[tor-commits] [translation/torbutton-browseronboardingproperties_completed] Update translations for torbutton-browseronboardingproperties_completed
commit 20f187eaa027de71ad8bf6f2fe9101551ec59ba3 Author: Translation commit bot Date: Sat Sep 8 04:48:14 2018 + Update translations for torbutton-browseronboardingproperties_completed --- tr/browserOnboarding.properties | 54 + 1 file changed, 54 insertions(+) diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties new file mode 100644 index 0..219f3037e --- /dev/null +++ b/tr/browserOnboarding.properties @@ -0,0 +1,54 @@ +# Copyright (c) 2018, The Tor Project, Inc. +# See LICENSE for licensing information. +# vim: set sw=2 sts=2 ts=8 et: + +onboarding.tour-tor-welcome=HoÅ Geldiniz +onboarding.tour-tor-welcome.title=Hazırsınız. +onboarding.tour-tor-welcome.description=Tor Browser, web üzerinde gezinirken en yükek standartlarda kiÅisel gizlilik ve güvelik saÄlar. Ä°zleme, gözetleme ve engellemeye karÅı koruma saÄlar. Nasıl olduÄunu buradan hızlıca görebilirsiniz. +onboarding.tour-tor-welcome.button=BaÅlayın + +onboarding.tour-tor-privacy=KiÅisel Gizlilik +onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklılara hadlerini bildirin. +onboarding.tour-tor-privacy.description=Tor Browser çerezleri yalıtır ve kapattııÄınızda web tarayıcı geçmiÅinizi siler. Bu deÄiÅiklikler web tarayıcı üzerinde kiÅisel gizliliÄinizin ve güvenliÄinizin korunmasını saÄlar. AÄ düzeyinde nasıl koruma saÄladıÄımızı öÄrenmek için 'Tor AÄo' üzerine tıklayın. +onboarding.tour-tor-privacy.button=Tor AÄına Geç + +onboarding.tour-tor-network=Tor AÄı +onboarding.tour-tor-network.title=Tek merkezden yönetilmeyen bir aÄda gezinin. +onboarding.tour-tor-network.description=Tor Browser sizi tüm dünyada binlerce gönüllü tarafından iÅletilen Tor AÄına baÄlar. VPN baÄlantısının aksine güvenlik açıÄı oluÅturacak bir nokta ya da Ä°nternet üzerinde kiÅisel gizliliÄinizi koruyarak gezinmeniz için güvenmeniz gereken merkezi bir kuruluÅ yoktur. +onboarding.tour-tor-network.button=Devre Görünümüne Geç + +onboarding.tour-tor-circuit-display=Devre Görünümü +onboarding.tour-tor-circuit-display.title=Yolunuzu görün. +onboarding.tour-tor-circuit-display.description=Ziyaret ettiÄiniz her web sitesi için baÄlantınız dünya üzerindeki üç Tor aktarıcısından oluÅan bir devreden Åifrelenir ve aktarılır. Hiç bir web sitesi sizin gerçekte nereden baÄlandıÄınızı bilemez. KullandıÄınız devreyi deÄiÅtirmek için Devre Görünümünde "Bu Sitenin Devresini Yenile" üzerine tıklayın. +onboarding.tour-tor-circuit-display.button=Yolumu Göster + +onboarding.tour-tor-security=Güvenlik +onboarding.tour-tor-security.title=Deneyiminizi özelleÅtirin. +onboarding.tour-tor-security.description=Ek ayarları kullanarak web tarayıcınızın güvenliÄini arttırabilirsiniz. Güvenlik Ayarlarımız bilgisayarınıza saldırmak için kullanılabilecek bileÅenleri engellemenizi saÄlar. Seçeneklerinizi görebilmek için aÅaÄıya tıklayın. +onboarding.tour-tor-security.button=Ayarları Gözden Geçir + +onboarding.tour-tor-expect-differences=Deneyim Ä°puçları +onboarding.tour-tor-expect-differences.title=Bazı farklılıklara açık olun. +onboarding.tour-tor-expect-differences.description=Tor tarafından saÄlanan tüm kiÅisel gizlilik ve güvenlik özellikleri nedeniyle Ä°nternet üzerinde gezinme deneyiminiz biraz farklı olabilir. Sayfalar biraz yavaÅ olabilir ve kullandıÄınız güvenlik düzeyine göre bazı bileÅenler yüklenmeyebilir ya da çalıÅmayabilir. Ayrıca bir insan mı robot mu olduÄunuzu kanıtlamanız istenebilir. +onboarding.tour-tor-expect-differences.button=Sık Sorulan Sorulara Bakın + +onboarding.tour-tor-onion-services=Onion Hizmetleri +onboarding.tour-tor-onion-services.title=Ek koruma saÄlayın. +onboarding.tour-tor-onion-services.description=Onion hizmetleri, yayıncılar ile ziyaretçiler için ek güvenlik ve engellemeleri aÅmak için koruma saÄlayan, sonu .onion uzantısı ile biten web siteleridir. Onion hizmetleri sayesinde isteyen herkes anonim olarak içerik ve hizmet sunabilir. DuckDuckGo onion sitesini ziyaret etmek için aÅaÄıya tıklayabilirsiniz. +onboarding.tour-tor-onion-services.button=Bir Onion Sitesine Gidin + +# Circuit Display onboarding. +onboarding.tor-circuit-display.next=Sonraki +onboarding.tor-circuit-display.done=Bitti +onboarding.tor-circuit-display.one-of-three=1 / 3 +onboarding.tor-circuit-display.two-of-three=2 / 3 +onboarding.tor-circuit-display.three-of-three=3 / 3 + +onboarding.tor-circuit-display.intro.title=Devreler nasıl çalıÅır? +onboarding.tor-circuit-display.intro.msg=Devreler, dünya çapında Tor trafiÄini aktarmak üzere yapılandırılmıŠbilgisayarlar olan rastgele atanmıŠaktarıcılardan oluÅur. Devreler, kiÅisel gizliliÄinizi koruyarak gezinmenizi ve onion hizmetlerine baÄlanmanızı saÄlar. +
[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties
commit 9cec40191fcf7dedafa6d909f8f2e0c90a506339 Author: Translation commit bot Date: Sat Sep 8 04:48:09 2018 + Update translations for torbutton-browseronboardingproperties --- tr/browserOnboarding.properties | 26 +- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties index d5ed8161c..219f3037e 100644 --- a/tr/browserOnboarding.properties +++ b/tr/browserOnboarding.properties @@ -29,26 +29,26 @@ onboarding.tour-tor-security.button=Ayarları Gözden Geçir onboarding.tour-tor-expect-differences=Deneyim Ä°puçları onboarding.tour-tor-expect-differences.title=Bazı farklılıklara açık olun. -onboarding.tour-tor-expect-differences.description=With all the security and privacy features provided by Tor, your experience while browsing the internet may be a little different. Things may be a bit slower, and depending on your security level, some elements may not work or load. You may also be asked to prove you are a human and not a robot. -onboarding.tour-tor-expect-differences.button=See FAQs +onboarding.tour-tor-expect-differences.description=Tor tarafından saÄlanan tüm kiÅisel gizlilik ve güvenlik özellikleri nedeniyle Ä°nternet üzerinde gezinme deneyiminiz biraz farklı olabilir. Sayfalar biraz yavaÅ olabilir ve kullandıÄınız güvenlik düzeyine göre bazı bileÅenler yüklenmeyebilir ya da çalıÅmayabilir. Ayrıca bir insan mı robot mu olduÄunuzu kanıtlamanız istenebilir. +onboarding.tour-tor-expect-differences.button=Sık Sorulan Sorulara Bakın onboarding.tour-tor-onion-services=Onion Hizmetleri -onboarding.tour-tor-onion-services.title=Be extra protected. -onboarding.tour-tor-onion-services.description=Onion services are sites that end with a .onion that provide extra protections to publishers and visitors, including added safeguards against censorship. Onion services allow anyone to provide content and services anonymously. Click below to visit the DuckDuckGo onion site. -onboarding.tour-tor-onion-services.button=Visit an Onion +onboarding.tour-tor-onion-services.title=Ek koruma saÄlayın. +onboarding.tour-tor-onion-services.description=Onion hizmetleri, yayıncılar ile ziyaretçiler için ek güvenlik ve engellemeleri aÅmak için koruma saÄlayan, sonu .onion uzantısı ile biten web siteleridir. Onion hizmetleri sayesinde isteyen herkes anonim olarak içerik ve hizmet sunabilir. DuckDuckGo onion sitesini ziyaret etmek için aÅaÄıya tıklayabilirsiniz. +onboarding.tour-tor-onion-services.button=Bir Onion Sitesine Gidin # Circuit Display onboarding. onboarding.tor-circuit-display.next=Sonraki onboarding.tor-circuit-display.done=Bitti -onboarding.tor-circuit-display.one-of-three=1 of 3 -onboarding.tor-circuit-display.two-of-three=2 of 3 -onboarding.tor-circuit-display.three-of-three=3 of 3 +onboarding.tor-circuit-display.one-of-three=1 / 3 +onboarding.tor-circuit-display.two-of-three=2 / 3 +onboarding.tor-circuit-display.three-of-three=3 / 3 -onboarding.tor-circuit-display.intro.title=How do circuits work? -onboarding.tor-circuit-display.intro.msg=Circuits are made up of randomly assigned relays, which are computers around the world configured to forward Tor traffic. Circuits allow you to browse privately and to connect to onion services. +onboarding.tor-circuit-display.intro.title=Devreler nasıl çalıÅır? +onboarding.tor-circuit-display.intro.msg=Devreler, dünya çapında Tor trafiÄini aktarmak üzere yapılandırılmıŠbilgisayarlar olan rastgele atanmıŠaktarıcılardan oluÅur. Devreler, kiÅisel gizliliÄinizi koruyarak gezinmenizi ve onion hizmetlerine baÄlanmanızı saÄlar. onboarding.tor-circuit-display.diagram.title=Devre Görünümü -onboarding.tor-circuit-display.diagram.msg=This diagram shows the relays that make up the circuit for this website. To prevent linking of activity across different sites, each website gets a different circuit. +onboarding.tor-circuit-display.diagram.msg=Bu web sitesinin devresinde kullanılan aktarıcılar bu Åemada görülebilir. Farklı web siteleri arasında yapılan iÅlemler arasında baÄlantı kurulmasını engellemek için her web sitesinde farklı bir devre kullanılır. -onboarding.tor-circuit-display.new-circuit.title=Do you need a new circuit? -onboarding.tor-circuit-display.new-circuit.msg=If you are not able to connect to the website youâre trying to visit or it is not loading properly, then you can use this button to reload the site with a new circuit. +onboarding.tor-circuit-display.new-circuit.title=Yeni bir devre mi gerekli? +onboarding.tor-circuit-display.new-circuit.msg=Ziyaret etmeye çalıÅtıÄınız web sitesine baÄlanamıyorsanız ya da site düzgün bir Åekilde yüklenmiyorsa, siteyi yeni bir devre kullanarak yeniden yüklemek için bu düÄmeyi kullanabilirsiniz. ___ tor-commits
[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties
commit 3fc2d93bf4c5dd15695192858d07c14620069273 Author: Translation commit bot Date: Sat Sep 8 04:18:13 2018 + Update translations for torbutton-browseronboardingproperties --- tr/browserOnboarding.properties | 26 +- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties index 1c9a594e3..d5ed8161c 100644 --- a/tr/browserOnboarding.properties +++ b/tr/browserOnboarding.properties @@ -10,25 +10,25 @@ onboarding.tour-tor-welcome.button=BaÅlayın onboarding.tour-tor-privacy=KiÅisel Gizlilik onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklılara hadlerini bildirin. onboarding.tour-tor-privacy.description=Tor Browser çerezleri yalıtır ve kapattııÄınızda web tarayıcı geçmiÅinizi siler. Bu deÄiÅiklikler web tarayıcı üzerinde kiÅisel gizliliÄinizin ve güvenliÄinizin korunmasını saÄlar. AÄ düzeyinde nasıl koruma saÄladıÄımızı öÄrenmek için 'Tor AÄo' üzerine tıklayın. -onboarding.tour-tor-privacy.button=Tor AÄına Gidin +onboarding.tour-tor-privacy.button=Tor AÄına Geç onboarding.tour-tor-network=Tor AÄı onboarding.tour-tor-network.title=Tek merkezden yönetilmeyen bir aÄda gezinin. -onboarding.tour-tor-network.description=Tor Browser connects you to the Tor network run by thousands of volunteers around the world. Unlike a VPN, thereâs no one point of failure or centralized entity you need to trust in order to enjoy the internet privately. -onboarding.tour-tor-network.button=Go to Circuit Display +onboarding.tour-tor-network.description=Tor Browser sizi tüm dünyada binlerce gönüllü tarafından iÅletilen Tor AÄına baÄlar. VPN baÄlantısının aksine güvenlik açıÄı oluÅturacak bir nokta ya da Ä°nternet üzerinde kiÅisel gizliliÄinizi koruyarak gezinmeniz için güvenmeniz gereken merkezi bir kuruluÅ yoktur. +onboarding.tour-tor-network.button=Devre Görünümüne Geç -onboarding.tour-tor-circuit-display=Circuit Display -onboarding.tour-tor-circuit-display.title=See your path. -onboarding.tour-tor-circuit-display.description=For each domain you visit, your traffic is relayed and encrypted in a circuit across three Tor relays around the world. No website knows where you are connecting from. You can request a new circuit by clicking âNew Circuit for this Siteâ on our Circuit Display. -onboarding.tour-tor-circuit-display.button=See My Path +onboarding.tour-tor-circuit-display=Devre Görünümü +onboarding.tour-tor-circuit-display.title=Yolunuzu görün. +onboarding.tour-tor-circuit-display.description=Ziyaret ettiÄiniz her web sitesi için baÄlantınız dünya üzerindeki üç Tor aktarıcısından oluÅan bir devreden Åifrelenir ve aktarılır. Hiç bir web sitesi sizin gerçekte nereden baÄlandıÄınızı bilemez. KullandıÄınız devreyi deÄiÅtirmek için Devre Görünümünde "Bu Sitenin Devresini Yenile" üzerine tıklayın. +onboarding.tour-tor-circuit-display.button=Yolumu Göster onboarding.tour-tor-security=Güvenlik -onboarding.tour-tor-security.title=Choose your experience. -onboarding.tour-tor-security.description=We also provide you with additional settings for bumping up your browser security. Our Security Settings allow you to block elements that could be used to attack your computer. Click below to see what the different options do. -onboarding.tour-tor-security.button=Review Settings +onboarding.tour-tor-security.title=Deneyiminizi özelleÅtirin. +onboarding.tour-tor-security.description=Ek ayarları kullanarak web tarayıcınızın güvenliÄini arttırabilirsiniz. Güvenlik Ayarlarımız bilgisayarınıza saldırmak için kullanılabilecek bileÅenleri engellemenizi saÄlar. Seçeneklerinizi görebilmek için aÅaÄıya tıklayın. +onboarding.tour-tor-security.button=Ayarları Gözden Geçir -onboarding.tour-tor-expect-differences=Experience Tips -onboarding.tour-tor-expect-differences.title=Expect some differences. +onboarding.tour-tor-expect-differences=Deneyim Ä°puçları +onboarding.tour-tor-expect-differences.title=Bazı farklılıklara açık olun. onboarding.tour-tor-expect-differences.description=With all the security and privacy features provided by Tor, your experience while browsing the internet may be a little different. Things may be a bit slower, and depending on your security level, some elements may not work or load. You may also be asked to prove you are a human and not a robot. onboarding.tour-tor-expect-differences.button=See FAQs @@ -47,7 +47,7 @@ onboarding.tor-circuit-display.three-of-three=3 of 3 onboarding.tor-circuit-display.intro.title=How do circuits work? onboarding.tor-circuit-display.intro.msg=Circuits are made up of randomly assigned relays, which are computers around the world configured to forward Tor traffic. Circuits allow you to browse privately and to connect to onion services.
[tor-commits] [translation/tails-onioncircuits] Update translations for tails-onioncircuits
commit 96988f99ba0cf68d9dcac07b2e48924687a13f7a Author: Translation commit bot Date: Sat Sep 8 04:16:31 2018 + Update translations for tails-onioncircuits --- tr/onioncircuits.pot | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tr/onioncircuits.pot b/tr/onioncircuits.pot index 3f22e29c5..7bbe54cce 100644 --- a/tr/onioncircuits.pot +++ b/tr/onioncircuits.pot @@ -3,14 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: -# Kaya Zeren , 2016 +# Kaya Zeren , 2016,2018 # Volkan Gezer , 2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2017-08-03 13:00+\n" -"PO-Revision-Date: 2017-09-23 22:22+\n" +"PO-Revision-Date: 2018-09-08 04:07+\n" "Last-Translator: Kaya Zeren \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" @@ -25,7 +25,7 @@ msgstr "Henüz Tor aÄına baÄlı deÄilsiniz..." #: ../onioncircuits:95 msgid "Onion Circuits" -msgstr "Onion Circuits" +msgstr "Onion Devreleri" #: ../onioncircuits:125 msgid "Circuit" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-onioncircuits_completed] Update translations for tails-onioncircuits_completed
commit 70cd3f66111f9d156931d7c8ac9ec6e96120bb96 Author: Translation commit bot Date: Sat Sep 8 04:16:36 2018 + Update translations for tails-onioncircuits_completed --- tr/onioncircuits.pot | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tr/onioncircuits.pot b/tr/onioncircuits.pot index 3f22e29c5..7bbe54cce 100644 --- a/tr/onioncircuits.pot +++ b/tr/onioncircuits.pot @@ -3,14 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: -# Kaya Zeren , 2016 +# Kaya Zeren , 2016,2018 # Volkan Gezer , 2016 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2017-08-03 13:00+\n" -"PO-Revision-Date: 2017-09-23 22:22+\n" +"PO-Revision-Date: 2018-09-08 04:07+\n" "Last-Translator: Kaya Zeren \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" @@ -25,7 +25,7 @@ msgstr "Henüz Tor aÄına baÄlı deÄilsiniz..." #: ../onioncircuits:95 msgid "Onion Circuits" -msgstr "Onion Circuits" +msgstr "Onion Devreleri" #: ../onioncircuits:125 msgid "Circuit" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit 096d2a6364a4738466f825e586746dbe981f2675 Author: Translation commit bot Date: Sat Sep 8 03:49:14 2018 + Update translations for support-portal --- contents+tr.po | 16 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index b100ddfc6..8a8a3e59e 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -307,7 +307,7 @@ msgstr "Maalesef, henüz ChromeOS için resmi bir Tor Browser sürümümüz yok. #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -571,6 +571,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/tbb/tbb-18/ #: (content/tbb/tbb-18/contents+en.lrquestion.description) @@ -852,7 +854,7 @@ msgstr "tor-baglantisi-kurmakta-sorun-yasiyorum" #: http//localhost/misc/misc-4/ #: (content/misc/misc-4/contents+en.lrquestion.title) msgid "Can I use Tor with BitTorrent?" -msgstr "Tor'u BitTorrent ile kullanabilir miyim?" +msgstr "Tor ile BitTorrent kullanabilir miyim?" #: http//localhost/misc/misc-3/ #: (content/misc/misc-3/contents+en.lrquestion.description) @@ -1621,7 +1623,7 @@ msgstr "tor-baglantisi" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.description) @@ -1668,6 +1670,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/tbb/tbb-28/ #: (content/tbb/tbb-28/contents+en.lrquestion.description) @@ -3583,6 +3587,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/onionservices/onionservices-1/ #: (content/onionservices/onionservices-1/contents+en.lrquestion.description) @@ -3610,6 +3616,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/operators/operators-7/ #: (content/operators/operators-7/contents+en.lrquestion.description) @@ -4266,7 +4274,7 @@ msgstr "" #: http//localhost/onionservices/onionservices-2/ #: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/connecting/connecting-2/ #: (content/connecting/connecting-2/contents+en.lrquestion.description) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed
commit b9d010941212bec0c20a354c4ce321f2f261cbed Author: Translation commit bot Date: Sat Sep 8 03:49:20 2018 + Update translations for support-portal_completed --- contents+tr.po | 400 +++-- 1 file changed, 161 insertions(+), 239 deletions(-) diff --git a/contents+tr.po b/contents+tr.po index 520a7df7a..8a8a3e59e 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-09-07 15:19+CET\n" +"POT-Creation-Date: 2018-09-07 17:41+CET\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: Goktug Cetin , 2018\n" "Language-Team: Turkish (https://www.transifex.com/otf/teams/1519/tr/)\n" @@ -70,6 +70,13 @@ msgstr "" "eriÅilmesini istiyorsa, siz dünyanın baÅka bir yerindeki bir aktarıcı " "üzerinden geldiÄinizde hesabınız engellenebilir)." +#: http//localhost/https/https-1/ +#: (content/https/https-1/contents+en.lrquestion.description) +msgid "Tor prevents eavesdroppers from learning sites that you visit." +msgstr "" +"Tor baÄlantınızı izleyen kiÅi ya da kuruluÅların ziyaret ettiÄiniz siteleri " +"görmesini engeller." + #: http//localhost/tbb/tbb-41/ #: (content/tbb/tbb-41/contents+en.lrquestion.description) msgid "" @@ -252,16 +259,6 @@ msgstr "" msgid "What is a .onion or what are onion services?" msgstr ".onion ya da onion hizmetleri nedir?" -#: http//localhost/operators/operators-1/ -#: (content/operators/operators-1/contents+en.lrquestion.description) -msgid "" -"After a few hours (to give it enough time to propagate), you can query Atlas" -" to see whether your relay has successfully registered in the network." -msgstr "" -"Bir kaç saat sonra (bilgilerin yayılması için yeterli zamanı tanıyın), Atlas" -" üzerinde bir sorgu yürüterek aktarıcınızın aÄa kayıt olup olmadıÄına " -"bakabilirsiniz." - #: http//localhost/misc/misc-12/ #: (content/misc/misc-12/contents+en.lrquestion.description) msgid "" @@ -307,15 +304,10 @@ msgid "" "Unfortunately, we don't yet have a version of Tor Browser for ChromeOS." msgstr "Maalesef, henüz ChromeOS için resmi bir Tor Browser sürümümüz yok." -#: http//localhost/operators/operators-6/ -#: (content/operators/operators-6/contents+en.lrquestion.description) -msgid "" -"* Look for a log entry in /var/log/syslog such as \"Self-testing indicates " -"your ORPort is reachable from the outside. Excellent.\"" -msgstr "" -"* /var/log/syslog günlük dosyasında \"Self-testing indicates your ORPort is " -"reachable from the outside. Excellent.\" gibi bir satır olup olmadıÄına " -"bakın." +#: http//localhost/tbb/tbb-27/ +#: (content/tbb/tbb-27/contents+en.lrquestion.description) +msgid "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -400,6 +392,8 @@ msgstr "" msgid "RunAsDaemon 1" msgstr "Daemon 1 Olarak ÃalıÅtır" +#: http//localhost/connecting/connecting-2/ +#: (content/connecting/connecting-2/contents+en.lrquestion.description) #: http//localhost/censorship/censorship-5/ #: (content/censorship/censorship-5/contents+en.lrquestion.description) msgid "" @@ -557,15 +551,6 @@ msgstr "" "Kendi aktarıcınızı iÅleterek ya da baÅkalarını bu konuda yüreklendirerek aÄ " "hızının artmasına katkıda bulunabilirsiniz." -#: http//localhost/onionservices/onionservices-2/ -#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) -msgid "" -"" -msgstr "" -"" - #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" @@ -580,14 +565,14 @@ msgstr "" msgid "You can update Tor Browser as soon as a new version is released." msgstr "Yeni bir Tor Browser sürümü yayınlandıÄında güncelleyebilirsiniz." -#: http//localhost/tbb/tbb-29/ -#: (content/tbb/tbb-29/contents+en.lrquestion.description) +#: http//localhost/onionservices/onionservices-2/ +#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" -"" +"" msgstr "" -"" +"" #: http//localhost/tbb/tbb-18/ #: (content/tbb/tbb-18/contents+en.lrquestion.description) @@ -596,14 +581,8 @@ msgid "" " *BSD." msgstr "Maalesef, henüz *BSD için resmi bir Tor Browser sürümümüz yok." -#: http//localhost/tbb/tbb-27/ -#: (content/tbb/tbb-27/contents+en.lrquestion.description) -#: http//localhost/tbb/tbb-29/ -#: (content/tbb/tbb-29/contents+en.lrquestion.description) #: http//localhost/https/https-1/ #: (content/https/https-1/contents+en.lrquestion.description) -#: http//localhost/onionservices/onionservices-2/ -#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" msgstr "" @@ -659,14 +638,14 @@ msgstr "onion-hizmetleri" msgid "Onion Services" msgstr "Onion Hizmetleri" -#: http//localhost/tbb/tbb-27/ -#: (content/tbb/tbb-27/contents+en.lrquestion.description)
[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties
commit 90262e0c629ad5b1155d77667baae7200d7c8c3c Author: Translation commit bot Date: Sat Sep 8 03:48:31 2018 + Update translations for torbutton-browseronboardingproperties --- tr/browserOnboarding.properties | 24 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties index 9413168cc..1c9a594e3 100644 --- a/tr/browserOnboarding.properties +++ b/tr/browserOnboarding.properties @@ -2,18 +2,18 @@ # See LICENSE for licensing information. # vim: set sw=2 sts=2 ts=8 et: -onboarding.tour-tor-welcome=Courier'a -onboarding.tour-tor-welcome.title=Youâre ready. -onboarding.tour-tor-welcome.description=Tor Browser offers the highest standard of privacy and security while browsing the web. Youâre now protected against tracking, surveillance, and censorship. This quick onboarding will show you how. -onboarding.tour-tor-welcome.button=Start Now - -onboarding.tour-tor-privacy=Gizlilik -onboarding.tour-tor-privacy.title=Snub trackers and snoopers. -onboarding.tour-tor-privacy.description=Tor Browser isolates cookies and deletes your browser history after your session. These modifications ensure your privacy and security are protected in the browser. Click âTor Networkâ to learn how we protect you on the network level. -onboarding.tour-tor-privacy.button=Go to Tor Network - -onboarding.tour-tor-network=Tor Network -onboarding.tour-tor-network.title=Travel a decentralized network. +onboarding.tour-tor-welcome=HoÅ Geldiniz +onboarding.tour-tor-welcome.title=Hazırsınız. +onboarding.tour-tor-welcome.description=Tor Browser, web üzerinde gezinirken en yükek standartlarda kiÅisel gizlilik ve güvelik saÄlar. Ä°zleme, gözetleme ve engellemeye karÅı koruma saÄlar. Nasıl olduÄunu buradan hızlıca görebilirsiniz. +onboarding.tour-tor-welcome.button=BaÅlayın + +onboarding.tour-tor-privacy=KiÅisel Gizlilik +onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklılara hadlerini bildirin. +onboarding.tour-tor-privacy.description=Tor Browser çerezleri yalıtır ve kapattııÄınızda web tarayıcı geçmiÅinizi siler. Bu deÄiÅiklikler web tarayıcı üzerinde kiÅisel gizliliÄinizin ve güvenliÄinizin korunmasını saÄlar. AÄ düzeyinde nasıl koruma saÄladıÄımızı öÄrenmek için 'Tor AÄo' üzerine tıklayın. +onboarding.tour-tor-privacy.button=Tor AÄına Gidin + +onboarding.tour-tor-network=Tor AÄı +onboarding.tour-tor-network.title=Tek merkezden yönetilmeyen bir aÄda gezinin. onboarding.tour-tor-network.description=Tor Browser connects you to the Tor network run by thousands of volunteers around the world. Unlike a VPN, thereâs no one point of failure or centralized entity you need to trust in order to enjoy the internet privately. onboarding.tour-tor-network.button=Go to Circuit Display ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-persistence-setup] Update translations for tails-persistence-setup
commit e3b1d6e34a5cf73cd92e4763f13b8b0f2288ac69 Author: Translation commit bot Date: Sat Sep 8 01:46:42 2018 + Update translations for tails-persistence-setup --- lo/lo.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lo/lo.po b/lo/lo.po index 9796b6166..7edaaaf89 100644 --- a/lo/lo.po +++ b/lo/lo.po @@ -9,8 +9,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers \n" "POT-Creation-Date: 2018-08-16 11:14+0200\n" -"PO-Revision-Date: 2018-08-16 14:16+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2018-09-08 01:23+\n" +"Last-Translator: ສີສຸວັຠສັàºàºàº»àº§àºàº¸àº¥àº»àº¡ \n" "Language-Team: Lao (http://www.transifex.com/otf/torproject/language/lo/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -286,7 +286,7 @@ msgstr "" #: ../lib/Tails/Persistence/Step/Delete.pm:66 msgid "Delete" -msgstr "" +msgstr "ລຶàº" #: ../lib/Tails/Persistence/Step/Delete.pm:117 msgid "Deleting..." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed
commit cd9ee5c8eda3807c1d3e3650b02f3081be1f7132 Author: Translation commit bot Date: Sat Sep 8 01:45:35 2018 + Update translations for https_everywhere_completed --- lo/https-everywhere.dtd | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/lo/https-everywhere.dtd b/lo/https-everywhere.dtd index 895605cb0..9b1f620f5 100644 --- a/lo/https-everywhere.dtd +++ b/lo/https-everywhere.dtd @@ -14,14 +14,25 @@ - - + + - + + + + + + + + + + + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere] Update translations for https_everywhere
commit d27eab753a875867caaa9d61f02ec3ce77ffb02d Author: Translation commit bot Date: Sat Sep 8 01:45:27 2018 + Update translations for https_everywhere --- lo/https-everywhere.dtd | 28 ++-- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lo/https-everywhere.dtd b/lo/https-everywhere.dtd index d6078858d..9b1f620f5 100644 --- a/lo/https-everywhere.dtd +++ b/lo/https-everywhere.dtd @@ -2,7 +2,7 @@ - + @@ -14,25 +14,25 @@ - + - + - - - - - - - - + + + + + + + + - + - - + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit b72117cff94ffa1d76673b72837350920353fbe2 Author: Translation commit bot Date: Sat Sep 8 00:48:46 2018 + Update translations for support-portal --- contents+ga.po | 13 - 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/contents+ga.po b/contents+ga.po index 76026f5e0..f3fe2fe26 100644 --- a/contents+ga.po +++ b/contents+ga.po @@ -1854,7 +1854,7 @@ msgstr "" #: (content/censorship/censorship-5/contents+en.lrquestion.description) msgid "## Common log error #1: Proxy connection failure" msgstr "" -"## Earráid choitianta #1 sa logcomhad: Theip ar cheangal le " +"## Earráid choitianta #1 sa logchomhad: Theip ar cheangal le " "seachfhreastalaÃ" #: http//localhost/misc/misc-3/ @@ -1950,7 +1950,7 @@ msgstr "* TorBrowser" #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) msgid "#Address noname.example.com" -msgstr "#Seoladh ganainm.example.com" +msgstr "#Address noname.example.com" #: http//localhost/tbb/tbb-1/ #: (content/tbb/tbb-1/contents+en.lrquestion.description) @@ -1968,7 +1968,7 @@ msgid "" "The same protections that keep bad people from breaking Tor's anonymity also" " prevent us from tracking users." msgstr "" -"Nà féidir linn úsáideoirà a lorg mar gheall ar an gnéithe céanna a " +"Nà féidir linn úsáideoirà a lorg mar gheall ar na gnéithe céanna a " "chosnaÃonn do chuid faisnéis phearsanta ar dhrochdhaoine." #: http//localhost/connecting/connecting-2/ @@ -2228,8 +2228,7 @@ msgid "" "You can find more information about donating on our https://donate.torproject.org/donor-faq\;>donor FAQ." msgstr "" -" Tá tuilleadh eolais ar fáil ar an leathanach seo: https://donate.torproject.org/donor-faq\\\;>https://donate.torproject.org/donor-faq\;>Ceisteanna Coitianta do " "dheontóirÃ." @@ -4313,6 +4312,10 @@ msgid "" " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" " please check your time, timezone, and date settings." msgstr "" +"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time " +"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours," +" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" +" please check your time, timezone, and date settings." #: http//localhost/tbb/tbb-7/ #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit 6d31d3482fb0e35bbf5df5d4e47d6d842dcbe133 Author: Translation commit bot Date: Fri Sep 7 23:48:48 2018 + Update translations for support-portal --- contents+ga.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contents+ga.po b/contents+ga.po index 252153493..76026f5e0 100644 --- a/contents+ga.po +++ b/contents+ga.po @@ -1614,7 +1614,7 @@ msgid "" "of people can also be abused by criminals and malware authors." msgstr "" "Ach leis an bhfÃrinne a rá, úsáideann go leor daoine ár gcuid bogearraà go " -"laethúil ar bhealaà dlisteanacha: gnÃomhaÃgh ar son cearta daonna, " +"laethúil ar bhealaà dlisteanacha: gnÃomhaithe ar son cearta daonna, " "iriseoirÃ, daoine a tháinig slán ó dhroch-Ãde sa mbaile, daoine nochta " "scéil, gardaÃ, agus neart eile. Faraor, is féidir le coirpigh agus le húdair" " bogearraà mailÃseacha leas a bhaint as an gcosaint chéanna a sholáthraÃonn " @@ -1658,8 +1658,8 @@ msgid "" "On Linux, there is no default location, however the folder will be named " "\"tor-browser_en-US\" if you are running the English Tor Browser." msgstr "" -"NÃl aon suÃomh réamhshocraithe ar Linux, ach is é \"tor-browser_en-US\" ainm" -" an fhillteáin má tá an leagan Béarla agat." +"NÃl aon suÃomh réamhshocraithe ar Linux, ach is é \"tor-browser_ga-IE\" ainm" +" an fhillteáin má tá an leagan Gaeilge agat." #: http//localhost/misc/ (content/misc/contents+en.lrtopic.seo_slug) msgid "misc" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] find and neutralize nickm's easter egg
commit e07b692fa1ba20401ae06171e6ae79928d00e028 Author: Roger Dingledine Date: Fri Sep 7 19:31:33 2018 -0400 find and neutralize nickm's easter egg also fix a typo while i'm here --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index ce9fa9ce5..6c75b5b67 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -Changes in version 0.3.3.10 - 2019-09-10 +Changes in version 0.3.3.10 - 2018-09-10 Tor 0.3.3.10 backports numerous fixes from later versions of Tor. o Minor features (bug workaround, backport from 0.3.4.7-rc): @@ -89,7 +89,7 @@ Changes in version 0.3.3.10 - 2019-09-10 failure. Fixes bug 26948; bugfix on 0.3.3.1-alpha. o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc): -- Fix a bug in out sandboxing rules for the openat() syscall. +- Fix a bug in our sandboxing rules for the openat() syscall. Previously, no openat() call would be permitted, which would break filesystem operations on recent glibc versions. Fixes bug 25440; bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit e3ec9b6b256a932d513db9dfbf952c31f372dbec Author: Translation commit bot Date: Fri Sep 7 23:18:47 2018 + Update translations for support-portal --- contents+ga.po | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/contents+ga.po b/contents+ga.po index 51b92a569..252153493 100644 --- a/contents+ga.po +++ b/contents+ga.po @@ -1119,8 +1119,8 @@ msgid "" "ntp or openntpd (or similar) package to keep it that way." msgstr "" "* Deimhnigh go bhfuil an clog, an dáta, agus an crios ama socraithe mar is " -"ceart. Suiteáil ntp nó openntpd (nó pacáiste eile den sórt seo) chun an t-am" -" cheart a choinneáil." +"ceart ar do rÃomhaire. Suiteáil ntp nó openntpd (nó pacáiste eile den sórt " +"seo) chun an t-am cheart a choinneáil." #: http//localhost/faq/faq-4/ (content/faq/faq-4/contents+en.lrquestion.title) #: http//localhost/tbb/tbb-31/ @@ -1157,7 +1157,7 @@ msgid "" "Several countries, including China and Iran, have found ways to detect and " "block connections to Tor bridges." msgstr "" -"Tá roinnt tÃortha (An tSÃn agus An Iaráin san áireamh) in ann ceangail trà " +"Tá roinnt tÃortha, an tSÃn agus an Iaráin san áireamh, in ann ceangail trà " "dhroichead Tor a aimsiú agus cosc a chur orthu." #: http//localhost/connecting/connecting-2/ @@ -1252,7 +1252,7 @@ msgstr "" msgid "* Make sure your clock, date, and timezone are set correctly." msgstr "" "* Deimhnigh go bhfuil an clog, an dáta, agus an crios ama socraithe mar is " -"ceart." +"ceart ar do rÃomhaire." #: http//localhost/tormessenger/tormessenger-1/ #: (content/tormessenger/tormessenger-1/contents+en.lrquestion.title) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Remove folded-in changes file (0.3.2.12)
commit 8702a274cbd1e935d43c15ca3bbb44c396647b20 Author: Nick Mathewson Date: Fri Sep 7 15:55:08 2018 -0400 Remove folded-in changes file (0.3.2.12) --- changes/27286| 4 changes/bug20424_029_minimal | 4 changes/bug25440 | 5 - changes/bug26485 | 4 changes/bug26497 | 3 --- changes/bug26497-backport| 3 --- changes/bug26785 | 4 changes/bug26787 | 3 --- changes/bug26830 | 3 --- changes/bug26853 | 3 --- changes/bug26924 | 4 changes/bug26927 | 4 changes/bug26932 | 3 --- changes/bug27081 | 4 changes/bug27088 | 5 - changes/bug27090 | 3 --- changes/bug27093 | 3 --- changes/bug27185 | 3 --- changes/bug27226 | 5 - changes/bug27295 | 3 --- changes/bug27344 | 4 changes/bug27345 | 5 - changes/bug27418 | 3 --- changes/bug27453 | 3 --- changes/bug27461 | 5 - changes/bug27463 | 3 --- changes/bug27465 | 5 - changes/geoip-2018-08-07 | 4 changes/ticket24629 | 3 --- changes/ticket26560 | 3 --- changes/ticket26647 | 4 changes/ticket26952-cargo| 3 --- changes/ticket26952-ccache | 3 --- changes/ticket27087 | 3 --- 34 files changed, 124 deletions(-) diff --git a/changes/27286 b/changes/27286 deleted file mode 100644 index 5f5f7a4ae..0 --- a/changes/27286 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authorities): -- Authorities no longer vote to make the subprotocol version "LinkAuth=1" - a requirement: it is unsupportable with NSS, and hasn't been needed - since Tor 0.3.0.1-alpha. Closes ticket 27286. diff --git a/changes/bug20424_029_minimal b/changes/bug20424_029_minimal deleted file mode 100644 index eb7886233..0 --- a/changes/bug20424_029_minimal +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): -- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell - the compiler not to include the system malloc implementation. Fixes bug - 20424; bugfix on 0.2.0.20-rc. diff --git a/changes/bug25440 b/changes/bug25440 deleted file mode 100644 index f8d9dd4fa..0 --- a/changes/bug25440 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): -- Fix a bug in out sandboxing rules for the openat() syscall. - Previously, no openat() call would be permitted, which would break - filesystem operations on recent glibc versions. Fixes bug 25440; - bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. diff --git a/changes/bug26485 b/changes/bug26485 deleted file mode 100644 index 5a40b7a78..0 --- a/changes/bug26485 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (directory authority): -- When voting for recommended versions, make sure that all of the - versions are well-formed and parsable. Fixes bug 26485; bugfix on - 0.1.1.6-alpha. diff --git a/changes/bug26497 b/changes/bug26497 deleted file mode 100644 index d0c05ff3e..0 --- a/changes/bug26497 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (rust): -- Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or - $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-backport b/changes/bug26497-backport deleted file mode 100644 index 1d86e01bf..0 --- a/changes/bug26497-backport +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (rust): -- Backport test_rust.sh from master. - Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26785 b/changes/bug26785 deleted file mode 100644 index e6392fcbd..0 --- a/changes/bug26785 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation, portability): -- Don't try to use a pragma to temporarily disable - -Wunused-const-variable if the compiler doesn't support it. - Fixes bug 26785; bugfix on 0.3.2.11. diff --git a/changes/bug26787 b/changes/bug26787 deleted file mode 100644 index b32e519a9..0 --- a/changes/bug26787 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): -- Disable core dumps in test_bt.sh, to avoid failures in "make - distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha. diff --git a/changes/bug26830 b/changes/bug26830 deleted file mode 100644 index c002f1953..0 --- a/changes/bug26830 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (continuous integration): -- Skip an unreliable key generation test on Windows, until the underlying - issue in bug 26076 is resolved. Fixes bug 26830; bugfix on 0.2.7.3-rc. diff --git a/changes/bug26853 b/changes/bug26853 deleted file mode 100644 index 6ee47789b..0 --- a/changes/bug26853 +++ /dev/null @@ -1,3 +0,0 @@ - o
[tor-commits] [tor/release-0.3.3] Remove folded-in changes file (0.3.3.10)
commit d1d9ea4aff3a24cd88096600426d89d7f8fd6dac Author: Nick Mathewson Date: Fri Sep 7 15:55:17 2018 -0400 Remove folded-in changes file (0.3.3.10) --- changes/27286| 4 changes/bug20424_029_minimal | 4 changes/bug25440 | 5 - changes/bug26485 | 4 changes/bug26497 | 3 --- changes/bug26497-backport| 3 --- changes/bug26497-cd | 4 changes/bug26627 | 7 --- changes/bug26779 | 4 changes/bug26785 | 4 changes/bug26787 | 3 --- changes/bug26830 | 3 --- changes/bug26853 | 3 --- changes/bug26873 | 4 changes/bug26876 | 4 changes/bug26924 | 4 changes/bug26927 | 4 changes/bug26932 | 3 --- changes/bug26948 | 4 changes/bug27081 | 4 changes/bug27088 | 5 - changes/bug27090 | 3 --- changes/bug27093 | 3 --- changes/bug27164 | 4 changes/bug27177 | 4 changes/bug27185 | 3 --- changes/bug27226 | 5 - changes/bug27295 | 3 --- changes/bug27344 | 4 changes/bug27345 | 5 - changes/bug27418 | 3 --- changes/bug27453 | 3 --- changes/bug27461 | 5 - changes/bug27463 | 3 --- changes/bug27465 | 5 - changes/geoip-2018-08-07 | 4 changes/ticket24629 | 3 --- changes/ticket24629-backport | 3 --- changes/ticket26560 | 3 --- changes/ticket26647 | 4 changes/ticket26952-cargo| 3 --- changes/ticket26952-ccache | 3 --- changes/ticket27087 | 3 --- 43 files changed, 162 deletions(-) diff --git a/changes/27286 b/changes/27286 deleted file mode 100644 index 5f5f7a4ae..0 --- a/changes/27286 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authorities): -- Authorities no longer vote to make the subprotocol version "LinkAuth=1" - a requirement: it is unsupportable with NSS, and hasn't been needed - since Tor 0.3.0.1-alpha. Closes ticket 27286. diff --git a/changes/bug20424_029_minimal b/changes/bug20424_029_minimal deleted file mode 100644 index eb7886233..0 --- a/changes/bug20424_029_minimal +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): -- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell - the compiler not to include the system malloc implementation. Fixes bug - 20424; bugfix on 0.2.0.20-rc. diff --git a/changes/bug25440 b/changes/bug25440 deleted file mode 100644 index f8d9dd4fa..0 --- a/changes/bug25440 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): -- Fix a bug in out sandboxing rules for the openat() syscall. - Previously, no openat() call would be permitted, which would break - filesystem operations on recent glibc versions. Fixes bug 25440; - bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. diff --git a/changes/bug26485 b/changes/bug26485 deleted file mode 100644 index 5a40b7a78..0 --- a/changes/bug26485 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (directory authority): -- When voting for recommended versions, make sure that all of the - versions are well-formed and parsable. Fixes bug 26485; bugfix on - 0.1.1.6-alpha. diff --git a/changes/bug26497 b/changes/bug26497 deleted file mode 100644 index d0c05ff3e..0 --- a/changes/bug26497 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (rust): -- Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or - $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-backport b/changes/bug26497-backport deleted file mode 100644 index 1d86e01bf..0 --- a/changes/bug26497-backport +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (rust): -- Backport test_rust.sh from master. - Fixes bug 26497; bugfix on 0.3.1.5-alpha. diff --git a/changes/bug26497-cd b/changes/bug26497-cd deleted file mode 100644 index 37bf1bc95..0 --- a/changes/bug26497-cd +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (rust): -- cd to ${abs_top_builddir}/src/rust before running cargo in - src/test/test_rust.sh. This makes the working directory consistent - between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha. diff --git a/changes/bug26627 b/changes/bug26627 deleted file mode 100644 index d28bd05d5..0 --- a/changes/bug26627 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (v3 onion services): -- Stop sending ed25519 link specifiers in v3 onion service introduce - cells, when the rendezvous point doesn't support ed25519 link - authentication. Fixes bug 26627; bugfix on 0.3.2.4-alpha. -- Stop putting ed25519 link
[tor-commits] [tor/release-0.2.9] Changelog for 0.2.9.17
commit d1f9a076619f9f6c6cdf0f508255998c12abe5a2 Author: Nick Mathewson Date: Fri Sep 7 15:59:38 2018 -0400 Changelog for 0.2.9.17 --- ChangeLog| 98 +++- changes/bug20424_029_minimal | 4 -- changes/bug25440 | 5 --- changes/bug26485 | 4 -- changes/bug26787 | 3 -- changes/bug26830 | 3 -- changes/bug26924 | 4 -- changes/bug27081 | 4 -- changes/bug27088 | 5 --- changes/bug27185 | 3 -- changes/bug27226 | 5 --- changes/bug27295 | 3 -- changes/bug27344 | 4 -- changes/bug27418 | 3 -- changes/bug27453 | 3 -- changes/bug27461 | 5 --- changes/bug27463 | 3 -- changes/bug27465 | 5 --- changes/geoip-2018-08-07 | 4 -- changes/ticket24629 | 3 -- changes/ticket26560 | 3 -- changes/ticket26952-ccache | 3 -- changes/ticket27087 | 3 -- 23 files changed, 97 insertions(+), 83 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9b3906ab1..4c4a19bdd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,100 @@ +Changes in version 0.2.9.17 - 2018-09-10 + Tor 0.2.9.17 backports numerous bugfixes from later versions of Tor. + + o Minor features (compatibility, backport from 0.3.4.8): +- Tell OpenSSL to maintain backward compatibility with previous + RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these + ciphers are disabled by default. Closes ticket 27344. + + o Minor features (continuous integration, backport from 0.3.4.7-rc): +- Enable macOS builds in our Travis CI configuration. Closes + ticket 24629. +- Install libcap-dev and libseccomp2-dev so these optional + dependencies get tested on Travis CI. Closes ticket 26560. +- Run asciidoc during Travis CI. Implements ticket 27087. +- Use ccache in our Travis CI configuration. Closes ticket 26952. + + o Minor features (geoip): +- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2 + Country database. Closes ticket 27089. + + o Minor bugfixes (compilation, backport from 0.3.4.6-rc): +- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, + tell the compiler not to include the system malloc implementation. + Fixes bug 20424; bugfix on 0.2.0.20-rc. + + o Minor bugfixes (compilation, backport from 0.3.4.7-rc): +- Silence a spurious compiler warning on the GetAdaptersAddresses + function pointer cast. This issue is already fixed by 26481 in + 0.3.5 and later, by removing the lookup and cast. Fixes bug 27465; + bugfix on 0.2.3.11-alpha. +- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not + supported, and always fails. Some compilers warn about the + function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix + on 0.2.2.23-alpha. + + o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc): +- Don't link or search for pthreads when building for Windows, even + if we are using build environment (like mingw) that provides a + pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc): +- Skip a pair of unreliable key generation tests on Windows, until + the underlying issue in bug 26076 is resolved. Fixes bug 26830 and + bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively. + + o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc): +- Pass the module flags to distcheck configure, and log the flags + before running configure. (Backported to 0.2.9 and later as a + precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha. + + o Minor bugfixes (continuous integration, backport from 0.3.4.8): +- When a Travis build fails, and showing a log fails, keep trying to + show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc. +- When we use echo in Travis, don't pass a --flag as the first + argument. Fixes bug 27418; bugfix on 0.3.4.7-rc. + + o Minor bugfixes (directory authority, backport from 0.3.4.6-rc): +- When voting for recommended versions, make sure that all of the + versions are well-formed and parsable. Fixes bug 26485; bugfix + on 0.1.1.6-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc): +- Fix a bug in out sandboxing rules for the openat() syscall. + Previously, no openat() call would be permitted, which would break + filesystem operations on recent glibc versions. Fixes bug 25440; + bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. + + o Minor bugfixes (onion services, backport from 0.3.4.8): +- Silence a spurious compiler warning in + rend_client_send_introduction(). Fixes bug 27463; bugfix + on 0.1.1.2-alpha. + + o Minor bugfixes (single onion services,
[tor-commits] [tor/release-0.3.2] Create a changelog for 0.3.2.12
