +1014,11 @@
[tor-commits] [tor/master] Add an option to disable dirauth ed25519 link key checks.
commit 3d7e485402752d21d01cdf36ae1102d4b013fe85 Author: Nick MathewsonDate: Thu Nov 10 12:41:17 2016 -0500 Add an option to disable dirauth ed25519 link key checks. If there is some horrible bug in our ed25519 link authentication code that causes us to label every single ed25519-having node as non-running, we'll be glad we had this. Otherwise we can remove it later. --- doc/tor.1.txt| 7 +++ src/or/config.c | 1 + src/or/dirserv.c | 7 +-- src/or/or.h | 5 + 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 1071168..9f6f958 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2270,6 +2270,13 @@ on the public Tor network. (default), the flag "shared-rand-participate" is added to the authority vote indicating participation in the protocol. (Default: 1) +[[AuthDirTestEd25519LinkKeys]] **AuthDirTestEd25519LinkKeys** **0**|**1**:: +Authoritative directories only. If this option is set to 0, then we treat +relays as "Running" if their RSA key is correct when we probe them, +regardless of their Ed25519 key. We should only ever set this option to 0 +if there is some major bug in Ed25519 link authentication that causes us +to label all the relays as not Running. (Default: 1) + [[BridgePassword]] **BridgePassword** __Password__:: If set, contains an HTTP authenticator that tells a bridge authority to serve all requested bridge information. Used by the (only partially diff --git a/src/or/config.c b/src/or/config.c index 51c6290..d100af8 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -498,6 +498,7 @@ static config_var_t option_vars_[] = { V(User,STRING, NULL), OBSOLETE("UserspaceIOCPBuffers"), V(AuthDirSharedRandomness, BOOL, "1"), + V(AuthDirTestEd25519LinkKeys, BOOL, "1"), OBSOLETE("V1AuthoritativeDirectory"), OBSOLETE("V2AuthoritativeDirectory"), VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir, "0"), diff --git a/src/or/dirserv.c b/src/or/dirserv.c index d060b29..0b896a2 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -3186,7 +3186,8 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, ri = node->ri; - if (ri->cache_info.signing_key_cert) { + if (get_options()->AuthDirTestEd25519LinkKeys && + ri->cache_info.signing_key_cert) { /* We allow the node to have an ed25519 key if we haven't been told one in * the routerinfo, but if we *HAVE* been told one in the routerinfo, it * needs to match. */ @@ -3256,6 +3257,7 @@ dirserv_should_launch_reachability_test(const routerinfo_t *ri, void dirserv_single_reachability_test(time_t now, routerinfo_t *router) { + const or_options_t *options = get_options(); channel_t *chan = NULL; node_t *node = NULL; tor_addr_t router_addr; @@ -3266,7 +3268,8 @@ dirserv_single_reachability_test(time_t now, routerinfo_t *router) node = node_get_mutable_by_id(router->cache_info.identity_digest); tor_assert(node); - if (node_supports_ed25519_link_authentication(node)) { + if (options->AuthDirTestEd25519LinkKeys && + node_supports_ed25519_link_authentication(node)) { ed_id_key = >cache_info.signing_key_cert->signing_key; } else { ed_id_key = NULL; diff --git a/src/or/or.h b/src/or/or.h index 14c2dd8..7e11bf0 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4577,6 +4577,11 @@ typedef struct { /** Autobool: Should we include Ed25519 identities in extend2 cells? * If -1, we should do whatever the consensus parameter says. */ int ExtendByEd25519ID; + + /** Bool (default: 1): When testing routerinfos as a directory authority, + * do we enforce Ed25519 identity match? */ + /* NOTE: remove this option someday. */ + int AuthDirTestEd25519LinkKeys; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Propagate Ed25519 identities downwards into more functions.
commit 6788418f28930467121537f31c4b43f981ae6ca8 Author: Nick MathewsonDate: Sat Sep 24 11:25:48 2016 -0700 Propagate Ed25519 identities downwards into more functions. Actually set ed25519 identities on channels when we set a channel's identity. --- src/or/channel.c | 6 +- src/or/channel.h | 3 ++- src/or/connection_or.c | 28 +--- src/or/dirserv.c | 4 +++- src/or/dirserv.h | 3 ++- src/or/entrynodes.c| 24 +--- src/or/entrynodes.h| 3 ++- 7 files changed, 52 insertions(+), 19 deletions(-) diff --git a/src/or/channel.c b/src/or/channel.c index 4712891..e9bda24 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -1471,7 +1471,8 @@ channel_clear_identity_digest(channel_t *chan) void channel_set_identity_digest(channel_t *chan, -const char *identity_digest) +const char *identity_digest, +const ed25519_public_key_t *ed_identity) { int was_in_digest_map, should_be_in_digest_map, state_not_in_map; @@ -1510,6 +1511,9 @@ channel_set_identity_digest(channel_t *chan, memset(chan->identity_digest, 0, sizeof(chan->identity_digest)); } + if (ed_identity) { +memcpy(>ed25519_identity, ed_identity, sizeof(*ed_identity)); + } /* Put it in the digest map if we should */ if (should_be_in_digest_map) diff --git a/src/or/channel.h b/src/or/channel.h index 3f0bb37..26aa93b 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -443,7 +443,8 @@ void channel_mark_incoming(channel_t *chan); void channel_mark_outgoing(channel_t *chan); void channel_mark_remote(channel_t *chan); void channel_set_identity_digest(channel_t *chan, - const char *identity_digest); + const char *identity_digest, + const ed25519_public_key_t *ed_identity); void channel_set_remote_end(channel_t *chan, const char *identity_digest, const char *nickname); diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 4449d3f..a22c4ad 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -111,7 +111,6 @@ connection_or_set_identity_digest(or_connection_t *conn, const char *rsa_digest, const ed25519_public_key_t *ed_id) { - (void) ed_id; // DOCDOC // not implemented yet. 15056 tor_assert(conn); tor_assert(rsa_digest); @@ -133,7 +132,8 @@ connection_or_set_identity_digest(or_connection_t *conn, /* Deal with channels */ if (conn->chan) -channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), rsa_digest); +channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), +rsa_digest, ed_id); } /** Remove the Extended ORPort identifier of conn from the @@ -831,7 +831,6 @@ connection_or_init_conn_from_address(or_connection_t *conn, const ed25519_public_key_t *ed_id, int started_here) { - (void) ed_id; // not fully used yet. 15056 const node_t *r = node_get_by_id(id_digest); connection_or_set_identity_digest(conn, id_digest, ed_id); connection_or_update_token_buckets_helper(conn, 1, get_options()); @@ -1116,7 +1115,6 @@ connection_or_connect, (const tor_addr_t *_addr, uint16_t port, const ed25519_public_key_t *ed_id, channel_tls_t *chan)) { - (void) ed_id; // not fully used yet. 15056 or_connection_t *conn; const or_options_t *options = get_options(); int socket_error = 0; @@ -1135,6 +1133,11 @@ connection_or_connect, (const tor_addr_t *_addr, uint16_t port, log_info(LD_PROTOCOL,"Client asked me to connect to myself. Refusing."); return NULL; } + if (server_mode(options) && router_ed25519_id_is_me(ed_id)) { +log_info(LD_PROTOCOL,"Client asked me to connect to myself by Ed25519 " + "identity. Refusing."); +return NULL; + } conn = or_connection_new(CONN_TYPE_OR, tor_addr_family()); @@ -1504,11 +1507,13 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, crypto_pk_free(identity_rcvd); - if (started_here) + if (started_here) { +/* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL + * here. */ return connection_or_client_learned_peer_id(conn, (const uint8_t*)digest_rcvd_out, -NULL // Ed25519 ID 15056 -); +NULL); + } return 0; } @@ -1541,8 +1546,6 @@ connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id,
[tor-commits] [tor/master] Helper function for logging ed25519 public keys.