commit 0fe5a2923be25a197fdc50f5fa4e573eddb8a041 Author: Nick Mathewson Date: Fri Sep 7 15:54:45 2018 -0400 Create a changelog for 0.3.2.12 --- ChangeLog | 146 +- 1 file changed, 145 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 8de71e0ee..8aa1e1c00 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,148 @@ +Changes in version 0.3.2.12 - 2018-09-10 + Tor 0.3.2.12 backport numerous fixes from later versions of Tor. + + o Minor features (compatibility, backport from 0.3.4.8): +- Tell OpenSSL to maintain backward compatibility with previous + RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these + ciphers are disabled by default. Closes ticket 27344. + + o Minor features (continuous integration, backport from 0.3.4.7-rc): +- Enable macOS builds in our Travis CI configuration. Closes + ticket 24629. +- Install libcap-dev and libseccomp2-dev so these optional + dependencies get tested on Travis CI. Closes ticket 26560. +- Run asciidoc during Travis CI. Implements ticket 27087. +- Use ccache in our Travis CI configuration. Closes ticket 26952. + + o Minor features (continuous integration, rust, backport from 0.3.4.7-rc): +- Use cargo cache in our Travis CI configuration. Closes + ticket 26952. + + o Minor features (controller, backport from 0.3.4.6-rc): +- The control port now exposes the list of HTTPTunnelPorts and + ExtOrPorts via GETINFO net/listeners/httptunnel and + net/listeners/extor respectively. Closes ticket 26647. + + o Minor features (directory authorities, backport from 0.3.4.7-rc): +- Authorities no longer vote to make the subprotocol version + "LinkAuth=1" a requirement: it is unsupportable with NSS, and + hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286. + + o Minor features (geoip): +- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2 + Country database. Closes ticket 27089. + + o Minor bugfixes (compilation, backport from 0.3.4.6-rc): +- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, + tell the compiler not to include the system malloc implementation. + Fixes bug 20424; bugfix on 0.2.0.20-rc. +- Don't try to use a pragma to temporarily disable the + -Wunused-const-variable warning if the compiler doesn't support + it. Fixes bug 26785; bugfix on 0.3.2.11. + + o Minor bugfixes (compilation, backport from 0.3.4.7-rc): +- Silence a spurious compiler warning on the GetAdaptersAddresses + function pointer cast. This issue is already fixed by 26481 in + 0.3.5 and later, by removing the lookup and cast. Fixes bug 27465; + bugfix on 0.2.3.11-alpha. +- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not + supported, and always fails. Some compilers warn about the + function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix + on 0.2.2.23-alpha. + + o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc): +- Don't link or search for pthreads when building for Windows, even + if we are using build environment (like mingw) that provides a + pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc): +- Skip a pair of unreliable key generation tests on Windows, until + the underlying issue in bug 26076 is resolved. Fixes bug 26830 and + bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively. + + o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc): +- Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha. +- Pass the module flags to distcheck configure, and log the flags + before running configure. (Backported to 0.2.9 and later as a + precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha. + + o Minor bugfixes (continuous integration, backport from 0.3.4.8): +- When a Travis build fails, and showing a log fails, keep trying to + show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc. +- When we use echo in Travis, don't pass a --flag as the first + argument. Fixes bug 27418; bugfix on 0.3.4.7-rc. + + o Minor bugfixes (directory authority, backport from 0.3.4.6-rc): +- When voting for recommended versions, make sure that all of the + versions are well-formed and parsable. Fixes bug 26485; bugfix + on 0.1.1.6-alpha. + + o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc): +- Fix a bug in out sandboxing rules for the openat() syscall. + Previously, no openat() call would be permitted, which would break + filesystem operations on recent glibc versions. Fixes bug 25440; + bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto. + + + o Minor bugfixes (logging, backport from 0.3.4.6-rc): +- Improve the log message when connection initiators fail to +
[tor-commits] [tor/release-0.3.3] Construct changelog for 0.3.3.10
commit fa2d6d1c0d53318a17f1fb745cf0c7cb1b281ac0 Author: Nick Mathewson Date: Fri Sep 7 15:49:33 2018 -0400 Construct changelog for 0.3.3.10 --- ChangeLog | 173 ++ 1 file changed, 173 insertions(+) diff --git a/ChangeLog b/ChangeLog index 14b52968a..ce9fa9ce5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,176 @@ +Changes in version 0.3.3.10 - 2019-09-10 + Tor 0.3.3.10 backports numerous fixes from later versions of Tor. + + o Minor features (bug workaround, backport from 0.3.4.7-rc): +- Compile correctly on systems that provide the C11 stdatomic.h + header, but where C11 atomic functions don't actually compile. + Closes ticket 26779; workaround for Debian issue 903709. + + o Minor features (compatibility, backport from 0.3.4.8): +- Tell OpenSSL to maintain backward compatibility with previous + RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these + ciphers are disabled by default. Closes ticket 27344. + + o Minor features (continuous integration, backport from 0.3.4.7-rc): +- Backport Travis rust distcheck to 0.3.3. Closes ticket 24629. +- Enable macOS builds in our Travis CI configuration. Closes + ticket 24629. +- Install libcap-dev and libseccomp2-dev so these optional + dependencies get tested on Travis CI. Closes ticket 26560. +- Run asciidoc during Travis CI. Implements ticket 27087. +- Use ccache in our Travis CI configuration. Closes ticket 26952. + + o Minor features (continuous integration, rust, backport from 0.3.4.7-rc): +- Use cargo cache in our Travis CI configuration. Closes + ticket 26952. + + o Minor features (controller, backport from 0.3.4.6-rc): +- The control port now exposes the list of HTTPTunnelPorts and + ExtOrPorts via GETINFO net/listeners/httptunnel and + net/listeners/extor respectively. Closes ticket 26647. + + o Minor features (directory authorities, backport from 0.3.4.7-rc): +- Authorities no longer vote to make the subprotocol version + "LinkAuth=1" a requirement: it is unsupportable with NSS, and + hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286. + + o Minor features (geoip): +- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2 + Country database. Closes ticket 27089. + + o Minor bugfixes (compilation, backport from 0.3.4.6-rc): +- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, + tell the compiler not to include the system malloc implementation. + Fixes bug 20424; bugfix on 0.2.0.20-rc. +- Don't try to use a pragma to temporarily disable the + -Wunused-const-variable warning if the compiler doesn't support + it. Fixes bug 26785; bugfix on 0.3.2.11. + + o Minor bugfixes (compilation, backport from 0.3.4.7-rc): +- Silence a spurious compiler warning on the GetAdaptersAddresses + function pointer cast. This issue is already fixed by 26481 in + 0.3.5 and later, by removing the lookup and cast. Fixes bug 27465; + bugfix on 0.2.3.11-alpha. +- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not + supported, and always fails. Some compilers warn about the + function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix + on 0.2.2.23-alpha. + + o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc): +- Don't link or search for pthreads when building for Windows, even + if we are using build environment (like mingw) that provides a + pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc): +- Skip a pair of unreliable key generation tests on Windows, until + the underlying issue in bug 26076 is resolved. Fixes bug 26830 and + bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively. + + o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc): +- Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha. +- Pass the module flags to distcheck configure, and log the flags + before running configure. (Backported to 0.2.9 and later as a + precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha. + + o Minor bugfixes (continuous integration, backport from 0.3.4.8): +- When a Travis build fails, and showing a log fails, keep trying to + show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc. +- When we use echo in Travis, don't pass a --flag as the first + argument. Fixes bug 27418; bugfix on 0.3.4.7-rc. + + o Minor bugfixes (directory authority, backport from 0.3.4.6-rc): +- When voting for recommended versions, make sure that all of the + versions are well-formed and parsable. Fixes bug 26485; bugfix + on 0.1.1.6-alpha. + + o Minor bugfixes (in-process restart, backport from 0.3.4.7-rc): +- Always call tor_free_all() when leaving tor_run_main(). When we + did not,
[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed
commit 6050a367a7358955bf93d3ce4fb64ba21c2faf75 Author: Translation commit bot Date: Fri Sep 7 19:19:04 2018 + Update translations for support-portal_completed --- contents+es.po | 19 +++ 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/contents+es.po b/contents+es.po index 86cd486fb..1521a9281 100644 --- a/contents+es.po +++ b/contents+es.po @@ -312,7 +312,9 @@ msgstr "" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" +"" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -1550,7 +1552,7 @@ msgid "" "If you see lines like these in your Tor log, it means you are failing to " "connect to a SOCKS proxy." msgstr "" -"Si ves lÃneas como estas en tu registro Tor, significa que no se está " +"Si ves lÃneas como estas en tu registro Tor, significa que no te estás " "conectando a un proxy SOCKS." #: http//localhost/tbb/tbb-35/ @@ -1634,7 +1636,9 @@ msgstr "conectar-a-tor" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" +"" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.description) @@ -4541,11 +4545,10 @@ msgid "" " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" " please check your time, timezone, and date settings." msgstr "" -" (19.11.2017 00:04:48.800 [WARN] Se ha recibido la celda NETINFO con la hora" -" distorsionada (OR:xxx.xx.x.xx:): Parece que nuestro reloj está atrasado" -" 1 dÃa, 0 horas, 1 minuto o que el tuyo está adelantado.. Tor necesita un " -"reloj exacto para funcionar: por favor, comprueba tus ajustes de hora, zona " -"horaria y fecha..)" +"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time " +"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours," +" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" +" please check your time, timezone, and date settings." #: http//localhost/tbb/tbb-7/ #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit 44ad2a3356fedf63e1c45ddb12de87108028c9d2 Author: Translation commit bot Date: Fri Sep 7 19:18:59 2018 + Update translations for support-portal --- contents+es.po | 19 +++ contents+ru.po | 18 ++ 2 files changed, 25 insertions(+), 12 deletions(-) diff --git a/contents+es.po b/contents+es.po index 86cd486fb..1521a9281 100644 --- a/contents+es.po +++ b/contents+es.po @@ -312,7 +312,9 @@ msgstr "" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" +"" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -1550,7 +1552,7 @@ msgid "" "If you see lines like these in your Tor log, it means you are failing to " "connect to a SOCKS proxy." msgstr "" -"Si ves lÃneas como estas en tu registro Tor, significa que no se está " +"Si ves lÃneas como estas en tu registro Tor, significa que no te estás " "conectando a un proxy SOCKS." #: http//localhost/tbb/tbb-35/ @@ -1634,7 +1636,9 @@ msgstr "conectar-a-tor" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" +"" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.description) @@ -4541,11 +4545,10 @@ msgid "" " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" " please check your time, timezone, and date settings." msgstr "" -" (19.11.2017 00:04:48.800 [WARN] Se ha recibido la celda NETINFO con la hora" -" distorsionada (OR:xxx.xx.x.xx:): Parece que nuestro reloj está atrasado" -" 1 dÃa, 0 horas, 1 minuto o que el tuyo está adelantado.. Tor necesita un " -"reloj exacto para funcionar: por favor, comprueba tus ajustes de hora, zona " -"horaria y fecha..)" +"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time " +"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours," +" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:" +" please check your time, timezone, and date settings." #: http//localhost/tbb/tbb-7/ #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug) diff --git a/contents+ru.po b/contents+ru.po index ecf11a98a..300fd7962 100644 --- a/contents+ru.po +++ b/contents+ru.po @@ -86,6 +86,7 @@ msgstr "" #: (content/https/https-1/contents+en.lrquestion.description) msgid "Tor prevents eavesdroppers from learning sites that you visit." msgstr "" +"Tor не позволÑÐµÑ ÑеÑеÑÑÑÑ Ð»ÑбопÑÑнÑм лиÑам ÑзнаÑÑ, какие ÑайÑÑ Ð²Ñ Ð¿Ð¾ÑеÑаеÑе." #: http//localhost/tbb/tbb-41/ #: (content/tbb/tbb-41/contents+en.lrquestion.description) @@ -1666,7 +1667,7 @@ msgstr "ÐÑполÑзоваÑÑ GetTor ÑеÑез Twitter." #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) msgid "* Run \"service tor reload\" (as root)." -msgstr "" +msgstr "* ÐÑполÑзÑйÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ \"service tor reload\" (Ñ ÑÑÑ-пÑавами)." #: http//localhost/faq/faq-1/ #: (content/faq/faq-1/contents+en.lrquestion.description) @@ -1694,7 +1695,7 @@ msgstr "" #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) msgid "#RelayBandwidthRate 30 MBytes" -msgstr "" +msgstr "#RelayBandwidthRate 30 MBytes" #: http//localhost/tbb/tbb-4/ #: (content/tbb/tbb-4/contents+en.lrquestion.description) @@ -2183,6 +2184,9 @@ msgid "" "the latest version of Tor Browser, hosted at a variety of locations that are" " less likely to be censored, such as Dropbox, Google Drive, and GitHub." msgstr "" +"GetTor ÑÑо ÑÑлÑга, коÑоÑÐ°Ñ Ð°Ð²ÑомаÑиÑеÑки оÑвеÑÐ°ÐµÑ ÑообÑениÑми Ñо ÑÑÑлками на" +" поÑледнÑÑ Ð²ÐµÑÑÐ¸Ñ Tor Browser, ÑазмеÑеннÑе в ÑазлиÑнÑÑ Ð¼ÐµÑÑÐ°Ñ , ÑÐ°ÐºÐ¸Ñ ÐºÐ°Ðº " +"Dropbox, Google Drive и GitHub." #: http//localhost/tbb/tbb-10/ #: (content/tbb/tbb-10/contents+en.lrquestion.description) @@ -3620,6 +3624,8 @@ msgid "" "11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. " "Discarding this circuit." msgstr "" +"11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. " +"Discarding this circuit." #: http//localhost/tbb/tbb-16/ #: (content/tbb/tbb-16/contents+en.lrquestion.description) @@ -3654,6 +3660,7 @@ msgstr "Ðак загÑÑзиÑÑ Tor, еÑли torproject.org Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ msgid "" "19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150" msgstr "" +"19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150" #: http//localhost/tormobile/tormobile-4/ #: (content/tormobile/tormobile-4/contents+en.lrquestion.seo_slug) @@ -3663,7 +3670,7 @@ msgstr "" #: http//localhost/operators/operators-3/ #:
[tor-commits] [torspec/master] HSv3: Include HS public identity key to the client auth KDF.
commit 2fdec5ae0583d23f98bd723810084410df4939b8 Author: George Kadianakis Date: Thu Sep 6 13:58:39 2018 +0300 HSv3: Include HS public identity key to the client auth KDF. --- rend-spec-v3.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 1718b22..03b45d9 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -1214,7 +1214,7 @@ Table of contents: And here is what the hidden service computes: SECRET_SEED = x25519(hs_y, client_X) - KEYS = KDF(SECRET_SEED, 40) + KEYS = KDF(subcredential | SECRET_SEED, 40) CLIENT-ID = fist 8 bytes of KEYS COOKIE-KEY = last 32 bytes of KEYS ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Merge remote-tracking branch 'asn-github/bug20700_kdf'
commit 46573d278068dc519d5a7d7473628a824ee6701a Merge: e9ef624 2fdec5a Author: Nick Mathewson Date: Fri Sep 7 15:15:03 2018 -0400 Merge remote-tracking branch 'asn-github/bug20700_kdf' rend-spec-v3.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.3' into release-0.3.3
commit e14da02ed09dafef289a3494ba1f58b7b7580b5f Merge: 281045126 cff7cb858 Author: Nick Mathewson Date: Fri Sep 7 15:13:59 2018 -0400 Merge branch 'maint-0.3.3' into release-0.3.3 configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.3' into maint-0.3.4
commit 0d5aaef465f782d46f538b03fd962ba7007fca11 Merge: fa38bbb70 cff7cb858 Author: Nick Mathewson Date: Fri Sep 7 15:12:27 2018 -0400 Merge branch 'maint-0.3.3' into maint-0.3.4 "ours" to avoid bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Bump to 0.3.3.10
commit 43e400f340caf6d2f40b093d816f684d1163ce8b Author: Nick Mathewson Date: Fri Sep 7 15:11:18 2018 -0400 Bump to 0.3.3.10 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4068b9f09..47dd53034 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.3.8-dev]) +AC_INIT([tor],[0.3.3.10]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 973ede1c0..5ecf20835 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.3.8-dev" +!define VERSION "0.3.3.10" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8837cfce3..08f0048cb 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.3.8-dev" +#define VERSION "0.3.3.10" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.4' into release-0.3.4
commit cf6318f6857a3e91010cf9860fdd85fc18527c15 Merge: 6f48b70f6 0d5aaef46 Author: Nick Mathewson Date: Fri Sep 7 15:14:03 2018 -0400 Merge branch 'maint-0.3.4' into release-0.3.4 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.2' into maint-0.3.3
commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a Merge: 43e400f34 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:12:09 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3
commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a Merge: 43e400f34 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:12:09 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Merge branch 'maint-0.2.9' into release-0.2.9
commit ed8362718fdf04d149aaf4df2cd9e9dda3329e24 Merge: 00a9fafdb da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:13:01 2018 -0400 Merge branch 'maint-0.2.9' into release-0.2.9 configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.4'
commit 9f0e8d8c032fadde93d2079d60eff289203a2fb9 Merge: 9ca1af9a8 0d5aaef46 Author: Nick Mathewson Date: Fri Sep 7 15:14:03 2018 -0400 Merge branch 'maint-0.3.4' ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.3.2' into release-0.3.2
commit 92a88fede564dbc723ab77d952f89d3fac7bc430 Merge: f869cd012 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:13:34 2018 -0400 Merge branch 'maint-0.3.2' into release-0.3.2 configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Bump to 0.3.3.10
commit 43e400f340caf6d2f40b093d816f684d1163ce8b Author: Nick Mathewson Date: Fri Sep 7 15:11:18 2018 -0400 Bump to 0.3.3.10 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4068b9f09..47dd53034 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.3.8-dev]) +AC_INIT([tor],[0.3.3.10]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 973ede1c0..5ecf20835 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.3.8-dev" +!define VERSION "0.3.3.10" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8837cfce3..08f0048cb 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.3.8-dev" +#define VERSION "0.3.3.10" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.2' into maint-0.3.3
commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a Merge: 43e400f34 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:12:09 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.3.2' into maint-0.3.3
commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a Merge: 43e400f34 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:12:09 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Bump to 0.3.3.10
commit 43e400f340caf6d2f40b093d816f684d1163ce8b Author: Nick Mathewson Date: Fri Sep 7 15:11:18 2018 -0400 Bump to 0.3.3.10 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4068b9f09..47dd53034 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.3.8-dev]) +AC_INIT([tor],[0.3.3.10]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 973ede1c0..5ecf20835 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.3.8-dev" +!define VERSION "0.3.3.10" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8837cfce3..08f0048cb 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.3.8-dev" +#define VERSION "0.3.3.10" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.3.3' into maint-0.3.4
commit 0d5aaef465f782d46f538b03fd962ba7007fca11 Merge: fa38bbb70 cff7cb858 Author: Nick Mathewson Date: Fri Sep 7 15:12:27 2018 -0400 Merge branch 'maint-0.3.3' into maint-0.3.4 "ours" to avoid bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bump to 0.3.3.10
commit 43e400f340caf6d2f40b093d816f684d1163ce8b Author: Nick Mathewson Date: Fri Sep 7 15:11:18 2018 -0400 Bump to 0.3.3.10 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4068b9f09..47dd53034 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.3.8-dev]) +AC_INIT([tor],[0.3.3.10]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 973ede1c0..5ecf20835 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.3.8-dev" +!define VERSION "0.3.3.10" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8837cfce3..08f0048cb 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.3.8-dev" +#define VERSION "0.3.3.10" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.3' into maint-0.3.4
commit 0d5aaef465f782d46f538b03fd962ba7007fca11 Merge: fa38bbb70 cff7cb858 Author: Nick Mathewson Date: Fri Sep 7 15:12:27 2018 -0400 Merge branch 'maint-0.3.3' into maint-0.3.4 "ours" to avoid bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Bump to 0.3.2.12
commit cdaf9aec8e7d81fb583075c9486f4af4216ded94 Author: Nick Mathewson Date: Fri Sep 7 15:11:07 2018 -0400 Bump to 0.3.2.12 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 79d2f7e54..5b541d7c9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.10-dev]) +AC_INIT([tor],[0.3.2.12]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 7f2220153..8c84e3659 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.10-dev" +!define VERSION "0.3.2.12" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index f5186fd24..fcdc090d4 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.10-dev" +#define VERSION "0.3.2.12" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3
commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a Merge: 43e400f34 36885f34f Author: Nick Mathewson Date: Fri Sep 7 15:12:09 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.4] Bump to 0.3.3.10
commit 43e400f340caf6d2f40b093d816f684d1163ce8b Author: Nick Mathewson Date: Fri Sep 7 15:11:18 2018 -0400 Bump to 0.3.3.10 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 4068b9f09..47dd53034 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.3.8-dev]) +AC_INIT([tor],[0.3.3.10]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 973ede1c0..5ecf20835 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.3.8-dev" +!define VERSION "0.3.3.10" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8837cfce3..08f0048cb 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.3.8-dev" +#define VERSION "0.3.3.10" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.9] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Bump to 0.2.9.17
commit da29074fc4dce509aec048903e7e854a44c1d825 Author: Nick Mathewson Date: Fri Sep 7 15:10:49 2018 -0400 Bump to 0.2.9.17 --- configure.ac| 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h| 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5ac3579d7..61a0c3238 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.15-dev]) +AC_INIT([tor],[0.2.9.17]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 3a45741d8..0484641f9 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.15-dev" +!define VERSION "0.2.9.17" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index badfab787..457c7469c 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.15-dev" +#define VERSION "0.2.9.17" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.2
commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0 Merge: cdaf9aec8 da29074fc Author: Nick Mathewson Date: Fri Sep 7 15:11:49 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.2 "ours" to avoid bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] HSv3: Don't assert when reading bad client-side privkeys.
commit 3695ef6343fa1c05cd15a3ddf35c3fe6991ff2ad Author: George Kadianakis Date: Fri Sep 7 18:06:44 2018 +0300 HSv3: Don't assert when reading bad client-side privkeys. --- src/feature/hs/hs_client.c | 6 ++ src/test/test_hs_client.c | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index af657c7c9..6f031eb3b 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1500,6 +1500,12 @@ parse_auth_file_content(const char *client_key_str) goto err; } + if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) { +log_warn(LD_REND, "Client authorization encoded base32 private key " + "length is invalid: %s", seckey_b32); +goto err; + } + auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t)); if (base32_decode((char *) auth->enc_seckey.secret_key, sizeof(auth->enc_seckey.secret_key), diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index eacbd328e..03d14924b 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -660,7 +660,9 @@ test_parse_auth_file_content(void *arg) "x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq")); /* Some malformed string. */ tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa==")); - + /* Bigger key than it should be */ + tt_assert(!parse_auth_file_content("xx:descriptor:x25519:" + "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa")); done: tor_free(auth); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Improve v3 client authorization logging
commit 8e57986e7d826141727fc3d538b33882dc4aca91 Author: David Goulet Date: Thu Aug 30 09:16:48 2018 -0400 hs-v3: Improve v3 client authorization logging Part of #20700. Signed-off-by: David Goulet --- src/feature/hs/hs_client.c | 14 -- src/feature/hs/hs_service.c | 18 -- 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 23ab10e21..af657c7c9 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1571,7 +1571,9 @@ hs_config_client_authorization(const or_options_t *options, filename); if (!auth_key_filename_is_valid(filename)) { - log_warn(LD_REND, "The filename is invalid."); + log_notice(LD_REND, "Client authorization unrecognized filename %s. " + "File must end in .auth_private. Ignoring.", + filename); continue; } @@ -1583,7 +1585,7 @@ hs_config_client_authorization(const or_options_t *options, /* If we cannot read the file, continue with the next file. */ if (!client_key_str) { - log_warn(LD_REND, "The file cannot be read."); + log_warn(LD_REND, "The file %s cannot be read.", filename); continue; } @@ -1597,15 +1599,16 @@ hs_config_client_authorization(const or_options_t *options, if (hs_parse_address(auth->onion_address, _pk, NULL, NULL) < 0) { client_service_authorization_free(auth); -log_warn(LD_REND, "The onion address is invalid."); +log_warn(LD_REND, "The onion address \"%s\" is invalid in " + "file %s", filename, auth->onion_address); continue; } if (digest256map_get(auths, identity_pk.pubkey)) { client_service_authorization_free(auth); - log_warn(LD_REND, "Duplicate authorization for the same hidden " - "service."); + "service address %s.", + safe_str_client(auth->onion_address)); goto end; } @@ -1613,7 +1616,6 @@ hs_config_client_authorization(const or_options_t *options, log_info(LD_REND, "Loaded a client authorization key file %s.", filename); } - } SMARTLIST_FOREACH_END(filename); /* Success. */ diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 8d5d69302..09329340c 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1141,7 +1141,7 @@ parse_authorized_client(const char *client_key_str) SPLIT_SKIP_SPACE, 0); /* Wrong number of fields. */ if (smartlist_len(fields) != 3) { -log_warn(LD_REND, "The file is in a wrong format."); +log_warn(LD_REND, "Unknown format of client authorization file."); goto err; } @@ -1151,13 +1151,15 @@ parse_authorized_client(const char *client_key_str) /* Currently, the only supported auth type is "descriptor". */ if (strcmp(auth_type, "descriptor")) { -log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type); +log_warn(LD_REND, "Client authorization auth type '%s' not supported.", + auth_type); goto err; } /* Currently, the only supported key type is "x25519". */ if (strcmp(key_type, "x25519")) { -log_warn(LD_REND, "The key type '%s' is not supported.", key_type); +log_warn(LD_REND, "Client authorization key type '%s' not supported.", + key_type); goto err; } @@ -1175,7 +1177,8 @@ parse_authorized_client(const char *client_key_str) if (base32_decode((char *) client->client_pk.public_key, sizeof(client->client_pk.public_key), pubkey_b32, strlen(pubkey_b32)) < 0) { -log_warn(LD_REND, "The public key cannot be decoded."); +log_warn(LD_REND, "Client authorization public key cannot be decoded: %s", + pubkey_b32); goto err; } @@ -1245,7 +1248,8 @@ load_client_keys(hs_service_t *service) filename); if (!client_filename_is_valid(filename)) { - log_warn(LD_REND, "The filename is invalid."); + log_warn(LD_REND, "Client authorization unrecognized filename %s. " +"File must end in .auth. Ignoring.", filename); continue; } @@ -1258,7 +1262,9 @@ load_client_keys(hs_service_t *service) /* If we cannot read the file, continue with the next file. */ if (!client_key_str) { - log_warn(LD_REND, "The file cannot be read."); + log_warn(LD_REND, "Client authorization file %s can't be read. " +"Corrupted or verify permission? Ignoring.", + client_key_file_path); continue; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Republish descriptors if client auth changes
commit 8f64931d67df2f4b6811b0244bef8d1ea04d8330 Author: Suphanat Chunhapanya Date: Thu May 10 03:35:29 2018 +0700 hs-v3: Republish descriptors if client auth changes When reloading tor, check if our the configured client authorization have changed from what we previously had. If so, republish the updated descriptor. Signed-off-by: David Goulet --- src/feature/hs/hs_service.c | 142 +++- 1 file changed, 140 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index c1dc12dde..042880992 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -107,6 +107,8 @@ static int consider_republishing_hs_descriptors = 0; static int load_client_keys(hs_service_t *service); static void set_descriptor_revision_counter(hs_service_descriptor_t *hs_desc, time_t now, bool is_current); +static int build_service_desc_superencrypted(const hs_service_t *service, + hs_service_descriptor_t *desc); static void move_descriptors(hs_service_t *src, hs_service_t *dst); static int service_encode_descriptor(const hs_service_t *service, const hs_service_descriptor_t *desc, @@ -1321,8 +1323,113 @@ service_descriptor_new(void) return sdesc; } -/* Move descriptor(s) from the src service to the dst service. We do this - * during SIGHUP when we re-create our hidden services. */ +/* Allocate and return a deep copy of client. */ +static hs_service_authorized_client_t * +service_authorized_client_dup(const hs_service_authorized_client_t *client) +{ + hs_service_authorized_client_t *client_dup = NULL; + + tor_assert(client); + + client_dup = tor_malloc_zero(sizeof(hs_service_authorized_client_t)); + /* Currently, the public key is the only component of + * hs_service_authorized_client_t. */ + memcpy(client_dup->client_pk.public_key, + client->client_pk.public_key, + CURVE25519_PUBKEY_LEN); + + return client_dup; +} + +/* If two authorized clients are equal, return 0. If the first one should come + * before the second, return less than zero. If the first should come after + * the second, return greater than zero. */ +static int +service_authorized_client_cmp(const hs_service_authorized_client_t *client1, + const hs_service_authorized_client_t *client2) +{ + tor_assert(client1); + tor_assert(client2); + + /* Currently, the public key is the only component of + * hs_service_authorized_client_t. */ + return tor_memcmp(client1->client_pk.public_key, +client2->client_pk.public_key, +CURVE25519_PUBKEY_LEN); +} + +/* Helper for sorting authorized clients. */ +static int +compare_service_authorzized_client_(const void **_a, const void **_b) +{ + const hs_service_authorized_client_t *a = *_a, *b = *_b; + return service_authorized_client_cmp(a, b); +} + +/* If the list of hs_service_authorized_client_t's is different between + * src and dst, return 1. Otherwise, return 0. */ +static int +service_authorized_client_config_equal(const hs_service_config_t *config1, + const hs_service_config_t *config2) +{ + int ret = 0; + int i; + smartlist_t *sl1 = smartlist_new(); + smartlist_t *sl2 = smartlist_new(); + + tor_assert(config1); + tor_assert(config2); + tor_assert(config1->clients); + tor_assert(config2->clients); + + /* If the number of clients is different, it is obvious that the list + * changes. */ + if (smartlist_len(config1->clients) != smartlist_len(config2->clients)) { +goto done; + } + + /* We do not want to mutate config1 and config2, so we will duplicate both + * entire client lists here. */ + SMARTLIST_FOREACH(config1->clients, + hs_service_authorized_client_t *, client, + smartlist_add(sl1, service_authorized_client_dup(client))); + + SMARTLIST_FOREACH(config2->clients, + hs_service_authorized_client_t *, client, + smartlist_add(sl2, service_authorized_client_dup(client))); + + smartlist_sort(sl1, compare_service_authorzized_client_); + smartlist_sort(sl2, compare_service_authorzized_client_); + + for (i = 0; i < smartlist_len(sl1); i++) { +/* If the clients at index i in both lists differ, the whole configs + * differ. */ +if (service_authorized_client_cmp(smartlist_get(sl1, i), + smartlist_get(sl2, i))) { + goto done; +} + } + + /* Success. */ + ret = 1; + + done: + if (sl1) { +SMARTLIST_FOREACH(sl1, hs_service_authorized_client_t *, p, + service_authorized_client_free(p)); +smartlist_free(sl1); + } + if (sl2) { +SMARTLIST_FOREACH(sl2, hs_service_authorized_client_t *, p, + service_authorized_client_free(p)); +smartlist_free(sl2); + } +
[tor-commits] [tor/master] HSv3: Add subcredential in client auth KDF on the client-side.
commit 6583d1e7091ba368b66c6f3038df223d3b7652cb Author: George Kadianakis Date: Thu Sep 6 16:25:31 2018 +0300 HSv3: Add subcredential in client auth KDF on the client-side. --- src/feature/hs/hs_descriptor.c | 14 -- src/feature/hs/hs_descriptor.h | 3 ++- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index f34685e23..d0cdffdf1 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -1427,13 +1427,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); tor_assert(!tor_mem_is_zero((char *) client_auth_sk, sizeof(*client_auth_sk))); + tor_assert(!tor_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN)); /* Calculate x25519(client_x, hs_Y) */ curve25519_handshake(secret_seed, client_auth_sk, >superencrypted_data.auth_ephemeral_pubkey); - /* Calculate KEYS = KDF(SECRET_SEED, 40) */ + /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */ xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, desc->subcredential, DIGEST256_LEN); crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)); crypto_xof_free(xof); @@ -2539,9 +2541,8 @@ hs_desc_decode_plaintext(const char *encoded, } /* Fully decode an encoded descriptor and set a newly allocated descriptor - * object in desc_out. Subcredentials are used if not NULL else it's ignored. - * Client secret key is used to decrypt the "encrypted" section if not NULL - * else it's ignored. + * object in desc_out. Client secret key is used to decrypt the "encrypted" + * section if not NULL else it's ignored. * * Return 0 on success. A negative value is returned on error and desc_out is * set to NULL. */ @@ -2558,8 +2559,9 @@ hs_desc_decode_descriptor(const char *encoded, desc = tor_malloc_zero(sizeof(hs_descriptor_t)); - /* Subcredentials are optional. */ - if (BUG(!subcredential)) { + /* Subcredentials are not optional. */ + if (BUG(!subcredential || + tor_mem_is_zero((char*)subcredential, DIGEST256_LEN))) { log_warn(LD_GENERAL, "Tried to decrypt without subcred. Impossible!"); goto err; } diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h index 9d447105f..adfb94dea 100644 --- a/src/feature/hs/hs_descriptor.h +++ b/src/feature/hs/hs_descriptor.h @@ -303,7 +303,8 @@ link_specifier_t *hs_desc_lspec_to_trunnel( const hs_desc_link_specifier_t *spec); hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void); -void hs_desc_build_authorized_client(const curve25519_public_key_t * +void hs_desc_build_authorized_client(const uint8_t *subcredential, + const curve25519_public_key_t * client_auth_pk, const curve25519_secret_key_t * auth_ephemeral_sk, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] bug: Use PATH_SEPARATOR instead of slash
commit 5e1d36c7db50d977c4a9a1ed9e80ac9800a6077e Author: Suphanat Chunhapanya Date: Mon Sep 3 03:19:24 2018 +0700 bug: Use PATH_SEPARATOR instead of slash In function get_fname_suffix, previously it uses /, but in fact it should use PATH_SEPARATOR. --- src/test/testing_common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 3880bca9c..56cac99eb 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -112,8 +112,8 @@ get_fname_suffix(const char *name, const char *suffix) setup_directory(); if (!name) return temp_dir; - tor_snprintf(buf,sizeof(buf),"%s/%s%s%s",temp_dir,name,suffix ? "_" : "", - suffix ? suffix : ""); + tor_snprintf(buf,sizeof(buf),"%s%s%s%s%s", temp_dir, PATH_SEPARATOR, name, + suffix ? "_" : "", suffix ? suffix : ""); return buf; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] test: HS v3 client auth is config equal function
commit b61403c7870b9ee289fe61e2f2349a8d49a8d37a Author: Suphanat Chunhapanya Date: Wed May 16 21:57:24 2018 +0700 test: HS v3 client auth is config equal function Signed-off-by: David Goulet --- src/feature/hs/hs_service.c | 4 +- src/feature/hs/hs_service.h | 6 ++ src/test/test_hs_service.c | 138 3 files changed, 146 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 042880992..87c28f620 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -243,7 +243,7 @@ set_service_default_config(hs_service_config_t *c, /* From a service configuration object config, clear everything from it * meaning free allocated pointers and reset the values. */ -static void +STATIC void service_clear_config(hs_service_config_t *config) { if (config == NULL) { @@ -1368,7 +1368,7 @@ compare_service_authorzized_client_(const void **_a, const void **_b) /* If the list of hs_service_authorized_client_t's is different between * src and dst, return 1. Otherwise, return 0. */ -static int +STATIC int service_authorized_client_config_equal(const hs_service_config_t *config1, const hs_service_config_t *config2) { diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h index f1b98b805..735266071 100644 --- a/src/feature/hs/hs_service.h +++ b/src/feature/hs/hs_service.h @@ -399,6 +399,12 @@ STATIC void service_desc_schedule_upload(hs_service_descriptor_t *desc, STATIC int service_desc_hsdirs_changed(const hs_service_t *service, const hs_service_descriptor_t *desc); +STATIC int service_authorized_client_config_equal( + const hs_service_config_t *config1, + const hs_service_config_t *config2); + +STATIC void service_clear_config(hs_service_config_t *config); + #endif /* defined(HS_SERVICE_PRIVATE) */ #endif /* !defined(TOR_HS_SERVICE_H) */ diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 11f542c44..6a061eaea 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -246,6 +246,22 @@ helper_create_authorized_client(void) return client; } +/* Helper: Return a newly allocated authorized client object with the + * same client name and the same public key as the given client. */ +static hs_service_authorized_client_t * +helper_clone_authorized_client(const hs_service_authorized_client_t *client) +{ + hs_service_authorized_client_t *client_out; + + tor_assert(client); + + client_out = tor_malloc_zero(sizeof(hs_service_authorized_client_t)); + memcpy(client_out->client_pk.public_key, + client->client_pk.public_key, CURVE25519_PUBKEY_LEN); + + return client_out; +} + /* Helper: Return a newly allocated service object with the identity keypair * sets and the current descriptor. Then register it to the global map. * Caller should us hs_free_all() to free this service or remove it from the @@ -1869,6 +1885,126 @@ test_rendezvous1_parsing(void *arg) UNMOCK(relay_send_command_from_edge_); } +static void +test_authorized_client_config_equal(void *arg) +{ + int ret; + hs_service_config_t *config1, *config2; + + (void) arg; + + config1 = tor_malloc_zero(sizeof(*config1)); + config2 = tor_malloc_zero(sizeof(*config2)); + + /* Both configs are empty. */ + { +config1->clients = smartlist_new(); +config2->clients = smartlist_new(); + +ret = service_authorized_client_config_equal(config1, config2); +tt_int_op(ret, OP_EQ, 1); + +service_clear_config(config1); +service_clear_config(config2); + } + + /* Both configs have exactly the same client config. */ + { +config1->clients = smartlist_new(); +config2->clients = smartlist_new(); + +hs_service_authorized_client_t *client1, *client2; +client1 = helper_create_authorized_client(); +client2 = helper_create_authorized_client(); + +smartlist_add(config1->clients, client1); +smartlist_add(config1->clients, client2); + +/* We should swap the order of clients here to test that the order + * does not matter. */ +smartlist_add(config2->clients, helper_clone_authorized_client(client2)); +smartlist_add(config2->clients, helper_clone_authorized_client(client1)); + +ret = service_authorized_client_config_equal(config1, config2); +tt_int_op(ret, OP_EQ, 1); + +service_clear_config(config1); +service_clear_config(config2); + } + + /* The numbers of clients in both configs are not equal. */ + { +config1->clients = smartlist_new(); +config2->clients = smartlist_new(); + +hs_service_authorized_client_t *client1, *client2; +client1 = helper_create_authorized_client(); +client2 = helper_create_authorized_client(); + +smartlist_add(config1->clients, client1); +smartlist_add(config1->clients, client2); + +
[tor-commits] [tor/master] hs-v3: Refactor secret data building logic
commit 462d4097ce8b0059591b366c0ddb21b5efe97c3c Author: Suphanat Chunhapanya Date: Thu Apr 19 22:36:59 2018 +0700 hs-v3: Refactor secret data building logic Because this secret data building logic is not only used by the descriptor encoding process but also by the descriptor decoding, refactor the function to take both steps into account. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 71 +- 1 file changed, 50 insertions(+), 21 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index b99797497..4eb06c827 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -944,6 +944,53 @@ encrypt_desc_data_and_base64(const hs_descriptor_t *desc, return enc_b64; } +/* Generate the secret data which is used to encrypt/decrypt the descriptor. + * + * SECRET_DATA = blinded-public-key + * SECRET_DATA = blinded-public-key | descriptor_cookie + * + * The descriptor_cookie is optional but if it exists, it must be at least + * HS_DESC_DESCRIPTOR_COOKIE_LEN bytes long. + * + * A newly allocated secret data is put in secret_data_out. Return the + * length of the secret data. This function cannot fail. */ +static size_t +build_secret_data(const ed25519_public_key_t *blinded_pubkey, + const uint8_t *descriptor_cookie, + uint8_t **secret_data_out) +{ + size_t secret_data_len; + uint8_t *secret_data; + + tor_assert(blinded_pubkey); + tor_assert(secret_data_out); + + if (descriptor_cookie) { +/* If the descriptor cookie is present, we need both the blinded + * pubkey and the descriptor cookie as a secret data. */ +secret_data_len = ED25519_PUBKEY_LEN + HS_DESC_DESCRIPTOR_COOKIE_LEN; +secret_data = tor_malloc(secret_data_len); + +memcpy(secret_data, + blinded_pubkey->pubkey, + ED25519_PUBKEY_LEN); +memcpy(secret_data + ED25519_PUBKEY_LEN, + descriptor_cookie, + HS_DESC_DESCRIPTOR_COOKIE_LEN); + } else { +/* If the descriptor cookie is not present, we need only the blinded + * pubkey as a secret data. */ +secret_data_len = ED25519_PUBKEY_LEN; +secret_data = tor_malloc(secret_data_len); +memcpy(secret_data, + blinded_pubkey->pubkey, + ED25519_PUBKEY_LEN); + } + + *secret_data_out = secret_data; + return secret_data_len; +} + /* Generate and encode the superencrypted portion of desc. This also * involves generating the encrypted portion of the descriptor, and performing * the superencryption. A newly allocated NUL-terminated string pointer @@ -976,27 +1023,9 @@ encode_superencrypted_data(const hs_descriptor_t *desc, goto err; } - if (descriptor_cookie) { -/* If the descriptor cookie is present, we need both the blinded - * pubkey and the descriptor cookie as a secret data. */ -secret_data_len = ED25519_PUBKEY_LEN + HS_DESC_DESCRIPTOR_COOKIE_LEN; -secret_data = tor_malloc(secret_data_len); - -memcpy(secret_data, - desc->plaintext_data.blinded_pubkey.pubkey, - ED25519_PUBKEY_LEN); -memcpy(secret_data + ED25519_PUBKEY_LEN, - descriptor_cookie, - HS_DESC_DESCRIPTOR_COOKIE_LEN); - } else { -/* If the descriptor cookie is not present, we need only the blinded - * pubkey as a secret data. */ -secret_data_len = ED25519_PUBKEY_LEN; -secret_data = tor_malloc(secret_data_len); -memcpy(secret_data, - desc->plaintext_data.blinded_pubkey.pubkey, - ED25519_PUBKEY_LEN); - } + secret_data_len = build_secret_data(>plaintext_data.blinded_pubkey, + descriptor_cookie, + _data); /* Encrypt and b64 the inner layer */ layer2_b64_ciphertext = ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Log client auth load activities client side
commit 5b2871d2f2a541ad15541eebf9830b1e448dbfc2 Author: Suphanat Chunhapanya Date: Sun Aug 19 19:47:46 2018 +0700 hs-v3: Log client auth load activities client side Signed-off-by: David Goulet --- src/feature/hs/hs_client.c | 67 ++ 1 file changed, 38 insertions(+), 29 deletions(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index b178282c1..23ab10e21 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1567,42 +1567,51 @@ hs_config_client_authorization(const or_options_t *options, hs_client_service_authorization_t *auth = NULL; ed25519_public_key_t identity_pk; +log_info(LD_REND, "Loading a client authorization key file %s...", + filename); -if (auth_key_filename_is_valid(filename)) { - /* Create a full path for a file. */ - client_key_file_path = hs_path_from_filename(key_dir, filename); - client_key_str = read_file_to_str(client_key_file_path, 0, NULL); - /* Free the file path immediately after using it. */ - tor_free(client_key_file_path); - - /* If we cannot read the file, continue with the next file. */ - if (!client_key_str) { -continue; - } +if (!auth_key_filename_is_valid(filename)) { + log_warn(LD_REND, "The filename is invalid."); + continue; +} - auth = parse_auth_file_content(client_key_str); - /* Free immediately after using it. */ - tor_free(client_key_str); +/* Create a full path for a file. */ +client_key_file_path = hs_path_from_filename(key_dir, filename); +client_key_str = read_file_to_str(client_key_file_path, 0, NULL); +/* Free the file path immediately after using it. */ +tor_free(client_key_file_path); - if (auth) { -/* Parse the onion address to get an identity public key and use it - * as a key of global map in the future. */ -if (hs_parse_address(auth->onion_address, _pk, - NULL, NULL) < 0) { - client_service_authorization_free(auth); - continue; -} +/* If we cannot read the file, continue with the next file. */ +if (!client_key_str) { + log_warn(LD_REND, "The file cannot be read."); + continue; +} -if (digest256map_get(auths, identity_pk.pubkey)) { - client_service_authorization_free(auth); +auth = parse_auth_file_content(client_key_str); +/* Free immediately after using it. */ +tor_free(client_key_str); + +if (auth) { + /* Parse the onion address to get an identity public key and use it + * as a key of global map in the future. */ + if (hs_parse_address(auth->onion_address, _pk, + NULL, NULL) < 0) { +client_service_authorization_free(auth); +log_warn(LD_REND, "The onion address is invalid."); +continue; + } - log_warn(LD_REND, "Duplicate authorization for the same hidden " -"service."); - goto end; -} + if (digest256map_get(auths, identity_pk.pubkey)) { +client_service_authorization_free(auth); -digest256map_set(auths, identity_pk.pubkey, auth); +log_warn(LD_REND, "Duplicate authorization for the same hidden " + "service."); +goto end; } + + digest256map_set(auths, identity_pk.pubkey, auth); + log_info(LD_REND, "Loaded a client authorization key file %s.", + filename); } } SMARTLIST_FOREACH_END(filename); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'dgoulet/ticket20700_035_03'
commit 9ca1af9a8757ee73cf4018263cb3ae2340ebaa9f Merge: 13d0855a8 3695ef634 Author: Nick Mathewson Date: Fri Sep 7 15:03:32 2018 -0400 Merge remote-tracking branch 'dgoulet/ticket20700_035_03' src/app/config/config.c |7 +- src/app/config/or_options_st.h |2 + src/feature/hs/hs_client.c | 266 +- src/feature/hs/hs_client.h | 24 + src/feature/hs/hs_config.c | 27 + src/feature/hs/hs_config.h |1 + src/feature/hs/hs_descriptor.c | 1046 --- src/feature/hs/hs_descriptor.h | 84 +++- src/feature/hs/hs_service.c | 525 +++- src/feature/hs/hs_service.h | 36 ++ src/lib/crypt_ops/crypto_rand.c |4 +- src/lib/crypt_ops/crypto_rand.h |2 +- src/test/fuzz/fuzz_hsdescv3.c |4 +- src/test/hs_test_helpers.c | 43 ++ src/test/test_hs_cache.c| 20 +- src/test/test_hs_client.c | 178 ++- src/test/test_hs_common.c |6 +- src/test/test_hs_descriptor.c | 262 ++ src/test/test_hs_service.c | 459 + src/test/testing_common.c |4 +- 20 files changed, 2560 insertions(+), 440 deletions(-) diff --cc src/lib/crypt_ops/crypto_rand.c index 78471bf39,554777cf5..313d829a5 --- a/src/lib/crypt_ops/crypto_rand.c +++ b/src/lib/crypt_ops/crypto_rand.c @@@ -335,16 -319,14 +335,16 @@@ crypto_strongest_rand_raw(uint8_t *out * Try to get out_len bytes of the strongest entropy we can generate, * storing it into out. **/ - void - crypto_strongest_rand(uint8_t *out, size_t out_len) + MOCK_IMPL(void, + crypto_strongest_rand,(uint8_t *out, size_t out_len)) { -#define DLEN SHA512_DIGEST_LENGTH +#define DLEN DIGEST512_LEN + /* We're going to hash DLEN bytes from the system RNG together with some - * bytes from the openssl PRNG, in order to yield DLEN bytes. + * bytes from the PRNGs from our crypto librar(y/ies), in order to yield + * DLEN bytes. */ - uint8_t inp[DLEN*2]; + uint8_t inp[DLEN*3]; uint8_t tmp[DLEN]; tor_assert(out); while (out_len) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Rename client_sk to client_auth_sk
commit 9f975e99953fa57a7c1f43ebd22cc9e602037b6d Author: Suphanat Chunhapanya Date: Tue May 22 00:01:52 2018 +0700 hs-v3: Rename client_sk to client_auth_sk Signed-off-by: David Goulet --- src/feature/hs/hs_client.c | 7 --- src/feature/hs/hs_descriptor.c | 33 + src/feature/hs/hs_descriptor.h | 4 ++-- src/test/test_hs_descriptor.c | 6 +++--- 4 files changed, 26 insertions(+), 24 deletions(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 0038fdfa5..b178282c1 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1233,7 +1233,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; - curve25519_secret_key_t *client_sk = NULL; + curve25519_secret_key_t *client_auht_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); @@ -1242,7 +1242,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { -client_sk = _auth->enc_seckey; +client_auht_sk = _auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ @@ -1254,7 +1254,8 @@ hs_client_decode_descriptor(const char *desc_str, } /* Parse descriptor */ - ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc); + ret = hs_desc_decode_descriptor(desc_str, subcredential, + client_auht_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index dc7012ec4..be8e206c7 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -1408,7 +1408,7 @@ encrypted_data_length_is_valid(size_t len) static int decrypt_descriptor_cookie(const hs_descriptor_t *desc, const hs_desc_authorized_client_t *client, - const curve25519_secret_key_t *client_sk, + const curve25519_secret_key_t *client_auth_sk, uint8_t **descriptor_cookie_out) { int ret = -1; @@ -1421,15 +1421,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, tor_assert(desc); tor_assert(client); - tor_assert(client_sk); + tor_assert(client_auth_sk); tor_assert(!tor_mem_is_zero( (char *) >superencrypted_data.auth_ephemeral_pubkey, sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); - tor_assert(!tor_mem_is_zero((char *) client_sk, - sizeof(*client_sk))); + tor_assert(!tor_mem_is_zero((char *) client_auth_sk, + sizeof(*client_auth_sk))); /* Calculate x25519(client_x, hs_Y) */ - curve25519_handshake(secret_seed, client_sk, + curve25519_handshake(secret_seed, client_auth_sk, >superencrypted_data.auth_ephemeral_pubkey); /* Calculate KEYS = KDF(SECRET_SEED, 40) */ @@ -1440,7 +1440,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, /* If the client id of auth client is not the same as the calculcated * client id, it means that this auth client is invaild according to the - * client secret key client_sk. */ + * client secret key client_auth_sk. */ if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) { goto done; } @@ -1630,7 +1630,7 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, char **decrypted_out) * decrypted_out is set to NULL. */ static size_t desc_decrypt_encrypted(const hs_descriptor_t *desc, - const curve25519_secret_key_t *client_sk, + const curve25519_secret_key_t *client_auth_sk, char **decrypted_out) { size_t encrypted_len = 0; @@ -1643,12 +1643,12 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc, /* If the client secret key is provided, try to find a valid descriptor * cookie. Otherwise, leave it NULL. */ - if (client_sk) { + if (client_auth_sk) { SMARTLIST_FOREACH_BEGIN(desc->superencrypted_data.clients, hs_desc_authorized_client_t *, client) { /* If we can decrypt the descriptor cookie successfully, we will use that * descriptor cookie and break from the loop. */ - if (!decrypt_descriptor_cookie(desc, client, client_sk, + if (!decrypt_descriptor_cookie(desc, client, client_auth_sk, _cookie)) { break; } @@ -2253,7 +2253,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc, * success else -1. */ static int desc_decode_encrypted_v3(const hs_descriptor_t *desc, -
[tor-commits] [tor/master] hs-v3: Log client auth load activities service side
commit 7ace28c952562386ebe795394a038cdcf8c1dd57 Author: Suphanat Chunhapanya Date: Sun Aug 19 19:37:38 2018 +0700 hs-v3: Log client auth load activities service side Signed-off-by: David Goulet --- src/feature/hs/hs_service.c | 57 + 1 file changed, 37 insertions(+), 20 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 87c28f620..8d5d69302 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1141,6 +1141,7 @@ parse_authorized_client(const char *client_key_str) SPLIT_SKIP_SPACE, 0); /* Wrong number of fields. */ if (smartlist_len(fields) != 3) { +log_warn(LD_REND, "The file is in a wrong format."); goto err; } @@ -1148,9 +1149,15 @@ parse_authorized_client(const char *client_key_str) key_type = smartlist_get(fields, 1); pubkey_b32 = smartlist_get(fields, 2); - /* Currently, the only supported auth type is "descriptor" and the only - * supported key type is "x25519". */ - if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) { + /* Currently, the only supported auth type is "descriptor". */ + if (strcmp(auth_type, "descriptor")) { +log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type); +goto err; + } + + /* Currently, the only supported key type is "x25519". */ + if (strcmp(key_type, "x25519")) { +log_warn(LD_REND, "The key type '%s' is not supported.", key_type); goto err; } @@ -1168,6 +1175,7 @@ parse_authorized_client(const char *client_key_str) if (base32_decode((char *) client->client_pk.public_key, sizeof(client->client_pk.public_key), pubkey_b32, strlen(pubkey_b32)) < 0) { +log_warn(LD_REND, "The public key cannot be decoded."); goto err; } @@ -1233,27 +1241,36 @@ load_client_keys(hs_service_t *service) SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) { hs_service_authorized_client_t *client = NULL; +log_info(LD_REND, "Loading a client authorization key file %s...", + filename); -if (client_filename_is_valid(filename)) { - /* Create a full path for a file. */ - client_key_file_path = hs_path_from_filename(client_keys_dir_path, - filename); - client_key_str = read_file_to_str(client_key_file_path, 0, NULL); - /* Free immediately after using it. */ - tor_free(client_key_file_path); +if (!client_filename_is_valid(filename)) { + log_warn(LD_REND, "The filename is invalid."); + continue; +} - /* If we cannot read the file, continue with the next file. */ - if (!client_key_str) { -continue; - } +/* Create a full path for a file. */ +client_key_file_path = hs_path_from_filename(client_keys_dir_path, + filename); +client_key_str = read_file_to_str(client_key_file_path, 0, NULL); +/* Free immediately after using it. */ +tor_free(client_key_file_path); + +/* If we cannot read the file, continue with the next file. */ +if (!client_key_str) { + log_warn(LD_REND, "The file cannot be read."); + continue; +} - client = parse_authorized_client(client_key_str); - /* Free immediately after using it. */ - tor_free(client_key_str); +client = parse_authorized_client(client_key_str); +/* Wipe and free immediately after using it. */ +memwipe(client_key_str, 0, strlen(client_key_str)); +tor_free(client_key_str); - if (client) { -smartlist_add(config->clients, client); - } +if (client) { + smartlist_add(config->clients, client); + log_info(LD_REND, "Loaded a client authorization key file %s.", + filename); } } SMARTLIST_FOREACH_END(filename); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] HSv3: Add subcredential in client auth KDF on the service-side.