commit 2cdd24ddd69a3cde2deae3eb69c24ae179d83834 Author: Nick MathewsonDate: Thu Nov 10 10:43:28 2016 -0500 Helper function for logging ed25519 public keys. --- src/common/crypto_format.c | 16 src/common/crypto_format.h | 1 + 2 files changed, 17 insertions(+) diff --git a/src/common/crypto_format.c b/src/common/crypto_format.c index 2f6d847..483013e 100644 --- a/src/common/crypto_format.c +++ b/src/common/crypto_format.c @@ -161,6 +161,22 @@ curve25519_public_from_base64(curve25519_public_key_t *pkey, } } +/** For convenience: Convert pkey to a statically allocated base64 + * string and return it. Not threadsafe. Subsequent calls invalidate + * previous returns. */ +const char * +ed25519_fmt(const ed25519_public_key_t *pkey) +{ + static char formatted[ED25519_BASE64_LEN+1]; + if (pkey) { +int r = ed25519_public_to_base64(formatted, pkey); +tor_assert(!r); + } else { +strlcpy(formatted, "", sizeof(formatted)); + } + return formatted; +} + /** Try to decode the string input into an ed25519 public key. On * success, store the value in pkey and return 0. Otherwise return * -1. */ diff --git a/src/common/crypto_format.h b/src/common/crypto_format.h index 012e228..86c29d3 100644 --- a/src/common/crypto_format.h +++ b/src/common/crypto_format.h @@ -28,6 +28,7 @@ int ed25519_public_from_base64(ed25519_public_key_t *pkey, const char *input); int ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey); +const char *ed25519_fmt(const ed25519_public_key_t *pkey); /* move these to crypto_format.h */ #define ED25519_SIG_BASE64_LEN 86 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add a bunch of work-in-progress comments for 15056 planning
commit bfff729728e04d404533be7b86426833ca8d4a32 Author: Nick MathewsonDate: Sun Sep 18 20:21:08 2016 -0400 Add a bunch of work-in-progress comments for 15056 planning --- src/or/channel.h | 22 -- src/or/channeltls.c| 3 ++- src/or/circuitbuild.c | 4 src/or/connection_or.c | 16 +++- 4 files changed, 33 insertions(+), 12 deletions(-) diff --git a/src/or/channel.h b/src/or/channel.h index 2747e52..39a4d05 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -153,13 +153,23 @@ struct channel_s { int (*write_var_cell)(channel_t *, var_cell_t *); /** - * Hash of the public RSA key for the other side's RSA identity key, or - * zeroes if the other side hasn't shown us a valid RSA identity key. + * Hash of the public RSA key for the other side's RSA identity key -- or + * zeroes if we don't have an RSA identity in mind for the other side, and + * it hasn't shown us one. + * + * Note that this is the RSA identity that we hope the other side has -- not + * necessarily its true identity. Don't believe this identity unless + * authentication has happened. */ char identity_digest[DIGEST_LEN]; /** - * The Ed25519 public identity key for the other side, or zeros if the other - * size hasn't shown us a valid Ed25519 identity key + * Ed25519 key for the other side of this channel -- or zeroes if we don't + * have an Ed25519 identity in mind for the other side, and it hasn't shown + * us one. + * + * Note that this is the identity that we hope the other side has -- not + * necessarily its true identity. Don't believe this identity unless + * authentication has happened. */ ed25519_public_key_t ed25519_identity; @@ -167,8 +177,8 @@ struct channel_s { char *nickname; /** - * Linked list of channels with the same identity digest, for the - * digest->channel map + * Linked list of channels with the same RSA identity digest, for use with + * the digest->channel map */ TOR_LIST_ENTRY(channel_s) next_with_same_id; diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 8384576..fafa08c 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -1651,9 +1651,10 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) connection_or_init_conn_from_address(chan->conn, &(chan->conn->base_.addr), chan->conn->base_.port, + /* zero, checked above */ (const char*)(chan->conn->handshake_state-> authenticated_rsa_peer_id), - NULL, // Ed key + NULL, /* Ed25519 ID: Also checked as zero */ 0); } } diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 9a3af40..887b8ec 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1185,6 +1185,10 @@ circuit_extend(cell_t *cell, circuit_t *circ) "Client asked me to extend back to the previous hop."); return -1; } + // XXX 15056 check prev-hop Ed ID too + + // XXX 15056 Fill in ed_pubkey if it was not provided and we can infer + // XXX 15056 it from the networkstatus. n_chan = channel_get_for_extend((const char*)ec.node_id, _pubkey, diff --git a/src/or/connection_or.c b/src/or/connection_or.c index e83dca2..d0cd9c0 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -80,7 +80,7 @@ static void connection_or_change_state(or_connection_t *conn, uint8_t state); /** Map from identity digest of connected OR or desired OR to a connection_t * with that identity digest. If there is more than one such connection_t, * they form a linked list, with next_with_same_id as the next pointer. */ -static digestmap_t *orconn_identity_map = NULL; +static digestmap_t *orconn_identity_map = NULL; // 15056 disused. /** Global map between Extended ORPort identifiers and OR * connections. */ @@ -883,7 +883,7 @@ connection_or_init_conn_from_address(or_connection_t *conn, const ed25519_public_key_t *ed_id, int started_here) { - (void) ed_id; // not fully used yet. + (void) ed_id; // not fully used yet. 15056 const node_t *r = node_get_by_id(id_digest); connection_or_set_identity_digest(conn, id_digest, ed_id); connection_or_update_token_buckets_helper(conn, 1, get_options()); @@ -981,6 +981,9 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) static void connection_or_group_set_badness(or_connection_t *head, int force) { + // 15056 we should make this about channels instead, so we + //can finally remove orconn_identity_map. + or_connection_t *or_conn = NULL, *best = NULL; int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0; time_t now = time(NULL); @@ -1109,6 +1112,9 @@
[tor-commits] [tor/master] Remove orconn_identity_map.