commit 1e9428dc618250ba7a64f5e2e0451a9da9c75853 Author: George Kadianakis Date: Thu Sep 6 16:07:27 2018 +0300 HSv3: Add subcredential in client auth KDF on the service-side. Also update some client auth test vectors that broke... --- src/feature/hs/hs_descriptor.c | 15 ++- src/feature/hs/hs_service.c| 11 ++- src/test/test_hs_descriptor.c | 18 -- 3 files changed, 32 insertions(+), 12 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 9c3d4fc96..f34685e23 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2851,11 +2851,12 @@ hs_desc_build_fake_authorized_client(void) return client_auth; } -/* Using the client public key, auth ephemeral secret key, and descriptor - * cookie, build the auth client so we can then encode the descriptor for - * publication. client_out must be already allocated. */ +/* Using the service's subcredential, client public key, auth ephemeral secret + * key, and descriptor cookie, build the auth client so we can then encode the + * descriptor for publication. client_out must be already allocated. */ void -hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk, +hs_desc_build_authorized_client(const uint8_t *subcredential, +const curve25519_public_key_t *client_auth_pk, const curve25519_secret_key_t * auth_ephemeral_sk, const uint8_t *descriptor_cookie, @@ -2871,20 +2872,24 @@ hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk, tor_assert(auth_ephemeral_sk); tor_assert(descriptor_cookie); tor_assert(client_out); + tor_assert(subcredential); tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk, sizeof(*auth_ephemeral_sk))); tor_assert(!tor_mem_is_zero((char *) client_auth_pk, sizeof(*client_auth_pk))); tor_assert(!tor_mem_is_zero((char *) descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN)); + tor_assert(!tor_mem_is_zero((char *) subcredential, + DIGEST256_LEN)); /* Calculate x25519(hs_y, client_X) */ curve25519_handshake(secret_seed, auth_ephemeral_sk, client_auth_pk); - /* Calculate KEYS = KDF(SECRET_SEED, 40) */ + /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */ xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, subcredential, DIGEST256_LEN); crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)); crypto_xof_free(xof); diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 79ef0a35e..43e5626a5 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1744,10 +1744,18 @@ build_service_desc_superencrypted(const hs_service_t *service, /* The ephemeral key pair is already generated, so this should not give * an error. */ + if (BUG(!curve25519_public_key_is_ok(>auth_ephemeral_kp.pubkey))) { +return -1; + } memcpy(>auth_ephemeral_pubkey, >auth_ephemeral_kp.pubkey, sizeof(curve25519_public_key_t)); + /* Test that subcred is not zero because we might use it below */ + if (BUG(tor_mem_is_zero((char*)desc->desc->subcredential, DIGEST256_LEN))) { +return -1; + } + /* Create a smartlist to store clients */ superencrypted->clients = smartlist_new(); @@ -1761,7 +1769,8 @@ build_service_desc_superencrypted(const hs_service_t *service, /* Prepare the client for descriptor and then add to the list in the * superencrypted part of the descriptor */ - hs_desc_build_authorized_client(>client_pk, + hs_desc_build_authorized_client(desc->desc->subcredential, + >client_pk, >auth_ephemeral_kp.seckey, desc->descriptor_cookie, desc_client); smartlist_add(superencrypted->clients, desc_client); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index be7932cd2..4889281cb 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -400,12 +400,16 @@ test_decode_descriptor(void *arg) memcpy(>superencrypted_data.auth_ephemeral_pubkey, _ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN); +hs_helper_get_subcred_from_identity_keypair(_kp, +subcredential); + /* Build and add the auth client to the descriptor. */ clients = desc->superencrypted_data.clients; if (!clients) { clients = smartlist_new(); } -hs_desc_build_authorized_client(_kp.pubkey, +hs_desc_build_authorized_client(subcredential, +
[tor-commits] [tor/master] hs-v3: Make hs_desc_build_fake_authorized_client() return an object
commit c76d00abfa779059b2936e5b84c032d0e36726d4 Author: David Goulet Date: Wed Sep 5 13:37:37 2018 -0400 hs-v3: Make hs_desc_build_fake_authorized_client() return an object Return a newly allocated fake client authorization object instead of taking the object as a parameter. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 28 src/feature/hs/hs_descriptor.h | 3 +-- src/feature/hs/hs_service.c| 6 ++ src/test/hs_test_helpers.c | 6 ++ src/test/test_hs_descriptor.c | 3 +-- 5 files changed, 22 insertions(+), 24 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 0cabe5036..9c3d4fc96 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2833,18 +2833,22 @@ hs_desc_intro_point_free_(hs_desc_intro_point_t *ip) tor_free(ip); } -/* Build a fake client info for the descriptor */ -void -hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out) -{ - tor_assert(client_out); - - crypto_rand((char *) client_out->client_id, - sizeof(client_out->client_id)); - crypto_rand((char *) client_out->iv, - sizeof(client_out->iv)); - crypto_rand((char *) client_out->encrypted_cookie, - sizeof(client_out->encrypted_cookie)); +/* Allocate and build a new fake client info for the descriptor. Return a + * newly allocated object. This can't fail. */ +hs_desc_authorized_client_t * +hs_desc_build_fake_authorized_client(void) +{ + hs_desc_authorized_client_t *client_auth = +tor_malloc_zero(sizeof(*client_auth)); + + crypto_rand((char *) client_auth->client_id, + sizeof(client_auth->client_id)); + crypto_rand((char *) client_auth->iv, + sizeof(client_auth->iv)); + crypto_rand((char *) client_auth->encrypted_cookie, + sizeof(client_auth->encrypted_cookie)); + + return client_auth; } /* Using the client public key, auth ephemeral secret key, and descriptor diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h index 8ce5fd6a1..9d447105f 100644 --- a/src/feature/hs/hs_descriptor.h +++ b/src/feature/hs/hs_descriptor.h @@ -302,8 +302,7 @@ void hs_desc_authorized_client_free_(hs_desc_authorized_client_t *client); link_specifier_t *hs_desc_lspec_to_trunnel( const hs_desc_link_specifier_t *spec); -void -hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out); +hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void); void hs_desc_build_authorized_client(const curve25519_public_key_t * client_auth_pk, const curve25519_secret_key_t * diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 09329340c..79ef0a35e 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1786,10 +1786,8 @@ build_service_desc_superencrypted(const hs_service_t *service, } for (i = 0; i < num_clients_to_add; i++) { -hs_desc_authorized_client_t *desc_client; -desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); - -hs_desc_build_fake_authorized_client(desc_client); +hs_desc_authorized_client_t *desc_client = + hs_desc_build_fake_authorized_client(); smartlist_add(superencrypted->clients, desc_client); } diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index f8c582afc..4e13ba43a 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -138,10 +138,8 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, desc->superencrypted_data.clients = smartlist_new(); for (i = 0; i < HS_DESC_AUTH_CLIENT_MULTIPLE; i++) { -hs_desc_authorized_client_t *desc_client; -desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); - -hs_desc_build_fake_authorized_client(desc_client); +hs_desc_authorized_client_t *desc_client = + hs_desc_build_fake_authorized_client(); smartlist_add(desc->superencrypted_data.clients, desc_client); } diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index de977599a..be7932cd2 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -412,8 +412,7 @@ test_decode_descriptor(void *arg) /* We need to add fake auth clients here. */ for (i=0; i < 15; ++i) { - fake_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); - hs_desc_build_fake_authorized_client(fake_client); + fake_client = hs_desc_build_fake_authorized_client(); smartlist_add(clients, fake_client); } desc->superencrypted_data.clients = clients; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Rename client_pk to client_auth_pk
commit 83c8419e73a82deeecf25e4f5c24a390c80cac33 Author: Suphanat Chunhapanya Date: Tue May 22 00:09:40 2018 +0700 hs-v3: Rename client_pk to client_auth_pk Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 9 + src/feature/hs/hs_descriptor.h | 3 ++- src/test/test_hs_descriptor.c | 12 ++-- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index be8e206c7..0cabe5036 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2851,7 +2851,7 @@ hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out) * cookie, build the auth client so we can then encode the descriptor for * publication. client_out must be already allocated. */ void -hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk, +hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk, const curve25519_secret_key_t * auth_ephemeral_sk, const uint8_t *descriptor_cookie, @@ -2863,20 +2863,21 @@ hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk, crypto_cipher_t *cipher; crypto_xof_t *xof; - tor_assert(client_pk); + tor_assert(client_auth_pk); tor_assert(auth_ephemeral_sk); tor_assert(descriptor_cookie); tor_assert(client_out); tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk, sizeof(*auth_ephemeral_sk))); - tor_assert(!tor_mem_is_zero((char *) client_pk, sizeof(*client_pk))); + tor_assert(!tor_mem_is_zero((char *) client_auth_pk, + sizeof(*client_auth_pk))); tor_assert(!tor_mem_is_zero((char *) descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN)); /* Calculate x25519(hs_y, client_X) */ curve25519_handshake(secret_seed, auth_ephemeral_sk, - client_pk); + client_auth_pk); /* Calculate KEYS = KDF(SECRET_SEED, 40) */ xof = crypto_xof_new(); diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h index 06d3bfe75..8ce5fd6a1 100644 --- a/src/feature/hs/hs_descriptor.h +++ b/src/feature/hs/hs_descriptor.h @@ -304,7 +304,8 @@ link_specifier_t *hs_desc_lspec_to_trunnel( void hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out); -void hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk, +void hs_desc_build_authorized_client(const curve25519_public_key_t * + client_auth_pk, const curve25519_secret_key_t * auth_ephemeral_sk, const uint8_t *descriptor_cookie, diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 50a073b41..de977599a 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -868,7 +868,7 @@ test_build_authorized_client(void *arg) uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; curve25519_secret_key_t auth_ephemeral_sk; curve25519_secret_key_t client_auth_sk; - curve25519_public_key_t client_pk; + curve25519_public_key_t client_auth_pk; const char ephemeral_sk_b16[] = "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e844dd3468d6a"; const char descriptor_cookie_b16[] = @@ -884,7 +884,7 @@ test_build_authorized_client(void *arg) ret = curve25519_secret_key_generate(_auth_sk, 0); tt_int_op(ret, OP_EQ, 0); - curve25519_public_key_generate(_pk, _auth_sk); + curve25519_public_key_generate(_auth_pk, _auth_sk); desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); @@ -898,15 +898,15 @@ test_build_authorized_client(void *arg) descriptor_cookie_b16, strlen(descriptor_cookie_b16)); - base16_decode((char *) _pk, -sizeof(client_pk), + base16_decode((char *) _auth_pk, +sizeof(client_auth_pk), client_pubkey_b16, strlen(client_pubkey_b16)); MOCK(crypto_strongest_rand, mock_crypto_strongest_rand); - hs_desc_build_authorized_client(_pk, _ephemeral_sk, - descriptor_cookie, desc_client); + hs_desc_build_authorized_client(_auth_pk, _ephemeral_sk, + descriptor_cookie, desc_client); test_memeq_hex((char *) desc_client->client_id, "b514ef67192cad5f"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Re-enable the decoding in the encoding function
commit 53dd1699baf5cb09086644eaca239596aedbde15 Author: Suphanat Chunhapanya Date: Sun Apr 22 20:51:21 2018 +0700 hs-v3: Re-enable the decoding in the encoding function Previously, the validation by decoding a created descriptor was disabled because the interface had to be entirely changed and not implemented at the time. This commit re-enabled it because it is now implemented. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 18 ++ 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 3f9b505cb..52b080271 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2705,14 +2705,16 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc, goto err; } - /* Try to decode what we just encoded. Symmetry is nice! */ - /* XXX: I need to disable this assertation for now to make the test pass. - * I will enable it again when I finish writing the decoding */ - /* ret = hs_desc_decode_descriptor(*encoded_out, */ - /* desc->subcredential, NULL); */ - /* if (BUG(ret < 0)) { */ - /* goto err; */ - /* } */ + /* Try to decode what we just encoded. Symmetry is nice!, but it is + * symmetric only if the client auth is disabled. That is, the descriptor + * cookie will be NULL. */ + if (!descriptor_cookie) { +ret = hs_desc_decode_descriptor(*encoded_out, desc->subcredential, +NULL, NULL); +if (BUG(ret < 0)) { + goto err; +} + } return 0; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs-v3: Make all descriptor content free functions public
commit 3b08b239972df982f6130900295bcde76db8b0ed Author: Suphanat Chunhapanya Date: Thu May 10 03:14:01 2018 +0700 hs-v3: Make all descriptor content free functions public Series of functions that we now need in hs_service.c. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 128 - src/feature/hs/hs_descriptor.h | 5 +- src/test/test_hs_descriptor.c | 2 +- 3 files changed, 69 insertions(+), 66 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 52b080271..dc7012ec4 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -152,62 +152,6 @@ static token_rule_t hs_desc_intro_point_v3_token_table[] = { END_OF_TABLE }; -/* Free the content of the plaintext section of a descriptor. */ -STATIC void -desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) -{ - if (!desc) { -return; - } - - if (desc->superencrypted_blob) { -tor_free(desc->superencrypted_blob); - } - tor_cert_free(desc->signing_key_cert); - - memwipe(desc, 0, sizeof(*desc)); -} - -/* Free the content of the superencrypted section of a descriptor. */ -static void -desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc) -{ - if (!desc) { -return; - } - - if (desc->encrypted_blob) { -tor_free(desc->encrypted_blob); - } - if (desc->clients) { -SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client, - hs_desc_authorized_client_free(client)); -smartlist_free(desc->clients); - } - - memwipe(desc, 0, sizeof(*desc)); -} - -/* Free the content of the encrypted section of a descriptor. */ -static void -desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) -{ - if (!desc) { -return; - } - - if (desc->intro_auth_types) { -SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a)); -smartlist_free(desc->intro_auth_types); - } - if (desc->intro_points) { -SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip, - hs_desc_intro_point_free(ip)); -smartlist_free(desc->intro_points); - } - memwipe(desc, 0, sizeof(*desc)); -} - /* Using a key, salt and encrypted payload, build a MAC and put it in mac_out. * We use SHA3-256 for the MAC computation. * This function can't fail. */ @@ -2288,7 +2232,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc, err: tor_assert(ret < 0); - desc_superencrypted_data_free_contents(desc_superencrypted_out); + hs_desc_superencrypted_data_free_contents(desc_superencrypted_out); done: if (tokens) { @@ -2388,7 +2332,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, err: tor_assert(ret < 0); - desc_encrypted_data_free_contents(desc_encrypted_out); + hs_desc_encrypted_data_free_contents(desc_encrypted_out); done: if (tokens) { @@ -2723,11 +2667,67 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc, return ret; } +/* Free the content of the plaintext section of a descriptor. */ +void +hs_desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) +{ + if (!desc) { +return; + } + + if (desc->superencrypted_blob) { +tor_free(desc->superencrypted_blob); + } + tor_cert_free(desc->signing_key_cert); + + memwipe(desc, 0, sizeof(*desc)); +} + +/* Free the content of the superencrypted section of a descriptor. */ +void +hs_desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc) +{ + if (!desc) { +return; + } + + if (desc->encrypted_blob) { +tor_free(desc->encrypted_blob); + } + if (desc->clients) { +SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client, + hs_desc_authorized_client_free(client)); +smartlist_free(desc->clients); + } + + memwipe(desc, 0, sizeof(*desc)); +} + +/* Free the content of the encrypted section of a descriptor. */ +void +hs_desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) +{ + if (!desc) { +return; + } + + if (desc->intro_auth_types) { +SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a)); +smartlist_free(desc->intro_auth_types); + } + if (desc->intro_points) { +SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip, + hs_desc_intro_point_free(ip)); +smartlist_free(desc->intro_points); + } + memwipe(desc, 0, sizeof(*desc)); +} + /* Free the descriptor plaintext data object. */ void hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc) { - desc_plaintext_data_free_contents(desc); + hs_desc_plaintext_data_free_contents(desc); tor_free(desc); } @@ -2735,7 +2735,7 @@ hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc) void hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc) { - desc_superencrypted_data_free_contents(desc); + hs_desc_superencrypted_data_free_contents(desc);
[tor-commits] [tor/master] hs-v3: Decrypt the descriptor with client private key
commit 7acb720027dd702332fb5a539683742801443f00 Author: Suphanat Chunhapanya Date: Fri Apr 20 02:10:19 2018 +0700 hs-v3: Decrypt the descriptor with client private key Parse the client authorization section from the descriptor, use the client private key to decrypt the auth clients, and then use the descriptor cookie to decrypt the descriptor. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 142 +++-- 1 file changed, 137 insertions(+), 5 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index bb2cc1984..3f9b505cb 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -1181,6 +1181,42 @@ desc_encode_v3(const hs_descriptor_t *desc, /* === DECODING === */ +/* Given the token tok for an auth client, decode it as + * hs_desc_authorized_client_t. tok->args MUST contain at least 3 elements + * Return 0 on success else -1 on failure. */ +static int +decode_auth_client(const directory_token_t *tok, + hs_desc_authorized_client_t *client) +{ + int ret = -1; + + tor_assert(tok); + tor_assert(tok->n_args >= 3); + tor_assert(client); + + if (base64_decode((char *) client->client_id, sizeof(client->client_id), +tok->args[0], strlen(tok->args[0])) != + sizeof(client->client_id)) { +goto done; + } + if (base64_decode((char *) client->iv, sizeof(client->iv), +tok->args[1], strlen(tok->args[1])) != + sizeof(client->iv)) { +goto done; + } + if (base64_decode((char *) client->encrypted_cookie, +sizeof(client->encrypted_cookie), +tok->args[2], strlen(tok->args[2])) != + sizeof(client->encrypted_cookie)) { +goto done; + } + + /* Success. */ + ret = 0; + done: + return ret; +} + /* Given an encoded string of the link specifiers, return a newly allocated * list of decoded link specifiers. Return NULL on error. */ STATIC smartlist_t * @@ -1420,6 +1456,73 @@ encrypted_data_length_is_valid(size_t len) return 0; } +/* Decrypt the descriptor cookie given the descriptor, the auth client, + * and the client secret key. On sucess, return 0 and a newly allocated + * descriptor cookie descriptor_cookie_out. On error or if the client id + * is invalid, return -1 and descriptor_cookie_out is set to + * NULL. */ +static int +decrypt_descriptor_cookie(const hs_descriptor_t *desc, + const hs_desc_authorized_client_t *client, + const curve25519_secret_key_t *client_sk, + uint8_t **descriptor_cookie_out) +{ + int ret = -1; + uint8_t secret_seed[CURVE25519_OUTPUT_LEN]; + uint8_t keystream[HS_DESC_CLIENT_ID_LEN + HS_DESC_COOKIE_KEY_LEN]; + uint8_t *cookie_key = NULL; + uint8_t *descriptor_cookie = NULL; + crypto_cipher_t *cipher = NULL; + crypto_xof_t *xof = NULL; + + tor_assert(desc); + tor_assert(client); + tor_assert(client_sk); + tor_assert(!tor_mem_is_zero( +(char *) >superencrypted_data.auth_ephemeral_pubkey, +sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); + tor_assert(!tor_mem_is_zero((char *) client_sk, + sizeof(*client_sk))); + + /* Calculate x25519(client_x, hs_Y) */ + curve25519_handshake(secret_seed, client_sk, + >superencrypted_data.auth_ephemeral_pubkey); + + /* Calculate KEYS = KDF(SECRET_SEED, 40) */ + xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); + crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)); + crypto_xof_free(xof); + + /* If the client id of auth client is not the same as the calculcated + * client id, it means that this auth client is invaild according to the + * client secret key client_sk. */ + if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) { +goto done; + } + cookie_key = keystream + HS_DESC_CLIENT_ID_LEN; + + /* This creates a cipher for AES. It can't fail. */ + cipher = crypto_cipher_new_with_iv_and_bits(cookie_key, client->iv, + HS_DESC_COOKIE_KEY_BIT_SIZE); + descriptor_cookie = tor_malloc_zero(HS_DESC_DESCRIPTOR_COOKIE_LEN); + /* This can't fail. */ + crypto_cipher_decrypt(cipher, (char *) descriptor_cookie, +(const char *) client->encrypted_cookie, +sizeof(client->encrypted_cookie)); + + /* Success. */ + ret = 0; + done: + *descriptor_cookie_out = descriptor_cookie; + if (cipher) { +crypto_cipher_free(cipher); + } + memwipe(secret_seed, 0, sizeof(secret_seed)); + memwipe(keystream, 0, sizeof(keystream)); + return ret; +} + /** Decrypt an encrypted descriptor layer at encrypted_blob of size * encrypted_blob_size. The descriptor cookie is optional. Use * the descriptor object desc and descriptor_cookie @@ -1588,18 +1691,30 @@
[tor-commits] [tor/master] test: HS v3 descriptor decoding with client authorization
commit 69fb25b0f6f3c2e7397b3f5e49213025ab1e8173 Author: Suphanat Chunhapanya Date: Sun Apr 22 01:13:50 2018 +0700 test: HS v3 descriptor decoding with client authorization Signed-off-by: David Goulet --- src/test/hs_test_helpers.c| 26 src/test/test_hs_descriptor.c | 70 +++ 2 files changed, 96 insertions(+) diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index bb2ba981f..f8c582afc 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -226,6 +226,32 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, * encrypted blob. As contrast to the decoding process where we populate a * descriptor object. */ + /* Superencrypted data section. */ + tt_mem_op(desc1->superencrypted_data.auth_ephemeral_pubkey.public_key, OP_EQ, +desc2->superencrypted_data.auth_ephemeral_pubkey.public_key, +CURVE25519_PUBKEY_LEN); + + /* Auth clients. */ + { +tt_assert(desc1->superencrypted_data.clients); +tt_assert(desc2->superencrypted_data.clients); +tt_int_op(smartlist_len(desc1->superencrypted_data.clients), ==, + smartlist_len(desc2->superencrypted_data.clients)); +for (int i=0; + i < smartlist_len(desc1->superencrypted_data.clients); + i++) { + hs_desc_authorized_client_t +*client1 = smartlist_get(desc1->superencrypted_data.clients, i), +*client2 = smartlist_get(desc2->superencrypted_data.clients, i); + tor_memeq(client1->client_id, client2->client_id, +sizeof(client1->client_id)); + tor_memeq(client1->iv, client2->iv, +sizeof(client1->iv)); + tor_memeq(client1->encrypted_cookie, client2->encrypted_cookie, +sizeof(client1->encrypted_cookie)); +} + } + /* Encrypted data section. */ tt_uint_op(desc1->encrypted_data.create2_ntor, ==, desc2->encrypted_data.create2_ntor); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index e003ea5ff..952499a2c 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -330,6 +330,7 @@ static void test_decode_descriptor(void *arg) { int ret; + int i; char *encoded = NULL; ed25519_keypair_t signing_kp; hs_descriptor_t *desc = NULL; @@ -381,6 +382,75 @@ test_decode_descriptor(void *arg) tt_assert(decoded); } + /* Decode a descriptor with auth clients. */ + { +uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; +curve25519_keypair_t auth_ephemeral_kp; +curve25519_keypair_t client_kp, invalid_client_kp; +smartlist_t *clients; +hs_desc_authorized_client_t *client, *fake_client; +client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); + +/* Prepare all the keys needed to build the auth client. */ +curve25519_keypair_generate(_ephemeral_kp, 0); +curve25519_keypair_generate(_kp, 0); +curve25519_keypair_generate(_client_kp, 0); +crypto_strongest_rand(descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN); + +memcpy(>superencrypted_data.auth_ephemeral_pubkey, + _ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN); + +/* Build and add the auth client to the descriptor. */ +clients = desc->superencrypted_data.clients; +if (!clients) { + clients = smartlist_new(); +} +hs_desc_build_authorized_client(_kp.pubkey, +_ephemeral_kp.seckey, +descriptor_cookie, client); +smartlist_add(clients, client); + +/* We need to add fake auth clients here. */ +for (i=0; i < 15; ++i) { + fake_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); + hs_desc_build_fake_authorized_client(fake_client); + smartlist_add(clients, fake_client); +} +desc->superencrypted_data.clients = clients; + +/* Test the encoding/decoding in the following lines. */ +hs_helper_get_subcred_from_identity_keypair(_kp, +subcredential); +tor_free(encoded); +ret = hs_desc_encode_descriptor(desc, _kp, +descriptor_cookie, ); +tt_int_op(ret, OP_EQ, 0); +tt_assert(encoded); + +/* If we do not have the client secret key, the decoding must fail. */ +hs_descriptor_free(decoded); +ret = hs_desc_decode_descriptor(encoded, subcredential, +NULL, ); +tt_int_op(ret, OP_LT, 0); +tt_assert(!decoded); + +/* If we have an invalid client secret key, the decoding must fail. */ +hs_descriptor_free(decoded); +ret = hs_desc_decode_descriptor(encoded, subcredential, +_client_kp.seckey, ); +tt_int_op(ret, OP_LT, 0); +tt_assert(!decoded); + +/* If we have the client secret key, the decoding must succeed and the + * decoded descriptor must be correct. */ +ret =
[tor-commits] [tor/master] test: HS v3 client authorization loading secret key
commit 9c362192361bec379f83f37426236b41c2a17e8e Author: Suphanat Chunhapanya Date: Sun Aug 19 08:26:43 2018 +0700 test: HS v3 client authorization loading secret key Signed-off-by: David Goulet --- src/feature/hs/hs_client.c | 14 +++- src/feature/hs/hs_client.h | 11 +++ src/test/test_hs_client.c | 174 + 3 files changed, 197 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 7c545c35d..18c79e0c4 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1428,7 +1428,7 @@ client_service_authorization_free_all(void) /* Check if the auth key file name is valid or not. Return 1 if valid, * otherwise return 0. */ -static int +STATIC int auth_key_filename_is_valid(const char *filename) { int ret = 1; @@ -1448,7 +1448,7 @@ auth_key_filename_is_valid(const char *filename) return ret; } -static hs_client_service_authorization_t * +STATIC hs_client_service_authorization_t * parse_auth_file_content(const char *client_key_str) { char *onion_address = NULL; @@ -1836,3 +1836,13 @@ hs_client_dir_info_changed(void) * AP_CONN_STATE_RENDDESC_WAIT state in order to fetch the descriptor. */ retry_all_socks_conn_waiting_for_desc(); } + +#ifdef TOR_UNIT_TESTS + +STATIC digest256map_t * +get_hs_client_auths_map(void) +{ + return client_auths; +} + +#endif /* defined(TOR_UNIT_TESTS) */ diff --git a/src/feature/hs/hs_client.h b/src/feature/hs/hs_client.h index 6d4c84774..1ba0338dc 100644 --- a/src/feature/hs/hs_client.h +++ b/src/feature/hs/hs_client.h @@ -84,6 +84,11 @@ void hs_client_free_all(void); #ifdef HS_CLIENT_PRIVATE +STATIC int auth_key_filename_is_valid(const char *filename); + +STATIC hs_client_service_authorization_t * +parse_auth_file_content(const char *client_key_str); + STATIC routerstatus_t * pick_hsdir_v3(const ed25519_public_key_t *onion_identity_pk); @@ -99,6 +104,12 @@ STATIC int handle_rendezvous2(origin_circuit_t *circ, const uint8_t *payload, MOCK_DECL(STATIC hs_client_fetch_status_t, fetch_v3_desc, (const ed25519_public_key_t *onion_identity_pk)); +#ifdef TOR_UNIT_TESTS + +STATIC digest256map_t *get_hs_client_auths_map(void); + +#endif /* defined(TOR_UNIT_TESTS) */ + #endif /* defined(HS_CLIENT_PRIVATE) */ #endif /* !defined(TOR_HS_CLIENT_H) */ diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index e03c80098..eacbd328e 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -6,6 +6,7 @@ * \brief Test prop224 HS client functionality. */ +#define CONFIG_PRIVATE #define CRYPTO_PRIVATE #define MAIN_PRIVATE #define HS_CLIENT_PRIVATE @@ -32,6 +33,7 @@ #include "feature/hs/hs_circuit.h" #include "feature/hs/hs_circuitmap.h" #include "feature/hs/hs_client.h" +#include "feature/hs/hs_config.h" #include "feature/hs/hs_ident.h" #include "feature/hs/hs_cache.h" #include "core/or/circuitlist.h" @@ -73,6 +75,20 @@ mock_networkstatus_get_live_consensus(time_t now) return _ns; } +static int +helper_config_client(const char *conf, int validate_only) +{ + int ret = 0; + or_options_t *options = NULL; + tt_assert(conf); + options = helper_parse_options(conf); + tt_assert(options); + ret = hs_config_client_auth_all(options, validate_only); + done: + or_options_free(options); + return ret; +} + /* Test helper function: Setup a circuit and a stream with the same hidden * service destination, and put them in circ_out and * conn_out. Make the stream wait for circuits to be established to the @@ -601,6 +617,158 @@ test_descriptor_fetch(void *arg) hs_free_all(); } +static void +test_auth_key_filename_is_valid(void *arg) +{ + (void) arg; + + /* Valid file name. */ + tt_assert(auth_key_filename_is_valid("a.auth_private")); + /* Valid file name with special character. */ + tt_assert(auth_key_filename_is_valid("a-.auth_private")); + /* Invalid extension. */ + tt_assert(!auth_key_filename_is_valid("a.ath_private")); + /* Nothing before the extension. */ + tt_assert(!auth_key_filename_is_valid(".auth_private")); + + done: + ; +} + +static void +test_parse_auth_file_content(void *arg) +{ + hs_client_service_authorization_t *auth = NULL; + + (void) arg; + + /* Valid authorized client. */ + auth = parse_auth_file_content( + "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:" + "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"); + tt_assert(auth); + + /* Wrong number of fields. */ + tt_assert(!parse_auth_file_content("a:b")); + /* Wrong auth type. */ + tt_assert(!parse_auth_file_content( + "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:x:" + "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq")); + /* Wrong key type. */ + tt_assert(!parse_auth_file_content( + "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:" +
[tor-commits] [tor/master] hs-v3: Encrypt the descriptor using a cookie
commit fa50aee3663b6f6dca61e330df59af6d8c035fe4 Author: Suphanat Chunhapanya Date: Sat Apr 14 04:04:31 2018 +0700 hs-v3: Encrypt the descriptor using a cookie Previously, we encrypted the descriptor without the descriptor cookie. This commit, when the client auth is enabled, the descriptor cookie is always used. I also removed the code that is used to generate fake auth clients because it will not be used anymore. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 285 ++--- src/feature/hs/hs_descriptor.h | 7 +- src/feature/hs/hs_service.c| 39 +- src/test/hs_test_helpers.c | 19 +++ src/test/test_hs_cache.c | 16 +-- src/test/test_hs_client.c | 2 +- src/test/test_hs_common.c | 6 +- src/test/test_hs_descriptor.c | 7 +- 8 files changed, 256 insertions(+), 125 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 34ff2b0a3..b99797497 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -240,53 +240,72 @@ build_mac(const uint8_t *mac_key, size_t mac_key_len, crypto_digest_free(digest); } -/* Using a given decriptor object, build the secret input needed for the - * KDF and put it in the dst pointer which is an already allocated buffer - * of size dstlen. */ -static void -build_secret_input(const hs_descriptor_t *desc, uint8_t *dst, size_t dstlen) +/* Using a secret data and a given decriptor object, build the secret + * input needed for the KDF. + * + * secret_input = SECRET_DATA | subcredential | INT_8(revision_counter) + * + * Then, set the newly allocated buffer in secret_input_out and return the + * length of the buffer. */ +static size_t +build_secret_input(const hs_descriptor_t *desc, + const uint8_t *secret_data, + size_t secret_data_len, + uint8_t **secret_input_out) { size_t offset = 0; + size_t secret_input_len = secret_data_len + DIGEST256_LEN + sizeof(uint64_t); + uint8_t *secret_input = NULL; tor_assert(desc); - tor_assert(dst); - tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN <= dstlen); - - /* XXX use the destination length as the memcpy length */ - /* Copy blinded public key. */ - memcpy(dst, desc->plaintext_data.blinded_pubkey.pubkey, - sizeof(desc->plaintext_data.blinded_pubkey.pubkey)); - offset += sizeof(desc->plaintext_data.blinded_pubkey.pubkey); + tor_assert(secret_data); + tor_assert(secret_input_out); + + secret_input = tor_malloc_zero(secret_input_len); + + /* Copy the secret data. */ + memcpy(secret_input, secret_data, secret_data_len); + offset += secret_data_len; /* Copy subcredential. */ - memcpy(dst + offset, desc->subcredential, sizeof(desc->subcredential)); - offset += sizeof(desc->subcredential); + memcpy(secret_input + offset, desc->subcredential, DIGEST256_LEN); + offset += DIGEST256_LEN; /* Copy revision counter value. */ - set_uint64(dst + offset, tor_htonll(desc->plaintext_data.revision_counter)); + set_uint64(secret_input + offset, + tor_htonll(desc->plaintext_data.revision_counter)); offset += sizeof(uint64_t); - tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN == offset); + tor_assert(secret_input_len == offset); + + *secret_input_out = secret_input; + + return secret_input_len; } /* Do the KDF construction and put the resulting data in key_out which is of * key_out_len length. It uses SHAKE-256 as specified in the spec. */ static void build_kdf_key(const hs_descriptor_t *desc, + const uint8_t *secret_data, + size_t secret_data_len, const uint8_t *salt, size_t salt_len, uint8_t *key_out, size_t key_out_len, int is_superencrypted_layer) { - uint8_t secret_input[HS_DESC_ENCRYPTED_SECRET_INPUT_LEN]; + uint8_t *secret_input = NULL; + size_t secret_input_len; crypto_xof_t *xof; tor_assert(desc); + tor_assert(secret_data); tor_assert(salt); tor_assert(key_out); /* Build the secret input for the KDF computation. */ - build_secret_input(desc, secret_input, sizeof(secret_input)); + secret_input_len = build_secret_input(desc, secret_data, +secret_data_len, _input); xof = crypto_xof_new(); /* Feed our KDF. [SHAKE it like a polaroid picture --Yawning]. */ - crypto_xof_add_bytes(xof, secret_input, sizeof(secret_input)); + crypto_xof_add_bytes(xof, secret_input, secret_input_len); crypto_xof_add_bytes(xof, salt, salt_len); /* Feed in the right string constant based on the desc layer */ @@ -301,14 +320,18 @@ build_kdf_key(const hs_descriptor_t *desc, /* Eat from our KDF. */ crypto_xof_squeeze_bytes(xof, key_out, key_out_len); crypto_xof_free(xof); - memwipe(secret_input, 0, sizeof(secret_input)); + memwipe(secret_input, 0, secret_input_len); + + tor_free(secret_input); } -/*
[tor-commits] [tor/master] hs-v3: Refactor the descriptor decryption/decoding
commit 63576b01663f1af0ee2b7bd29dd840d121103315 Author: Suphanat Chunhapanya Date: Thu Apr 19 22:44:17 2018 +0700 hs-v3: Refactor the descriptor decryption/decoding This commit refactors the existing decryption code to make it compatible with a new logic for when the client authorization is enabled. Signed-off-by: David Goulet --- src/feature/hs/hs_client.c | 23 ++- src/feature/hs/hs_descriptor.c | 402 + src/feature/hs/hs_descriptor.h | 7 +- src/test/fuzz/fuzz_hsdescv3.c | 4 +- src/test/test_hs_cache.c | 4 +- src/test/test_hs_descriptor.c | 107 +-- 6 files changed, 279 insertions(+), 268 deletions(-) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 18c79e0c4..0038fdfa5 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1181,6 +1181,19 @@ can_client_refetch_desc(const ed25519_public_key_t *identity_pk, return 0; } +/* Return the client auth in the map using the service identity public key. + * Return NULL if it does not exist in the map. */ +static hs_client_service_authorization_t * +find_client_auth(const ed25519_public_key_t *service_identity_pk) +{ + /* If the map is not allocated, we can assume that we do not have any client + * auth information. */ + if (!client_auths) { +return NULL; + } + return digest256map_get(client_auths, service_identity_pk->pubkey); +} + /* == */ /* Public API */ /* == */ @@ -1219,11 +1232,19 @@ hs_client_decode_descriptor(const char *desc_str, int ret; uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; + hs_client_service_authorization_t *client_auth = NULL; + curve25519_secret_key_t *client_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); tor_assert(desc); + /* Check if we have a client authorization for this service in the map. */ + client_auth = find_client_auth(service_identity_pk); + if (client_auth) { +client_sk = _auth->enc_seckey; + } + /* Create subcredential for this HS so that we can decrypt */ { uint64_t current_time_period = hs_get_time_period_num(0); @@ -1233,7 +1254,7 @@ hs_client_decode_descriptor(const char *desc_str, } /* Parse descriptor */ - ret = hs_desc_decode_descriptor(desc_str, subcredential, desc); + ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 4eb06c827..bb2cc1984 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -1421,10 +1421,11 @@ encrypted_data_length_is_valid(size_t len) } /** Decrypt an encrypted descriptor layer at encrypted_blob of size - * encrypted_blob_size. Use the descriptor object desc to - * generate the right decryption keys; set decrypted_out to the - * plaintext. If is_superencrypted_layer is set, this is the outter - * encrypted layer of the descriptor. + * encrypted_blob_size. The descriptor cookie is optional. Use + * the descriptor object desc and descriptor_cookie + * to generate the right decryption keys; set decrypted_out to + * the plaintext. If is_superencrypted_layer is set, this is + * the outter encrypted layer of the descriptor. * * On any error case, including an empty output, return 0 and set * *decrypted_out to NULL. @@ -1433,11 +1434,14 @@ MOCK_IMPL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc, const uint8_t *encrypted_blob, size_t encrypted_blob_size, +const uint8_t *descriptor_cookie, int is_superencrypted_layer, char **decrypted_out)) { uint8_t *decrypted = NULL; uint8_t secret_key[HS_DESC_ENCRYPTED_KEY_LEN], secret_iv[CIPHER_IV_LEN]; + uint8_t *secret_data = NULL; + size_t secret_data_len = 0; uint8_t mac_key[DIGEST256_LEN], our_mac[DIGEST256_LEN]; const uint8_t *salt, *encrypted, *desc_mac; size_t encrypted_len, result_len = 0; @@ -1464,13 +1468,14 @@ decrypt_desc_layer,(const hs_descriptor_t *desc, /* And last comes the MAC. */ desc_mac = encrypted_blob + encrypted_blob_size - DIGEST256_LEN; + /* Build secret data to be used in the decryption. */ + secret_data_len = build_secret_data(>plaintext_data.blinded_pubkey, + descriptor_cookie, + _data); + /* KDF construction resulting in a key from which the secret key, IV and MAC * key are extracted which is what we need for the decryption. */ - /* XXX: I will put only blinded pubkey for now. I will also put the - * descriptor cookie when I implement the descriptor decryption with - * client auth. */ - build_secret_key_iv_mac(desc,
[tor-commits] [tor/master] hs-v3: Load client authorization secret key from file
commit 8e81fcd51ae9b9b373f0254381728a8f4d93236d Author: Suphanat Chunhapanya Date: Sun Aug 19 08:22:13 2018 +0700 hs-v3: Load client authorization secret key from file The new ClientOnionAuthDir option is introduced which is where tor looks to find the HS v3 client authorization files containing the client private key material. Signed-off-by: David Goulet --- src/app/config/config.c| 7 +- src/app/config/or_options_st.h | 2 + src/feature/hs/hs_client.c | 215 + src/feature/hs/hs_client.h | 13 +++ src/feature/hs/hs_config.c | 27 ++ src/feature/hs/hs_config.h | 1 + 6 files changed, 263 insertions(+), 2 deletions(-) diff --git a/src/app/config/config.c b/src/app/config/config.c index 339f8e247..ce9ae8d7c 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -450,6 +450,7 @@ static config_var_t option_vars_[] = { VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL), VAR("HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option, "1"), V(HidServAuth, LINELIST, NULL), + V(ClientOnionAuthDir, FILENAME, NULL), OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"), OBSOLETE("CloseHSServiceRendCircuitsImmediatelyOnTimeout"), V(HiddenServiceSingleHopMode, BOOL, "0"), @@ -1917,7 +1918,7 @@ options_act(const or_options_t *old_options) // LCOV_EXCL_STOP } - if (running_tor && rend_parse_service_authorization(options, 0) < 0) { + if (running_tor && hs_config_client_auth_all(options, 0) < 0) { // LCOV_EXCL_START log_warn(LD_BUG, "Previously validated client authorization for " "hidden services could not be added!"); @@ -3188,6 +3189,8 @@ warn_about_relative_paths(or_options_t *options) n += warn_if_option_path_is_relative("AccelDir",options->AccelDir); n += warn_if_option_path_is_relative("DataDirectory",options->DataDirectory); n += warn_if_option_path_is_relative("PidFile",options->PidFile); + n += warn_if_option_path_is_relative("ClientOnionAuthDir", +options->ClientOnionAuthDir); for (config_line_t *hs_line = options->RendConfigLines; hs_line; hs_line = hs_line->next) { @@ -4339,7 +4342,7 @@ options_validate(or_options_t *old_options, or_options_t *options, REJECT("Failed to configure rendezvous options. See logs for details."); /* Parse client-side authorization for hidden services. */ - if (rend_parse_service_authorization(options, 1) < 0) + if (hs_config_client_auth_all(options, 1) < 0) REJECT("Failed to configure client authorization for hidden services. " "See logs for details."); diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h index 8ef01f80e..f6d796638 100644 --- a/src/app/config/or_options_st.h +++ b/src/app/config/or_options_st.h @@ -380,6 +380,8 @@ struct or_options_t { struct config_line_t *HidServAuth; /**< List of configuration lines for * client-side authorizations for hidden * services */ + char *ClientOnionAuthDir; /**< Directory to keep client + * onion service authorization secret keys */ char *ContactInfo; /**< Contact info to be published in the directory. */ int HeartbeatPeriod; /**< Log heartbeat messages after this many seconds diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 1f9218e15..7c545c35d 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -42,6 +42,10 @@ #include "core/or/extend_info_st.h" #include "core/or/origin_circuit_st.h" +/* Client-side authorizations for hidden services; map of service identity + * public key to hs_client_service_authorization_t *. */ +static digest256map_t *client_auths = NULL; + /* Return a human-readable string for the client fetch status code. */ static const char * fetch_status_to_string(hs_client_fetch_status_t status) @@ -1393,6 +1397,216 @@ hs_client_receive_rendezvous_acked(origin_circuit_t *circ, return -1; } +#define client_service_authorization_free(auth) \ + FREE_AND_NULL(hs_client_service_authorization_t, \ +client_service_authorization_free_, (auth)) + +static void +client_service_authorization_free_(hs_client_service_authorization_t *auth) +{ + if (auth) { +memwipe(auth, 0, sizeof(*auth)); + } + tor_free(auth); +} + +/** Helper for digest256map_free. */ +static void +client_service_authorization_free_void(void *auth) +{ + client_service_authorization_free_(auth); +} + +static void +client_service_authorization_free_all(void) +{ + if (!client_auths) { +return; + } + digest256map_free(client_auths, client_service_authorization_free_void); +} + +/* Check if the auth key file name is valid or not. Return 1 if valid, + * otherwise return 0. */
[tor-commits] [tor/master] test: HS v3 descriptor encoding with client authorization
commit fd6bec923c16004ce106d634187f12b57f220b91 Author: Suphanat Chunhapanya Date: Sat Apr 14 17:50:07 2018 +0700 test: HS v3 descriptor encoding with client authorization Signed-off-by: David Goulet --- src/test/test_hs_descriptor.c | 27 ++- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index bc72b34c0..78cd9fa47 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -291,7 +291,6 @@ static void test_encode_descriptor(void *arg) { int ret; - char *encoded = NULL; ed25519_keypair_t signing_kp; hs_descriptor_t *desc = NULL; @@ -300,13 +299,31 @@ test_encode_descriptor(void *arg) ret = ed25519_keypair_generate(_kp, 0); tt_int_op(ret, OP_EQ, 0); desc = hs_helper_build_hs_desc_with_ip(_kp); - ret = hs_desc_encode_descriptor(desc, _kp, NULL, ); - tt_int_op(ret, OP_EQ, 0); - tt_assert(encoded); + { +char *encoded = NULL; +ret = hs_desc_encode_descriptor(desc, _kp, NULL, ); +tt_int_op(ret, OP_EQ, 0); +tt_assert(encoded); + +tor_free(encoded); + } + + { +char *encoded = NULL; +uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; + +crypto_strongest_rand(descriptor_cookie, sizeof(descriptor_cookie)); + +ret = hs_desc_encode_descriptor(desc, _kp, + descriptor_cookie, ); +tt_int_op(ret, OP_EQ, 0); +tt_assert(encoded); + +tor_free(encoded); + } done: hs_descriptor_free(desc); - tor_free(encoded); } static void ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] test: HS v3 building a descriptor with client auth