commit cdce221e68489cddad579da0ce804ce2eb5804b3 Author: Nick MathewsonDate: Mon Sep 19 16:24:09 2016 -0400 Remove orconn_identity_map. It is no longer needed; look up channels by identity instead. --- src/or/connection_or.c | 58 +++--- src/or/or.h| 2 -- 2 files changed, 3 insertions(+), 57 deletions(-) diff --git a/src/or/connection_or.c b/src/or/connection_or.c index ca5f300..dbeab26 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -77,54 +77,20 @@ static void connection_or_change_state(or_connection_t *conn, uint8_t state); /**/ -/** Map from identity digest of connected OR or desired OR to a connection_t - * with that identity digest. If there is more than one such connection_t, - * they form a linked list, with next_with_same_id as the next pointer. */ -static digestmap_t *orconn_identity_map = NULL; // 15056 disused. - /** Global map between Extended ORPort identifiers and OR * connections. */ static digestmap_t *orconn_ext_or_id_map = NULL; -/** If conn is listed in orconn_identity_map, remove it, and clear - * conn->identity_digest. Otherwise do nothing. */ +/** Clear clear conn->identity_digest and update other data + * structures as appropriate.*/ void connection_or_remove_from_identity_map(or_connection_t *conn) { - or_connection_t *tmp; tor_assert(conn); - if (!orconn_identity_map) -return; - tmp = digestmap_get(orconn_identity_map, conn->identity_digest); - if (!tmp) { -if (!tor_digest_is_zero(conn->identity_digest)) { - log_warn(LD_BUG, "Didn't find connection '%s' on identity map when " - "trying to remove it.", - conn->nickname ? conn->nickname : "NULL"); -} -return; - } - if (conn == tmp) { -if (conn->next_with_same_id) - digestmap_set(orconn_identity_map, conn->identity_digest, -conn->next_with_same_id); -else - digestmap_remove(orconn_identity_map, conn->identity_digest); - } else { -while (tmp->next_with_same_id) { - if (tmp->next_with_same_id == conn) { -tmp->next_with_same_id = conn->next_with_same_id; -break; - } - tmp = tmp->next_with_same_id; -} - } memset(conn->identity_digest, 0, DIGEST_LEN); - conn->next_with_same_id = NULL; } -/** Remove all entries from the identity-to-orconn map, and clear - * all identities in OR conns.*/ +/** Clear all identities in OR conns.*/ void connection_or_clear_identity_map(void) { @@ -134,12 +100,8 @@ connection_or_clear_identity_map(void) if (conn->type == CONN_TYPE_OR) { or_connection_t *or_conn = TO_OR_CONN(conn); memset(or_conn->identity_digest, 0, DIGEST_LEN); - or_conn->next_with_same_id = NULL; } }); - - digestmap_free(orconn_identity_map, NULL); - orconn_identity_map = NULL; } /** Change conn->identity_digest to digest, and add conn into @@ -150,12 +112,9 @@ connection_or_set_identity_digest(or_connection_t *conn, const ed25519_public_key_t *ed_id) { (void) ed_id; // DOCDOC // not implemented yet. 15056 - or_connection_t *tmp; tor_assert(conn); tor_assert(rsa_digest); - if (!orconn_identity_map) -orconn_identity_map = digestmap_new(); if (tor_memeq(conn->identity_digest, rsa_digest, DIGEST_LEN)) return; @@ -172,20 +131,9 @@ connection_or_set_identity_digest(or_connection_t *conn, if (tor_digest_is_zero(rsa_digest)) return; - tmp = digestmap_set(orconn_identity_map, rsa_digest, conn); - conn->next_with_same_id = tmp; - /* Deal with channels */ if (conn->chan) channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), rsa_digest); - -#if 1 - /* Testing code to check for bugs in representation. */ - for (; tmp; tmp = tmp->next_with_same_id) { -tor_assert(tor_memeq(tmp->identity_digest, rsa_digest, DIGEST_LEN)); -tor_assert(tmp != conn); - } -#endif } /** Remove the Extended ORPort identifier of conn from the diff --git a/src/or/or.h b/src/or/or.h index d9d3ec7..32c194a 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1581,8 +1581,6 @@ typedef struct or_connection_t { * bandwidthburst. (OPEN ORs only) */ int write_bucket; /**< When this hits 0, stop writing. Like read_bucket. */ - struct or_connection_t *next_with_same_id; /**< Next connection with same - * identity digest as this one. */ /** Last emptied read token bucket in msec since midnight; only used if * TB_EMPTY events are enabled. */ uint32_t read_emptied_time; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add an ed25519 identity to extend_info
commit b5e75ae7dd536f17f96179fc7744031131fb97b2 Author: Nick MathewsonDate: Wed Sep 14 14:34:25 2016 -0400 Add an ed25519 identity to extend_info --- src/or/circuitbuild.c | 44 +++- src/or/circuitbuild.h | 6 -- src/or/circuituse.c | 6 -- src/or/entrynodes.c | 5 - src/or/or.h | 5 - src/or/router.c | 7 +++ 6 files changed, 50 insertions(+), 23 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 0881f23..a767f40 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1181,6 +1181,7 @@ circuit_extend(cell_t *cell, circuit_t *circ) } n_chan = channel_get_for_extend((const char*)ec.node_id, + /* ed25519 ID: put it here. 15056 */ _ipv4.addr, , _launch); @@ -1192,8 +1193,9 @@ circuit_extend(cell_t *cell, circuit_t *circ) circ->n_hop = extend_info_new(NULL /*nickname*/, (const char*)ec.node_id, - NULL /*onion_key*/, - NULL /*curve25519_key*/, + NULL, /*ed25519 ID: get from ec. 15056*/ + NULL, /*onion_key*/ + NULL, /*curve25519_key*/ _ipv4.addr, ec.orport_ipv4.port); @@ -2356,19 +2358,23 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) /** Allocate a new extend_info object based on the various arguments. */ extend_info_t * -extend_info_new(const char *nickname, const char *digest, +extend_info_new(const char *nickname, +const char *rsa_id_digest, +const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, -const curve25519_public_key_t *curve25519_key, +const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port) { extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t)); - memcpy(info->identity_digest, digest, DIGEST_LEN); + memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN); + if (ed_id) +memcpy(>ed_identity, ed_id, sizeof(ed25519_public_key_t)); if (nickname) strlcpy(info->nickname, nickname, sizeof(info->nickname)); if (onion_key) info->onion_key = crypto_pk_dup_key(onion_key); - if (curve25519_key) -memcpy(>curve25519_onion_key, curve25519_key, + if (ntor_key) +memcpy(>curve25519_onion_key, ntor_key, sizeof(curve25519_public_key_t)); tor_addr_copy(>addr, addr); info->port = port; @@ -2418,20 +2424,24 @@ extend_info_from_node(const node_t *node, int for_direct_connect) return NULL; } + const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node); + if (valid_addr && node->ri) return extend_info_new(node->ri->nickname, - node->identity, - node->ri->onion_pkey, - node->ri->onion_curve25519_pkey, - , - ap.port); + node->identity, + ed_pubkey, + node->ri->onion_pkey, + node->ri->onion_curve25519_pkey, + , + ap.port); else if (valid_addr && node->rs && node->md) return extend_info_new(node->rs->nickname, - node->identity, - node->md->onion_pkey, - node->md->onion_curve25519_pkey, - , - ap.port); + node->identity, + ed_pubkey, + node->md->onion_pkey, + node->md->onion_curve25519_pkey, + , + ap.port); else return NULL; } diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index 1244601..f71c116 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -46,9 +46,11 @@ int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info); int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); -extend_info_t *extend_info_new(const char *nickname, const char *digest, +extend_info_t *extend_info_new(const char *nickname, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const
[tor-commits] [tor/master] Trunnel-side: start migrating extend/extend2 to trunnel