commit 0dab4ac2dde6431913761e8365b0d21174b3181e Author: Suphanat Chunhapanya Date: Fri Apr 13 04:52:46 2018 +0700 test: HS v3 building a descriptor with client auth This commit tests that the descriptor building result, when the client authorization is enabled, includes everything that is needed. Signed-off-by: David Goulet --- src/test/test_hs_service.c | 124 + 1 file changed, 124 insertions(+) diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 573c8bc56..11f542c44 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -228,6 +228,24 @@ helper_create_origin_circuit(int purpose, int flags) return circ; } +/* Helper: Return a newly allocated authorized client object with + * and a newly generated public key. */ +static hs_service_authorized_client_t * +helper_create_authorized_client(void) +{ + int ret; + hs_service_authorized_client_t *client; + curve25519_secret_key_t seckey; + client = tor_malloc_zero(sizeof(hs_service_authorized_client_t)); + + ret = curve25519_secret_key_generate(, 0); + tt_int_op(ret, OP_EQ, 0); + curve25519_public_key_generate(>client_pk, ); + + done: + return client; +} + /* Helper: Return a newly allocated service object with the identity keypair * sets and the current descriptor. Then register it to the global map. * Caller should us hs_free_all() to free this service or remove it from the @@ -252,6 +270,26 @@ helper_create_service(void) return service; } +/* Helper: Return a newly allocated service object with clients. */ +static hs_service_t * +helper_create_service_with_clients(int num_clients) +{ + int i; + hs_service_t *service = helper_create_service(); + tt_assert(service); + service->config.is_client_auth_enabled = 1; + service->config.clients = smartlist_new(); + + for (i = 0; i < num_clients; i++) { +hs_service_authorized_client_t *client; +client = helper_create_authorized_client(); +smartlist_add(service->config.clients, client); + } + + done: + return service; +} + /* Helper: Return a newly allocated service intro point with two link * specifiers, one IPv4 and one legacy ID set to As. */ static hs_service_intro_point_t * @@ -1562,6 +1600,90 @@ test_build_update_descriptors(void *arg) nodelist_free_all(); } +/** Test building descriptors. We use this separate function instead of + * using test_build_update_descriptors because that function is too complex + * and also too interactive. */ +static void +test_build_descriptors(void *arg) +{ + int ret; + time_t now = time(NULL); + + (void) arg; + + hs_init(); + + MOCK(get_or_state, + get_or_state_replacement); + MOCK(networkstatus_get_live_consensus, + mock_networkstatus_get_live_consensus); + + dummy_state = tor_malloc_zero(sizeof(or_state_t)); + + ret = parse_rfc1123_time("Sat, 26 Oct 1985 03:00:00 UTC", + _ns.valid_after); + tt_int_op(ret, OP_EQ, 0); + ret = parse_rfc1123_time("Sat, 26 Oct 1985 04:00:00 UTC", + _ns.fresh_until); + tt_int_op(ret, OP_EQ, 0); + voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + + /* Generate a valid number of fake auth clients when a client authorization + * is disabled. */ + { +hs_service_t *service = helper_create_service(); +service_descriptor_free(service->desc_current); +service->desc_current = NULL; + +build_all_descriptors(now); +hs_desc_superencrypted_data_t *superencrypted; +superencrypted = >desc_current->desc->superencrypted_data; +tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16); + } + + /* Generate a valid number of fake auth clients when the number of + * clients is zero. */ + { +hs_service_t *service = helper_create_service_with_clients(0); +service_descriptor_free(service->desc_current); +service->desc_current = NULL; + +build_all_descriptors(now); +hs_desc_superencrypted_data_t *superencrypted; +superencrypted = >desc_current->desc->superencrypted_data; +tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16); + } + + /* Generate a valid number of fake auth clients when the number of + * clients is not a multiple of 16. */ + { +hs_service_t *service = helper_create_service_with_clients(20); +service_descriptor_free(service->desc_current); +service->desc_current = NULL; + +build_all_descriptors(now); +hs_desc_superencrypted_data_t *superencrypted; +superencrypted = >desc_current->desc->superencrypted_data; +tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 32); + } + + /* Do not generate any fake desc client when the number of clients is + * a multiple of 16 but not zero. */ + { +hs_service_t *service = helper_create_service_with_clients(32); +service_descriptor_free(service->desc_current); +service->desc_current = NULL; + +build_all_descriptors(now); +
[tor-commits] [tor/master] test: Build an HSv3 descriptor with authorized client
commit 10f4c46e50478e7620f3c23413ddd292d883e8ca Author: Suphanat Chunhapanya Date: Fri Apr 13 04:56:17 2018 +0700 test: Build an HSv3 descriptor with authorized client Signed-off-by: David Goulet --- src/lib/crypt_ops/crypto_rand.c | 4 +-- src/lib/crypt_ops/crypto_rand.h | 2 +- src/test/test_hs_descriptor.c | 70 + 3 files changed, 73 insertions(+), 3 deletions(-) diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c index fb9d0c2c6..554777cf5 100644 --- a/src/lib/crypt_ops/crypto_rand.c +++ b/src/lib/crypt_ops/crypto_rand.c @@ -319,8 +319,8 @@ crypto_strongest_rand_raw(uint8_t *out, size_t out_len) * Try to get out_len bytes of the strongest entropy we can generate, * storing it into out. **/ -void -crypto_strongest_rand(uint8_t *out, size_t out_len) +MOCK_IMPL(void, +crypto_strongest_rand,(uint8_t *out, size_t out_len)) { #define DLEN SHA512_DIGEST_LENGTH /* We're going to hash DLEN bytes from the system RNG together with some diff --git a/src/lib/crypt_ops/crypto_rand.h b/src/lib/crypt_ops/crypto_rand.h index 938f11909..25bcfa1f1 100644 --- a/src/lib/crypt_ops/crypto_rand.h +++ b/src/lib/crypt_ops/crypto_rand.h @@ -21,7 +21,7 @@ int crypto_seed_rng(void) ATTR_WUR; MOCK_DECL(void,crypto_rand,(char *to, size_t n)); void crypto_rand_unmocked(char *to, size_t n); -void crypto_strongest_rand(uint8_t *out, size_t out_len); +MOCK_DECL(void,crypto_strongest_rand,(uint8_t *out, size_t out_len)); int crypto_rand_int(unsigned int max); int crypto_rand_int_range(unsigned int min, unsigned int max); uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 9a7e66eae..9191b74d9 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -30,6 +30,13 @@ DISABLE_GCC_WARNING(overlength-strings) #include "test_hs_descriptor.inc" ENABLE_GCC_WARNING(overlength-strings) +/* Mock function to fill all bytes with 1 */ +static void +mock_crypto_strongest_rand(uint8_t *out, size_t out_len) +{ + memset(out, 1, out_len); +} + /* Test certificate encoding put in a descriptor. */ static void test_cert_encoding(void *arg) @@ -764,6 +771,67 @@ test_desc_signature(void *arg) tor_free(data); } +static void +test_build_authorized_client(void *arg) +{ + int ret; + hs_desc_authorized_client_t *desc_client = NULL; + uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; + curve25519_secret_key_t auth_ephemeral_sk; + curve25519_secret_key_t client_sk; + curve25519_public_key_t client_pk; + const char ephemeral_sk_b16[] = +"d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e844dd3468d6a"; + const char descriptor_cookie_b16[] = +"07d087f1d8c68393721f6e70316d3b29"; + const char client_pubkey_b16[] = +"8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37"; + char *mem_op_hex_tmp=NULL; + + (void) arg; + + ret = curve25519_secret_key_generate(_ephemeral_sk, 0); + tt_int_op(ret, OP_EQ, 0); + + ret = curve25519_secret_key_generate(_sk, 0); + tt_int_op(ret, OP_EQ, 0); + curve25519_public_key_generate(_pk, _sk); + + desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); + + base16_decode((char *) _ephemeral_sk, +sizeof(auth_ephemeral_sk), +ephemeral_sk_b16, +strlen(ephemeral_sk_b16)); + + base16_decode((char *) descriptor_cookie, +sizeof(descriptor_cookie), +descriptor_cookie_b16, +strlen(descriptor_cookie_b16)); + + base16_decode((char *) _pk, +sizeof(client_pk), +client_pubkey_b16, +strlen(client_pubkey_b16)); + + MOCK(crypto_strongest_rand, mock_crypto_strongest_rand); + + hs_desc_build_authorized_client(_pk, _ephemeral_sk, + descriptor_cookie, desc_client); + + test_memeq_hex((char *) desc_client->client_id, + "b514ef67192cad5f"); + test_memeq_hex((char *) desc_client->iv, +"01010101010101010101010101010101"); + test_memeq_hex((char *) desc_client->encrypted_cookie, +"46860a9df37b9f6d708E0D7E730C10C1"); + + done: + tor_free(desc_client); + tor_free(mem_op_hex_tmp); + UNMOCK(crypto_strongest_rand); +} + /* bad desc auth type */ static const char bad_superencrypted_text1[] = "desc-auth-type scoobysnack\n" "desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n" @@ -891,6 +959,8 @@ struct testcase_t hs_descriptor[] = { NULL, NULL }, { "desc_signature", test_desc_signature, TT_FORK, NULL, NULL }, + { "build_authorized_client", test_build_authorized_client, TT_FORK, +NULL, NULL }, { "parse_hs_desc_superencrypted", test_parse_hs_desc_superencrypted, TT_FORK, NULL, NULL }, ___ tor-commits mailing list tor-commits@lists.torproject.org
[tor-commits] [tor/master] test: HS v3 loading client auth keys service side
commit 15af47ede07a858bfa0871befa6e1fe76cdd372d Author: Suphanat Chunhapanya Date: Sat Aug 18 21:24:26 2018 +0700 test: HS v3 loading client auth keys service side Signed-off-by: David Goulet --- src/feature/hs/hs_service.c | 4 +- src/feature/hs/hs_service.h | 3 + src/test/test_hs_service.c | 197 3 files changed, 202 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index d61b2809b..8d1ee82ab 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1091,7 +1091,7 @@ load_service_keys(hs_service_t *service) /* Check if the client file name is valid or not. Return 1 if valid, * otherwise return 0. */ -static int +STATIC int client_filename_is_valid(const char *filename) { int ret = 1; @@ -1120,7 +1120,7 @@ client_filename_is_valid(const char *filename) * The can only be "x25519". * * Return the key on success, return NULL, otherwise. */ -static hs_service_authorized_client_t * +STATIC hs_service_authorized_client_t * parse_authorized_client(const char *client_key_str) { char *auth_type = NULL; diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h index c64eb7763..cab9b41bc 100644 --- a/src/feature/hs/hs_service.h +++ b/src/feature/hs/hs_service.h @@ -349,6 +349,9 @@ STATIC hs_service_descriptor_t *service_desc_find_by_intro( const hs_service_t *service, const hs_service_intro_point_t *ip); /* Helper functions. */ +STATIC int client_filename_is_valid(const char *filename); +STATIC hs_service_authorized_client_t * +parse_authorized_client(const char *client_key_str); STATIC void get_objects_from_ident(const hs_ident_circuit_t *ident, hs_service_t **service, hs_service_intro_point_t **ip, diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index f8a465629..573c8bc56 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -34,6 +34,7 @@ #include "core/or/circuitlist.h" #include "core/or/circuituse.h" #include "lib/crypt_ops/crypto_rand.h" +#include "lib/fs/dir.h" #include "feature/dirauth/dirvote.h" #include "feature/nodelist/networkstatus.h" #include "feature/nodelist/nodelist.h" @@ -65,6 +66,13 @@ /* Trunnel */ #include "trunnel/hs/cell_establish_intro.h" +#ifdef HAVE_SYS_STAT_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif + static networkstatus_t mock_ns; static networkstatus_t * @@ -303,6 +311,8 @@ test_load_keys(void *arg) /* It's in staging? */ tt_int_op(get_hs_service_staging_list_size(), OP_EQ, 1); +#undef conf_fmt + /* Load the keys for these. After that, the v3 service should be registered * in the global map. */ hs_service_load_all_keys(); @@ -322,6 +332,9 @@ test_load_keys(void *arg) tt_int_op(hs_address_is_valid(addr), OP_EQ, 1); tt_str_op(addr, OP_EQ, s->onion_address); + /* Check that the is_client_auth_enabled is not set. */ + tt_assert(!s->config.is_client_auth_enabled); + done: tor_free(hsdir_v2); tor_free(hsdir_v3); @@ -329,6 +342,184 @@ test_load_keys(void *arg) } static void +test_client_filename_is_valid(void *arg) +{ + (void) arg; + + /* Valid file name. */ + tt_assert(client_filename_is_valid("a.auth")); + /* Valid file name with special character. */ + tt_assert(client_filename_is_valid("a-.auth")); + /* Invalid extension. */ + tt_assert(!client_filename_is_valid("a.ath")); + /* Nothing before the extension. */ + tt_assert(!client_filename_is_valid(".auth")); + + done: + ; +} + +static void +test_parse_authorized_client(void *arg) +{ + hs_service_authorized_client_t *client = NULL; + + (void) arg; + + /* Valid authorized client. */ + client = parse_authorized_client( +"descriptor:x25519:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja"); + tt_assert(client); + + /* Wrong number of fields. */ + tt_assert(!parse_authorized_client("a:b:c:d:e")); + /* Wrong auth type. */ + tt_assert(!parse_authorized_client( +"x:x25519:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja")); + /* Wrong key type. */ + tt_assert(!parse_authorized_client( +"descriptor:x:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja")); + /* Some malformed string. */ + tt_assert(!parse_authorized_client("descriptor:x25519:aa==")); + tt_assert(!parse_authorized_client("descriptor:")); + tt_assert(!parse_authorized_client("descriptor:x25519")); + tt_assert(!parse_authorized_client("descriptor:x25519:")); + tt_assert(!parse_authorized_client("")); + + done: + service_authorized_client_free(client); +} + +static char * +mock_read_file_to_str(const char *filename, int flags, struct stat *stat_out) +{ + char *ret = NULL; + + (void) flags; + (void) stat_out; + + if (!strcmp(filename, get_fname("hs3" PATH_SEPARATOR +
[tor-commits] [tor/master] hs-v3: Generate all descriptor related keys
commit 08bbcffc0ef6e69c02cc746568724df662654d2b Author: Suphanat Chunhapanya Date: Mon Apr 9 23:09:41 2018 +0700 hs-v3: Generate all descriptor related keys We need to generate all the related keys when building the descriptor, so that we can encrypt the descriptor. Signed-off-by: David Goulet --- src/feature/hs/hs_descriptor.c | 107 + src/feature/hs/hs_descriptor.h | 64 src/feature/hs/hs_service.c| 104 +-- src/feature/hs/hs_service.h| 7 +++ 4 files changed, 278 insertions(+), 4 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 392800016..34ff2b0a3 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -168,6 +168,26 @@ desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) memwipe(desc, 0, sizeof(*desc)); } +/* Free the content of the superencrypted section of a descriptor. */ +static void +desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc) +{ + if (!desc) { +return; + } + + if (desc->encrypted_blob) { +tor_free(desc->encrypted_blob); + } + if (desc->clients) { +SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client, + hs_desc_authorized_client_free(client)); +smartlist_free(desc->clients); + } + + memwipe(desc, 0, sizeof(*desc)); +} + /* Free the content of the encrypted section of a descriptor. */ static void desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) @@ -2383,6 +2403,14 @@ hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc) tor_free(desc); } +/* Free the descriptor plaintext data object. */ +void +hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc) +{ + desc_superencrypted_data_free_contents(desc); + tor_free(desc); +} + /* Free the descriptor encrypted data object. */ void hs_desc_encrypted_data_free_(hs_desc_encrypted_data_t *desc) @@ -2400,6 +2428,7 @@ hs_descriptor_free_(hs_descriptor_t *desc) } desc_plaintext_data_free_contents(>plaintext_data); + desc_superencrypted_data_free_contents(>superencrypted_data); desc_encrypted_data_free_contents(>encrypted_data); tor_free(desc); } @@ -2475,6 +2504,84 @@ hs_desc_intro_point_free_(hs_desc_intro_point_t *ip) tor_free(ip); } +/* Build a fake client info for the descriptor */ +void +hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out) +{ + tor_assert(client_out); + + crypto_rand((char *) client_out->client_id, + sizeof(client_out->client_id)); + crypto_rand((char *) client_out->iv, + sizeof(client_out->iv)); + crypto_rand((char *) client_out->encrypted_cookie, + sizeof(client_out->encrypted_cookie)); +} + +/* Using the client public key, auth ephemeral secret key, and descriptor + * cookie, build the auth client so we can then encode the descriptor for + * publication. client_out must be already allocated. */ +void +hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk, +const curve25519_secret_key_t * +auth_ephemeral_sk, +const uint8_t *descriptor_cookie, +hs_desc_authorized_client_t *client_out) +{ + uint8_t secret_seed[CURVE25519_OUTPUT_LEN]; + uint8_t keystream[HS_DESC_CLIENT_ID_LEN + HS_DESC_COOKIE_KEY_LEN]; + uint8_t *cookie_key; + crypto_cipher_t *cipher; + crypto_xof_t *xof; + + tor_assert(client_pk); + tor_assert(auth_ephemeral_sk); + tor_assert(descriptor_cookie); + tor_assert(client_out); + tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk, + sizeof(*auth_ephemeral_sk))); + tor_assert(!tor_mem_is_zero((char *) client_pk, sizeof(*client_pk))); + tor_assert(!tor_mem_is_zero((char *) descriptor_cookie, + HS_DESC_DESCRIPTOR_COOKIE_LEN)); + + /* Calculate x25519(hs_y, client_X) */ + curve25519_handshake(secret_seed, + auth_ephemeral_sk, + client_pk); + + /* Calculate KEYS = KDF(SECRET_SEED, 40) */ + xof = crypto_xof_new(); + crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); + crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream)); + crypto_xof_free(xof); + + memcpy(client_out->client_id, keystream, HS_DESC_CLIENT_ID_LEN); + cookie_key = keystream + HS_DESC_CLIENT_ID_LEN; + + /* Random IV */ + crypto_strongest_rand(client_out->iv, sizeof(client_out->iv)); + + /* This creates a cipher for AES. It can't fail. */ + cipher = crypto_cipher_new_with_iv_and_bits(cookie_key, client_out->iv, + HS_DESC_COOKIE_KEY_BIT_SIZE); + /* This can't fail. */ + crypto_cipher_encrypt(cipher, (char *) client_out->encrypted_cookie, +(const
[tor-commits] [tor/master] hs-v3: Load all client auth keys to the service
commit b894b40e647b4839f33f3a57704cafe9e644230c Author: Suphanat Chunhapanya Date: Sat Aug 18 12:28:12 2018 +0700 hs-v3: Load all client auth keys to the service This commit loads all client public keys from every file in `authorized_clients/` directory. Signed-off-by: David Goulet --- src/feature/hs/hs_service.c | 208 +++- src/feature/hs/hs_service.h | 20 + 2 files changed, 227 insertions(+), 1 deletion(-) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 30d01540f..d61b2809b 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -88,6 +88,7 @@ /* Onion service directory file names. */ static const char fname_keyfile_prefix[] = "hs_ed25519"; +static const char dname_client_pubkeys[] = "authorized_clients"; static const char fname_hostname[] = "hostname"; static const char address_tld[] = "onion"; @@ -103,6 +104,7 @@ static smartlist_t *hs_service_staging_list; static int consider_republishing_hs_descriptors = 0; /* Static declaration. */ +static int load_client_keys(hs_service_t *service); static void set_descriptor_revision_counter(hs_service_descriptor_t *hs_desc, time_t now, bool is_current); static void move_descriptors(hs_service_t *src, hs_service_t *dst); @@ -247,6 +249,11 @@ service_clear_config(hs_service_config_t *config) rend_service_port_config_free(p);); smartlist_free(config->ports); } + if (config->clients) { +SMARTLIST_FOREACH(config->clients, hs_service_authorized_client_t *, p, + service_authorized_client_free(p)); +smartlist_free(config->clients); + } memset(config, 0, sizeof(*config)); } @@ -1070,6 +1077,11 @@ load_service_keys(hs_service_t *service) goto end; } + /* Load all client authorization keys in the service. */ + if (load_client_keys(service) < 0) { +goto end; + } + /* Succes. */ ret = 0; end: @@ -1077,6 +1089,200 @@ load_service_keys(hs_service_t *service) return ret; } +/* Check if the client file name is valid or not. Return 1 if valid, + * otherwise return 0. */ +static int +client_filename_is_valid(const char *filename) +{ + int ret = 1; + const char *valid_extension = ".auth"; + + tor_assert(filename); + + /* The file extension must match and the total filename length can't be the + * length of the extension else we do not have a filename. */ + if (!strcmpend(filename, valid_extension) && + strlen(filename) != strlen(valid_extension)) { +ret = 1; + } else { +ret = 0; + } + + return ret; +} + +/* Parse an authorized client from a string. The format of a client string + * looks like (see rend-spec-v3.txt): + * + * :: + * + * The can only be "descriptor". + * The can only be "x25519". + * + * Return the key on success, return NULL, otherwise. */ +static hs_service_authorized_client_t * +parse_authorized_client(const char *client_key_str) +{ + char *auth_type = NULL; + char *key_type = NULL; + char *pubkey_b32 = NULL; + hs_service_authorized_client_t *client = NULL; + smartlist_t *fields = smartlist_new(); + + tor_assert(client_key_str); + + smartlist_split_string(fields, client_key_str, ":", + SPLIT_SKIP_SPACE, 0); + /* Wrong number of fields. */ + if (smartlist_len(fields) != 3) { +goto err; + } + + auth_type = smartlist_get(fields, 0); + key_type = smartlist_get(fields, 1); + pubkey_b32 = smartlist_get(fields, 2); + + /* Currently, the only supported auth type is "descriptor" and the only + * supported key type is "x25519". */ + if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) { +goto err; + } + + /* We expect a specific length of the base32 encoded key so make sure we + * have that so we don't successfully decode a value with a different length + * and end up in trouble when copying the decoded key into a fixed length + * buffer. */ + if (strlen(pubkey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) { +log_warn(LD_REND, "Client authorization encoded base32 public key " + "length is invalid: %s", pubkey_b32); +goto err; + } + + client = tor_malloc_zero(sizeof(hs_service_authorized_client_t)); + if (base32_decode((char *) client->client_pk.public_key, +sizeof(client->client_pk.public_key), +pubkey_b32, strlen(pubkey_b32)) < 0) { +goto err; + } + + /* Success. */ + goto done; + + err: + service_authorized_client_free(client); + done: + /* It is also a good idea to wipe the public key. */ + if (pubkey_b32) { +memwipe(pubkey_b32, 0, strlen(pubkey_b32)); + } + if (fields) { +SMARTLIST_FOREACH(fields, char *, s, tor_free(s)); +smartlist_free(fields); + } + return client; +} + +/* Load all the client public keys for the given service. Return 0 on + * success else -1 on failure. */ +static int
[tor-commits] [translation/tails-misc] Update translations for tails-misc
commit 852621570bf8437792765ddeaa783dd8b966a339 Author: Translation commit bot Date: Fri Sep 7 18:45:53 2018 + Update translations for tails-misc --- da.po | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/da.po b/da.po index 33ac2d4e6..d919b57fc 100644 --- a/da.po +++ b/da.po @@ -21,7 +21,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-09-04 11:37+0200\n" -"PO-Revision-Date: 2018-09-07 05:38+\n" +"PO-Revision-Date: 2018-09-07 18:21+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" @@ -586,7 +586,7 @@ msgstr "" #: config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume.py:122 #, python-brace-format msgid "{partition_name} on {drive_name}" -msgstr "" +msgstr "{partition_name} pÃ¥ {drive_name}" #. Translators: Don't translate {volume_name} and {drive_name}, #. they are placeholders and will be replaced. You should only have to @@ -595,7 +595,7 @@ msgstr "" #: config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume.py:129 #, python-brace-format msgid "{volume_name} â {drive_name}" -msgstr "" +msgstr "{volume_name} â {drive_name}" #: config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_list.py:83 msgid "No file containers added" @@ -612,7 +612,7 @@ msgstr "Beholderen er allerede tilføjet" #: config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_manager.py:115 #, python-format msgid "The file container %s should already be listed." -msgstr "" +msgstr "Filbeholderen %s skulle allerede være oplistet." #: config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_manager.py:131 msgid "Container opened read-only" @@ -688,11 +688,11 @@ msgstr "Usikker webbrowser" #: ../config/chroot_local-includes/usr/share/applications/unlock-veracrypt-volumes.desktop.in.h:1 msgid "Unlock VeraCrypt Volumes" -msgstr "" +msgstr "LÃ¥s op for VeraCrypt-diskomrÃ¥der" #: ../config/chroot_local-includes/usr/share/applications/unlock-veracrypt-volumes.desktop.in.h:2 msgid "Mount VeraCrypt encrypted file containers and devices" -msgstr "" +msgstr "Monter VeraCrypt-krypterede filbeholdere og enheder" #: ../config/chroot_local-includes/usr/share/applications/org.boum.tails.additional-software-config.desktop.in.h:1 msgid "Additional Software" @@ -720,7 +720,7 @@ msgstr "Fjern en pakke med yderligere software" msgid "" "Authentication is required to remove a package from your additional software" " ($(command_line))" -msgstr "" +msgstr "Der kræves autentifikation for at fjerne en pakke fra dine yderligere software ($(command_line))" #: ../config/chroot_local-includes/usr/share/unlock-veracrypt-volumes/ui/main.ui.in:61 msgid "File Containers" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties
commit d1f3a115c78279a235dda48e8a2570bb8cf2a4d4 Author: Translation commit bot Date: Fri Sep 7 18:18:16 2018 + Update translations for torbutton-browseronboardingproperties --- da/browserOnboarding.properties | 42 - 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/da/browserOnboarding.properties b/da/browserOnboarding.properties index 95530ce34..bfe93b65b 100644 --- a/da/browserOnboarding.properties +++ b/da/browserOnboarding.properties @@ -2,53 +2,53 @@ # See LICENSE for licensing information. # vim: set sw=2 sts=2 ts=8 et: -onboarding.tour-tor-welcome=Welcome -onboarding.tour-tor-welcome.title=Youâre ready. -onboarding.tour-tor-welcome.description=Tor Browser offers the highest standard of privacy and security while browsing the web. Youâre now protected against tracking, surveillance, and censorship. This quick onboarding will show you how. -onboarding.tour-tor-welcome.button=Start Now +onboarding.tour-tor-welcome=Velkommen +onboarding.tour-tor-welcome.title=Du er klar. +onboarding.tour-tor-welcome.description=Tor Browser tilbyder den højeste standard indenfor privatliv og sikkerhed pÃ¥ webbet. Du er nu beskyttet mod sporing, overvÃ¥gning og censur. Denne hurtige introduktion viser dig hvordan. +onboarding.tour-tor-welcome.button=Start nu onboarding.tour-tor-privacy=Privatliv -onboarding.tour-tor-privacy.title=Snub trackers and snoopers. +onboarding.tour-tor-privacy.title=Sæt en stopper for trackere og snoopers. onboarding.tour-tor-privacy.description=Tor Browser isolates cookies and deletes your browser history after your session. These modifications ensure your privacy and security are protected in the browser. Click âTor Networkâ to learn how we protect you on the network level. -onboarding.tour-tor-privacy.button=Go to Tor Network +onboarding.tour-tor-privacy.button=GÃ¥ til Tor-netværk -onboarding.tour-tor-network=Tor Network -onboarding.tour-tor-network.title=Travel a decentralized network. +onboarding.tour-tor-network=Tor-netværk +onboarding.tour-tor-network.title=Rejs pÃ¥ et decentraliseret netværk. onboarding.tour-tor-network.description=Tor Browser connects you to the Tor network run by thousands of volunteers around the world. Unlike a VPN, thereâs no one point of failure or centralized entity you need to trust in order to enjoy the internet privately. -onboarding.tour-tor-network.button=Go to Circuit Display +onboarding.tour-tor-network.button=GÃ¥ til kredsløb-visning -onboarding.tour-tor-circuit-display=Circuit Display -onboarding.tour-tor-circuit-display.title=See your path. +onboarding.tour-tor-circuit-display=Kredsløb-visning +onboarding.tour-tor-circuit-display.title=Se din sti. onboarding.tour-tor-circuit-display.description=For each domain you visit, your traffic is relayed and encrypted in a circuit across three Tor relays around the world. No website knows where you are connecting from. You can request a new circuit by clicking âNew Circuit for this Siteâ on our Circuit Display. -onboarding.tour-tor-circuit-display.button=See My Path +onboarding.tour-tor-circuit-display.button=Se min sti onboarding.tour-tor-security=Sikkerhed -onboarding.tour-tor-security.title=Choose your experience. +onboarding.tour-tor-security.title=Vælg din oplevelse. onboarding.tour-tor-security.description=We also provide you with additional settings for bumping up your browser security. Our Security Settings allow you to block elements that could be used to attack your computer. Click below to see what the different options do. onboarding.tour-tor-security.button=Review Settings onboarding.tour-tor-expect-differences=Experience Tips -onboarding.tour-tor-expect-differences.title=Expect some differences. +onboarding.tour-tor-expect-differences.title=Forvent nogen forskelle. onboarding.tour-tor-expect-differences.description=With all the security and privacy features provided by Tor, your experience while browsing the internet may be a little different. Things may be a bit slower, and depending on your security level, some elements may not work or load. You may also be asked to prove you are a human and not a robot. onboarding.tour-tor-expect-differences.button=See FAQs onboarding.tour-tor-onion-services=Onion-tjenester -onboarding.tour-tor-onion-services.title=Be extra protected. +onboarding.tour-tor-onion-services.title=Vær ekstra beskyttet. onboarding.tour-tor-onion-services.description=Onion services are sites that end with a .onion that provide extra protections to publishers and visitors, including added safeguards against censorship. Onion services allow anyone to provide content and services anonymously. Click below to visit the DuckDuckGo onion site. onboarding.tour-tor-onion-services.button=Visit an Onion # Circuit Display onboarding. onboarding.tor-circuit-display.next=Næste onboarding.tor-circuit-display.done=Fuldført
[tor-commits] [translation/tba-android_stringsdtd] Update translations for tba-android_stringsdtd
commit c545022604575c3d64aefdeb11d084d016589c99 Author: Translation commit bot Date: Fri Sep 7 18:16:50 2018 + Update translations for tba-android_stringsdtd --- da/android_strings.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/da/android_strings.dtd b/da/android_strings.dtd index e8e8139c5..87752f8c6 100644 --- a/da/android_strings.dtd +++ b/da/android_strings.dtd @@ -2,7 +2,7 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit 8fa305fa77f703b56db6ca112df2ec5d2434b1f7 Author: Translation commit bot Date: Fri Sep 7 17:19:05 2018 + Update translations for support-portal --- contents+fr.po| 11 +++ contents+ga.po| 4 contents+he.po| 2 ++ contents+id.po| 10 ++ contents+it.po| 2 ++ contents+nb.po| 5 - contents+pt_BR.po | 10 ++ contents+ru.po| 6 +- contents+tr.po| 2 ++ 9 files changed, 50 insertions(+), 2 deletions(-) diff --git a/contents+fr.po b/contents+fr.po index 1963829c6..70266beac 100644 --- a/contents+fr.po +++ b/contents+fr.po @@ -1207,6 +1207,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"Veuillez consulter la https://www.eff.org/https-; +"everywhere/faq\">FAQ de HTTPS partout." #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) @@ -2595,6 +2597,15 @@ msgid "" "href=\"https://www.facebook.com/notes/protect-the-graph/making-connections-; "to-facebook-more-secure/1526085754298237/\">Facebook." msgstr "" +"Les services oignons sont aussi utilisés pour permettre la messagerie et le " +"partage de fichiers sans métadonnées, des interactions plus sûres entre des " +"journalistes et leurs sources avec https://securedrop.org/\;>SecureDrop ou https://onionshare.org/\;>OnionShare, des mises à jour " +"logicielles plus sûres, et des manières plus sécuritaires dâatteindre des " +"sites populaires comme https://www.facebook.com/notes; +"/protect-the-graph/making-connections-to-facebook-more-" +"secure/1526085754298237/\">Facebook." #: http//localhost/onionservices/onionservices-1/ #: (content/onionservices/onionservices-1/contents+en.lrquestion.description) diff --git a/contents+ga.po b/contents+ga.po index 28683e8c2..51b92a569 100644 --- a/contents+ga.po +++ b/contents+ga.po @@ -1186,6 +1186,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"Féach na ceisteanna coitianta ar shuÃomh https://www.eff.org; +"/https-everywhere/faq\">HTTPS Everywhere." #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) @@ -3924,6 +3926,8 @@ msgid "" "The Torbutton icon (the little onion in the top left corner of the browser) " "will display a yellow triangle." msgstr "" +"Taispeánfaidh deilbhÃn an chnaipe Tor (an t-oinniún beag glas sa chúinne ag " +"barr ar chlé den bhrabhsálaÃ) triantán buÃ." #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) diff --git a/contents+he.po b/contents+he.po index 8af9eb0d0..086cb8fc4 100644 --- a/contents+he.po +++ b/contents+he.po @@ -1024,6 +1024,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"×× × ×¨×× ×ת https://www.eff.org/https-everywhere/faq\;>HTTPS " +"Everywhere." #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) diff --git a/contents+id.po b/contents+id.po index d463ea8c0..26653d25c 100644 --- a/contents+id.po +++ b/contents+id.po @@ -1187,6 +1187,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"Silakan lihat https://www.eff.org/https-; +"everywhere/faq\">HTTPS Everywhere." #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) @@ -2455,6 +2457,8 @@ msgid "" "Tor Browser will prompt you to update the software once a new version has " "been released." msgstr "" +"Tor Browser akan meminta Anda untuk memperbarui perangkat lunak ketika versi" +" baru telah dirilis." #: http//localhost/faq/faq-3/ #: (content/faq/faq-3/contents+en.lrquestion.description) @@ -2464,6 +2468,10 @@ msgid "" "and https://noscript.net/\;>NoScript â and adding" " anything else could deanonymize you." msgstr "" +"Tor Browser sudah terpasang dua add-on â https://www.eff.org; +"/https-everywhere\">HTTPS Everywhere dan https://noscript.net/\;>NoScript â menambahkan add-on lain" +" akan merusak anomimisitas Anda. " #: http//localhost/gettor/ (content/gettor/contents+en.lrtopic.title) #: (content/gettor/contents+en.lrtopic.seo_slug) @@ -4016,6 +4024,8 @@ msgid "" "The Torbutton icon (the little onion in the top left corner of the browser) " "will display a yellow triangle." msgstr "" +"Ikon Torbutton (gambar bawang hijau di sudut kiri atas browser) akan " +"menampilkan segi tiga kuning." #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) diff --git a/contents+it.po b/contents+it.po index b9ca270a3..946ad9fc4 100644 --- a/contents+it.po +++ b/contents+it.po @@ -4096,6 +4096,8 @@ msgid "" "The Torbutton icon (the little onion in the top left corner of the browser) " "will display a yellow triangle." msgstr "" +"L'icona di Torbutton (la
[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed
commit 0ae500ab0d37cf9e46a92f697b2cb6d1af45a8f0 Author: Translation commit bot Date: Fri Sep 7 16:49:00 2018 + Update translations for support-portal_completed --- contents+es.po | 397 +++-- 1 file changed, 158 insertions(+), 239 deletions(-) diff --git a/contents+es.po b/contents+es.po index 0c29e919d..86cd486fb 100644 --- a/contents+es.po +++ b/contents+es.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-09-07 15:19+CET\n" +"POT-Creation-Date: 2018-09-07 17:41+CET\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: Silvana Nunez , 2018\n" "Language-Team: Spanish (https://www.transifex.com/otf/teams/1519/es/)\n" @@ -73,6 +73,11 @@ msgstr "" "desde un repetidor de salida al otro lado del mundo, pueden bloquear tu " "cuenta o suspenderla)." +#: http//localhost/https/https-1/ +#: (content/https/https-1/contents+en.lrquestion.description) +msgid "Tor prevents eavesdroppers from learning sites that you visit." +msgstr "Tor evita que alguien a la escucha sepa los sitios que visitas." + #: http//localhost/tbb/tbb-41/ #: (content/tbb/tbb-41/contents+en.lrquestion.description) msgid "" @@ -258,16 +263,6 @@ msgstr "" msgid "What is a .onion or what are onion services?" msgstr "¿Qué es un .onion o qué son los servicios onion?" -#: http//localhost/operators/operators-1/ -#: (content/operators/operators-1/contents+en.lrquestion.description) -msgid "" -"After a few hours (to give it enough time to propagate), you can query Atlas" -" to see whether your relay has successfully registered in the network." -msgstr "" -"Después de unas horas (para darle suficiente tiempo para reproducirse), " -"puedes consultar a Atlas para ver si tu repetidor se ha registrado " -"correctamente en la red." - #: http//localhost/misc/misc-12/ #: (content/misc/misc-12/contents+en.lrquestion.description) msgid "" @@ -314,14 +309,10 @@ msgstr "" "Desafortunadamente, aún no tenemos una versión del Tor Browser para " "ChromeOS." -#: http//localhost/operators/operators-6/ -#: (content/operators/operators-6/contents+en.lrquestion.description) -msgid "" -"* Look for a log entry in /var/log/syslog such as \"Self-testing indicates " -"your ORPort is reachable from the outside. Excellent.\"" -msgstr "" -"* Busca una entrada de registro en /var/log/syslog como \"La autoprueba " -"indica que tu ORPort es accesible desde el exterior. Excelente.\"" +#: http//localhost/tbb/tbb-27/ +#: (content/tbb/tbb-27/contents+en.lrquestion.description) +msgid "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -406,6 +397,8 @@ msgstr "" msgid "RunAsDaemon 1" msgstr "RunAsDaemon 1" +#: http//localhost/connecting/connecting-2/ +#: (content/connecting/connecting-2/contents+en.lrquestion.description) #: http//localhost/censorship/censorship-5/ #: (content/censorship/censorship-5/contents+en.lrquestion.description) msgid "" @@ -563,15 +556,6 @@ msgstr "" "Puedes ayudar a mejorar la velocidad de la red con tu propio repetidor, o " "animando a otros a hacerlo." -#: http//localhost/onionservices/onionservices-2/ -#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) -msgid "" -"" -msgstr "" -"" - #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" @@ -587,14 +571,14 @@ msgid "You can update Tor Browser as soon as a new version is released." msgstr "" "Puedes actualizar el navegador Tor en cuanto se publica una nueva versión." -#: http//localhost/tbb/tbb-29/ -#: (content/tbb/tbb-29/contents+en.lrquestion.description) +#: http//localhost/onionservices/onionservices-2/ +#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" -"" +"" msgstr "" -"" +"" #: http//localhost/tbb/tbb-18/ #: (content/tbb/tbb-18/contents+en.lrquestion.description) @@ -605,14 +589,8 @@ msgstr "" "Lo sentimos, pero actualmente no hay soporte oficial para ejecutar el " "navegador Tor sobre *BSD." -#: http//localhost/tbb/tbb-27/ -#: (content/tbb/tbb-27/contents+en.lrquestion.description) -#: http//localhost/tbb/tbb-29/ -#: (content/tbb/tbb-29/contents+en.lrquestion.description) #: http//localhost/https/https-1/ #: (content/https/https-1/contents+en.lrquestion.description) -#: http//localhost/onionservices/onionservices-2/ -#: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" msgstr "" @@ -668,14 +646,14 @@ msgstr "onion-services" msgid "Onion Services" msgstr "Servicios Onion" -#: http//localhost/tbb/tbb-27/ -#: (content/tbb/tbb-27/contents+en.lrquestion.description) +#: http//localhost/operators/operators-7/ +#: (content/operators/operators-7/contents+en.lrquestion.description) msgid "" -"" +"If law enforcement becomes interested in traffic from your exit relay, it's " +"possible that
[tor-commits] [translation/support-portal] Update translations for support-portal
commit c4d4c0ce54a160366ca0d5ce31e7ba6ae532642d Author: Translation commit bot Date: Fri Sep 7 16:48:55 2018 + Update translations for support-portal --- contents+es.po | 16 +--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/contents+es.po b/contents+es.po index 0f5c2a637..86cd486fb 100644 --- a/contents+es.po +++ b/contents+es.po @@ -312,7 +312,7 @@ msgstr "" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.title) @@ -577,6 +577,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/tbb/tbb-18/ #: (content/tbb/tbb-18/contents+en.lrquestion.description) @@ -1632,7 +1634,7 @@ msgstr "conectar-a-tor" #: http//localhost/tbb/tbb-27/ #: (content/tbb/tbb-27/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.description) @@ -1681,6 +1683,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/tbb/tbb-28/ #: (content/tbb/tbb-28/contents+en.lrquestion.description) @@ -3593,6 +3597,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/onionservices/onionservices-1/ #: (content/onionservices/onionservices-1/contents+en.lrquestion.description) @@ -3620,6 +3626,8 @@ msgid "" "" msgstr "" +"" #: http//localhost/operators/operators-7/ #: (content/operators/operators-7/contents+en.lrquestion.description) @@ -4102,6 +4110,8 @@ msgid "" "The Torbutton icon (the little onion in the top left corner of the browser) " "will display a yellow triangle." msgstr "" +"El icono de Torbutton (la cebollita en la esquina superior izquierda del " +"navegador) mostrará un triángulo amarillo." #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) @@ -4272,7 +4282,7 @@ msgstr "" #: http//localhost/onionservices/onionservices-2/ #: (content/onionservices/onionservices-2/contents+en.lrquestion.description) msgid "" -msgstr "" +msgstr "" #: http//localhost/connecting/connecting-2/ #: (content/connecting/connecting-2/contents+en.lrquestion.description) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] Update translations for support-portal
commit 49699acd23e50f136c30e9446d1d93e79a263361 Author: Translation commit bot Date: Fri Sep 7 16:19:08 2018 + Update translations for support-portal --- contents+bn_BD.po | 10 ++ contents+de.po| 2 +- contents+es.po| 4 +++- contents+tr.po| 4 contents+zh_CN.po | 12 +++- 5 files changed, 29 insertions(+), 3 deletions(-) diff --git a/contents+bn_BD.po b/contents+bn_BD.po index 04750ba11..eee389737 100644 --- a/contents+bn_BD.po +++ b/contents+bn_BD.po @@ -939,6 +939,8 @@ msgid "" "If you see lines like this in your Tor log, it means that Tor failed to " "complete a TLS handshake with the directory authorities." msgstr "" +"যদি à¦à¦ªà¦¨à¦¿ à¦à¦ªà¦¨à¦¾à¦° à¦à¦° লà¦à§ à¦à¦ ধরনà§à¦° লাà¦à¦¨à¦à§à¦²à§ দà§à¦à§à¦¨, à¦à¦° মানৠহà¦à§à¦à§ যৠà¦à¦° " +"নিরà§à¦¦à§à¦¶à¦¿à¦à¦¾ à¦à¦°à§à¦¤à§à¦ªà¦à§à¦·à§à¦° সাথৠà¦à¦à¦à¦¿ TLS হà§à¦¯à¦¾à¦¨à§à¦¡à¦¶à§à¦ সমà§à¦ªà¦¨à§à¦¨ à¦à¦°à¦¤à§ বà§à¦¯à¦°à§à¦¥ হয়à§à¦à§ ।" #: http//localhost/tbb/tbb-19/ #: (content/tbb/tbb-19/contents+en.lrquestion.description) @@ -1127,6 +1129,8 @@ msgid "" "If you are unable to connect to an onion service, please see I cannot reach X.onion!" msgstr "" +"à¦à¦ªà¦¨à¦¿ যদি à¦à§à¦¨ পà§à¦à¦¯à¦¼à¦¾à¦à§à¦° সà§à¦¬à¦¾à¦¯à¦¼ সà¦à¦¯à§à¦ à¦à¦°à¦¤à§ না পারà§à¦¨, তাহলৠদà§à¦à§ নিন à¦à¦®à¦¿ X-ঠপà§à¦à¦à¦¾à¦¤à§ পারà¦à¦¿ না ।" #: http//localhost/connecting/connecting-2/ #: (content/connecting/connecting-2/contents+en.lrquestion.description) @@ -1172,6 +1176,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"দয়া à¦à¦°à§ https://www.eff.org/https-everywhere/faq\;>HTTPS " +"Everywhere দà§à¦à§à¦¨ ।" #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) @@ -2434,6 +2440,8 @@ msgid "" "Tor Browser will prompt you to update the software once a new version has " "been released." msgstr "" +"à¦à¦à¦à¦¿ নতà§à¦¨ সà¦à¦¸à§à¦à¦°à¦£ পà§à¦°à¦à¦¾à¦¶ à¦à¦°à¦¾ হয়à§à¦à§ à¦à¦à¦¬à¦¾à¦° à¦à¦° বà§à¦°à¦¾à¦à¦à¦¾à¦° à¦à¦ªà¦¨à¦¾à¦à§ সফà§à¦à¦à¦¯à¦¼à§à¦¯à¦¾à¦° " +"à¦à¦ªà¦¡à§à¦ à¦à¦°à¦¤à§ ঠনà§à¦°à§à¦§ à¦à¦°à¦¬à§à¥¤" #: http//localhost/faq/faq-3/ #: (content/faq/faq-3/contents+en.lrquestion.description) @@ -4006,6 +4014,8 @@ msgid "" "The Torbutton icon (the little onion in the top left corner of the browser) " "will display a yellow triangle." msgstr "" +"Torbutton à¦à¦à¦à¦¨ (বà§à¦°à¦¾à¦à¦à¦¾à¦°à§à¦° à¦à¦ªà¦°à§à¦° বাঠà¦à§à¦£à§ à¦à§à¦ সবà§à¦ পà§à¦à¦¯à¦¼à¦¾à¦) à¦à¦à¦à¦¿ হলà§à¦¦ " +"তà§à¦°à¦¿à¦à§à¦ পà§à¦°à¦¦à¦°à§à¦¶à¦¨ à¦à¦°à¦¬à§ ।" #: http//localhost/operators/operators-6/ #: (content/operators/operators-6/contents+en.lrquestion.description) diff --git a/contents+de.po b/contents+de.po index d8390c23d..ee7f33b55 100644 --- a/contents+de.po +++ b/contents+de.po @@ -3367,7 +3367,7 @@ msgstr "tor-browser-macht-mich-zum-relay" #: http//localhost/tbb/tbb-37/ #: (content/tbb/tbb-37/contents+en.lrquestion.description) msgid "* Español (es-ES)" -msgstr "" +msgstr "* Español (es-ES)" #: http//localhost/tbb/tbb-19/ #: (content/tbb/tbb-19/contents+en.lrquestion.seo_slug) diff --git a/contents+es.po b/contents+es.po index 6ebb0c2d0..0f5c2a637 100644 --- a/contents+es.po +++ b/contents+es.po @@ -76,7 +76,7 @@ msgstr "" #: http//localhost/https/https-1/ #: (content/https/https-1/contents+en.lrquestion.description) msgid "Tor prevents eavesdroppers from learning sites that you visit." -msgstr "" +msgstr "Tor evita que alguien a la escucha sepa los sitios que visitas." #: http//localhost/tbb/tbb-41/ #: (content/tbb/tbb-41/contents+en.lrquestion.description) @@ -1197,6 +1197,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"Por favor, mira las âhttps://www.eff.org/https-; +"everywhere/faq\">preguntas frecuentes (FAQ) de HTTPS Everywhere." #: http//localhost/misc/misc-5/ #: (content/misc/misc-5/contents+en.lrquestion.seo_slug) diff --git a/contents+tr.po b/contents+tr.po index fdbdac904..acea91730 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -74,6 +74,8 @@ msgstr "" #: (content/https/https-1/contents+en.lrquestion.description) msgid "Tor prevents eavesdroppers from learning sites that you visit." msgstr "" +"Tor baÄlantınızı izleyen kiÅi ya da kuruluÅların ziyaret ettiÄiniz siteleri " +"görmesini engeller." #: http//localhost/tbb/tbb-41/ #: (content/tbb/tbb-41/contents+en.lrquestion.description) @@ -1186,6 +1188,8 @@ msgid "" "Please see the https://www.eff.org/https-; "everywhere/faq\">HTTPS Everywhere FAQ." msgstr "" +"https://www.eff.org/https-everywhere/faq\;>HTTPS Everywhere " +"SSS bölümüne