commit 1be671f505554e0c3e9577a60d7c94e45c9a2759 Author: Nick MathewsonDate: Wed Sep 14 15:34:13 2016 -0400 Trunnel-side: start migrating extend/extend2 to trunnel --- src/trunnel/ed25519_cert.c | 911 ++- src/trunnel/ed25519_cert.h | 318 ++ src/trunnel/ed25519_cert.trunnel | 53 +-- 3 files changed, 1239 insertions(+), 43 deletions(-) diff --git a/src/trunnel/ed25519_cert.c b/src/trunnel/ed25519_cert.c index dd5088b..e4e4d68 100644 --- a/src/trunnel/ed25519_cert.c +++ b/src/trunnel/ed25519_cert.c @@ -28,6 +28,281 @@ int edcert_deadcode_dummy__ = 0; }\ } while (0) +create2_cell_body_t * +create2_cell_body_new(void) +{ + create2_cell_body_t *val = trunnel_calloc(1, sizeof(create2_cell_body_t)); + if (NULL == val) +return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +create2_cell_body_clear(create2_cell_body_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(>handshake_data); + TRUNNEL_DYNARRAY_CLEAR(>handshake_data); +} + +void +create2_cell_body_free(create2_cell_body_t *obj) +{ + if (obj == NULL) +return; + create2_cell_body_clear(obj); + trunnel_memwipe(obj, sizeof(create2_cell_body_t)); + trunnel_free_(obj); +} + +uint16_t +create2_cell_body_get_handshake_type(create2_cell_body_t *inp) +{ + return inp->handshake_type; +} +int +create2_cell_body_set_handshake_type(create2_cell_body_t *inp, uint16_t val) +{ + inp->handshake_type = val; + return 0; +} +uint16_t +create2_cell_body_get_handshake_len(create2_cell_body_t *inp) +{ + return inp->handshake_len; +} +int +create2_cell_body_set_handshake_len(create2_cell_body_t *inp, uint16_t val) +{ + inp->handshake_len = val; + return 0; +} +size_t +create2_cell_body_getlen_handshake_data(const create2_cell_body_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(>handshake_data); +} + +uint8_t +create2_cell_body_get_handshake_data(create2_cell_body_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(>handshake_data, idx); +} + +uint8_t +create2_cell_body_getconst_handshake_data(const create2_cell_body_t *inp, size_t idx) +{ + return create2_cell_body_get_handshake_data((create2_cell_body_t*)inp, idx); +} +int +create2_cell_body_set_handshake_data(create2_cell_body_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(>handshake_data, idx, elt); + return 0; +} +int +create2_cell_body_add_handshake_data(create2_cell_body_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->handshake_data.n_ == UINT16_MAX) +goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, >handshake_data, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +create2_cell_body_getarray_handshake_data(create2_cell_body_t *inp) +{ + return inp->handshake_data.elts_; +} +const uint8_t * +create2_cell_body_getconstarray_handshake_data(const create2_cell_body_t *inp) +{ + return (const uint8_t *)create2_cell_body_getarray_handshake_data((create2_cell_body_t*)inp); +} +int +create2_cell_body_setlen_handshake_data(create2_cell_body_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) +goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(>handshake_data.allocated_, + >handshake_data.n_, inp->handshake_data.elts_, newlen, + sizeof(inp->handshake_data.elts_[0]), (trunnel_free_fn_t) NULL, + >trunnel_error_code_); + if (newlen != 0 && newptr == NULL) +goto trunnel_alloc_failed; + inp->handshake_data.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +create2_cell_body_check(const create2_cell_body_t *obj) +{ + if (obj == NULL) +return "Object was NULL"; + if (obj->trunnel_error_code_) +return "A set function failed on this object"; + if (TRUNNEL_DYNARRAY_LEN(>handshake_data) != obj->handshake_len) +return "Length mismatch for handshake_data"; + return NULL; +} + +ssize_t +create2_cell_body_encoded_len(const create2_cell_body_t *obj) +{ + ssize_t result = 0; + + if (NULL != create2_cell_body_check(obj)) + return -1; + + + /* Length of u16 handshake_type */ + result += 2; + + /* Length of u16 handshake_len */ + result += 2; + + /* Length of u8 handshake_data[handshake_len] */ + result += TRUNNEL_DYNARRAY_LEN(>handshake_data); + return result; +} +int +create2_cell_body_clear_errors(create2_cell_body_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +create2_cell_body_encode(uint8_t *output, const size_t avail, const create2_cell_body_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len =
[tor-commits] [tor/master] Rename connection_or_remove_from_identity_map
commit 6aa239df363a9739df96cc4c4660b7aee8a7bef9 Author: Nick MathewsonDate: Mon Sep 19 16:26:27 2016 -0400 Rename connection_or_remove_from_identity_map --- src/or/connection.c| 4 ++-- src/or/connection_or.c | 4 ++-- src/or/connection_or.h | 2 +- src/or/main.c | 2 +- src/test/test_link_handshake.c | 6 +++--- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index 2e3df34..f806021 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -644,7 +644,7 @@ connection_free_(connection_t *conn) if (conn->type == CONN_TYPE_OR && !tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) { log_warn(LD_BUG, "called on OR conn with non-zeroed identity_digest"); -connection_or_remove_from_identity_map(TO_OR_CONN(conn)); +connection_or_clear_identity(TO_OR_CONN(conn)); } if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) { connection_or_remove_from_ext_or_id_map(TO_OR_CONN(conn)); @@ -675,7 +675,7 @@ connection_free,(connection_t *conn)) } if (connection_speaks_cells(conn)) { if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) { - connection_or_remove_from_identity_map(TO_OR_CONN(conn)); + connection_or_clear_identity(TO_OR_CONN(conn)); } } if (conn->type == CONN_TYPE_CONTROL) { diff --git a/src/or/connection_or.c b/src/or/connection_or.c index dbeab26..4449d3f 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -84,7 +84,7 @@ static digestmap_t *orconn_ext_or_id_map = NULL; /** Clear clear conn->identity_digest and update other data * structures as appropriate.*/ void -connection_or_remove_from_identity_map(or_connection_t *conn) +connection_or_clear_identity(or_connection_t *conn) { tor_assert(conn); memset(conn->identity_digest, 0, DIGEST_LEN); @@ -120,7 +120,7 @@ connection_or_set_identity_digest(or_connection_t *conn, /* If the identity was set previously, remove the old mapping. */ if (! tor_digest_is_zero(conn->identity_digest)) { -connection_or_remove_from_identity_map(conn); +connection_or_clear_identity(conn); if (conn->chan) channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan)); } diff --git a/src/or/connection_or.h b/src/or/connection_or.h index b35bcdd..80a5bdd 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -12,7 +12,7 @@ #ifndef TOR_CONNECTION_OR_H #define TOR_CONNECTION_OR_H -void connection_or_remove_from_identity_map(or_connection_t *conn); +void connection_or_clear_identity(or_connection_t *conn); void connection_or_clear_identity_map(void); void clear_broken_connection_map(int disable); or_connection_t *connection_or_get_for_extend(const char *digest, diff --git a/src/or/main.c b/src/or/main.c index 30adb16..8239606 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -362,7 +362,7 @@ connection_unlink(connection_t *conn) } if (conn->type == CONN_TYPE_OR) { if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) - connection_or_remove_from_identity_map(TO_OR_CONN(conn)); + connection_or_clear_identity(TO_OR_CONN(conn)); /* connection_unlink() can only get called if the connection * was already on the closeable list, and it got there by * connection_mark_for_close(), which was called from diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 9899e54..9931702 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -323,7 +323,7 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj) if (d) { tor_free(d->cell); certs_cell_free(d->ccell); -connection_or_remove_from_identity_map(d->c); +connection_or_clear_identity(d->c); connection_free_(TO_CONN(d->c)); circuitmux_free(d->chan->base_.cmux); tor_free(d->chan); @@ -1133,8 +1133,8 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg) authenticate_data_t *d = arg; if (d) { tor_free(d->cell); -connection_or_remove_from_identity_map(d->c1); -connection_or_remove_from_identity_map(d->c2); +connection_or_clear_identity(d->c1); +connection_or_clear_identity(d->c2); connection_free_(TO_CONN(d->c1)); connection_free_(TO_CONN(d->c2)); circuitmux_free(d->chan2->base_.cmux); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Accessor functions to get a node's ID keys.
commit 8406677a5e6db74bd593a7d43868054b54b147df Author: Nick MathewsonDate: Wed Sep 14 14:28:11 2016 -0400 Accessor functions to get a node's ID keys. --- src/or/nodelist.c | 33 + src/or/nodelist.h | 2 ++ 2 files changed, 35 insertions(+) diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 2802d5b..9486224 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -53,6 +53,7 @@ #include "router.h" #include "routerlist.h" #include "routerset.h" +#include "torcert.h" #include @@ -646,6 +647,38 @@ node_get_by_nickname,(const char *nickname, int warn_if_unnamed)) } } +/** Return the Ed25519 identity key for the provided node, or NULL if it + * doesn't have one. */ +const ed25519_public_key_t * +node_get_ed25519_id(const node_t *node) +{ + if (node->ri) { +if (node->ri->cache_info.signing_key_cert) { + const ed25519_public_key_t *pk = +>ri->cache_info.signing_key_cert->signing_key; + if (BUG(ed25519_public_key_is_zero(pk))) +goto try_the_md; + return pk; +} + } + try_the_md: + if (node->md) { +if (node->md->ed25519_identity_pkey) { + return node->md->ed25519_identity_pkey; +} + } + return NULL; +} + +/** Return the RSA ID key's SHA1 digest for the provided node. */ +const uint8_t * +node_get_rsa_id_digest(const node_t *node) +{ + tor_assert(node); + return (const uint8_t*)node->identity; +} + + /** Return the nickname of node, or NULL if we can't find one. */ const char * node_get_nickname(const node_t *node) diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 71a91e1..2cdcdce 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -55,6 +55,8 @@ void node_get_address_string(const node_t *node, char *cp, size_t len); long node_get_declared_uptime(const node_t *node); time_t node_get_published_on(const node_t *node); const smartlist_t *node_get_declared_family(const node_t *node); +const ed25519_public_key_t *node_get_ed25519_id(const node_t *node); +const uint8_t *node_get_rsa_id_digest(const node_t *node); int node_has_ipv6_addr(const node_t *node); int node_has_ipv6_orport(const node_t *node); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add ExtendByEd25519ID consensus parameter/torrc option
commit 9e840e6c7d10a3dfa188d2186ce3c67ca1d698f5 Author: Nick MathewsonDate: Fri Oct 28 11:15:21 2016 -0400 Add ExtendByEd25519ID consensus parameter/torrc option I need to be able to turn on Ed25519 support in client generation of extend cells so I can test it, but leave it off-by-default until enough clients support it for us to turn it on for a bunch at once. This is part of #15056 / prop#220. --- doc/tor.1.txt | 7 +++ src/or/circuitbuild.c | 4 ++-- src/or/config.c | 1 + src/or/onion.c| 15 +++ src/or/or.h | 4 5 files changed, 29 insertions(+), 2 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index cbc7ac1..1071168 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -717,6 +717,13 @@ GENERAL OPTIONS 127.0.0.1 or 10.0.0.1. This is mostly useful for debugging rate-limiting. (Default: 0) +[[ExtendByEd25519ID]] **ExtendByEd25519ID** **0**|**1**|**auto**:: +If this option is set to 1, we always try to include a relay's Ed25519 ID +when telling the proceeding relay in a circuit to extend to it. +If this option is set to 0, we never include Ed25519 IDs when extending +circuits. If the option is set to "default", we obey a +parameter in the consensus document. (Default: auto) + CLIENT OPTIONS -- diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index e833fcb..bdbbacd 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1043,8 +1043,8 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) ec.orport_ipv4.port = hop->extend_info->port; tor_addr_make_unspec(_ipv6.addr); memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN); -/* 15056 Either here or in the onion.c encoding code, we should make an - * option to decide whether we declare the ED identity (if we know one) */ +/* Set the ED25519 identity too -- it will only get included + * in the extend2 cell if we're configured to use it, though. */ memcpy(_pubkey, >extend_info->ed_identity, sizeof(ed25519_public_key_t)); diff --git a/src/or/config.c b/src/or/config.c index 9553822..51c6290 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -305,6 +305,7 @@ static config_var_t option_vars_[] = { V(ExtORPortCookieAuthFile, STRING, NULL), V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), + V(ExtendByEd25519ID, AUTOBOOL, "auto"), V(FallbackDir, LINELIST, NULL), V(UseDefaultFallbackDirs, BOOL, "1"), diff --git a/src/or/onion.c b/src/or/onion.c index f49707f..8e0896f 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -1170,6 +1170,21 @@ created_cell_format(cell_t *cell_out, const created_cell_t *cell_in) return 0; } +/** Return true iff we are configured (by torrc or by the networkstatus + * parameters) to use Ed25519 identities in our Extend2 cells. */ +static int +should_include_ed25519_id_extend_cells(const networkstatus_t *ns, + const or_options_t *options) +{ + if (options->ExtendByEd25519ID != -1) +return options->ExtendByEd25519ID; /* The user has an opinion. */ + + return (int) networkstatus_get_param(ns, "ExtendByEd25519ID", + 0 /* default */, + 0 /* min */, + 1 /*max*/); +} + /** Format the EXTEND{,2} cell in cell_in, storing its relay payload in * payload_out, the number of bytes used in *len_out, and the * relay command in *command_out. The payload_out must have diff --git a/src/or/or.h b/src/or/or.h index 32c194a..0ebeda2 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4571,6 +4571,10 @@ typedef struct { /** If 1, we skip all OOS checks. */ int DisableOOSCheck; + + /** Autobool: Should we include Ed25519 identities in extend2 cells? + * If -1, we should do whatever the consensus parameter says. */ + int ExtendByEd25519ID; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Comment-only: note some places where we want to propagate Ed25519 info
commit 88252b2d76f94de587d49144177e9e339699d1c5 Author: Nick MathewsonDate: Fri Oct 28 16:11:05 2016 -0400 Comment-only: note some places where we want to propagate Ed25519 info This is not for 15056, since it's about UI, and not about circuit extension. --- src/or/circuituse.c | 7 ++- src/or/or.h | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/or/circuituse.c b/src/or/circuituse.c index eda53b4..eaecfd9 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -2088,6 +2088,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, if (want_onehop && conn->chosen_exit_name[0] == '$') { /* We're asking for a one-hop circuit to a router that * we don't have a routerinfo about. Make up an extend_info. */ +/* XXX prop220: we need to make chosen_exit_name able to + * encode both key formats. This is not absolutely critical + * since this is just for one-hop circuits, but we should + * still get it done */ char digest[DIGEST_LEN]; char *hexdigest = conn->chosen_exit_name+1; tor_addr_t addr; @@ -2102,9 +2106,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, escaped_safe_str_client(conn->socks_request->address)); return -1; } +/* prop220 add a workaround for ed25519 ID below*/ extend_info = extend_info_new(conn->chosen_exit_name+1, digest, - NULL, /* Ed25519 ID 15056, add a workaround.*/ + NULL, /* Ed25519 ID */ NULL, NULL, /* onion keys */ , conn->socks_request->port); } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */ diff --git a/src/or/or.h b/src/or/or.h index 0ebeda2..14c2dd8 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1658,6 +1658,8 @@ typedef struct entry_connection_t { edge_connection_t edge_; /** Nickname of planned exit node -- used with .exit support. */ + /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too. + * That's logically part of the UI parts for prop220 though. */ char *chosen_exit_name; socks_request_t *socks_request; /**< SOCKS structure describing request (AP ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Helper function to see if an ed25519 pk is set.
commit 431565e0531eb6cfdaabd2bba8912655898f079b Author: Nick MathewsonDate: Wed Sep 14 14:27:44 2016 -0400 Helper function to see if an ed25519 pk is set. --- src/common/crypto_ed25519.c | 8 src/common/crypto_ed25519.h | 3 +++ 2 files changed, 11 insertions(+) diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 30ed772..809ad12 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -211,6 +211,14 @@ ed25519_keypair_generate(ed25519_keypair_t *keypair_out, int extra_strong) return 0; } +/** Return true iff 'pubkey' is set to zero (eg to indicate that it is not + * set). */ +int +ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey) +{ + return tor_mem_is_zero((char*)pubkey->pubkey, ED25519_PUBKEY_LEN); +} + /* Return a heap-allocated array that contains msg prefixed by the * string prefix_str. Set final_msg_len_out to the size of the * final array. If an error occured, return NULL. It's the resonsibility of the diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h index 31afc49..5d63d90 100644 --- a/src/common/crypto_ed25519.h +++ b/src/common/crypto_ed25519.h @@ -66,6 +66,9 @@ ed25519_checksig_prefixed(const ed25519_signature_t *signature, const char *prefix_str, const ed25519_public_key_t *pubkey); +int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey); + + /** * A collection of information necessary to check an Ed25519 signature. Used * for batch verification. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add a function to check whether a given ed id key is ours
commit af3af494083f041c3ce9f722e4989ecd4b4e6304 Author: Nick MathewsonDate: Sat Sep 24 11:25:10 2016 -0700 Add a function to check whether a given ed id key is ours --- src/or/routerkeys.c | 8 src/or/routerkeys.h | 2 ++ 2 files changed, 10 insertions(+) diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 8d9a132..ab78dbe 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -1091,6 +1091,14 @@ get_master_identity_key(void) return _identity_key->pubkey; } +/** Return true iff id is our Ed25519 master identity key. */ +int +router_ed25519_id_is_me(const ed25519_public_key_t *id) +{ + return id && master_identity_key && +ed25519_pubkey_eq(id, _identity_key->pubkey); +} + #ifdef TOR_UNIT_TESTS /* only exists for the unit tests, since otherwise the identity key * should be used to sign nothing but the signing key. */ diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h index 307a1cd..98894cd 100644 --- a/src/or/routerkeys.h +++ b/src/or/routerkeys.h @@ -45,6 +45,8 @@ const struct tor_cert_st *get_current_auth_key_cert(void); void get_master_rsa_crosscert(const uint8_t **cert_out, size_t *size_out); +int router_ed25519_id_is_me(const ed25519_public_key_t *id); + struct tor_cert_st *make_ntor_onion_key_crosscert( const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Enforce Ed25519 identities (client-side)
commit 7daf15217240acefaf2ef802b6d89e04f4e51cae Author: Nick MathewsonDate: Thu Nov 10 12:24:07 2016 -0500 Enforce Ed25519 identities (client-side) This patch makes two absolutely critical changes: - If an ed25519 identity is not as expected when creating a channel, we call that channel unsuccessful and close it. - When a client creating a channel or an extend cell for a circuit, we only include the ed25519 identity if we believe that the node on the other side supports ed25519 link authentication (from #15055). Otherwise we will insist on nodes without the right link protocol authenticating themselves. - When deciding to extend to another relay, we only upgrade the extend to extend by ed25519 ID when we know the ed25519 ID _and_ we know that the other side can authenticate. This patch also tells directory servers, when probing nodes, to try to check their ed25519 identities too (if they can authenticate by ed25519 identity). Also, handle the case where we connect by RSA Id, and learn the ED25519 ID for the node in doing so. --- src/or/circuitbuild.c | 17 +++-- src/or/connection_or.c | 67 +- src/or/dirserv.c | 13 +++--- src/or/nodelist.c | 25 +++ src/or/nodelist.h | 1 + 5 files changed, 106 insertions(+), 17 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index bdbbacd..bac68bb 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1180,7 +1180,9 @@ circuit_extend(cell_t *cell, circuit_t *circ) if (ed25519_public_key_is_zero(_pubkey)) { const node_t *node = node_get_by_id((const char*)ec.node_id); const ed25519_public_key_t *node_ed_id = NULL; -if (node && (node_ed_id = node_get_ed25519_id(node))) { +if (node && +node_supports_ed25519_link_authentication(node) && +(node_ed_id = node_get_ed25519_id(node))) { memcpy(ec.ed_pubkey.pubkey, node_ed_id->pubkey, ED25519_PUBKEY_LEN); } } @@ -2450,7 +2452,18 @@ extend_info_from_node(const node_t *node, int for_direct_connect) return NULL; } - const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node); + const ed25519_public_key_t *ed_pubkey = NULL; + + /* Don't send the ed25519 pubkey unless the target node actually supports + * authenticating with it. */ + if (node_supports_ed25519_link_authentication(node)) { +log_info(LD_CIRC, "Including Ed25519 ID for %s", node_describe(node)); +ed_pubkey = node_get_ed25519_id(node); + } else if (node_get_ed25519_id(node)) { +log_info(LD_CIRC, "Not including the ed25519 ID for %s, since it won't " + " be able to authenticate it.", + node_describe(node)); + } if (valid_addr && node->ri) return extend_info_new(node->ri->nickname, diff --git a/src/or/connection_or.c b/src/or/connection_or.c index a22c4ad..0caf8a9 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1547,8 +1547,24 @@ connection_or_client_learned_peer_id(or_connection_t *conn, const ed25519_public_key_t *ed_peer_id) { const or_options_t *options = get_options(); - - if (tor_digest_is_zero(conn->identity_digest)) { + channel_tls_t *chan_tls = conn->chan; + channel_t *chan = channel_tls_to_base(chan_tls); + tor_assert(chan); + + const int expected_rsa_key = +! tor_digest_is_zero(conn->identity_digest); + const int expected_ed_key = +! ed25519_public_key_is_zero(>ed25519_identity); + + log_info(LD_HANDSHAKE, "learned peer id for %p (%s): %s, %s", + conn, + safe_str_client(conn->base_.address), + hex_str((const char*)rsa_peer_id, DIGEST_LEN), + ed25519_fmt(ed_peer_id)); + + if (! expected_rsa_key && ! expected_ed_key) { +log_info(LD_HANDSHAKE, "(we had no ID in mind when we made this " + "connection."); connection_or_set_identity_digest(conn, (const char*)rsa_peer_id, ed_peer_id); tor_free(conn->nickname); @@ -1565,13 +1581,35 @@ connection_or_client_learned_peer_id(or_connection_t *conn, (const char*)rsa_peer_id, ed_peer_id); } - if (tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN)) { + const int rsa_mismatch = expected_rsa_key && +tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN); + /* It only counts as an ed25519 mismatch if we wanted an ed25519 identity + * and didn't get it. It's okay if we get one that we didn't ask for. */ + const int ed25519_mismatch = +expected_ed_key && +(ed_peer_id == NULL || + ! ed25519_pubkey_eq(>ed25519_identity, ed_peer_id)); + + if (rsa_mismatch || ed25519_mismatch) { /* I was aiming for a particular digest. I didn't get it! */ -char seen[HEX_DIGEST_LEN+1]; -char
[tor-commits] [translation/tor-messenger-otrproperties] Update translations for tor-messenger-otrproperties
commit 1cce50711b32f412842339bda2707d75c060ca11 Author: Translation commit botDate: Thu Dec 8 21:51:15 2016 + Update translations for tor-messenger-otrproperties --- cs/otr.properties | 36 ++-- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/cs/otr.properties b/cs/otr.properties index 584799c..c6cc7c9 100644 --- a/cs/otr.properties +++ b/cs/otr.properties @@ -1,31 +1,31 @@ -msgevent.encryption_required_part1=You attempted to send an unencrypted message to %S. As a policy, unencrypted messages are not allowed. +msgevent.encryption_required_part1=Pokusili jste se zaslat %S nesifrovanou zprávu. NeÅ¡ifrované zprávy nejsou podle naÅ¡ich zásad povoleny. msgevent.encryption_required_part2=SpouÅ¡tà se soukromá konverzace. VaÅ¡e zpráva bude odeslána, jakmile se konverzace spustÃ. msgevent.encryption_error=PÅi Å¡ifrovánà zprávy se vyskytla chyba. Zpráva nebyla odeslána. -msgevent.connection_ended=%S has already closed their private connection to you. Your message was not sent. Either end your private conversation, or restart it. +msgevent.connection_ended=%S již uzavÅeli jejich soukromé spojenà s Vámi. VaÅ¡e zpráva nebyla odeslána. BuÄ ukonÄete VaÅ¡i soukromou konverzaci, nebo ji restartujte. msgevent.setup_error=PÅi spouÅ¡tÄnà soukromé konverzace s %S se vyskytla chyba. -msgevent.msg_reflected=You are receiving your own OTR messages. You are either trying to talk to yourself, or someone is reflecting your messages back at you. +msgevent.msg_reflected=Dostáváte VaÅ¡e vlastnà šifrované zprávy. BuÄ se snažÃte mluvit sám se sebou, nebo se Vám vracà zpátky od nÄkoho jiného. msgevent.msg_resent=Poslednà zpráva pro %S byla odeslána znovu. msgevent.rcvdmsg_not_private=Å ifrovaná zpráva od %S je neÄitelná, protože s nÃm nekomunikujete soukromÄ. msgevent.rcvdmsg_unreadable=Dostali jsme neÄitelnou, zaÅ¡ifrovanou zprávu od %S. -msgevent.rcvdmsg_malformed=We received a malformed data message from %S. +msgevent.rcvdmsg_malformed=Obdrželi jsme zprávu od %S obsahujÃcà chybný obsah. msgevent.log_heartbeat_rcvd=Heartbeat received from %S. msgevent.log_heartbeat_sent=Heartbeat sent to %S. msgevent.rcvdmsg_general_err=V OTR se vyskytla chyba. msgevent.rcvdmsg_unecrypted=NásledujÃcà zpráva pÅijata od %S nenà šifrovaná: %S -msgevent.rcvdmsg_unrecognized=We received an unrecognized OTR message from %S. -msgevent.rcvdmsg_for_other_instance=%S has sent a message intended for a different session. If you are logged in multiple times, another session may have received the message. +msgevent.rcvdmsg_unrecognized=Obdrželi jsme nerozeznatelnou OTR zprávu od %S +msgevent.rcvdmsg_for_other_instance=%S poslal/a zprávu urÄené pro jiné sezenÃ. Pokud jste pÅihlášeni vÃcekrát, zpráva může být doruÄena do jiného sezenÃ. context.gone_secure_private=Soukromá konverzace s %S spuÅ¡tÄna. -context.gone_secure_unverified=Private conversation with %S started. However, their identity has not been verified. -context.still_secure=Successfully refreshed the private conversation with %S. +context.gone_secure_unverified=ZaÄala soukromá konverzace s %S. Jejich indentita vÅ¡ak nebyla ovÄÅena. +context.still_secure=Soukromá konverzace s %S uspÄÅ¡nÄ obnovena. error.enc=Vyskytla se chyba v Å¡ifrovánà zprávy. -error.not_priv=You sent encrypted data to %S, who wasn't expecting it. -error.unreadable=You transmitted an unreadable encrypted message. -error.malformed=You transmitted a malformed data message. -resent=[resent] +error.not_priv=Odeslali jste Å¡ifrovaný obsah uživateli %S, kterýto neoÄekával. +error.unreadable=Odeslali jste neÄitelnou Å¡ifrovanou zprávu. +error.malformed=Odeslali jste zprávu s chybným obsahem. +resent=[odesláno] tlv.disconnected=Kontakt %S ukonÄil konverzaci. MÄli byste udÄlat totéž. -query.msg=%S has requested an Off-the Record private conversation. However, you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for more information. -trust.unused=Unused -trust.not_private=Not Private -trust.unverified=Unverified -trust.private=Private -trust.finished=Finished +query.msg=%S si vyžádala soukromou OTR konverzaci. Bohužel ale nemáte potÅebný doplÅek. VÃce informacà najdete na http://otr.cypherpunks.ca/. +trust.unused=Nepoužité +trust.not_private=Nesoukromé +trust.unverified=NeovÄÅené +trust.private=Soukromé +trust.finished=Hotové ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-authproperties] Update translations for tor-messenger-authproperties
commit 441448358d172765eafa16f80d8c8fb78b9a7a54 Author: Translation commit botDate: Thu Dec 8 21:51:04 2016 + Update translations for tor-messenger-authproperties --- pt_BR/auth.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pt_BR/auth.properties b/pt_BR/auth.properties index 4ed3eff..e04cbee 100644 --- a/pt_BR/auth.properties +++ b/pt_BR/auth.properties @@ -3,5 +3,5 @@ auth.yourFingerprint=Impressão digital para você, %S:\n %S auth.theirFingerprint=Simular impressão digital para %S:\n%S auth.help=Verificar a identidade de um contato ajuda a se assegurar de que a pessoa com quem você estiver conversando seja realmente quem ela pretende ser. auth.helpTitle=Ajuda para verificação -auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInsira a resposta secreta aqui (case sensitive): +auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInserir a resposta secreta aqui (diferencia maiúsculas e minúsculas): auth.secret=Insira o segredo aqui: ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-authproperties_completed] Update translations for tor-messenger-authproperties_completed
commit a37969465e5b91aeda32a4d5caaa3f23e95e2d1e Author: Translation commit botDate: Thu Dec 8 21:51:00 2016 + Update translations for tor-messenger-authproperties_completed --- pt_BR/auth.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pt_BR/auth.properties b/pt_BR/auth.properties index 4ed3eff..e04cbee 100644 --- a/pt_BR/auth.properties +++ b/pt_BR/auth.properties @@ -3,5 +3,5 @@ auth.yourFingerprint=Impressão digital para você, %S:\n %S auth.theirFingerprint=Simular impressão digital para %S:\n%S auth.help=Verificar a identidade de um contato ajuda a se assegurar de que a pessoa com quem você estiver conversando seja realmente quem ela pretende ser. auth.helpTitle=Ajuda para verificação -auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInsira a resposta secreta aqui (case sensitive): +auth.question=Essa é a pergunta feita pelo seu contato:\n\n%S\n\nInserir a resposta secreta aqui (diferencia maiúsculas e minúsculas): auth.secret=Insira o segredo aqui: ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [sandboxed-tor-browser/master] When running the hardened bundle, load libasan.so before the stub.
commit 8f671b6f5261063085fe4eccc99a03ebe0f4be26 Author: Yawning AngelDate: Thu Dec 8 20:37:08 2016 + When running the hardened bundle, load libasan.so before the stub. Sort of silly, but it demands this of us or it dumps alarming looking warnings to the log. While I'm here, the stub living in /tmp is silly, so move/rename it and jam it in the user's home directory. --- .../internal/sandbox/application.go | 19 +-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go index 4cd4ca0..6de8a5e 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go @@ -45,7 +45,7 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (cm const ( profileSubDir = "TorBrowser/Data/Browser/profile.default" cachesSubDir = "TorBrowser/Data/Browser/Caches" - stubPath = "/tmp/tbb_stub.so" + stubPath = "/home/amnesia/.tbb_stub.so" controlSocket = "control" socksSocket = "socks" ) @@ -165,13 +165,28 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (cm // supply the relevant args required for functionality. ctrlPath := filepath.Join(h.runtimeDir, controlSocket) socksPath := filepath.Join(h.runtimeDir, socksSocket) - h.setenv("LD_PRELOAD", stubPath) h.setenv("TOR_STUB_CONTROL_SOCKET", ctrlPath) h.setenv("TOR_STUB_SOCKS_SOCKET", socksPath) h.bind(tor.CtrlSurrogatePath(), ctrlPath, false) h.bind(tor.SocksSurrogatePath(), socksPath, false) h.assetFile(stubPath, "tbb_stub.so") + ldPreload := stubPath + if manif.Channel == "hardened" { + // ASAN wants to be the first entry on LD_PRELOAD, so placate it. + matches, err := filepath.Glob(filepath.Join(realBrowserHome, "TorBrowser", "Tor") + "/libasan.so*") + if err != nil { + return nil, err + } + if len(matches) < 1 { + log.Printf("sandbox: Failed to find 'libasan.so.*'") + } else { + _, f := filepath.Split(matches[0]) + ldPreload = f + ":" + ldPreload + } + } + h.setenv("LD_PRELOAD", ldPreload) + // Hardware accelerated OpenGL will not work, and never will. h.setenv("LIBGL_ALWAYS_SOFTWARE", "1") ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [sandboxed-tor-browser/master] Normalize the sandbox UID/GID to 1000/1000.
commit 7ad0525c601aa45414f56193760e3d08dd9cdae4 Author: Yawning AngelDate: Thu Dec 8 19:51:51 2016 + Normalize the sandbox UID/GID to 1000/1000. * Always unshare the USER namespace (Yes, I know this is scary, but all caps are dropped by bwrap prior to exec()ing the command in the container, and PR_SET_NO_NEW_PRIVS is called). * Make the PulseAudio socket finder do the right thing, when XDG_RUNTIME_DIR is set to something non-standard. * Switch the container /etc/passwd and /etc/group files to be go-bindata-ed since they are now static. --- data/group | 1 + data/passwd| 1 + .../internal/sandbox/hugbox.go | 23 -- .../internal/sandbox/pulse.go | 7 ++- 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/data/group b/data/group new file mode 100644 index 000..cbaebb5 --- /dev/null +++ b/data/group @@ -0,0 +1 @@ +amnesia:x:1000: diff --git a/data/passwd b/data/passwd new file mode 100644 index 000..bed4f72 --- /dev/null +++ b/data/passwd @@ -0,0 +1 @@ +amnesia:x:1000:1000:Debian Live User,,,:/home/amnesia:/bin/bash diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index 0707c57..98b2ec7 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -35,7 +35,7 @@ import ( ) type unshareOpts struct { - user bool + // user bool ipcbool pidbool netbool @@ -45,9 +45,11 @@ type unshareOpts struct { func (u *unshareOpts) toArgs() []string { var args []string - if u.user { - args = append(args, "--unshare-user-try") - } + + // A new user namespace is created unconditionally, so that gid/uids + // can be normalized. + args = append(args, "--unshare-user") + if u.ipc { args = append(args, "--unshare-ipc") } @@ -223,10 +225,11 @@ func (h *hugbox) run() (*exec.Cmd, error) { if h.chdir != "" { fdArgs = append(fdArgs, "--chdir", h.chdir) } - passwdBody := fmt.Sprintf("amnesia:x:%d:%d:Debian Live User,,,:/home/amnesia:/bin/bash\n", os.Getuid(), os.Getgid()) - groupBody := fmt.Sprintf("amnesia:x:%d:\n", os.Getgid()) - h.file("/etc/passwd", []byte(passwdBody)) - h.file("/etc/group", []byte(groupBody)) + + fdArgs = append(fdArgs, "--uid", "1000") + fdArgs = append(fdArgs, "--gid", "1000") + h.assetFile("/etc/passwd", "passwd") + h.assetFile("/etc/group", "group") if h.fakeDbus { h.setupDbus() @@ -370,7 +373,7 @@ type bwrapInfo struct { func newHugbox() (*hugbox, error) { h := { unshare: unshareOpts{ - user: true, + // user: true, ipc:true, pid:true, net:true, @@ -379,7 +382,7 @@ func newHugbox() (*hugbox, error) { }, hostname: "amnesia", mountProc:true, - runtimeDir: filepath.Join("/run", "user", fmt.Sprintf("%d", os.Getuid())), + runtimeDir: filepath.Join("/run", "user", "1000"), homeDir: "/home/amnesia", pdeathSig:syscall.SIGTERM, standardLibs: true, diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go index 5a005a5..6cb2ce1 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/pulse.go @@ -43,7 +43,12 @@ func (h *hugbox) enablePulseAudio() error { // along with the modern default locations. sockPath := os.Getenv(pulseServer) if sockPath == "" { - sockPath = filepath.Join(h.runtimeDir, "pulse", "native") + hostRuntimeDir := os.Getenv("XDG_RUNTIME_DIR") + if hostRuntimeDir == "" { + // Should never happen, the app requires/uses XDG_RUNTIME_DIR. + return fmt.Errorf("hugbox: BUG: Couldn't determine XDG_RUNTIME_DIR") + } + sockPath = filepath.Join(hostRuntimeDir, "pulse", "native") } else if strings.HasPrefix(sockPath, unixPrefix) { sockPath = strings.TrimPrefix(sockPath, unixPrefix) } else { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [sandboxed-tor-browser/master] Add `readlink` to the tor seccomp whitelist.
commit d32f30726e97ee6c151cb45fb008177b68e9d58d Author: Yawning AngelDate: Thu Dec 8 19:23:25 2016 + Add `readlink` to the tor seccomp whitelist. ASAN calls readlink("/proc/self/exe"), because fuck you. --- src/cmd/gen-seccomp/seccomp_tor.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/cmd/gen-seccomp/seccomp_tor.go b/src/cmd/gen-seccomp/seccomp_tor.go index 7300b64..26b4b14 100644 --- a/src/cmd/gen-seccomp/seccomp_tor.go +++ b/src/cmd/gen-seccomp/seccomp_tor.go @@ -103,6 +103,8 @@ func compileTorSeccompProfile(fd *os.File, useBridges bool, is386 bool) error { "set_tid_address", "unshare", "rt_sigaction", // Tor filters this but libc does more. + + "readlink", // ASAN needs this. } if is386 { allowedNoArgs386 := []string{ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Forward-port 0.2.8.11 notes (release-0.2.9)
commit 4f62b68df42947539d9c89e0b6172d93dfe658ad Author: Nick MathewsonDate: Thu Dec 8 11:09:36 2016 -0500 Forward-port 0.2.8.11 notes (release-0.2.9) --- ChangeLog| 19 +++ ReleaseNotes | 19 +++ 2 files changed, 38 insertions(+) diff --git a/ChangeLog b/ChangeLog index a98b6ac..08e8025 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,25 @@ Changes in version 0.2.9.7-rc - 2016-12-?? +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): +- Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): +- Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + Changes in version 0.2.8.10 - 2016-12-02 Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients unusable after they left standby mode. It also backports fixes for diff --git a/ReleaseNotes b/ReleaseNotes index 312b213..eaa81b0 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,25 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): +- Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): +- Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + Changes in version 0.2.8.10 - 2016-12-02 Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients unusable after they left standby mode. It also backports fixes for ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Forward-port 0.2.8.11 notes (master)
commit e33c85a450c4819cdad30acfc280aece7c521d6e Author: Nick MathewsonDate: Thu Dec 8 11:09:42 2016 -0500 Forward-port 0.2.8.11 notes (master) --- ChangeLog| 19 +++ ReleaseNotes | 20 2 files changed, 39 insertions(+) diff --git a/ChangeLog b/ChangeLog index 4e7e987..b620316 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,25 @@ Changes in version 0.3.0.1-alpha - 2016-??-?? +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): +- Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): +- Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + Changes in version 0.2.8.10 - 2016-12-02 Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients unusable after they left standby mode. It also backports fixes for diff --git a/ReleaseNotes b/ReleaseNotes index 312b213..97db5af 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,26 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): +- Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): +- Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + Changes in version 0.2.8.10 - 2016-12-02 Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients unusable after they left standby mode. It also backports fixes for ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Merge branch 'maint-0.2.8' into maint-0.2.9
commit f9636ebc2f70544f8b86eb7e3a86a85c81349f8e Merge: 5d4ff91 d47c52b Author: Nick MathewsonDate: Thu Dec 8 11:03:08 2016 -0500 Merge branch 'maint-0.2.8' into maint-0.2.9 "Ours" merge to avoid bumping version. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Merge remote-tracking branch 'origin/maint-0.2.8' into maint-0.2.8
commit 9c899dad31c9b172ed19804d64dd6ee0e2cefa8a Merge: 4732e15 10baf2c Author: Nick MathewsonDate: Thu Dec 8 09:07:28 2016 -0500 Merge remote-tracking branch 'origin/maint-0.2.8' into maint-0.2.8 src/common/compat_pthreads.c | 5 + 1 file changed, 5 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits