date:20180907

[tor-commits] [translation/torbutton-browseronboardingproperties_completed] Update translations for torbutton-browseronboardingproperties_completed

2018-09-07 Thread translation

commit 20f187eaa027de71ad8bf6f2fe9101551ec59ba3
Author: Translation commit bot 
Date:   Sat Sep 8 04:48:14 2018 +

Update translations for torbutton-browseronboardingproperties_completed
---
 tr/browserOnboarding.properties | 54 +
 1 file changed, 54 insertions(+)

diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties
new file mode 100644
index 0..219f3037e
--- /dev/null
+++ b/tr/browserOnboarding.properties
@@ -0,0 +1,54 @@
+# Copyright (c) 2018, The Tor Project, Inc.
+# See LICENSE for licensing information.
+# vim: set sw=2 sts=2 ts=8 et:
+
+onboarding.tour-tor-welcome=HoÅ Geldiniz
+onboarding.tour-tor-welcome.title=HazÄ±rsÄ±nÄ±z.
+onboarding.tour-tor-welcome.description=Tor Browser, web Ã¼zerinde gezinirken 
en yÃ¼kek standartlarda kiÅisel gizlilik ve gÃ¼velik saÄlar. Ä°zleme, 
gÃ¶zetleme ve engellemeye karÅÄ± koruma saÄlar. NasÄ±l olduÄunu buradan 
hÄ±zlÄ±ca gÃ¶rebilirsiniz.
+onboarding.tour-tor-welcome.button=BaÅlayÄ±n
+
+onboarding.tour-tor-privacy=KiÅisel Gizlilik
+onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklÄ±lara hadlerini 
bildirin.
+onboarding.tour-tor-privacy.description=Tor Browser Ã§erezleri yalÄ±tÄ±r ve 
kapattÄ±Ä±ÄÄ±nÄ±zda web tarayÄ±cÄ± geÃ§miÅinizi siler. Bu deÄiÅiklikler web 
tarayÄ±cÄ± Ã¼zerinde kiÅisel gizliliÄinizin ve gÃ¼venliÄinizin korunmasÄ±nÄ± 
saÄlar. AÄ dÃ¼zeyinde nasÄ±l koruma saÄladÄ±ÄÄ±mÄ±zÄ± Ã¶Ärenmek iÃ§in 'Tor 
AÄo' Ã¼zerine tÄ±klayÄ±n.
+onboarding.tour-tor-privacy.button=Tor AÄÄ±na GeÃ§
+
+onboarding.tour-tor-network=Tor AÄÄ±
+onboarding.tour-tor-network.title=Tek merkezden yÃ¶netilmeyen bir aÄda 
gezinin.
+onboarding.tour-tor-network.description=Tor Browser sizi tÃ¼m dÃ¼nyada 
binlerce gÃ¶nÃ¼llÃ¼ tarafÄ±ndan iÅletilen Tor AÄÄ±na baÄlar. VPN 
baÄlantÄ±sÄ±nÄ±n aksine gÃ¼venlik aÃ§Ä±ÄÄ± oluÅturacak bir nokta ya da 
Ä°nternet Ã¼zerinde kiÅisel gizliliÄinizi koruyarak gezinmeniz iÃ§in 
gÃ¼venmeniz gereken merkezi bir kuruluÅ yoktur.
+onboarding.tour-tor-network.button=Devre GÃ¶rÃ¼nÃ¼mÃ¼ne GeÃ§
+
+onboarding.tour-tor-circuit-display=Devre GÃ¶rÃ¼nÃ¼mÃ¼
+onboarding.tour-tor-circuit-display.title=Yolunuzu gÃ¶rÃ¼n.
+onboarding.tour-tor-circuit-display.description=Ziyaret ettiÄiniz her web 
sitesi iÃ§in baÄlantÄ±nÄ±z dÃ¼nya Ã¼zerindeki Ã¼Ã§ Tor aktarÄ±cÄ±sÄ±ndan 
oluÅan bir devreden Åifrelenir ve aktarÄ±lÄ±r. HiÃ§ bir web sitesi sizin 
gerÃ§ekte nereden baÄlandÄ±ÄÄ±nÄ±zÄ± bilemez. KullandÄ±ÄÄ±nÄ±z devreyi 
deÄiÅtirmek iÃ§in Devre GÃ¶rÃ¼nÃ¼mÃ¼nde "Bu Sitenin Devresini Yenile" 
Ã¼zerine tÄ±klayÄ±n.
+onboarding.tour-tor-circuit-display.button=Yolumu GÃ¶ster
+
+onboarding.tour-tor-security=GÃ¼venlik
+onboarding.tour-tor-security.title=Deneyiminizi Ã¶zelleÅtirin.
+onboarding.tour-tor-security.description=Ek ayarlarÄ± kullanarak web 
tarayÄ±cÄ±nÄ±zÄ±n gÃ¼venliÄini arttÄ±rabilirsiniz. GÃ¼venlik AyarlarÄ±mÄ±z 
bilgisayarÄ±nÄ±za saldÄ±rmak iÃ§in kullanÄ±labilecek bileÅenleri engellemenizi 
saÄlar. SeÃ§eneklerinizi gÃ¶rebilmek iÃ§in aÅaÄÄ±ya tÄ±klayÄ±n.
+onboarding.tour-tor-security.button=AyarlarÄ± GÃ¶zden GeÃ§ir
+
+onboarding.tour-tor-expect-differences=Deneyim Ä°puÃ§larÄ±
+onboarding.tour-tor-expect-differences.title=BazÄ± farklÄ±lÄ±klara aÃ§Ä±k olun.
+onboarding.tour-tor-expect-differences.description=Tor tarafÄ±ndan saÄlanan 
tÃ¼m kiÅisel gizlilik ve gÃ¼venlik Ã¶zellikleri nedeniyle Ä°nternet Ã¼zerinde 
gezinme deneyiminiz biraz farklÄ± olabilir. Sayfalar biraz yavaÅ olabilir ve 
kullandÄ±ÄÄ±nÄ±z gÃ¼venlik dÃ¼zeyine gÃ¶re bazÄ± bileÅenler yÃ¼klenmeyebilir 
ya da Ã§alÄ±Åmayabilir. AyrÄ±ca bir insan mÄ± robot mu olduÄunuzu 
kanÄ±tlamanÄ±z istenebilir.
+onboarding.tour-tor-expect-differences.button=SÄ±k Sorulan Sorulara BakÄ±n
+
+onboarding.tour-tor-onion-services=Onion Hizmetleri
+onboarding.tour-tor-onion-services.title=Ek koruma saÄlayÄ±n.
+onboarding.tour-tor-onion-services.description=Onion hizmetleri, yayÄ±ncÄ±lar 
ile ziyaretÃ§iler iÃ§in ek gÃ¼venlik ve engellemeleri aÅmak iÃ§in koruma 
saÄlayan, sonu .onion uzantÄ±sÄ± ile biten web siteleridir. Onion hizmetleri 
sayesinde isteyen herkes anonim olarak iÃ§erik ve hizmet sunabilir. DuckDuckGo 
onion sitesini ziyaret etmek iÃ§in aÅaÄÄ±ya tÄ±klayabilirsiniz.
+onboarding.tour-tor-onion-services.button=Bir Onion Sitesine Gidin
+
+# Circuit Display onboarding.
+onboarding.tor-circuit-display.next=Sonraki
+onboarding.tor-circuit-display.done=Bitti
+onboarding.tor-circuit-display.one-of-three=1 / 3
+onboarding.tor-circuit-display.two-of-three=2 / 3
+onboarding.tor-circuit-display.three-of-three=3 / 3
+
+onboarding.tor-circuit-display.intro.title=Devreler nasÄ±l Ã§alÄ±ÅÄ±r?
+onboarding.tor-circuit-display.intro.msg=Devreler, dÃ¼nya Ã§apÄ±nda Tor 
trafiÄini aktarmak Ã¼zere yapÄ±landÄ±rÄ±lmÄ±Å bilgisayarlar olan rastgele 
atanmÄ±Å aktarÄ±cÄ±lardan oluÅur. Devreler, kiÅisel gizliliÄinizi koruyarak 
gezinmenizi ve onion hizmetlerine baÄlanmanÄ±zÄ± saÄlar.
+

[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties

2018-09-07 Thread translation

commit 9cec40191fcf7dedafa6d909f8f2e0c90a506339
Author: Translation commit bot 
Date:   Sat Sep 8 04:48:09 2018 +

Update translations for torbutton-browseronboardingproperties
---
 tr/browserOnboarding.properties | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties
index d5ed8161c..219f3037e 100644
--- a/tr/browserOnboarding.properties
+++ b/tr/browserOnboarding.properties
@@ -29,26 +29,26 @@ onboarding.tour-tor-security.button=AyarlarÄ± GÃ¶zden GeÃ§ir
 
 onboarding.tour-tor-expect-differences=Deneyim Ä°puÃ§larÄ±
 onboarding.tour-tor-expect-differences.title=BazÄ± farklÄ±lÄ±klara aÃ§Ä±k olun.
-onboarding.tour-tor-expect-differences.description=With all the security and 
privacy features provided by Tor, your experience while browsing the internet 
may be a little different. Things may be a bit slower, and depending on your 
security level, some elements may not work or load. You may also be asked to 
prove you are a human and not a robot.
-onboarding.tour-tor-expect-differences.button=See FAQs
+onboarding.tour-tor-expect-differences.description=Tor tarafÄ±ndan saÄlanan 
tÃ¼m kiÅisel gizlilik ve gÃ¼venlik Ã¶zellikleri nedeniyle Ä°nternet Ã¼zerinde 
gezinme deneyiminiz biraz farklÄ± olabilir. Sayfalar biraz yavaÅ olabilir ve 
kullandÄ±ÄÄ±nÄ±z gÃ¼venlik dÃ¼zeyine gÃ¶re bazÄ± bileÅenler yÃ¼klenmeyebilir 
ya da Ã§alÄ±Åmayabilir. AyrÄ±ca bir insan mÄ± robot mu olduÄunuzu 
kanÄ±tlamanÄ±z istenebilir.
+onboarding.tour-tor-expect-differences.button=SÄ±k Sorulan Sorulara BakÄ±n
 
 onboarding.tour-tor-onion-services=Onion Hizmetleri
-onboarding.tour-tor-onion-services.title=Be extra protected.
-onboarding.tour-tor-onion-services.description=Onion services are sites that 
end with a .onion that provide extra protections to publishers and visitors, 
including added safeguards against censorship. Onion services allow anyone to 
provide content and services anonymously. Click below to visit the DuckDuckGo 
onion site.
-onboarding.tour-tor-onion-services.button=Visit an Onion
+onboarding.tour-tor-onion-services.title=Ek koruma saÄlayÄ±n.
+onboarding.tour-tor-onion-services.description=Onion hizmetleri, yayÄ±ncÄ±lar 
ile ziyaretÃ§iler iÃ§in ek gÃ¼venlik ve engellemeleri aÅmak iÃ§in koruma 
saÄlayan, sonu .onion uzantÄ±sÄ± ile biten web siteleridir. Onion hizmetleri 
sayesinde isteyen herkes anonim olarak iÃ§erik ve hizmet sunabilir. DuckDuckGo 
onion sitesini ziyaret etmek iÃ§in aÅaÄÄ±ya tÄ±klayabilirsiniz.
+onboarding.tour-tor-onion-services.button=Bir Onion Sitesine Gidin
 
 # Circuit Display onboarding.
 onboarding.tor-circuit-display.next=Sonraki
 onboarding.tor-circuit-display.done=Bitti
-onboarding.tor-circuit-display.one-of-three=1 of 3
-onboarding.tor-circuit-display.two-of-three=2 of 3
-onboarding.tor-circuit-display.three-of-three=3 of 3
+onboarding.tor-circuit-display.one-of-three=1 / 3
+onboarding.tor-circuit-display.two-of-three=2 / 3
+onboarding.tor-circuit-display.three-of-three=3 / 3
 
-onboarding.tor-circuit-display.intro.title=How do circuits work?
-onboarding.tor-circuit-display.intro.msg=Circuits are made up of randomly 
assigned relays, which are computers around the world configured to forward Tor 
traffic. Circuits allow you to browse privately and to connect to onion 
services.
+onboarding.tor-circuit-display.intro.title=Devreler nasÄ±l Ã§alÄ±ÅÄ±r?
+onboarding.tor-circuit-display.intro.msg=Devreler, dÃ¼nya Ã§apÄ±nda Tor 
trafiÄini aktarmak Ã¼zere yapÄ±landÄ±rÄ±lmÄ±Å bilgisayarlar olan rastgele 
atanmÄ±Å aktarÄ±cÄ±lardan oluÅur. Devreler, kiÅisel gizliliÄinizi koruyarak 
gezinmenizi ve onion hizmetlerine baÄlanmanÄ±zÄ± saÄlar.
 
 onboarding.tor-circuit-display.diagram.title=Devre GÃ¶rÃ¼nÃ¼mÃ¼
-onboarding.tor-circuit-display.diagram.msg=This diagram shows the relays that 
make up the circuit for this website. To prevent linking of activity across 
different sites, each website gets a different circuit.
+onboarding.tor-circuit-display.diagram.msg=Bu web sitesinin devresinde 
kullanÄ±lan aktarÄ±cÄ±lar bu Åemada gÃ¶rÃ¼lebilir. FarklÄ± web siteleri 
arasÄ±nda yapÄ±lan iÅlemler arasÄ±nda baÄlantÄ± kurulmasÄ±nÄ± engellemek 
iÃ§in her web sitesinde farklÄ± bir devre kullanÄ±lÄ±r.
 
-onboarding.tor-circuit-display.new-circuit.title=Do you need a new circuit?
-onboarding.tor-circuit-display.new-circuit.msg=If you are not able to connect 
to the website youâre trying to visit or it is not loading properly, then you 
can use this button to reload the site with a new circuit.
+onboarding.tor-circuit-display.new-circuit.title=Yeni bir devre mi gerekli?
+onboarding.tor-circuit-display.new-circuit.msg=Ziyaret etmeye 
Ã§alÄ±ÅtÄ±ÄÄ±nÄ±z web sitesine baÄlanamÄ±yorsanÄ±z ya da site dÃ¼zgÃ¼n bir 
Åekilde yÃ¼klenmiyorsa, siteyi yeni bir devre kullanarak yeniden yÃ¼klemek 
iÃ§in bu dÃ¼Ämeyi kullanabilirsiniz.

___
tor-commits

[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties

2018-09-07 Thread translation

commit 3fc2d93bf4c5dd15695192858d07c14620069273
Author: Translation commit bot 
Date:   Sat Sep 8 04:18:13 2018 +

Update translations for torbutton-browseronboardingproperties
---
 tr/browserOnboarding.properties | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties
index 1c9a594e3..d5ed8161c 100644
--- a/tr/browserOnboarding.properties
+++ b/tr/browserOnboarding.properties
@@ -10,25 +10,25 @@ onboarding.tour-tor-welcome.button=BaÅlayÄ±n
 onboarding.tour-tor-privacy=KiÅisel Gizlilik
 onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklÄ±lara hadlerini 
bildirin.
 onboarding.tour-tor-privacy.description=Tor Browser Ã§erezleri yalÄ±tÄ±r ve 
kapattÄ±Ä±ÄÄ±nÄ±zda web tarayÄ±cÄ± geÃ§miÅinizi siler. Bu deÄiÅiklikler web 
tarayÄ±cÄ± Ã¼zerinde kiÅisel gizliliÄinizin ve gÃ¼venliÄinizin korunmasÄ±nÄ± 
saÄlar. AÄ dÃ¼zeyinde nasÄ±l koruma saÄladÄ±ÄÄ±mÄ±zÄ± Ã¶Ärenmek iÃ§in 'Tor 
AÄo' Ã¼zerine tÄ±klayÄ±n.
-onboarding.tour-tor-privacy.button=Tor AÄÄ±na Gidin
+onboarding.tour-tor-privacy.button=Tor AÄÄ±na GeÃ§
 
 onboarding.tour-tor-network=Tor AÄÄ±
 onboarding.tour-tor-network.title=Tek merkezden yÃ¶netilmeyen bir aÄda 
gezinin.
-onboarding.tour-tor-network.description=Tor Browser connects you to the Tor 
network run by thousands of volunteers around the world. Unlike a VPN, 
thereâs no one point of failure or centralized entity you need to trust in 
order to enjoy the internet privately.
-onboarding.tour-tor-network.button=Go to Circuit Display
+onboarding.tour-tor-network.description=Tor Browser sizi tÃ¼m dÃ¼nyada 
binlerce gÃ¶nÃ¼llÃ¼ tarafÄ±ndan iÅletilen Tor AÄÄ±na baÄlar. VPN 
baÄlantÄ±sÄ±nÄ±n aksine gÃ¼venlik aÃ§Ä±ÄÄ± oluÅturacak bir nokta ya da 
Ä°nternet Ã¼zerinde kiÅisel gizliliÄinizi koruyarak gezinmeniz iÃ§in 
gÃ¼venmeniz gereken merkezi bir kuruluÅ yoktur.
+onboarding.tour-tor-network.button=Devre GÃ¶rÃ¼nÃ¼mÃ¼ne GeÃ§
 
-onboarding.tour-tor-circuit-display=Circuit Display
-onboarding.tour-tor-circuit-display.title=See your path.
-onboarding.tour-tor-circuit-display.description=For each domain you visit, 
your traffic is relayed and encrypted in a circuit across three Tor relays 
around the world. No website knows where you are connecting from. You can 
request a new circuit by clicking âNew Circuit for this Siteâ on our 
Circuit Display.
-onboarding.tour-tor-circuit-display.button=See My Path
+onboarding.tour-tor-circuit-display=Devre GÃ¶rÃ¼nÃ¼mÃ¼
+onboarding.tour-tor-circuit-display.title=Yolunuzu gÃ¶rÃ¼n.
+onboarding.tour-tor-circuit-display.description=Ziyaret ettiÄiniz her web 
sitesi iÃ§in baÄlantÄ±nÄ±z dÃ¼nya Ã¼zerindeki Ã¼Ã§ Tor aktarÄ±cÄ±sÄ±ndan 
oluÅan bir devreden Åifrelenir ve aktarÄ±lÄ±r. HiÃ§ bir web sitesi sizin 
gerÃ§ekte nereden baÄlandÄ±ÄÄ±nÄ±zÄ± bilemez. KullandÄ±ÄÄ±nÄ±z devreyi 
deÄiÅtirmek iÃ§in Devre GÃ¶rÃ¼nÃ¼mÃ¼nde "Bu Sitenin Devresini Yenile" 
Ã¼zerine tÄ±klayÄ±n.
+onboarding.tour-tor-circuit-display.button=Yolumu GÃ¶ster
 
 onboarding.tour-tor-security=GÃ¼venlik
-onboarding.tour-tor-security.title=Choose your experience.
-onboarding.tour-tor-security.description=We also provide you with additional 
settings for bumping up your browser security. Our Security Settings allow you 
to block elements that could be used to attack your computer. Click below to 
see what the different options do.
-onboarding.tour-tor-security.button=Review Settings
+onboarding.tour-tor-security.title=Deneyiminizi Ã¶zelleÅtirin.
+onboarding.tour-tor-security.description=Ek ayarlarÄ± kullanarak web 
tarayÄ±cÄ±nÄ±zÄ±n gÃ¼venliÄini arttÄ±rabilirsiniz. GÃ¼venlik AyarlarÄ±mÄ±z 
bilgisayarÄ±nÄ±za saldÄ±rmak iÃ§in kullanÄ±labilecek bileÅenleri engellemenizi 
saÄlar. SeÃ§eneklerinizi gÃ¶rebilmek iÃ§in aÅaÄÄ±ya tÄ±klayÄ±n.
+onboarding.tour-tor-security.button=AyarlarÄ± GÃ¶zden GeÃ§ir
 
-onboarding.tour-tor-expect-differences=Experience Tips
-onboarding.tour-tor-expect-differences.title=Expect some differences.
+onboarding.tour-tor-expect-differences=Deneyim Ä°puÃ§larÄ±
+onboarding.tour-tor-expect-differences.title=BazÄ± farklÄ±lÄ±klara aÃ§Ä±k olun.
 onboarding.tour-tor-expect-differences.description=With all the security and 
privacy features provided by Tor, your experience while browsing the internet 
may be a little different. Things may be a bit slower, and depending on your 
security level, some elements may not work or load. You may also be asked to 
prove you are a human and not a robot.
 onboarding.tour-tor-expect-differences.button=See FAQs
 
@@ -47,7 +47,7 @@ onboarding.tor-circuit-display.three-of-three=3 of 3
 onboarding.tor-circuit-display.intro.title=How do circuits work?
 onboarding.tor-circuit-display.intro.msg=Circuits are made up of randomly 
assigned relays, which are computers around the world configured to forward Tor 
traffic. Circuits allow you to browse privately and to connect to onion 
services.

[tor-commits] [translation/tails-onioncircuits] Update translations for tails-onioncircuits

2018-09-07 Thread translation

commit 96988f99ba0cf68d9dcac07b2e48924687a13f7a
Author: Translation commit bot 
Date:   Sat Sep 8 04:16:31 2018 +

Update translations for tails-onioncircuits
---
 tr/onioncircuits.pot | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tr/onioncircuits.pot b/tr/onioncircuits.pot
index 3f22e29c5..7bbe54cce 100644
--- a/tr/onioncircuits.pot
+++ b/tr/onioncircuits.pot
@@ -3,14 +3,14 @@
 # This file is distributed under the same license as the PACKAGE package.
 # 
 # Translators:
-# Kaya Zeren , 2016
+# Kaya Zeren , 2016,2018
 # Volkan Gezer , 2016
 msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2017-08-03 13:00+\n"
-"PO-Revision-Date: 2017-09-23 22:22+\n"
+"PO-Revision-Date: 2018-09-08 04:07+\n"
 "Last-Translator: Kaya Zeren \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -25,7 +25,7 @@ msgstr "HenÃ¼z Tor aÄÄ±na baÄlÄ± deÄilsiniz..."
 
 #: ../onioncircuits:95
 msgid "Onion Circuits"
-msgstr "Onion Circuits"
+msgstr "Onion Devreleri"
 
 #: ../onioncircuits:125
 msgid "Circuit"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-onioncircuits_completed] Update translations for tails-onioncircuits_completed

2018-09-07 Thread translation

commit 70cd3f66111f9d156931d7c8ac9ec6e96120bb96
Author: Translation commit bot 
Date:   Sat Sep 8 04:16:36 2018 +

Update translations for tails-onioncircuits_completed
---
 tr/onioncircuits.pot | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tr/onioncircuits.pot b/tr/onioncircuits.pot
index 3f22e29c5..7bbe54cce 100644
--- a/tr/onioncircuits.pot
+++ b/tr/onioncircuits.pot
@@ -3,14 +3,14 @@
 # This file is distributed under the same license as the PACKAGE package.
 # 
 # Translators:
-# Kaya Zeren , 2016
+# Kaya Zeren , 2016,2018
 # Volkan Gezer , 2016
 msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2017-08-03 13:00+\n"
-"PO-Revision-Date: 2017-09-23 22:22+\n"
+"PO-Revision-Date: 2018-09-08 04:07+\n"
 "Last-Translator: Kaya Zeren \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -25,7 +25,7 @@ msgstr "HenÃ¼z Tor aÄÄ±na baÄlÄ± deÄilsiniz..."
 
 #: ../onioncircuits:95
 msgid "Onion Circuits"
-msgstr "Onion Circuits"
+msgstr "Onion Devreleri"
 
 #: ../onioncircuits:125
 msgid "Circuit"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit 096d2a6364a4738466f825e586746dbe981f2675
Author: Translation commit bot 
Date:   Sat Sep 8 03:49:14 2018 +

Update translations for support-portal
---
 contents+tr.po | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/contents+tr.po b/contents+tr.po
index b100ddfc6..8a8a3e59e 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -307,7 +307,7 @@ msgstr "Maalesef, henÃ¼z ChromeOS iÃ§in resmi bir Tor 
Browser sÃ¼rÃ¼mÃ¼mÃ¼z yok.
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -571,6 +571,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/tbb/tbb-18/
 #: (content/tbb/tbb-18/contents+en.lrquestion.description)
@@ -852,7 +854,7 @@ msgstr "tor-baglantisi-kurmakta-sorun-yasiyorum"
 #: http//localhost/misc/misc-4/
 #: (content/misc/misc-4/contents+en.lrquestion.title)
 msgid "Can I use Tor with BitTorrent?"
-msgstr "Tor'u BitTorrent ile kullanabilir miyim?"
+msgstr "Tor ile BitTorrent kullanabilir miyim?"
 
 #: http//localhost/misc/misc-3/
 #: (content/misc/misc-3/contents+en.lrquestion.description)
@@ -1621,7 +1623,7 @@ msgstr "tor-baglantisi"
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.description)
@@ -1668,6 +1670,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/tbb/tbb-28/
 #: (content/tbb/tbb-28/contents+en.lrquestion.description)
@@ -3583,6 +3587,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/onionservices/onionservices-1/
 #: (content/onionservices/onionservices-1/contents+en.lrquestion.description)
@@ -3610,6 +3616,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/operators/operators-7/
 #: (content/operators/operators-7/contents+en.lrquestion.description)
@@ -4266,7 +4274,7 @@ msgstr ""
 #: http//localhost/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/connecting/connecting-2/
 #: (content/connecting/connecting-2/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-09-07 Thread translation

commit b9d010941212bec0c20a354c4ce321f2f261cbed
Author: Translation commit bot 
Date:   Sat Sep 8 03:49:20 2018 +

Update translations for support-portal_completed
---
 contents+tr.po | 400 +++--
 1 file changed, 161 insertions(+), 239 deletions(-)

diff --git a/contents+tr.po b/contents+tr.po
index 520a7df7a..8a8a3e59e 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -9,7 +9,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-09-07 15:19+CET\n"
+"POT-Creation-Date: 2018-09-07 17:41+CET\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: Goktug Cetin , 2018\n"
 "Language-Team: Turkish (https://www.transifex.com/otf/teams/1519/tr/)\n"
@@ -70,6 +70,13 @@ msgstr ""
 "eriÅilmesini istiyorsa, siz dÃ¼nyanÄ±n baÅka bir yerindeki bir aktarÄ±cÄ± "
 "Ã¼zerinden geldiÄinizde hesabÄ±nÄ±z engellenebilir)."
 
+#: http//localhost/https/https-1/
+#: (content/https/https-1/contents+en.lrquestion.description)
+msgid "Tor prevents eavesdroppers from learning sites that you visit."
+msgstr ""
+"Tor baÄlantÄ±nÄ±zÄ± izleyen kiÅi ya da kuruluÅlarÄ±n ziyaret ettiÄiniz 
siteleri "
+"gÃ¶rmesini engeller."
+
 #: http//localhost/tbb/tbb-41/
 #: (content/tbb/tbb-41/contents+en.lrquestion.description)
 msgid ""
@@ -252,16 +259,6 @@ msgstr ""
 msgid "What is a .onion or what are onion services?"
 msgstr ".onion ya da onion hizmetleri nedir?"
 
-#: http//localhost/operators/operators-1/
-#: (content/operators/operators-1/contents+en.lrquestion.description)
-msgid ""
-"After a few hours (to give it enough time to propagate), you can query Atlas"
-" to see whether your relay has successfully registered in the network."
-msgstr ""
-"Bir kaÃ§ saat sonra (bilgilerin yayÄ±lmasÄ± iÃ§in yeterli zamanÄ± tanÄ±yÄ±n), 
Atlas"
-" Ã¼zerinde bir sorgu yÃ¼rÃ¼terek aktarÄ±cÄ±nÄ±zÄ±n aÄa kayÄ±t olup 
olmadÄ±ÄÄ±na "
-"bakabilirsiniz."
-
 #: http//localhost/misc/misc-12/
 #: (content/misc/misc-12/contents+en.lrquestion.description)
 msgid ""
@@ -307,15 +304,10 @@ msgid ""
 "Unfortunately, we don't yet have a version of Tor Browser for ChromeOS."
 msgstr "Maalesef, henÃ¼z ChromeOS iÃ§in resmi bir Tor Browser sÃ¼rÃ¼mÃ¼mÃ¼z 
yok."
 
-#: http//localhost/operators/operators-6/
-#: (content/operators/operators-6/contents+en.lrquestion.description)
-msgid ""
-"* Look for a log entry in /var/log/syslog such as \"Self-testing indicates "
-"your ORPort is reachable from the outside. Excellent.\""
-msgstr ""
-"* /var/log/syslog gÃ¼nlÃ¼k dosyasÄ±nda \"Self-testing indicates your ORPort 
is "
-"reachable from the outside. Excellent.\" gibi bir satÄ±r olup olmadÄ±ÄÄ±na "
-"bakÄ±n."
+#: http//localhost/tbb/tbb-27/
+#: (content/tbb/tbb-27/contents+en.lrquestion.description)
+msgid ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -400,6 +392,8 @@ msgstr ""
 msgid "RunAsDaemon 1"
 msgstr "Daemon 1 Olarak ÃalÄ±ÅtÄ±r"
 
+#: http//localhost/connecting/connecting-2/
+#: (content/connecting/connecting-2/contents+en.lrquestion.description)
 #: http//localhost/censorship/censorship-5/
 #: (content/censorship/censorship-5/contents+en.lrquestion.description)
 msgid ""
@@ -557,15 +551,6 @@ msgstr ""
 "Kendi aktarÄ±cÄ±nÄ±zÄ± iÅleterek ya da baÅkalarÄ±nÄ± bu konuda 
yÃ¼reklendirerek aÄ "
 "hÄ±zÄ±nÄ±n artmasÄ±na katkÄ±da bulunabilirsiniz."
 
-#: http//localhost/onionservices/onionservices-2/
-#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
-msgid ""
-""
-msgstr ""
-""
-
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
@@ -580,14 +565,14 @@ msgstr ""
 msgid "You can update Tor Browser as soon as a new version is released."
 msgstr "Yeni bir Tor Browser sÃ¼rÃ¼mÃ¼ yayÄ±nlandÄ±ÄÄ±nda 
gÃ¼ncelleyebilirsiniz."
 
-#: http//localhost/tbb/tbb-29/
-#: (content/tbb/tbb-29/contents+en.lrquestion.description)
+#: http//localhost/onionservices/onionservices-2/
+#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
-""
+""
 msgstr ""
-""
+""
 
 #: http//localhost/tbb/tbb-18/
 #: (content/tbb/tbb-18/contents+en.lrquestion.description)
@@ -596,14 +581,8 @@ msgid ""
 " *BSD."
 msgstr "Maalesef, henÃ¼z *BSD iÃ§in resmi bir Tor Browser sÃ¼rÃ¼mÃ¼mÃ¼z yok."
 
-#: http//localhost/tbb/tbb-27/
-#: (content/tbb/tbb-27/contents+en.lrquestion.description)
-#: http//localhost/tbb/tbb-29/
-#: (content/tbb/tbb-29/contents+en.lrquestion.description)
 #: http//localhost/https/https-1/
 #: (content/https/https-1/contents+en.lrquestion.description)
-#: http//localhost/onionservices/onionservices-2/
-#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
 msgstr ""
 
@@ -659,14 +638,14 @@ msgstr "onion-hizmetleri"
 msgid "Onion Services"
 msgstr "Onion Hizmetleri"
 
-#: http//localhost/tbb/tbb-27/
-#: (content/tbb/tbb-27/contents+en.lrquestion.description)

[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties

2018-09-07 Thread translation

commit 90262e0c629ad5b1155d77667baae7200d7c8c3c
Author: Translation commit bot 
Date:   Sat Sep 8 03:48:31 2018 +

Update translations for torbutton-browseronboardingproperties
---
 tr/browserOnboarding.properties | 24 
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tr/browserOnboarding.properties b/tr/browserOnboarding.properties
index 9413168cc..1c9a594e3 100644
--- a/tr/browserOnboarding.properties
+++ b/tr/browserOnboarding.properties
@@ -2,18 +2,18 @@
 # See LICENSE for licensing information.
 # vim: set sw=2 sts=2 ts=8 et:
 
-onboarding.tour-tor-welcome=Courier'a
-onboarding.tour-tor-welcome.title=Youâre ready.
-onboarding.tour-tor-welcome.description=Tor Browser offers the highest 
standard of privacy and security while browsing the web. Youâre now protected 
against tracking, surveillance, and censorship. This quick onboarding will show 
you how.
-onboarding.tour-tor-welcome.button=Start Now
-
-onboarding.tour-tor-privacy=Gizlilik
-onboarding.tour-tor-privacy.title=Snub trackers and snoopers.
-onboarding.tour-tor-privacy.description=Tor Browser isolates cookies and 
deletes your browser history after your session. These modifications ensure 
your privacy and security are protected in the browser. Click âTor Networkâ 
to learn how we protect you on the network level.
-onboarding.tour-tor-privacy.button=Go to Tor Network
-
-onboarding.tour-tor-network=Tor Network
-onboarding.tour-tor-network.title=Travel a decentralized network.
+onboarding.tour-tor-welcome=HoÅ Geldiniz
+onboarding.tour-tor-welcome.title=HazÄ±rsÄ±nÄ±z.
+onboarding.tour-tor-welcome.description=Tor Browser, web Ã¼zerinde gezinirken 
en yÃ¼kek standartlarda kiÅisel gizlilik ve gÃ¼velik saÄlar. Ä°zleme, 
gÃ¶zetleme ve engellemeye karÅÄ± koruma saÄlar. NasÄ±l olduÄunu buradan 
hÄ±zlÄ±ca gÃ¶rebilirsiniz.
+onboarding.tour-tor-welcome.button=BaÅlayÄ±n
+
+onboarding.tour-tor-privacy=KiÅisel Gizlilik
+onboarding.tour-tor-privacy.title=Ä°zleyenlere ve meraklÄ±lara hadlerini 
bildirin.
+onboarding.tour-tor-privacy.description=Tor Browser Ã§erezleri yalÄ±tÄ±r ve 
kapattÄ±Ä±ÄÄ±nÄ±zda web tarayÄ±cÄ± geÃ§miÅinizi siler. Bu deÄiÅiklikler web 
tarayÄ±cÄ± Ã¼zerinde kiÅisel gizliliÄinizin ve gÃ¼venliÄinizin korunmasÄ±nÄ± 
saÄlar. AÄ dÃ¼zeyinde nasÄ±l koruma saÄladÄ±ÄÄ±mÄ±zÄ± Ã¶Ärenmek iÃ§in 'Tor 
AÄo' Ã¼zerine tÄ±klayÄ±n.
+onboarding.tour-tor-privacy.button=Tor AÄÄ±na Gidin
+
+onboarding.tour-tor-network=Tor AÄÄ±
+onboarding.tour-tor-network.title=Tek merkezden yÃ¶netilmeyen bir aÄda 
gezinin.
 onboarding.tour-tor-network.description=Tor Browser connects you to the Tor 
network run by thousands of volunteers around the world. Unlike a VPN, 
thereâs no one point of failure or centralized entity you need to trust in 
order to enjoy the internet privately.
 onboarding.tour-tor-network.button=Go to Circuit Display
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-persistence-setup] Update translations for tails-persistence-setup

2018-09-07 Thread translation

commit e3b1d6e34a5cf73cd92e4763f13b8b0f2288ac69
Author: Translation commit bot 
Date:   Sat Sep 8 01:46:42 2018 +

Update translations for tails-persistence-setup
---
 lo/lo.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lo/lo.po b/lo/lo.po
index 9796b6166..7edaaaf89 100644
--- a/lo/lo.po
+++ b/lo/lo.po
@@ -9,8 +9,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: Tails developers \n"
 "POT-Creation-Date: 2018-08-16 11:14+0200\n"
-"PO-Revision-Date: 2018-08-16 14:16+\n"
-"Last-Translator: carolyn \n"
+"PO-Revision-Date: 2018-09-08 01:23+\n"
+"Last-Translator: àºªàºµàºªàº¸àº§àº±àº àºªàº±àºàºàº»àº§àºàº¸àº¥àº»àº¡ 
\n"
 "Language-Team: Lao (http://www.transifex.com/otf/torproject/language/lo/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -286,7 +286,7 @@ msgstr ""
 
 #: ../lib/Tails/Persistence/Step/Delete.pm:66
 msgid "Delete"
-msgstr ""
+msgstr "àº¥àº¶àº"
 
 #: ../lib/Tails/Persistence/Step/Delete.pm:117
 msgid "Deleting..."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

2018-09-07 Thread translation

commit cd9ee5c8eda3807c1d3e3650b02f3081be1f7132
Author: Translation commit bot 
Date:   Sat Sep 8 01:45:35 2018 +

Update translations for https_everywhere_completed
---
 lo/https-everywhere.dtd | 17 ++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lo/https-everywhere.dtd b/lo/https-everywhere.dtd
index 895605cb0..9b1f620f5 100644
--- a/lo/https-everywhere.dtd
+++ b/lo/https-everywhere.dtd
@@ -14,14 +14,25 @@
 
 
 
-
-
+
 
+
 
-
+
+
+
+
+
+
+
+
 
 
 
+
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

2018-09-07 Thread translation

commit d27eab753a875867caaa9d61f02ec3ce77ffb02d
Author: Translation commit bot 
Date:   Sat Sep 8 01:45:27 2018 +

Update translations for https_everywhere
---
 lo/https-everywhere.dtd | 28 ++--
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/lo/https-everywhere.dtd b/lo/https-everywhere.dtd
index d6078858d..9b1f620f5 100644
--- a/lo/https-everywhere.dtd
+++ b/lo/https-everywhere.dtd
@@ -2,7 +2,7 @@
 
 
 
-
+
 
 
 
@@ -14,25 +14,25 @@
 
 
 
-
+
 
-
+
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
-
+
 
-
-
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit b72117cff94ffa1d76673b72837350920353fbe2
Author: Translation commit bot 
Date:   Sat Sep 8 00:48:46 2018 +

Update translations for support-portal
---
 contents+ga.po | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/contents+ga.po b/contents+ga.po
index 76026f5e0..f3fe2fe26 100644
--- a/contents+ga.po
+++ b/contents+ga.po
@@ -1854,7 +1854,7 @@ msgstr ""
 #: (content/censorship/censorship-5/contents+en.lrquestion.description)
 msgid "## Common log error #1: Proxy connection failure"
 msgstr ""
-"## EarrÃ¡id choitianta #1 sa logcomhad: Theip ar cheangal le "
+"## EarrÃ¡id choitianta #1 sa logchomhad: Theip ar cheangal le "
 "seachfhreastalaÃ"
 
 #: http//localhost/misc/misc-3/
@@ -1950,7 +1950,7 @@ msgstr "* TorBrowser"
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
 msgid "#Address noname.example.com"
-msgstr "#Seoladh ganainm.example.com"
+msgstr "#Address noname.example.com"
 
 #: http//localhost/tbb/tbb-1/
 #: (content/tbb/tbb-1/contents+en.lrquestion.description)
@@ -1968,7 +1968,7 @@ msgid ""
 "The same protections that keep bad people from breaking Tor's anonymity also"
 " prevent us from tracking users."
 msgstr ""
-"NÃ fÃ©idir linn ÃºsÃ¡ideoirÃ a lorg mar gheall ar an gnÃ©ithe cÃ©anna a "
+"NÃ fÃ©idir linn ÃºsÃ¡ideoirÃ a lorg mar gheall ar na gnÃ©ithe cÃ©anna a "
 "chosnaÃonn do chuid faisnÃ©is phearsanta ar dhrochdhaoine."
 
 #: http//localhost/connecting/connecting-2/
@@ -2228,8 +2228,7 @@ msgid ""
 "You can find more information about donating on our https://donate.torproject.org/donor-faq\;>donor FAQ."
 msgstr ""
-" TÃ¡ tuilleadh eolais ar fÃ¡il ar an leathanach seo:  https://donate.torproject.org/donor-faq\\\;>https://donate.torproject.org/donor-faq\;>Ceisteanna Coitianta do "
 "dheontÃ³irÃ."
 
@@ -4313,6 +4312,10 @@ msgid ""
 " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
 " please check your time, timezone, and date settings."
 msgstr ""
+"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time "
+"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours,"
+" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
+" please check your time, timezone, and date settings."
 
 #: http//localhost/tbb/tbb-7/
 #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit 6d31d3482fb0e35bbf5df5d4e47d6d842dcbe133
Author: Translation commit bot 
Date:   Fri Sep 7 23:48:48 2018 +

Update translations for support-portal
---
 contents+ga.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/contents+ga.po b/contents+ga.po
index 252153493..76026f5e0 100644
--- a/contents+ga.po
+++ b/contents+ga.po
@@ -1614,7 +1614,7 @@ msgid ""
 "of people can also be abused by criminals and malware authors."
 msgstr ""
 "Ach leis an bhfÃrinne a rÃ¡, ÃºsÃ¡ideann go leor daoine Ã¡r gcuid bogearraÃ 
go "
-"laethÃºil ar bhealaÃ dlisteanacha: gnÃomhaÃgh ar son cearta daonna, "
+"laethÃºil ar bhealaÃ dlisteanacha: gnÃomhaithe ar son cearta daonna, "
 "iriseoirÃ, daoine a thÃ¡inig slÃ¡n Ã³ dhroch-Ãde sa mbaile, daoine nochta "
 "scÃ©il, gardaÃ, agus neart eile. Faraor, is fÃ©idir le coirpigh agus le 
hÃºdair"
 " bogearraÃ mailÃseacha leas a bhaint as an gcosaint chÃ©anna a 
sholÃ¡thraÃonn "
@@ -1658,8 +1658,8 @@ msgid ""
 "On Linux, there is no default location, however the folder will be named "
 "\"tor-browser_en-US\" if you are running the English Tor Browser."
 msgstr ""
-"NÃl aon suÃomh rÃ©amhshocraithe ar Linux, ach is Ã© \"tor-browser_en-US\" 
ainm"
-" an fhillteÃ¡in mÃ¡ tÃ¡ an leagan BÃ©arla agat."
+"NÃl aon suÃomh rÃ©amhshocraithe ar Linux, ach is Ã© \"tor-browser_ga-IE\" 
ainm"
+" an fhillteÃ¡in mÃ¡ tÃ¡ an leagan Gaeilge agat."
 
 #: http//localhost/misc/ (content/misc/contents+en.lrtopic.seo_slug)
 msgid "misc"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] find and neutralize nickm's easter egg

2018-09-07 Thread arma

commit e07b692fa1ba20401ae06171e6ae79928d00e028
Author: Roger Dingledine 
Date:   Fri Sep 7 19:31:33 2018 -0400

find and neutralize nickm's easter egg

also fix a typo while i'm here
---
 ChangeLog | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ce9fa9ce5..6c75b5b67 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,4 @@
-Changes in version 0.3.3.10 - 2019-09-10
+Changes in version 0.3.3.10 - 2018-09-10
   Tor 0.3.3.10 backports numerous fixes from later versions of Tor.
 
   o Minor features (bug workaround, backport from 0.3.4.7-rc):
@@ -89,7 +89,7 @@ Changes in version 0.3.3.10 - 2019-09-10
   failure. Fixes bug 26948; bugfix on 0.3.3.1-alpha.
 
   o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
-- Fix a bug in out sandboxing rules for the openat() syscall.
+- Fix a bug in our sandboxing rules for the openat() syscall.
   Previously, no openat() call would be permitted, which would break
   filesystem operations on recent glibc versions. Fixes bug 25440;
   bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit e3ec9b6b256a932d513db9dfbf952c31f372dbec
Author: Translation commit bot 
Date:   Fri Sep 7 23:18:47 2018 +

Update translations for support-portal
---
 contents+ga.po | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/contents+ga.po b/contents+ga.po
index 51b92a569..252153493 100644
--- a/contents+ga.po
+++ b/contents+ga.po
@@ -1119,8 +1119,8 @@ msgid ""
 "ntp or openntpd (or similar) package to keep it that way."
 msgstr ""
 "* Deimhnigh go bhfuil an clog, an dÃ¡ta, agus an crios ama socraithe mar is "
-"ceart. SuiteÃ¡il ntp nÃ³ openntpd (nÃ³ pacÃ¡iste eile den sÃ³rt seo) chun an 
t-am"
-" cheart a choinneÃ¡il."
+"ceart ar do rÃomhaire. SuiteÃ¡il ntp nÃ³ openntpd (nÃ³ pacÃ¡iste eile den 
sÃ³rt "
+"seo) chun an t-am cheart a choinneÃ¡il."
 
 #: http//localhost/faq/faq-4/ (content/faq/faq-4/contents+en.lrquestion.title)
 #: http//localhost/tbb/tbb-31/
@@ -1157,7 +1157,7 @@ msgid ""
 "Several countries, including China and Iran, have found ways to detect and "
 "block connections to Tor bridges."
 msgstr ""
-"TÃ¡ roinnt tÃortha (An tSÃn agus An IarÃ¡in san Ã¡ireamh) in ann ceangail 
trÃ "
+"TÃ¡ roinnt tÃortha, an tSÃn agus an IarÃ¡in san Ã¡ireamh, in ann ceangail 
trÃ "
 "dhroichead Tor a aimsiÃº agus cosc a chur orthu."
 
 #: http//localhost/connecting/connecting-2/
@@ -1252,7 +1252,7 @@ msgstr ""
 msgid "* Make sure your clock, date, and timezone are set correctly."
 msgstr ""
 "* Deimhnigh go bhfuil an clog, an dÃ¡ta, agus an crios ama socraithe mar is "
-"ceart."
+"ceart ar do rÃomhaire."
 
 #: http//localhost/tormessenger/tormessenger-1/
 #: (content/tormessenger/tormessenger-1/contents+en.lrquestion.title)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.2] Remove folded-in changes file (0.3.2.12)

2018-09-07 Thread nickm

commit 8702a274cbd1e935d43c15ca3bbb44c396647b20
Author: Nick Mathewson 
Date:   Fri Sep 7 15:55:08 2018 -0400

Remove folded-in changes file (0.3.2.12)
---
 changes/27286| 4 
 changes/bug20424_029_minimal | 4 
 changes/bug25440 | 5 -
 changes/bug26485 | 4 
 changes/bug26497 | 3 ---
 changes/bug26497-backport| 3 ---
 changes/bug26785 | 4 
 changes/bug26787 | 3 ---
 changes/bug26830 | 3 ---
 changes/bug26853 | 3 ---
 changes/bug26924 | 4 
 changes/bug26927 | 4 
 changes/bug26932 | 3 ---
 changes/bug27081 | 4 
 changes/bug27088 | 5 -
 changes/bug27090 | 3 ---
 changes/bug27093 | 3 ---
 changes/bug27185 | 3 ---
 changes/bug27226 | 5 -
 changes/bug27295 | 3 ---
 changes/bug27344 | 4 
 changes/bug27345 | 5 -
 changes/bug27418 | 3 ---
 changes/bug27453 | 3 ---
 changes/bug27461 | 5 -
 changes/bug27463 | 3 ---
 changes/bug27465 | 5 -
 changes/geoip-2018-08-07 | 4 
 changes/ticket24629  | 3 ---
 changes/ticket26560  | 3 ---
 changes/ticket26647  | 4 
 changes/ticket26952-cargo| 3 ---
 changes/ticket26952-ccache   | 3 ---
 changes/ticket27087  | 3 ---
 34 files changed, 124 deletions(-)

diff --git a/changes/27286 b/changes/27286
deleted file mode 100644
index 5f5f7a4ae..0
--- a/changes/27286
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (directory authorities):
-- Authorities no longer vote to make the subprotocol version "LinkAuth=1"
-  a requirement: it is unsupportable with NSS, and hasn't been needed
-  since Tor 0.3.0.1-alpha. Closes ticket 27286.
diff --git a/changes/bug20424_029_minimal b/changes/bug20424_029_minimal
deleted file mode 100644
index eb7886233..0
--- a/changes/bug20424_029_minimal
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (compilation):
-- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell
-  the compiler not to include the system malloc implementation. Fixes bug
-  20424; bugfix on 0.2.0.20-rc.
diff --git a/changes/bug25440 b/changes/bug25440
deleted file mode 100644
index f8d9dd4fa..0
--- a/changes/bug25440
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (linux seccomp2 sandbox):
-- Fix a bug in out sandboxing rules for the openat() syscall.
-  Previously, no openat() call would be permitted, which would break
-  filesystem operations on recent glibc versions. Fixes bug 25440;
-  bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
diff --git a/changes/bug26485 b/changes/bug26485
deleted file mode 100644
index 5a40b7a78..0
--- a/changes/bug26485
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (directory authority):
-- When voting for recommended versions, make sure that all of the
-  versions are well-formed and parsable. Fixes bug 26485; bugfix on
-  0.1.1.6-alpha.
diff --git a/changes/bug26497 b/changes/bug26497
deleted file mode 100644
index d0c05ff3e..0
--- a/changes/bug26497
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (rust):
-- Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or
-  $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
diff --git a/changes/bug26497-backport b/changes/bug26497-backport
deleted file mode 100644
index 1d86e01bf..0
--- a/changes/bug26497-backport
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (rust):
-- Backport test_rust.sh from master.
-  Fixes bug 26497; bugfix on 0.3.1.5-alpha.
diff --git a/changes/bug26785 b/changes/bug26785
deleted file mode 100644
index e6392fcbd..0
--- a/changes/bug26785
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (compilation, portability):
-- Don't try to use a pragma to temporarily disable
-  -Wunused-const-variable if the compiler doesn't support it.
-  Fixes bug 26785; bugfix on 0.3.2.11.
diff --git a/changes/bug26787 b/changes/bug26787
deleted file mode 100644
index b32e519a9..0
--- a/changes/bug26787
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (testing):
-- Disable core dumps in test_bt.sh, to avoid failures in "make
-  distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha.
diff --git a/changes/bug26830 b/changes/bug26830
deleted file mode 100644
index c002f1953..0
--- a/changes/bug26830
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (continuous integration):
-- Skip an unreliable key generation test on Windows, until the underlying
-  issue in bug 26076 is resolved. Fixes bug 26830; bugfix on 0.2.7.3-rc.
diff --git a/changes/bug26853 b/changes/bug26853
deleted file mode 100644
index 6ee47789b..0
--- a/changes/bug26853
+++ /dev/null
@@ -1,3 +0,0 @@
-  o

[tor-commits] [tor/release-0.3.3] Remove folded-in changes file (0.3.3.10)

2018-09-07 Thread nickm

commit d1d9ea4aff3a24cd88096600426d89d7f8fd6dac
Author: Nick Mathewson 
Date:   Fri Sep 7 15:55:17 2018 -0400

Remove folded-in changes file (0.3.3.10)
---
 changes/27286| 4 
 changes/bug20424_029_minimal | 4 
 changes/bug25440 | 5 -
 changes/bug26485 | 4 
 changes/bug26497 | 3 ---
 changes/bug26497-backport| 3 ---
 changes/bug26497-cd  | 4 
 changes/bug26627 | 7 ---
 changes/bug26779 | 4 
 changes/bug26785 | 4 
 changes/bug26787 | 3 ---
 changes/bug26830 | 3 ---
 changes/bug26853 | 3 ---
 changes/bug26873 | 4 
 changes/bug26876 | 4 
 changes/bug26924 | 4 
 changes/bug26927 | 4 
 changes/bug26932 | 3 ---
 changes/bug26948 | 4 
 changes/bug27081 | 4 
 changes/bug27088 | 5 -
 changes/bug27090 | 3 ---
 changes/bug27093 | 3 ---
 changes/bug27164 | 4 
 changes/bug27177 | 4 
 changes/bug27185 | 3 ---
 changes/bug27226 | 5 -
 changes/bug27295 | 3 ---
 changes/bug27344 | 4 
 changes/bug27345 | 5 -
 changes/bug27418 | 3 ---
 changes/bug27453 | 3 ---
 changes/bug27461 | 5 -
 changes/bug27463 | 3 ---
 changes/bug27465 | 5 -
 changes/geoip-2018-08-07 | 4 
 changes/ticket24629  | 3 ---
 changes/ticket24629-backport | 3 ---
 changes/ticket26560  | 3 ---
 changes/ticket26647  | 4 
 changes/ticket26952-cargo| 3 ---
 changes/ticket26952-ccache   | 3 ---
 changes/ticket27087  | 3 ---
 43 files changed, 162 deletions(-)

diff --git a/changes/27286 b/changes/27286
deleted file mode 100644
index 5f5f7a4ae..0
--- a/changes/27286
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (directory authorities):
-- Authorities no longer vote to make the subprotocol version "LinkAuth=1"
-  a requirement: it is unsupportable with NSS, and hasn't been needed
-  since Tor 0.3.0.1-alpha. Closes ticket 27286.
diff --git a/changes/bug20424_029_minimal b/changes/bug20424_029_minimal
deleted file mode 100644
index eb7886233..0
--- a/changes/bug20424_029_minimal
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (compilation):
-- When compiling with --enable-openbsd-malloc or --enable-tcmalloc, tell
-  the compiler not to include the system malloc implementation. Fixes bug
-  20424; bugfix on 0.2.0.20-rc.
diff --git a/changes/bug25440 b/changes/bug25440
deleted file mode 100644
index f8d9dd4fa..0
--- a/changes/bug25440
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (linux seccomp2 sandbox):
-- Fix a bug in out sandboxing rules for the openat() syscall.
-  Previously, no openat() call would be permitted, which would break
-  filesystem operations on recent glibc versions. Fixes bug 25440;
-  bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
diff --git a/changes/bug26485 b/changes/bug26485
deleted file mode 100644
index 5a40b7a78..0
--- a/changes/bug26485
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (directory authority):
-- When voting for recommended versions, make sure that all of the
-  versions are well-formed and parsable. Fixes bug 26485; bugfix on
-  0.1.1.6-alpha.
diff --git a/changes/bug26497 b/changes/bug26497
deleted file mode 100644
index d0c05ff3e..0
--- a/changes/bug26497
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (rust):
-- Stop setting $CARGO_HOME. cargo will use the user's $CARGO_HOME, or
-  $HOME/.cargo by default. Fixes bug 26497; bugfix on 0.3.1.5-alpha.
diff --git a/changes/bug26497-backport b/changes/bug26497-backport
deleted file mode 100644
index 1d86e01bf..0
--- a/changes/bug26497-backport
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (rust):
-- Backport test_rust.sh from master.
-  Fixes bug 26497; bugfix on 0.3.1.5-alpha.
diff --git a/changes/bug26497-cd b/changes/bug26497-cd
deleted file mode 100644
index 37bf1bc95..0
--- a/changes/bug26497-cd
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (rust):
-- cd to ${abs_top_builddir}/src/rust before running cargo in
-  src/test/test_rust.sh. This makes the working directory consistent
-  between builds and tests. Fixes bug 26497; bugfix on 0.3.3.2-alpha.
diff --git a/changes/bug26627 b/changes/bug26627
deleted file mode 100644
index d28bd05d5..0
--- a/changes/bug26627
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (v3 onion services):
-- Stop sending ed25519 link specifiers in v3 onion service introduce
-  cells, when the rendezvous point doesn't support ed25519 link
-  authentication. Fixes bug 26627; bugfix on 0.3.2.4-alpha.
-- Stop putting ed25519 link

[tor-commits] [tor/release-0.2.9] Changelog for 0.2.9.17

2018-09-07 Thread nickm

commit d1f9a076619f9f6c6cdf0f508255998c12abe5a2
Author: Nick Mathewson 
Date:   Fri Sep 7 15:59:38 2018 -0400

Changelog for 0.2.9.17
---
 ChangeLog| 98 +++-
 changes/bug20424_029_minimal |  4 --
 changes/bug25440 |  5 ---
 changes/bug26485 |  4 --
 changes/bug26787 |  3 --
 changes/bug26830 |  3 --
 changes/bug26924 |  4 --
 changes/bug27081 |  4 --
 changes/bug27088 |  5 ---
 changes/bug27185 |  3 --
 changes/bug27226 |  5 ---
 changes/bug27295 |  3 --
 changes/bug27344 |  4 --
 changes/bug27418 |  3 --
 changes/bug27453 |  3 --
 changes/bug27461 |  5 ---
 changes/bug27463 |  3 --
 changes/bug27465 |  5 ---
 changes/geoip-2018-08-07 |  4 --
 changes/ticket24629  |  3 --
 changes/ticket26560  |  3 --
 changes/ticket26952-ccache   |  3 --
 changes/ticket27087  |  3 --
 23 files changed, 97 insertions(+), 83 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 9b3906ab1..4c4a19bdd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,100 @@
+Changes in version 0.2.9.17 - 2018-09-10
+  Tor 0.2.9.17 backports numerous bugfixes from later versions of Tor.
+
+  o Minor features (compatibility, backport from 0.3.4.8):
+- Tell OpenSSL to maintain backward compatibility with previous
+  RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
+  ciphers are disabled by default. Closes ticket 27344.
+
+  o Minor features (continuous integration, backport from 0.3.4.7-rc):
+- Enable macOS builds in our Travis CI configuration. Closes
+  ticket 24629.
+- Install libcap-dev and libseccomp2-dev so these optional
+  dependencies get tested on Travis CI. Closes ticket 26560.
+- Run asciidoc during Travis CI. Implements ticket 27087.
+- Use ccache in our Travis CI configuration. Closes ticket 26952.
+
+  o Minor features (geoip):
+- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
+  Country database. Closes ticket 27089.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
+- When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
+  tell the compiler not to include the system malloc implementation.
+  Fixes bug 20424; bugfix on 0.2.0.20-rc.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
+- Silence a spurious compiler warning on the GetAdaptersAddresses
+  function pointer cast. This issue is already fixed by 26481 in
+  0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
+  bugfix on 0.2.3.11-alpha.
+- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
+  supported, and always fails. Some compilers warn about the
+  function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
+  on 0.2.2.23-alpha.
+
+  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
+- Don't link or search for pthreads when building for Windows, even
+  if we are using build environment (like mingw) that provides a
+  pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
+- Skip a pair of unreliable key generation tests on Windows, until
+  the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
+  bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
+- Pass the module flags to distcheck configure, and log the flags
+  before running configure. (Backported to 0.2.9 and later as a
+  precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
+- When a Travis build fails, and showing a log fails, keep trying to
+  show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
+- When we use echo in Travis, don't pass a --flag as the first
+  argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.
+
+  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
+- When voting for recommended versions, make sure that all of the
+  versions are well-formed and parsable. Fixes bug 26485; bugfix
+  on 0.1.1.6-alpha.
+
+  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
+- Fix a bug in out sandboxing rules for the openat() syscall.
+  Previously, no openat() call would be permitted, which would break
+  filesystem operations on recent glibc versions. Fixes bug 25440;
+  bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
+
+  o Minor bugfixes (onion services, backport from 0.3.4.8):
+- Silence a spurious compiler warning in
+  rend_client_send_introduction(). Fixes bug 27463; bugfix
+  on 0.1.1.2-alpha.
+
+  o Minor bugfixes (single onion services,

[tor-commits] [tor/release-0.3.2] Create a changelog for 0.3.2.12

2018-09-07 Thread nickm

commit 0fe5a2923be25a197fdc50f5fa4e573eddb8a041
Author: Nick Mathewson 
Date:   Fri Sep 7 15:54:45 2018 -0400

Create a changelog for 0.3.2.12
---
 ChangeLog | 146 +-
 1 file changed, 145 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 8de71e0ee..8aa1e1c00 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,148 @@
+Changes in version 0.3.2.12 - 2018-09-10
+  Tor 0.3.2.12 backport numerous fixes from later versions of Tor.
+
+  o Minor features (compatibility, backport from 0.3.4.8):
+- Tell OpenSSL to maintain backward compatibility with previous
+  RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
+  ciphers are disabled by default. Closes ticket 27344.
+
+  o Minor features (continuous integration, backport from 0.3.4.7-rc):
+- Enable macOS builds in our Travis CI configuration. Closes
+  ticket 24629.
+- Install libcap-dev and libseccomp2-dev so these optional
+  dependencies get tested on Travis CI. Closes ticket 26560.
+- Run asciidoc during Travis CI. Implements ticket 27087.
+- Use ccache in our Travis CI configuration. Closes ticket 26952.
+
+  o Minor features (continuous integration, rust, backport from 0.3.4.7-rc):
+- Use cargo cache in our Travis CI configuration. Closes
+  ticket 26952.
+
+  o Minor features (controller, backport from 0.3.4.6-rc):
+- The control port now exposes the list of HTTPTunnelPorts and
+  ExtOrPorts via GETINFO net/listeners/httptunnel and
+  net/listeners/extor respectively. Closes ticket 26647.
+
+  o Minor features (directory authorities, backport from 0.3.4.7-rc):
+- Authorities no longer vote to make the subprotocol version
+  "LinkAuth=1" a requirement: it is unsupportable with NSS, and
+  hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.
+
+  o Minor features (geoip):
+- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
+  Country database. Closes ticket 27089.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
+- When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
+  tell the compiler not to include the system malloc implementation.
+  Fixes bug 20424; bugfix on 0.2.0.20-rc.
+- Don't try to use a pragma to temporarily disable the
+  -Wunused-const-variable warning if the compiler doesn't support
+  it. Fixes bug 26785; bugfix on 0.3.2.11.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
+- Silence a spurious compiler warning on the GetAdaptersAddresses
+  function pointer cast. This issue is already fixed by 26481 in
+  0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
+  bugfix on 0.2.3.11-alpha.
+- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
+  supported, and always fails. Some compilers warn about the
+  function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
+  on 0.2.2.23-alpha.
+
+  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
+- Don't link or search for pthreads when building for Windows, even
+  if we are using build environment (like mingw) that provides a
+  pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
+- Skip a pair of unreliable key generation tests on Windows, until
+  the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
+  bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
+- Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
+- Pass the module flags to distcheck configure, and log the flags
+  before running configure. (Backported to 0.2.9 and later as a
+  precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
+- When a Travis build fails, and showing a log fails, keep trying to
+  show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
+- When we use echo in Travis, don't pass a --flag as the first
+  argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.
+
+  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
+- When voting for recommended versions, make sure that all of the
+  versions are well-formed and parsable. Fixes bug 26485; bugfix
+  on 0.1.1.6-alpha.
+
+  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.4.7-rc):
+- Fix a bug in out sandboxing rules for the openat() syscall.
+  Previously, no openat() call would be permitted, which would break
+  filesystem operations on recent glibc versions. Fixes bug 25440;
+  bugfix on 0.2.9.15. Diagnosis and patch from Daniel Pinto.
+
+
+  o Minor bugfixes (logging, backport from 0.3.4.6-rc):
+- Improve the log message when connection initiators fail to
+

[tor-commits] [tor/release-0.3.3] Construct changelog for 0.3.3.10

2018-09-07 Thread nickm

commit fa2d6d1c0d53318a17f1fb745cf0c7cb1b281ac0
Author: Nick Mathewson 
Date:   Fri Sep 7 15:49:33 2018 -0400

Construct changelog for 0.3.3.10
---
 ChangeLog | 173 ++
 1 file changed, 173 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 14b52968a..ce9fa9ce5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,176 @@
+Changes in version 0.3.3.10 - 2019-09-10
+  Tor 0.3.3.10 backports numerous fixes from later versions of Tor.
+
+  o Minor features (bug workaround, backport from 0.3.4.7-rc):
+- Compile correctly on systems that provide the C11 stdatomic.h
+  header, but where C11 atomic functions don't actually compile.
+  Closes ticket 26779; workaround for Debian issue 903709.
+
+  o Minor features (compatibility, backport from 0.3.4.8):
+- Tell OpenSSL to maintain backward compatibility with previous
+  RSA1024/DH1024 users in Tor. With OpenSSL 1.1.1-pre6, these
+  ciphers are disabled by default. Closes ticket 27344.
+
+  o Minor features (continuous integration, backport from 0.3.4.7-rc):
+- Backport Travis rust distcheck to 0.3.3. Closes ticket 24629.
+- Enable macOS builds in our Travis CI configuration. Closes
+  ticket 24629.
+- Install libcap-dev and libseccomp2-dev so these optional
+  dependencies get tested on Travis CI. Closes ticket 26560.
+- Run asciidoc during Travis CI. Implements ticket 27087.
+- Use ccache in our Travis CI configuration. Closes ticket 26952.
+
+  o Minor features (continuous integration, rust, backport from 0.3.4.7-rc):
+- Use cargo cache in our Travis CI configuration. Closes
+  ticket 26952.
+
+  o Minor features (controller, backport from 0.3.4.6-rc):
+- The control port now exposes the list of HTTPTunnelPorts and
+  ExtOrPorts via GETINFO net/listeners/httptunnel and
+  net/listeners/extor respectively. Closes ticket 26647.
+
+  o Minor features (directory authorities, backport from 0.3.4.7-rc):
+- Authorities no longer vote to make the subprotocol version
+  "LinkAuth=1" a requirement: it is unsupportable with NSS, and
+  hasn't been needed since Tor 0.3.0.1-alpha. Closes ticket 27286.
+
+  o Minor features (geoip):
+- Update geoip and geoip6 to the August 7 2018 Maxmind GeoLite2
+  Country database. Closes ticket 27089.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.6-rc):
+- When compiling with --enable-openbsd-malloc or --enable-tcmalloc,
+  tell the compiler not to include the system malloc implementation.
+  Fixes bug 20424; bugfix on 0.2.0.20-rc.
+- Don't try to use a pragma to temporarily disable the
+  -Wunused-const-variable warning if the compiler doesn't support
+  it. Fixes bug 26785; bugfix on 0.3.2.11.
+
+  o Minor bugfixes (compilation, backport from 0.3.4.7-rc):
+- Silence a spurious compiler warning on the GetAdaptersAddresses
+  function pointer cast. This issue is already fixed by 26481 in
+  0.3.5 and later, by removing the lookup and cast. Fixes bug 27465;
+  bugfix on 0.2.3.11-alpha.
+- Stop calling SetProcessDEPPolicy() on 64-bit Windows. It is not
+  supported, and always fails. Some compilers warn about the
+  function pointer cast on 64-bit Windows. Fixes bug 27461; bugfix
+  on 0.2.2.23-alpha.
+
+  o Minor bugfixes (compilation, windows, backport from 0.3.4.7-rc):
+- Don't link or search for pthreads when building for Windows, even
+  if we are using build environment (like mingw) that provides a
+  pthreads library. Fixes bug 27081; bugfix on 0.1.0.1-rc.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.6-rc):
+- Skip a pair of unreliable key generation tests on Windows, until
+  the underlying issue in bug 26076 is resolved. Fixes bug 26830 and
+  bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.7-rc):
+- Build with zstd on macOS. Fixes bug 27090; bugfix on 0.3.1.5-alpha.
+- Pass the module flags to distcheck configure, and log the flags
+  before running configure. (Backported to 0.2.9 and later as a
+  precaution.) Fixes bug 27088; bugfix on 0.3.4.1-alpha.
+
+  o Minor bugfixes (continuous integration, backport from 0.3.4.8):
+- When a Travis build fails, and showing a log fails, keep trying to
+  show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc.
+- When we use echo in Travis, don't pass a --flag as the first
+  argument. Fixes bug 27418; bugfix on 0.3.4.7-rc.
+
+  o Minor bugfixes (directory authority, backport from 0.3.4.6-rc):
+- When voting for recommended versions, make sure that all of the
+  versions are well-formed and parsable. Fixes bug 26485; bugfix
+  on 0.1.1.6-alpha.
+
+  o Minor bugfixes (in-process restart, backport from 0.3.4.7-rc):
+- Always call tor_free_all() when leaving tor_run_main(). When we
+  did not,

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-09-07 Thread translation

commit 6050a367a7358955bf93d3ce4fb64ba21c2faf75
Author: Translation commit bot 
Date:   Fri Sep 7 19:19:04 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 19 +++
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 86cd486fb..1521a9281 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -312,7 +312,9 @@ msgstr ""
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
+""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -1550,7 +1552,7 @@ msgid ""
 "If you see lines like these  in your Tor log, it means you are failing to "
 "connect to a SOCKS proxy."
 msgstr ""
-"Si ves lÃneas como estas en tu registro Tor, significa que no se estÃ¡ "
+"Si ves lÃneas como estas en tu registro Tor, significa que no te estÃ¡s "
 "conectando a un proxy SOCKS."
 
 #: http//localhost/tbb/tbb-35/
@@ -1634,7 +1636,9 @@ msgstr "conectar-a-tor"
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
+""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.description)
@@ -4541,11 +4545,10 @@ msgid ""
 " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
 " please check your time, timezone, and date settings."
 msgstr ""
-" (19.11.2017 00:04:48.800 [WARN] Se ha recibido la celda NETINFO con la hora"
-" distorsionada (OR:xxx.xx.x.xx:): Parece que nuestro reloj estÃ¡ atrasado"
-" 1 dÃa, 0 horas, 1 minuto o que el tuyo estÃ¡ adelantado.. Tor necesita un "
-"reloj exacto para funcionar: por favor, comprueba tus ajustes de hora, zona "
-"horaria y fecha..)"
+"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time "
+"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours,"
+" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
+" please check your time, timezone, and date settings."
 
 #: http//localhost/tbb/tbb-7/
 #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit 44ad2a3356fedf63e1c45ddb12de87108028c9d2
Author: Translation commit bot 
Date:   Fri Sep 7 19:18:59 2018 +

Update translations for support-portal
---
 contents+es.po | 19 +++
 contents+ru.po | 18 ++
 2 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 86cd486fb..1521a9281 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -312,7 +312,9 @@ msgstr ""
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
+""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -1550,7 +1552,7 @@ msgid ""
 "If you see lines like these  in your Tor log, it means you are failing to "
 "connect to a SOCKS proxy."
 msgstr ""
-"Si ves lÃneas como estas en tu registro Tor, significa que no se estÃ¡ "
+"Si ves lÃneas como estas en tu registro Tor, significa que no te estÃ¡s "
 "conectando a un proxy SOCKS."
 
 #: http//localhost/tbb/tbb-35/
@@ -1634,7 +1636,9 @@ msgstr "conectar-a-tor"
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
+""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.description)
@@ -4541,11 +4545,10 @@ msgid ""
 " 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
 " please check your time, timezone, and date settings."
 msgstr ""
-" (19.11.2017 00:04:48.800 [WARN] Se ha recibido la celda NETINFO con la hora"
-" distorsionada (OR:xxx.xx.x.xx:): Parece que nuestro reloj estÃ¡ atrasado"
-" 1 dÃa, 0 horas, 1 minuto o que el tuyo estÃ¡ adelantado.. Tor necesita un "
-"reloj exacto para funcionar: por favor, comprueba tus ajustes de hora, zona "
-"horaria y fecha..)"
+"19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time "
+"(OR:xxx.xx.x.xx:): It seems that our clock is behind by 1 days, 0 hours,"
+" 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work:"
+" please check your time, timezone, and date settings."
 
 #: http//localhost/tbb/tbb-7/
 #: (content/tbb/tbb-7/contents+en.lrquestion.seo_slug)
diff --git a/contents+ru.po b/contents+ru.po
index ecf11a98a..300fd7962 100644
--- a/contents+ru.po
+++ b/contents+ru.po
@@ -86,6 +86,7 @@ msgstr ""
 #: (content/https/https-1/contents+en.lrquestion.description)
 msgid "Tor prevents eavesdroppers from learning sites that you visit."
 msgstr ""
+"Tor Ð½Ðµ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ ÑÐµÑÐµÑÑÑÑ Ð»ÑÐ±Ð¾Ð¿ÑÑÐ½ÑÐ¼ Ð»Ð¸ÑÐ°Ð¼ 
ÑÐ·Ð½Ð°ÑÑ, ÐºÐ°ÐºÐ¸Ðµ ÑÐ°Ð¹ÑÑ Ð²Ñ Ð¿Ð¾ÑÐµÑÐ°ÐµÑÐµ."
 
 #: http//localhost/tbb/tbb-41/
 #: (content/tbb/tbb-41/contents+en.lrquestion.description)
@@ -1666,7 +1667,7 @@ msgstr "ÐÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÑ GetTor ÑÐµÑÐµÐ· 
Twitter."
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
 msgid "* Run \"service tor reload\" (as root)."
-msgstr ""
+msgstr "* ÐÑÐ¿Ð¾Ð»ÑÐ·ÑÐ¹ÑÐµ ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ \"service tor reload\" (Ñ 
ÑÑÑ-Ð¿ÑÐ°Ð²Ð°Ð¼Ð¸)."
 
 #: http//localhost/faq/faq-1/
 #: (content/faq/faq-1/contents+en.lrquestion.description)
@@ -1694,7 +1695,7 @@ msgstr ""
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
 msgid "#RelayBandwidthRate 30 MBytes"
-msgstr ""
+msgstr "#RelayBandwidthRate 30 MBytes"
 
 #: http//localhost/tbb/tbb-4/
 #: (content/tbb/tbb-4/contents+en.lrquestion.description)
@@ -2183,6 +2184,9 @@ msgid ""
 "the latest version of Tor Browser, hosted at a variety of locations that are"
 " less likely to be censored, such as Dropbox, Google Drive, and GitHub."
 msgstr ""
+"GetTor ÑÑÐ¾ ÑÑÐ»ÑÐ³Ð°, ÐºÐ¾ÑÐ¾ÑÐ°Ñ Ð°Ð²ÑÐ¾Ð¼Ð°ÑÐ¸ÑÐµÑÐºÐ¸ 
Ð¾ÑÐ²ÐµÑÐ°ÐµÑ ÑÐ¾Ð¾Ð±ÑÐµÐ½Ð¸ÑÐ¼Ð¸ ÑÐ¾ ÑÑÑÐ»ÐºÐ°Ð¼Ð¸ Ð½Ð°"
+" Ð¿Ð¾ÑÐ»ÐµÐ´Ð½ÑÑ Ð²ÐµÑÑÐ¸Ñ Tor Browser, ÑÐ°Ð·Ð¼ÐµÑÐµÐ½Ð½ÑÐµ Ð² 
ÑÐ°Ð·Ð»Ð¸ÑÐ½ÑÑ Ð¼ÐµÑÑÐ°Ñ, ÑÐ°ÐºÐ¸Ñ ÐºÐ°Ðº "
+"Dropbox, Google Drive Ð¸ GitHub."
 
 #: http//localhost/tbb/tbb-10/
 #: (content/tbb/tbb-10/contents+en.lrquestion.description)
@@ -3620,6 +3624,8 @@ msgid ""
 "11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. "
 "Discarding this circuit."
 msgstr ""
+"11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. "
+"Discarding this circuit."
 
 #: http//localhost/tbb/tbb-16/
 #: (content/tbb/tbb-16/contents+en.lrquestion.description)
@@ -3654,6 +3660,7 @@ msgstr "ÐÐ°Ðº Ð·Ð°Ð³ÑÑÐ·Ð¸ÑÑ Tor, ÐµÑÐ»Ð¸ 
torproject.org Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸Ñ
 msgid ""
 "19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150"
 msgstr ""
+"19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150"
 
 #: http//localhost/tormobile/tormobile-4/
 #: (content/tormobile/tormobile-4/contents+en.lrquestion.seo_slug)
@@ -3663,7 +3670,7 @@ msgstr ""
 #: http//localhost/operators/operators-3/
 #:

[tor-commits] [torspec/master] HSv3: Include HS public identity key to the client auth KDF.

2018-09-07 Thread nickm

commit 2fdec5ae0583d23f98bd723810084410df4939b8
Author: George Kadianakis 
Date:   Thu Sep 6 13:58:39 2018 +0300

HSv3: Include HS public identity key to the client auth KDF.
---
 rend-spec-v3.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt
index 1718b22..03b45d9 100644
--- a/rend-spec-v3.txt
+++ b/rend-spec-v3.txt
@@ -1214,7 +1214,7 @@ Table of contents:
   And here is what the hidden service computes:
 
   SECRET_SEED = x25519(hs_y, client_X)
-  KEYS = KDF(SECRET_SEED, 40)
+  KEYS = KDF(subcredential | SECRET_SEED, 40)
   CLIENT-ID = fist 8 bytes of KEYS
   COOKIE-KEY = last 32 bytes of KEYS
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Merge remote-tracking branch 'asn-github/bug20700_kdf'

2018-09-07 Thread nickm

commit 46573d278068dc519d5a7d7473628a824ee6701a
Merge: e9ef624 2fdec5a
Author: Nick Mathewson 
Date:   Fri Sep 7 15:15:03 2018 -0400

Merge remote-tracking branch 'asn-github/bug20700_kdf'

 rend-spec-v3.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.3' into release-0.3.3

2018-09-07 Thread nickm

commit e14da02ed09dafef289a3494ba1f58b7b7580b5f
Merge: 281045126 cff7cb858
Author: Nick Mathewson 
Date:   Fri Sep 7 15:13:59 2018 -0400

Merge branch 'maint-0.3.3' into release-0.3.3

 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.3' into maint-0.3.4

2018-09-07 Thread nickm

commit 0d5aaef465f782d46f538b03fd962ba7007fca11
Merge: fa38bbb70 cff7cb858
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:27 2018 -0400

Merge branch 'maint-0.3.3' into maint-0.3.4

"ours" to avoid bump.




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Bump to 0.3.3.10

2018-09-07 Thread nickm

commit 43e400f340caf6d2f40b093d816f684d1163ce8b
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:18 2018 -0400

Bump to 0.3.3.10
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4068b9f09..47dd53034 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.3.8-dev])
+AC_INIT([tor],[0.3.3.10])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 973ede1c0..5ecf20835 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.3.8-dev"
+!define VERSION "0.3.3.10"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 8837cfce3..08f0048cb 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.3.8-dev"
+#define VERSION "0.3.3.10"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.4' into release-0.3.4

2018-09-07 Thread nickm

commit cf6318f6857a3e91010cf9860fdd85fc18527c15
Merge: 6f48b70f6 0d5aaef46
Author: Nick Mathewson 
Date:   Fri Sep 7 15:14:03 2018 -0400

Merge branch 'maint-0.3.4' into release-0.3.4

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.2' into maint-0.3.3

2018-09-07 Thread nickm

commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a
Merge: 43e400f34 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:09 2018 -0400

Merge branch 'maint-0.3.2' into maint-0.3.3

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3

2018-09-07 Thread nickm

commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a
Merge: 43e400f34 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:09 2018 -0400

Merge branch 'maint-0.3.2' into maint-0.3.3

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.9] Merge branch 'maint-0.2.9' into release-0.2.9

2018-09-07 Thread nickm

commit ed8362718fdf04d149aaf4df2cd9e9dda3329e24
Merge: 00a9fafdb da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:13:01 2018 -0400

Merge branch 'maint-0.2.9' into release-0.2.9

 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.2] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.2] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.4'

2018-09-07 Thread nickm

commit 9f0e8d8c032fadde93d2079d60eff289203a2fb9
Merge: 9ca1af9a8 0d5aaef46
Author: Nick Mathewson 
Date:   Fri Sep 7 15:14:03 2018 -0400

Merge branch 'maint-0.3.4'

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.3.2' into release-0.3.2

2018-09-07 Thread nickm

commit 92a88fede564dbc723ab77d952f89d3fac7bc430
Merge: f869cd012 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:13:34 2018 -0400

Merge branch 'maint-0.3.2' into release-0.3.2

 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.9] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.3] Bump to 0.3.3.10

2018-09-07 Thread nickm

commit 43e400f340caf6d2f40b093d816f684d1163ce8b
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:18 2018 -0400

Bump to 0.3.3.10
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4068b9f09..47dd53034 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.3.8-dev])
+AC_INIT([tor],[0.3.3.10])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 973ede1c0..5ecf20835 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.3.8-dev"
+!define VERSION "0.3.3.10"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 8837cfce3..08f0048cb 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.3.8-dev"
+#define VERSION "0.3.3.10"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.2' into maint-0.3.3

2018-09-07 Thread nickm

commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a
Merge: 43e400f34 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:09 2018 -0400

Merge branch 'maint-0.3.2' into maint-0.3.3

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.2] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.3.2' into maint-0.3.3

2018-09-07 Thread nickm

commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a
Merge: 43e400f34 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:09 2018 -0400

Merge branch 'maint-0.3.2' into maint-0.3.3

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.3] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.3] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.3] Bump to 0.3.3.10

2018-09-07 Thread nickm

commit 43e400f340caf6d2f40b093d816f684d1163ce8b
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:18 2018 -0400

Bump to 0.3.3.10
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4068b9f09..47dd53034 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.3.8-dev])
+AC_INIT([tor],[0.3.3.10])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 973ede1c0..5ecf20835 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.3.8-dev"
+!define VERSION "0.3.3.10"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 8837cfce3..08f0048cb 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.3.8-dev"
+#define VERSION "0.3.3.10"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Merge branch 'maint-0.3.3' into maint-0.3.4

2018-09-07 Thread nickm

commit 0d5aaef465f782d46f538b03fd962ba7007fca11
Merge: fa38bbb70 cff7cb858
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:27 2018 -0400

Merge branch 'maint-0.3.3' into maint-0.3.4

"ours" to avoid bump.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump to 0.3.3.10

2018-09-07 Thread nickm

commit 43e400f340caf6d2f40b093d816f684d1163ce8b
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:18 2018 -0400

Bump to 0.3.3.10
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4068b9f09..47dd53034 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.3.8-dev])
+AC_INIT([tor],[0.3.3.10])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 973ede1c0..5ecf20835 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.3.8-dev"
+!define VERSION "0.3.3.10"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 8837cfce3..08f0048cb 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.3.8-dev"
+#define VERSION "0.3.3.10"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.3' into maint-0.3.4

2018-09-07 Thread nickm

commit 0d5aaef465f782d46f538b03fd962ba7007fca11
Merge: fa38bbb70 cff7cb858
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:27 2018 -0400

Merge branch 'maint-0.3.3' into maint-0.3.4

"ours" to avoid bump.




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Bump to 0.3.2.12

2018-09-07 Thread nickm

commit cdaf9aec8e7d81fb583075c9486f4af4216ded94
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:07 2018 -0400

Bump to 0.3.2.12
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 79d2f7e54..5b541d7c9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.10-dev])
+AC_INIT([tor],[0.3.2.12])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 7f2220153..8c84e3659 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.2.10-dev"
+!define VERSION "0.3.2.12"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index f5186fd24..fcdc090d4 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.2.10-dev"
+#define VERSION "0.3.2.12"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3

2018-09-07 Thread nickm

commit cff7cb858b2dfaacb0138bbe4637a80b58147f6a
Merge: 43e400f34 36885f34f
Author: Nick Mathewson 
Date:   Fri Sep 7 15:12:09 2018 -0400

Merge branch 'maint-0.3.2' into maint-0.3.3

"ours" to avoid bump

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.4] Bump to 0.3.3.10

2018-09-07 Thread nickm

commit 43e400f340caf6d2f40b093d816f684d1163ce8b
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:18 2018 -0400

Bump to 0.3.3.10
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 4068b9f09..47dd53034 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.3.8-dev])
+AC_INIT([tor],[0.3.3.10])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 973ede1c0..5ecf20835 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.3.3.8-dev"
+!define VERSION "0.3.3.10"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 8837cfce3..08f0048cb 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.3.3.8-dev"
+#define VERSION "0.3.3.10"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.9] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.2] Bump to 0.2.9.17

2018-09-07 Thread nickm

commit da29074fc4dce509aec048903e7e854a44c1d825
Author: Nick Mathewson 
Date:   Fri Sep 7 15:10:49 2018 -0400

Bump to 0.2.9.17
---
 configure.ac| 2 +-
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5ac3579d7..61a0c3238 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.2.9.15-dev])
+AC_INIT([tor],[0.2.9.17])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3a45741d8..0484641f9 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.9.15-dev"
+!define VERSION "0.2.9.17"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index badfab787..457c7469c 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.9.15-dev"
+#define VERSION "0.2.9.17"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.2

2018-09-07 Thread nickm

commit 36885f34f6e8dc7f5791e4ba2c4eefff5f9de9e0
Merge: cdaf9aec8 da29074fc
Author: Nick Mathewson 
Date:   Fri Sep 7 15:11:49 2018 -0400

Merge branch 'maint-0.2.9' into maint-0.3.2

"ours" to avoid bump

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] HSv3: Don't assert when reading bad client-side privkeys.

2018-09-07 Thread nickm

commit 3695ef6343fa1c05cd15a3ddf35c3fe6991ff2ad
Author: George Kadianakis 
Date:   Fri Sep 7 18:06:44 2018 +0300

HSv3: Don't assert when reading bad client-side privkeys.
---
 src/feature/hs/hs_client.c | 6 ++
 src/test/test_hs_client.c  | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index af657c7c9..6f031eb3b 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1500,6 +1500,12 @@ parse_auth_file_content(const char *client_key_str)
 goto err;
   }
 
+  if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
+log_warn(LD_REND, "Client authorization encoded base32 private key "
+  "length is invalid: %s", seckey_b32);
+goto err;
+  }
+
   auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t));
   if (base32_decode((char *) auth->enc_seckey.secret_key,
 sizeof(auth->enc_seckey.secret_key),
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index eacbd328e..03d14924b 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -660,7 +660,9 @@ test_parse_auth_file_content(void *arg)
   "x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
   /* Some malformed string. */
   tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
-
+  /* Bigger key than it should be */
+  tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
+ "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
  done:
   tor_free(auth);
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Improve v3 client authorization logging

2018-09-07 Thread nickm

commit 8e57986e7d826141727fc3d538b33882dc4aca91
Author: David Goulet 
Date:   Thu Aug 30 09:16:48 2018 -0400

hs-v3: Improve v3 client authorization logging

Part of #20700.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_client.c  | 14 --
 src/feature/hs/hs_service.c | 18 --
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 23ab10e21..af657c7c9 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1571,7 +1571,9 @@ hs_config_client_authorization(const or_options_t 
*options,
  filename);
 
 if (!auth_key_filename_is_valid(filename)) {
-  log_warn(LD_REND, "The filename is invalid.");
+  log_notice(LD_REND, "Client authorization unrecognized filename %s. "
+  "File must end in .auth_private. Ignoring.",
+ filename);
   continue;
 }
 
@@ -1583,7 +1585,7 @@ hs_config_client_authorization(const or_options_t 
*options,
 
 /* If we cannot read the file, continue with the next file. */
 if (!client_key_str) {
-  log_warn(LD_REND, "The file cannot be read.");
+  log_warn(LD_REND, "The file %s cannot be read.", filename);
   continue;
 }
 
@@ -1597,15 +1599,16 @@ hs_config_client_authorization(const or_options_t 
*options,
   if (hs_parse_address(auth->onion_address, _pk,
NULL, NULL) < 0) {
 client_service_authorization_free(auth);
-log_warn(LD_REND, "The onion address is invalid.");
+log_warn(LD_REND, "The onion address \"%s\" is invalid in "
+  "file %s", filename, auth->onion_address);
 continue;
   }
 
   if (digest256map_get(auths, identity_pk.pubkey)) {
 client_service_authorization_free(auth);
-
 log_warn(LD_REND, "Duplicate authorization for the same hidden "
-  "service.");
+  "service address %s.",
+ safe_str_client(auth->onion_address));
 goto end;
   }
 
@@ -1613,7 +1616,6 @@ hs_config_client_authorization(const or_options_t 
*options,
   log_info(LD_REND, "Loaded a client authorization key file %s.",
filename);
 }
-
   } SMARTLIST_FOREACH_END(filename);
 
   /* Success. */
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 8d5d69302..09329340c 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1141,7 +1141,7 @@ parse_authorized_client(const char *client_key_str)
  SPLIT_SKIP_SPACE, 0);
   /* Wrong number of fields. */
   if (smartlist_len(fields) != 3) {
-log_warn(LD_REND, "The file is in a wrong format.");
+log_warn(LD_REND, "Unknown format of client authorization file.");
 goto err;
   }
 
@@ -1151,13 +1151,15 @@ parse_authorized_client(const char *client_key_str)
 
   /* Currently, the only supported auth type is "descriptor". */
   if (strcmp(auth_type, "descriptor")) {
-log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type);
+log_warn(LD_REND, "Client authorization auth type '%s' not supported.",
+ auth_type);
 goto err;
   }
 
   /* Currently, the only supported key type is "x25519". */
   if (strcmp(key_type, "x25519")) {
-log_warn(LD_REND, "The key type '%s' is not supported.", key_type);
+log_warn(LD_REND, "Client authorization key type '%s' not supported.",
+ key_type);
 goto err;
   }
 
@@ -1175,7 +1177,8 @@ parse_authorized_client(const char *client_key_str)
   if (base32_decode((char *) client->client_pk.public_key,
 sizeof(client->client_pk.public_key),
 pubkey_b32, strlen(pubkey_b32)) < 0) {
-log_warn(LD_REND, "The public key cannot be decoded.");
+log_warn(LD_REND, "Client authorization public key cannot be decoded: %s",
+ pubkey_b32);
 goto err;
   }
 
@@ -1245,7 +1248,8 @@ load_client_keys(hs_service_t *service)
  filename);
 
 if (!client_filename_is_valid(filename)) {
-  log_warn(LD_REND, "The filename is invalid.");
+  log_warn(LD_REND, "Client authorization unrecognized filename %s. "
+"File must end in .auth. Ignoring.", filename);
   continue;
 }
 
@@ -1258,7 +1262,9 @@ load_client_keys(hs_service_t *service)
 
 /* If we cannot read the file, continue with the next file. */
 if (!client_key_str)  {
-  log_warn(LD_REND, "The file cannot be read.");
+  log_warn(LD_REND, "Client authorization file %s can't be read. "
+"Corrupted or verify permission? Ignoring.",
+   client_key_file_path);
   continue;
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Republish descriptors if client auth changes

2018-09-07 Thread nickm

commit 8f64931d67df2f4b6811b0244bef8d1ea04d8330
Author: Suphanat Chunhapanya 
Date:   Thu May 10 03:35:29 2018 +0700

hs-v3: Republish descriptors if client auth changes

When reloading tor, check if our the configured client authorization have
changed from what we previously had. If so, republish the updated 
descriptor.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_service.c | 142 +++-
 1 file changed, 140 insertions(+), 2 deletions(-)

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index c1dc12dde..042880992 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -107,6 +107,8 @@ static int consider_republishing_hs_descriptors = 0;
 static int load_client_keys(hs_service_t *service);
 static void set_descriptor_revision_counter(hs_service_descriptor_t *hs_desc,
 time_t now, bool is_current);
+static int build_service_desc_superencrypted(const hs_service_t *service,
+ hs_service_descriptor_t *desc);
 static void move_descriptors(hs_service_t *src, hs_service_t *dst);
 static int service_encode_descriptor(const hs_service_t *service,
  const hs_service_descriptor_t *desc,
@@ -1321,8 +1323,113 @@ service_descriptor_new(void)
   return sdesc;
 }
 
-/* Move descriptor(s) from the src service to the dst service. We do this
- * during SIGHUP when we re-create our hidden services. */
+/* Allocate and return a deep copy of client. */
+static hs_service_authorized_client_t *
+service_authorized_client_dup(const hs_service_authorized_client_t *client)
+{
+  hs_service_authorized_client_t *client_dup = NULL;
+
+  tor_assert(client);
+
+  client_dup = tor_malloc_zero(sizeof(hs_service_authorized_client_t));
+  /* Currently, the public key is the only component of
+   * hs_service_authorized_client_t. */
+  memcpy(client_dup->client_pk.public_key,
+ client->client_pk.public_key,
+ CURVE25519_PUBKEY_LEN);
+
+  return client_dup;
+}
+
+/* If two authorized clients are equal, return 0. If the first one should come
+ * before the second, return less than zero. If the first should come after
+ * the second, return greater than zero. */
+static int
+service_authorized_client_cmp(const hs_service_authorized_client_t *client1,
+  const hs_service_authorized_client_t *client2)
+{
+  tor_assert(client1);
+  tor_assert(client2);
+
+  /* Currently, the public key is the only component of
+   * hs_service_authorized_client_t. */
+  return tor_memcmp(client1->client_pk.public_key,
+client2->client_pk.public_key,
+CURVE25519_PUBKEY_LEN);
+}
+
+/* Helper for sorting authorized clients. */
+static int
+compare_service_authorzized_client_(const void **_a, const void **_b)
+{
+  const hs_service_authorized_client_t *a = *_a, *b = *_b;
+  return service_authorized_client_cmp(a, b);
+}
+
+/* If the list of hs_service_authorized_client_t's is different between
+ * src and dst, return 1. Otherwise, return 0. */
+static int
+service_authorized_client_config_equal(const hs_service_config_t *config1,
+   const hs_service_config_t *config2)
+{
+  int ret = 0;
+  int i;
+  smartlist_t *sl1 = smartlist_new();
+  smartlist_t *sl2 = smartlist_new();
+
+  tor_assert(config1);
+  tor_assert(config2);
+  tor_assert(config1->clients);
+  tor_assert(config2->clients);
+
+  /* If the number of clients is different, it is obvious that the list
+   * changes. */
+  if (smartlist_len(config1->clients) != smartlist_len(config2->clients)) {
+goto done;
+  }
+
+  /* We do not want to mutate config1 and config2, so we will duplicate both
+   * entire client lists here. */
+  SMARTLIST_FOREACH(config1->clients,
+  hs_service_authorized_client_t *, client,
+  smartlist_add(sl1, service_authorized_client_dup(client)));
+
+  SMARTLIST_FOREACH(config2->clients,
+  hs_service_authorized_client_t *, client,
+  smartlist_add(sl2, service_authorized_client_dup(client)));
+
+  smartlist_sort(sl1, compare_service_authorzized_client_);
+  smartlist_sort(sl2, compare_service_authorzized_client_);
+
+  for (i = 0; i < smartlist_len(sl1); i++) {
+/* If the clients at index i in both lists differ, the whole configs
+ * differ. */
+if (service_authorized_client_cmp(smartlist_get(sl1, i),
+  smartlist_get(sl2, i))) {
+  goto done;
+}
+  }
+
+  /* Success. */
+  ret = 1;
+
+ done:
+  if (sl1) {
+SMARTLIST_FOREACH(sl1, hs_service_authorized_client_t *, p,
+  service_authorized_client_free(p));
+smartlist_free(sl1);
+  }
+  if (sl2) {
+SMARTLIST_FOREACH(sl2, hs_service_authorized_client_t *, p,
+  service_authorized_client_free(p));
+smartlist_free(sl2);
+  }
+

[tor-commits] [tor/master] HSv3: Add subcredential in client auth KDF on the client-side.

2018-09-07 Thread nickm

commit 6583d1e7091ba368b66c6f3038df223d3b7652cb
Author: George Kadianakis 
Date:   Thu Sep 6 16:25:31 2018 +0300

HSv3: Add subcredential in client auth KDF on the client-side.
---
 src/feature/hs/hs_descriptor.c | 14 --
 src/feature/hs/hs_descriptor.h |  3 ++-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index f34685e23..d0cdffdf1 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1427,13 +1427,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
 sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
   tor_assert(!tor_mem_is_zero((char *) client_auth_sk,
   sizeof(*client_auth_sk)));
+  tor_assert(!tor_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN));
 
   /* Calculate x25519(client_x, hs_Y) */
   curve25519_handshake(secret_seed, client_auth_sk,
>superencrypted_data.auth_ephemeral_pubkey);
 
-  /* Calculate KEYS = KDF(SECRET_SEED, 40) */
+  /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */
   xof = crypto_xof_new();
+  crypto_xof_add_bytes(xof, desc->subcredential, DIGEST256_LEN);
   crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
   crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream));
   crypto_xof_free(xof);
@@ -2539,9 +2541,8 @@ hs_desc_decode_plaintext(const char *encoded,
 }
 
 /* Fully decode an encoded descriptor and set a newly allocated descriptor
- * object in desc_out. Subcredentials are used if not NULL else it's ignored.
- * Client secret key is used to decrypt the "encrypted" section if not NULL
- * else it's ignored.
+ * object in desc_out.  Client secret key is used to decrypt the "encrypted"
+ * section if not NULL else it's ignored.
  *
  * Return 0 on success. A negative value is returned on error and desc_out is
  * set to NULL. */
@@ -2558,8 +2559,9 @@ hs_desc_decode_descriptor(const char *encoded,
 
   desc = tor_malloc_zero(sizeof(hs_descriptor_t));
 
-  /* Subcredentials are optional. */
-  if (BUG(!subcredential)) {
+  /* Subcredentials are not optional. */
+  if (BUG(!subcredential ||
+  tor_mem_is_zero((char*)subcredential, DIGEST256_LEN))) {
 log_warn(LD_GENERAL, "Tried to decrypt without subcred. Impossible!");
 goto err;
   }
diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h
index 9d447105f..adfb94dea 100644
--- a/src/feature/hs/hs_descriptor.h
+++ b/src/feature/hs/hs_descriptor.h
@@ -303,7 +303,8 @@ link_specifier_t *hs_desc_lspec_to_trunnel(
const hs_desc_link_specifier_t *spec);
 
 hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void);
-void hs_desc_build_authorized_client(const curve25519_public_key_t *
+void hs_desc_build_authorized_client(const uint8_t *subcredential,
+ const curve25519_public_key_t *
  client_auth_pk,
  const curve25519_secret_key_t *
  auth_ephemeral_sk,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] bug: Use PATH_SEPARATOR instead of slash

2018-09-07 Thread nickm

commit 5e1d36c7db50d977c4a9a1ed9e80ac9800a6077e
Author: Suphanat Chunhapanya 
Date:   Mon Sep 3 03:19:24 2018 +0700

bug: Use PATH_SEPARATOR instead of slash

In function get_fname_suffix, previously it uses /, but in fact it
should use PATH_SEPARATOR.
---
 src/test/testing_common.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 3880bca9c..56cac99eb 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -112,8 +112,8 @@ get_fname_suffix(const char *name, const char *suffix)
   setup_directory();
   if (!name)
 return temp_dir;
-  tor_snprintf(buf,sizeof(buf),"%s/%s%s%s",temp_dir,name,suffix ? "_" : "",
-   suffix ? suffix : "");
+  tor_snprintf(buf,sizeof(buf),"%s%s%s%s%s", temp_dir, PATH_SEPARATOR, name,
+   suffix ? "_" : "", suffix ? suffix : "");
   return buf;
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] test: HS v3 client auth is config equal function

2018-09-07 Thread nickm

commit b61403c7870b9ee289fe61e2f2349a8d49a8d37a
Author: Suphanat Chunhapanya 
Date:   Wed May 16 21:57:24 2018 +0700

test: HS v3 client auth is config equal function

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_service.c |   4 +-
 src/feature/hs/hs_service.h |   6 ++
 src/test/test_hs_service.c  | 138 
 3 files changed, 146 insertions(+), 2 deletions(-)

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 042880992..87c28f620 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -243,7 +243,7 @@ set_service_default_config(hs_service_config_t *c,
 
 /* From a service configuration object config, clear everything from it
  * meaning free allocated pointers and reset the values. */
-static void
+STATIC void
 service_clear_config(hs_service_config_t *config)
 {
   if (config == NULL) {
@@ -1368,7 +1368,7 @@ compare_service_authorzized_client_(const void **_a, 
const void **_b)
 
 /* If the list of hs_service_authorized_client_t's is different between
  * src and dst, return 1. Otherwise, return 0. */
-static int
+STATIC int
 service_authorized_client_config_equal(const hs_service_config_t *config1,
const hs_service_config_t *config2)
 {
diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h
index f1b98b805..735266071 100644
--- a/src/feature/hs/hs_service.h
+++ b/src/feature/hs/hs_service.h
@@ -399,6 +399,12 @@ STATIC void 
service_desc_schedule_upload(hs_service_descriptor_t *desc,
 STATIC int service_desc_hsdirs_changed(const hs_service_t *service,
 const hs_service_descriptor_t *desc);
 
+STATIC int service_authorized_client_config_equal(
+ const hs_service_config_t *config1,
+ const hs_service_config_t *config2);
+
+STATIC void service_clear_config(hs_service_config_t *config);
+
 #endif /* defined(HS_SERVICE_PRIVATE) */
 
 #endif /* !defined(TOR_HS_SERVICE_H) */
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index 11f542c44..6a061eaea 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -246,6 +246,22 @@ helper_create_authorized_client(void)
   return client;
 }
 
+/* Helper: Return a newly allocated authorized client object with the
+ * same client name and the same public key as the given client. */
+static hs_service_authorized_client_t *
+helper_clone_authorized_client(const hs_service_authorized_client_t *client)
+{
+  hs_service_authorized_client_t *client_out;
+
+  tor_assert(client);
+
+  client_out = tor_malloc_zero(sizeof(hs_service_authorized_client_t));
+  memcpy(client_out->client_pk.public_key,
+ client->client_pk.public_key, CURVE25519_PUBKEY_LEN);
+
+  return client_out;
+}
+
 /* Helper: Return a newly allocated service object with the identity keypair
  * sets and the current descriptor. Then register it to the global map.
  * Caller should us hs_free_all() to free this service or remove it from the
@@ -1869,6 +1885,126 @@ test_rendezvous1_parsing(void *arg)
   UNMOCK(relay_send_command_from_edge_);
 }
 
+static void
+test_authorized_client_config_equal(void *arg)
+{
+  int ret;
+  hs_service_config_t *config1, *config2;
+
+  (void) arg;
+
+  config1 = tor_malloc_zero(sizeof(*config1));
+  config2 = tor_malloc_zero(sizeof(*config2));
+
+  /* Both configs are empty. */
+  {
+config1->clients = smartlist_new();
+config2->clients = smartlist_new();
+
+ret = service_authorized_client_config_equal(config1, config2);
+tt_int_op(ret, OP_EQ, 1);
+
+service_clear_config(config1);
+service_clear_config(config2);
+  }
+
+  /* Both configs have exactly the same client config. */
+  {
+config1->clients = smartlist_new();
+config2->clients = smartlist_new();
+
+hs_service_authorized_client_t *client1, *client2;
+client1 = helper_create_authorized_client();
+client2 = helper_create_authorized_client();
+
+smartlist_add(config1->clients, client1);
+smartlist_add(config1->clients, client2);
+
+/* We should swap the order of clients here to test that the order
+ * does not matter. */
+smartlist_add(config2->clients, helper_clone_authorized_client(client2));
+smartlist_add(config2->clients, helper_clone_authorized_client(client1));
+
+ret = service_authorized_client_config_equal(config1, config2);
+tt_int_op(ret, OP_EQ, 1);
+
+service_clear_config(config1);
+service_clear_config(config2);
+  }
+
+  /* The numbers of clients in both configs are not equal. */
+  {
+config1->clients = smartlist_new();
+config2->clients = smartlist_new();
+
+hs_service_authorized_client_t *client1, *client2;
+client1 = helper_create_authorized_client();
+client2 = helper_create_authorized_client();
+
+smartlist_add(config1->clients, client1);
+smartlist_add(config1->clients, client2);
+
+

[tor-commits] [tor/master] hs-v3: Refactor secret data building logic

2018-09-07 Thread nickm

commit 462d4097ce8b0059591b366c0ddb21b5efe97c3c
Author: Suphanat Chunhapanya 
Date:   Thu Apr 19 22:36:59 2018 +0700

hs-v3: Refactor secret data building logic

Because this secret data building logic is not only used by the descriptor
encoding process but also by the descriptor decoding, refactor the function 
to
take both steps into account.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 71 +-
 1 file changed, 50 insertions(+), 21 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index b99797497..4eb06c827 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -944,6 +944,53 @@ encrypt_desc_data_and_base64(const hs_descriptor_t *desc,
   return enc_b64;
 }
 
+/* Generate the secret data which is used to encrypt/decrypt the descriptor.
+ *
+ * SECRET_DATA = blinded-public-key
+ * SECRET_DATA = blinded-public-key | descriptor_cookie
+ *
+ * The descriptor_cookie is optional but if it exists, it must be at least
+ * HS_DESC_DESCRIPTOR_COOKIE_LEN bytes long.
+ *
+ * A newly allocated secret data is put in secret_data_out. Return the
+ * length of the secret data. This function cannot fail. */
+static size_t
+build_secret_data(const ed25519_public_key_t *blinded_pubkey,
+  const uint8_t *descriptor_cookie,
+  uint8_t **secret_data_out)
+{
+  size_t secret_data_len;
+  uint8_t *secret_data;
+
+  tor_assert(blinded_pubkey);
+  tor_assert(secret_data_out);
+
+  if (descriptor_cookie) {
+/* If the descriptor cookie is present, we need both the blinded
+ * pubkey and the descriptor cookie as a secret data. */
+secret_data_len = ED25519_PUBKEY_LEN + HS_DESC_DESCRIPTOR_COOKIE_LEN;
+secret_data = tor_malloc(secret_data_len);
+
+memcpy(secret_data,
+   blinded_pubkey->pubkey,
+   ED25519_PUBKEY_LEN);
+memcpy(secret_data + ED25519_PUBKEY_LEN,
+   descriptor_cookie,
+   HS_DESC_DESCRIPTOR_COOKIE_LEN);
+  } else {
+/* If the descriptor cookie is not present, we need only the blinded
+ * pubkey as a secret data. */
+secret_data_len = ED25519_PUBKEY_LEN;
+secret_data = tor_malloc(secret_data_len);
+memcpy(secret_data,
+   blinded_pubkey->pubkey,
+   ED25519_PUBKEY_LEN);
+  }
+
+  *secret_data_out = secret_data;
+  return secret_data_len;
+}
+
 /* Generate and encode the superencrypted portion of desc. This also
  * involves generating the encrypted portion of the descriptor, and performing
  * the superencryption. A newly allocated NUL-terminated string pointer
@@ -976,27 +1023,9 @@ encode_superencrypted_data(const hs_descriptor_t *desc,
 goto err;
   }
 
-  if (descriptor_cookie) {
-/* If the descriptor cookie is present, we need both the blinded
- * pubkey and the descriptor cookie as a secret data. */
-secret_data_len = ED25519_PUBKEY_LEN + HS_DESC_DESCRIPTOR_COOKIE_LEN;
-secret_data = tor_malloc(secret_data_len);
-
-memcpy(secret_data,
-   desc->plaintext_data.blinded_pubkey.pubkey,
-   ED25519_PUBKEY_LEN);
-memcpy(secret_data + ED25519_PUBKEY_LEN,
-   descriptor_cookie,
-   HS_DESC_DESCRIPTOR_COOKIE_LEN);
-  } else {
-/* If the descriptor cookie is not present, we need only the blinded
- * pubkey as a secret data. */
-secret_data_len = ED25519_PUBKEY_LEN;
-secret_data = tor_malloc(secret_data_len);
-memcpy(secret_data,
-   desc->plaintext_data.blinded_pubkey.pubkey,
-   ED25519_PUBKEY_LEN);
-  }
+  secret_data_len = build_secret_data(>plaintext_data.blinded_pubkey,
+  descriptor_cookie,
+  _data);
 
   /* Encrypt and b64 the inner layer */
   layer2_b64_ciphertext =



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Log client auth load activities client side

2018-09-07 Thread nickm

commit 5b2871d2f2a541ad15541eebf9830b1e448dbfc2
Author: Suphanat Chunhapanya 
Date:   Sun Aug 19 19:47:46 2018 +0700

hs-v3: Log client auth load activities client side

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_client.c | 67 ++
 1 file changed, 38 insertions(+), 29 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index b178282c1..23ab10e21 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1567,42 +1567,51 @@ hs_config_client_authorization(const or_options_t 
*options,
 
 hs_client_service_authorization_t *auth = NULL;
 ed25519_public_key_t identity_pk;
+log_info(LD_REND, "Loading a client authorization key file %s...",
+ filename);
 
-if (auth_key_filename_is_valid(filename)) {
-  /* Create a full path for a file. */
-  client_key_file_path = hs_path_from_filename(key_dir, filename);
-  client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
-  /* Free the file path immediately after using it. */
-  tor_free(client_key_file_path);
-
-  /* If we cannot read the file, continue with the next file. */
-  if (!client_key_str) {
-continue;
-  }
+if (!auth_key_filename_is_valid(filename)) {
+  log_warn(LD_REND, "The filename is invalid.");
+  continue;
+}
 
-  auth = parse_auth_file_content(client_key_str);
-  /* Free immediately after using it. */
-  tor_free(client_key_str);
+/* Create a full path for a file. */
+client_key_file_path = hs_path_from_filename(key_dir, filename);
+client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
+/* Free the file path immediately after using it. */
+tor_free(client_key_file_path);
 
-  if (auth) {
-/* Parse the onion address to get an identity public key and use it
- * as a key of global map in the future. */
-if (hs_parse_address(auth->onion_address, _pk,
- NULL, NULL) < 0) {
-  client_service_authorization_free(auth);
-  continue;
-}
+/* If we cannot read the file, continue with the next file. */
+if (!client_key_str) {
+  log_warn(LD_REND, "The file cannot be read.");
+  continue;
+}
 
-if (digest256map_get(auths, identity_pk.pubkey)) {
-  client_service_authorization_free(auth);
+auth = parse_auth_file_content(client_key_str);
+/* Free immediately after using it. */
+tor_free(client_key_str);
+
+if (auth) {
+  /* Parse the onion address to get an identity public key and use it
+   * as a key of global map in the future. */
+  if (hs_parse_address(auth->onion_address, _pk,
+   NULL, NULL) < 0) {
+client_service_authorization_free(auth);
+log_warn(LD_REND, "The onion address is invalid.");
+continue;
+  }
 
-  log_warn(LD_REND, "Duplicate authorization for the same hidden "
-"service.");
-  goto end;
-}
+  if (digest256map_get(auths, identity_pk.pubkey)) {
+client_service_authorization_free(auth);
 
-digest256map_set(auths, identity_pk.pubkey, auth);
+log_warn(LD_REND, "Duplicate authorization for the same hidden "
+  "service.");
+goto end;
   }
+
+  digest256map_set(auths, identity_pk.pubkey, auth);
+  log_info(LD_REND, "Loaded a client authorization key file %s.",
+   filename);
 }
 
   } SMARTLIST_FOREACH_END(filename);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'dgoulet/ticket20700_035_03'

2018-09-07 Thread nickm

commit 9ca1af9a8757ee73cf4018263cb3ae2340ebaa9f
Merge: 13d0855a8 3695ef634
Author: Nick Mathewson 
Date:   Fri Sep 7 15:03:32 2018 -0400

Merge remote-tracking branch 'dgoulet/ticket20700_035_03'

 src/app/config/config.c |7 +-
 src/app/config/or_options_st.h  |2 +
 src/feature/hs/hs_client.c  |  266 +-
 src/feature/hs/hs_client.h  |   24 +
 src/feature/hs/hs_config.c  |   27 +
 src/feature/hs/hs_config.h  |1 +
 src/feature/hs/hs_descriptor.c  | 1046 ---
 src/feature/hs/hs_descriptor.h  |   84 +++-
 src/feature/hs/hs_service.c |  525 +++-
 src/feature/hs/hs_service.h |   36 ++
 src/lib/crypt_ops/crypto_rand.c |4 +-
 src/lib/crypt_ops/crypto_rand.h |2 +-
 src/test/fuzz/fuzz_hsdescv3.c   |4 +-
 src/test/hs_test_helpers.c  |   43 ++
 src/test/test_hs_cache.c|   20 +-
 src/test/test_hs_client.c   |  178 ++-
 src/test/test_hs_common.c   |6 +-
 src/test/test_hs_descriptor.c   |  262 ++
 src/test/test_hs_service.c  |  459 +
 src/test/testing_common.c   |4 +-
 20 files changed, 2560 insertions(+), 440 deletions(-)

diff --cc src/lib/crypt_ops/crypto_rand.c
index 78471bf39,554777cf5..313d829a5
--- a/src/lib/crypt_ops/crypto_rand.c
+++ b/src/lib/crypt_ops/crypto_rand.c
@@@ -335,16 -319,14 +335,16 @@@ crypto_strongest_rand_raw(uint8_t *out
   * Try to get out_len bytes of the strongest entropy we can generate,
   * storing it into out.
   **/
- void
- crypto_strongest_rand(uint8_t *out, size_t out_len)
+ MOCK_IMPL(void,
+ crypto_strongest_rand,(uint8_t *out, size_t out_len))
  {
 -#define DLEN SHA512_DIGEST_LENGTH
 +#define DLEN DIGEST512_LEN
 +
/* We're going to hash DLEN bytes from the system RNG together with some
 -   * bytes from the openssl PRNG, in order to yield DLEN bytes.
 +   * bytes from the PRNGs from our crypto librar(y/ies), in order to yield
 +   * DLEN bytes.
 */
 -  uint8_t inp[DLEN*2];
 +  uint8_t inp[DLEN*3];
uint8_t tmp[DLEN];
tor_assert(out);
while (out_len) {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Rename client_sk to client_auth_sk

2018-09-07 Thread nickm

commit 9f975e99953fa57a7c1f43ebd22cc9e602037b6d
Author: Suphanat Chunhapanya 
Date:   Tue May 22 00:01:52 2018 +0700

hs-v3: Rename client_sk to client_auth_sk

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_client.c |  7 ---
 src/feature/hs/hs_descriptor.c | 33 +
 src/feature/hs/hs_descriptor.h |  4 ++--
 src/test/test_hs_descriptor.c  |  6 +++---
 4 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 0038fdfa5..b178282c1 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1233,7 +1233,7 @@ hs_client_decode_descriptor(const char *desc_str,
   uint8_t subcredential[DIGEST256_LEN];
   ed25519_public_key_t blinded_pubkey;
   hs_client_service_authorization_t *client_auth = NULL;
-  curve25519_secret_key_t *client_sk = NULL;
+  curve25519_secret_key_t *client_auht_sk = NULL;
 
   tor_assert(desc_str);
   tor_assert(service_identity_pk);
@@ -1242,7 +1242,7 @@ hs_client_decode_descriptor(const char *desc_str,
   /* Check if we have a client authorization for this service in the map. */
   client_auth = find_client_auth(service_identity_pk);
   if (client_auth) {
-client_sk = _auth->enc_seckey;
+client_auht_sk = _auth->enc_seckey;
   }
 
   /* Create subcredential for this HS so that we can decrypt */
@@ -1254,7 +1254,8 @@ hs_client_decode_descriptor(const char *desc_str,
   }
 
   /* Parse descriptor */
-  ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc);
+  ret = hs_desc_decode_descriptor(desc_str, subcredential,
+  client_auht_sk, desc);
   memwipe(subcredential, 0, sizeof(subcredential));
   if (ret < 0) {
 log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index dc7012ec4..be8e206c7 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1408,7 +1408,7 @@ encrypted_data_length_is_valid(size_t len)
 static int
 decrypt_descriptor_cookie(const hs_descriptor_t *desc,
   const hs_desc_authorized_client_t *client,
-  const curve25519_secret_key_t *client_sk,
+  const curve25519_secret_key_t *client_auth_sk,
   uint8_t **descriptor_cookie_out)
 {
   int ret = -1;
@@ -1421,15 +1421,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
 
   tor_assert(desc);
   tor_assert(client);
-  tor_assert(client_sk);
+  tor_assert(client_auth_sk);
   tor_assert(!tor_mem_is_zero(
 (char *) >superencrypted_data.auth_ephemeral_pubkey,
 sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
-  tor_assert(!tor_mem_is_zero((char *) client_sk,
-  sizeof(*client_sk)));
+  tor_assert(!tor_mem_is_zero((char *) client_auth_sk,
+  sizeof(*client_auth_sk)));
 
   /* Calculate x25519(client_x, hs_Y) */
-  curve25519_handshake(secret_seed, client_sk,
+  curve25519_handshake(secret_seed, client_auth_sk,
>superencrypted_data.auth_ephemeral_pubkey);
 
   /* Calculate KEYS = KDF(SECRET_SEED, 40) */
@@ -1440,7 +1440,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
 
   /* If the client id of auth client is not the same as the calculcated
* client id, it means that this auth client is invaild according to the
-   * client secret key client_sk. */
+   * client secret key client_auth_sk. */
   if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) {
 goto done;
   }
@@ -1630,7 +1630,7 @@ desc_decrypt_superencrypted(const hs_descriptor_t *desc, 
char **decrypted_out)
  * decrypted_out is set to NULL. */
 static size_t
 desc_decrypt_encrypted(const hs_descriptor_t *desc,
-   const curve25519_secret_key_t *client_sk,
+   const curve25519_secret_key_t *client_auth_sk,
char **decrypted_out)
 {
   size_t encrypted_len = 0;
@@ -1643,12 +1643,12 @@ desc_decrypt_encrypted(const hs_descriptor_t *desc,
 
   /* If the client secret key is provided, try to find a valid descriptor
* cookie. Otherwise, leave it NULL. */
-  if (client_sk) {
+  if (client_auth_sk) {
 SMARTLIST_FOREACH_BEGIN(desc->superencrypted_data.clients,
 hs_desc_authorized_client_t *, client) {
   /* If we can decrypt the descriptor cookie successfully, we will use that
* descriptor cookie and break from the loop. */
-  if (!decrypt_descriptor_cookie(desc, client, client_sk,
+  if (!decrypt_descriptor_cookie(desc, client, client_auth_sk,
  _cookie)) {
 break;
   }
@@ -2253,7 +2253,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc,
  * success else -1. */
 static int
 desc_decode_encrypted_v3(const hs_descriptor_t *desc,
-

[tor-commits] [tor/master] hs-v3: Log client auth load activities service side

2018-09-07 Thread nickm

commit 7ace28c952562386ebe795394a038cdcf8c1dd57
Author: Suphanat Chunhapanya 
Date:   Sun Aug 19 19:37:38 2018 +0700

hs-v3: Log client auth load activities service side

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_service.c | 57 +
 1 file changed, 37 insertions(+), 20 deletions(-)

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 87c28f620..8d5d69302 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1141,6 +1141,7 @@ parse_authorized_client(const char *client_key_str)
  SPLIT_SKIP_SPACE, 0);
   /* Wrong number of fields. */
   if (smartlist_len(fields) != 3) {
+log_warn(LD_REND, "The file is in a wrong format.");
 goto err;
   }
 
@@ -1148,9 +1149,15 @@ parse_authorized_client(const char *client_key_str)
   key_type = smartlist_get(fields, 1);
   pubkey_b32 = smartlist_get(fields, 2);
 
-  /* Currently, the only supported auth type is "descriptor" and the only
-   * supported key type is "x25519". */
-  if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) {
+  /* Currently, the only supported auth type is "descriptor". */
+  if (strcmp(auth_type, "descriptor")) {
+log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type);
+goto err;
+  }
+
+  /* Currently, the only supported key type is "x25519". */
+  if (strcmp(key_type, "x25519")) {
+log_warn(LD_REND, "The key type '%s' is not supported.", key_type);
 goto err;
   }
 
@@ -1168,6 +1175,7 @@ parse_authorized_client(const char *client_key_str)
   if (base32_decode((char *) client->client_pk.public_key,
 sizeof(client->client_pk.public_key),
 pubkey_b32, strlen(pubkey_b32)) < 0) {
+log_warn(LD_REND, "The public key cannot be decoded.");
 goto err;
   }
 
@@ -1233,27 +1241,36 @@ load_client_keys(hs_service_t *service)
 
   SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) {
 hs_service_authorized_client_t *client = NULL;
+log_info(LD_REND, "Loading a client authorization key file %s...",
+ filename);
 
-if (client_filename_is_valid(filename)) {
-  /* Create a full path for a file. */
-  client_key_file_path = hs_path_from_filename(client_keys_dir_path,
-   filename);
-  client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
-  /* Free immediately after using it. */
-  tor_free(client_key_file_path);
+if (!client_filename_is_valid(filename)) {
+  log_warn(LD_REND, "The filename is invalid.");
+  continue;
+}
 
-  /* If we cannot read the file, continue with the next file. */
-  if (!client_key_str)  {
-continue;
-  }
+/* Create a full path for a file. */
+client_key_file_path = hs_path_from_filename(client_keys_dir_path,
+ filename);
+client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
+/* Free immediately after using it. */
+tor_free(client_key_file_path);
+
+/* If we cannot read the file, continue with the next file. */
+if (!client_key_str)  {
+  log_warn(LD_REND, "The file cannot be read.");
+  continue;
+}
 
-  client = parse_authorized_client(client_key_str);
-  /* Free immediately after using it. */
-  tor_free(client_key_str);
+client = parse_authorized_client(client_key_str);
+/* Wipe and free immediately after using it. */
+memwipe(client_key_str, 0, strlen(client_key_str));
+tor_free(client_key_str);
 
-  if (client) {
-smartlist_add(config->clients, client);
-  }
+if (client) {
+  smartlist_add(config->clients, client);
+  log_info(LD_REND, "Loaded a client authorization key file %s.",
+   filename);
 }
 
   } SMARTLIST_FOREACH_END(filename);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] HSv3: Add subcredential in client auth KDF on the service-side.

2018-09-07 Thread nickm

commit 1e9428dc618250ba7a64f5e2e0451a9da9c75853
Author: George Kadianakis 
Date:   Thu Sep 6 16:07:27 2018 +0300

HSv3: Add subcredential in client auth KDF on the service-side.

Also update some client auth test vectors that broke...
---
 src/feature/hs/hs_descriptor.c | 15 ++-
 src/feature/hs/hs_service.c| 11 ++-
 src/test/test_hs_descriptor.c  | 18 --
 3 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 9c3d4fc96..f34685e23 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -2851,11 +2851,12 @@ hs_desc_build_fake_authorized_client(void)
   return client_auth;
 }
 
-/* Using the client public key, auth ephemeral secret key, and descriptor
- * cookie, build the auth client so we can then encode the descriptor for
- * publication. client_out must be already allocated. */
+/* Using the service's subcredential, client public key, auth ephemeral secret
+ * key, and descriptor cookie, build the auth client so we can then encode the
+ * descriptor for publication. client_out must be already allocated. */
 void
-hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk,
+hs_desc_build_authorized_client(const uint8_t *subcredential,
+const curve25519_public_key_t *client_auth_pk,
 const curve25519_secret_key_t *
 auth_ephemeral_sk,
 const uint8_t *descriptor_cookie,
@@ -2871,20 +2872,24 @@ hs_desc_build_authorized_client(const 
curve25519_public_key_t *client_auth_pk,
   tor_assert(auth_ephemeral_sk);
   tor_assert(descriptor_cookie);
   tor_assert(client_out);
+  tor_assert(subcredential);
   tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk,
   sizeof(*auth_ephemeral_sk)));
   tor_assert(!tor_mem_is_zero((char *) client_auth_pk,
   sizeof(*client_auth_pk)));
   tor_assert(!tor_mem_is_zero((char *) descriptor_cookie,
   HS_DESC_DESCRIPTOR_COOKIE_LEN));
+  tor_assert(!tor_mem_is_zero((char *) subcredential,
+  DIGEST256_LEN));
 
   /* Calculate x25519(hs_y, client_X) */
   curve25519_handshake(secret_seed,
auth_ephemeral_sk,
client_auth_pk);
 
-  /* Calculate KEYS = KDF(SECRET_SEED, 40) */
+  /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */
   xof = crypto_xof_new();
+  crypto_xof_add_bytes(xof, subcredential, DIGEST256_LEN);
   crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
   crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream));
   crypto_xof_free(xof);
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 79ef0a35e..43e5626a5 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1744,10 +1744,18 @@ build_service_desc_superencrypted(const hs_service_t 
*service,
 
   /* The ephemeral key pair is already generated, so this should not give
* an error. */
+  if (BUG(!curve25519_public_key_is_ok(>auth_ephemeral_kp.pubkey))) {
+return -1;
+  }
   memcpy(>auth_ephemeral_pubkey,
  >auth_ephemeral_kp.pubkey,
  sizeof(curve25519_public_key_t));
 
+  /* Test that subcred is not zero because we might use it below */
+  if (BUG(tor_mem_is_zero((char*)desc->desc->subcredential, DIGEST256_LEN))) {
+return -1;
+  }
+
   /* Create a smartlist to store clients */
   superencrypted->clients = smartlist_new();
 
@@ -1761,7 +1769,8 @@ build_service_desc_superencrypted(const hs_service_t 
*service,
 
   /* Prepare the client for descriptor and then add to the list in the
* superencrypted part of the descriptor */
-  hs_desc_build_authorized_client(>client_pk,
+  hs_desc_build_authorized_client(desc->desc->subcredential,
+  >client_pk,
   >auth_ephemeral_kp.seckey,
   desc->descriptor_cookie, desc_client);
   smartlist_add(superencrypted->clients, desc_client);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index be7932cd2..4889281cb 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -400,12 +400,16 @@ test_decode_descriptor(void *arg)
 memcpy(>superencrypted_data.auth_ephemeral_pubkey,
_ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN);
 
+hs_helper_get_subcred_from_identity_keypair(_kp,
+subcredential);
+
 /* Build and add the auth client to the descriptor. */
 clients = desc->superencrypted_data.clients;
 if (!clients) {
   clients = smartlist_new();
 }
-hs_desc_build_authorized_client(_kp.pubkey,
+hs_desc_build_authorized_client(subcredential,
+

[tor-commits] [tor/master] hs-v3: Make hs_desc_build_fake_authorized_client() return an object

2018-09-07 Thread nickm

commit c76d00abfa779059b2936e5b84c032d0e36726d4
Author: David Goulet 
Date:   Wed Sep 5 13:37:37 2018 -0400

hs-v3: Make hs_desc_build_fake_authorized_client() return an object

Return a newly allocated fake client authorization object instead of taking
the object as a parameter.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 28 
 src/feature/hs/hs_descriptor.h |  3 +--
 src/feature/hs/hs_service.c|  6 ++
 src/test/hs_test_helpers.c |  6 ++
 src/test/test_hs_descriptor.c  |  3 +--
 5 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 0cabe5036..9c3d4fc96 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -2833,18 +2833,22 @@ hs_desc_intro_point_free_(hs_desc_intro_point_t *ip)
   tor_free(ip);
 }
 
-/* Build a fake client info for the descriptor */
-void
-hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out)
-{
-  tor_assert(client_out);
-
-  crypto_rand((char *) client_out->client_id,
-  sizeof(client_out->client_id));
-  crypto_rand((char *) client_out->iv,
-  sizeof(client_out->iv));
-  crypto_rand((char *) client_out->encrypted_cookie,
-  sizeof(client_out->encrypted_cookie));
+/* Allocate and build a new fake client info for the descriptor. Return a
+ * newly allocated object. This can't fail. */
+hs_desc_authorized_client_t *
+hs_desc_build_fake_authorized_client(void)
+{
+  hs_desc_authorized_client_t *client_auth =
+tor_malloc_zero(sizeof(*client_auth));
+
+  crypto_rand((char *) client_auth->client_id,
+  sizeof(client_auth->client_id));
+  crypto_rand((char *) client_auth->iv,
+  sizeof(client_auth->iv));
+  crypto_rand((char *) client_auth->encrypted_cookie,
+  sizeof(client_auth->encrypted_cookie));
+
+  return client_auth;
 }
 
 /* Using the client public key, auth ephemeral secret key, and descriptor
diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h
index 8ce5fd6a1..9d447105f 100644
--- a/src/feature/hs/hs_descriptor.h
+++ b/src/feature/hs/hs_descriptor.h
@@ -302,8 +302,7 @@ void 
hs_desc_authorized_client_free_(hs_desc_authorized_client_t *client);
 link_specifier_t *hs_desc_lspec_to_trunnel(
const hs_desc_link_specifier_t *spec);
 
-void
-hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out);
+hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void);
 void hs_desc_build_authorized_client(const curve25519_public_key_t *
  client_auth_pk,
  const curve25519_secret_key_t *
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 09329340c..79ef0a35e 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1786,10 +1786,8 @@ build_service_desc_superencrypted(const hs_service_t 
*service,
   }
 
   for (i = 0; i < num_clients_to_add; i++) {
-hs_desc_authorized_client_t *desc_client;
-desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
-
-hs_desc_build_fake_authorized_client(desc_client);
+hs_desc_authorized_client_t *desc_client =
+  hs_desc_build_fake_authorized_client();
 smartlist_add(superencrypted->clients, desc_client);
   }
 
diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c
index f8c582afc..4e13ba43a 100644
--- a/src/test/hs_test_helpers.c
+++ b/src/test/hs_test_helpers.c
@@ -138,10 +138,8 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip,
 
   desc->superencrypted_data.clients = smartlist_new();
   for (i = 0; i < HS_DESC_AUTH_CLIENT_MULTIPLE; i++) {
-hs_desc_authorized_client_t *desc_client;
-desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
-
-hs_desc_build_fake_authorized_client(desc_client);
+hs_desc_authorized_client_t *desc_client =
+  hs_desc_build_fake_authorized_client();
 smartlist_add(desc->superencrypted_data.clients, desc_client);
   }
 
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index de977599a..be7932cd2 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -412,8 +412,7 @@ test_decode_descriptor(void *arg)
 
 /* We need to add fake auth clients here. */
 for (i=0; i < 15; ++i) {
-  fake_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
-  hs_desc_build_fake_authorized_client(fake_client);
+  fake_client = hs_desc_build_fake_authorized_client();
   smartlist_add(clients, fake_client);
 }
 desc->superencrypted_data.clients = clients;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Rename client_pk to client_auth_pk

2018-09-07 Thread nickm

commit 83c8419e73a82deeecf25e4f5c24a390c80cac33
Author: Suphanat Chunhapanya 
Date:   Tue May 22 00:09:40 2018 +0700

hs-v3: Rename client_pk to client_auth_pk

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c |  9 +
 src/feature/hs/hs_descriptor.h |  3 ++-
 src/test/test_hs_descriptor.c  | 12 ++--
 3 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index be8e206c7..0cabe5036 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -2851,7 +2851,7 @@ 
hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out)
  * cookie, build the auth client so we can then encode the descriptor for
  * publication. client_out must be already allocated. */
 void
-hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk,
+hs_desc_build_authorized_client(const curve25519_public_key_t *client_auth_pk,
 const curve25519_secret_key_t *
 auth_ephemeral_sk,
 const uint8_t *descriptor_cookie,
@@ -2863,20 +2863,21 @@ hs_desc_build_authorized_client(const 
curve25519_public_key_t *client_pk,
   crypto_cipher_t *cipher;
   crypto_xof_t *xof;
 
-  tor_assert(client_pk);
+  tor_assert(client_auth_pk);
   tor_assert(auth_ephemeral_sk);
   tor_assert(descriptor_cookie);
   tor_assert(client_out);
   tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk,
   sizeof(*auth_ephemeral_sk)));
-  tor_assert(!tor_mem_is_zero((char *) client_pk, sizeof(*client_pk)));
+  tor_assert(!tor_mem_is_zero((char *) client_auth_pk,
+  sizeof(*client_auth_pk)));
   tor_assert(!tor_mem_is_zero((char *) descriptor_cookie,
   HS_DESC_DESCRIPTOR_COOKIE_LEN));
 
   /* Calculate x25519(hs_y, client_X) */
   curve25519_handshake(secret_seed,
auth_ephemeral_sk,
-   client_pk);
+   client_auth_pk);
 
   /* Calculate KEYS = KDF(SECRET_SEED, 40) */
   xof = crypto_xof_new();
diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h
index 06d3bfe75..8ce5fd6a1 100644
--- a/src/feature/hs/hs_descriptor.h
+++ b/src/feature/hs/hs_descriptor.h
@@ -304,7 +304,8 @@ link_specifier_t *hs_desc_lspec_to_trunnel(
 
 void
 hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out);
-void hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk,
+void hs_desc_build_authorized_client(const curve25519_public_key_t *
+ client_auth_pk,
  const curve25519_secret_key_t *
  auth_ephemeral_sk,
  const uint8_t *descriptor_cookie,
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 50a073b41..de977599a 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -868,7 +868,7 @@ test_build_authorized_client(void *arg)
   uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
   curve25519_secret_key_t auth_ephemeral_sk;
   curve25519_secret_key_t client_auth_sk;
-  curve25519_public_key_t client_pk;
+  curve25519_public_key_t client_auth_pk;
   const char ephemeral_sk_b16[] =
 "d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e844dd3468d6a";
   const char descriptor_cookie_b16[] =
@@ -884,7 +884,7 @@ test_build_authorized_client(void *arg)
 
   ret = curve25519_secret_key_generate(_auth_sk, 0);
   tt_int_op(ret, OP_EQ, 0);
-  curve25519_public_key_generate(_pk, _auth_sk);
+  curve25519_public_key_generate(_auth_pk, _auth_sk);
 
   desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
 
@@ -898,15 +898,15 @@ test_build_authorized_client(void *arg)
 descriptor_cookie_b16,
 strlen(descriptor_cookie_b16));
 
-  base16_decode((char *) _pk,
-sizeof(client_pk),
+  base16_decode((char *) _auth_pk,
+sizeof(client_auth_pk),
 client_pubkey_b16,
 strlen(client_pubkey_b16));
 
   MOCK(crypto_strongest_rand, mock_crypto_strongest_rand);
 
-  hs_desc_build_authorized_client(_pk, _ephemeral_sk,
-   descriptor_cookie, desc_client);
+  hs_desc_build_authorized_client(_auth_pk, _ephemeral_sk,
+  descriptor_cookie, desc_client);
 
   test_memeq_hex((char *) desc_client->client_id,
  "b514ef67192cad5f");



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Re-enable the decoding in the encoding function

2018-09-07 Thread nickm

commit 53dd1699baf5cb09086644eaca239596aedbde15
Author: Suphanat Chunhapanya 
Date:   Sun Apr 22 20:51:21 2018 +0700

hs-v3: Re-enable the decoding in the encoding function

Previously, the validation by decoding a created descriptor was disabled
because the interface had to be entirely changed and not implemented at the
time.

This commit re-enabled it because it is now implemented.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 18 ++
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 3f9b505cb..52b080271 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -2705,14 +2705,16 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc,
 goto err;
   }
 
-  /* Try to decode what we just encoded. Symmetry is nice! */
-  /* XXX: I need to disable this assertation for now to make the test pass.
-   * I will enable it again when I finish writing the decoding */
-  /* ret = hs_desc_decode_descriptor(*encoded_out, */
-  /* desc->subcredential, NULL); */
-  /* if (BUG(ret < 0)) { */
-  /*   goto err; */
-  /* } */
+  /* Try to decode what we just encoded. Symmetry is nice!, but it is
+   * symmetric only if the client auth is disabled. That is, the descriptor
+   * cookie will be NULL. */
+  if (!descriptor_cookie) {
+ret = hs_desc_decode_descriptor(*encoded_out, desc->subcredential,
+NULL, NULL);
+if (BUG(ret < 0)) {
+  goto err;
+}
+  }
 
   return 0;
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs-v3: Make all descriptor content free functions public

2018-09-07 Thread nickm

commit 3b08b239972df982f6130900295bcde76db8b0ed
Author: Suphanat Chunhapanya 
Date:   Thu May 10 03:14:01 2018 +0700

hs-v3: Make all descriptor content free functions public

Series of functions that we now need in hs_service.c.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 128 -
 src/feature/hs/hs_descriptor.h |   5 +-
 src/test/test_hs_descriptor.c  |   2 +-
 3 files changed, 69 insertions(+), 66 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 52b080271..dc7012ec4 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -152,62 +152,6 @@ static token_rule_t hs_desc_intro_point_v3_token_table[] = 
{
   END_OF_TABLE
 };
 
-/* Free the content of the plaintext section of a descriptor. */
-STATIC void
-desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc)
-{
-  if (!desc) {
-return;
-  }
-
-  if (desc->superencrypted_blob) {
-tor_free(desc->superencrypted_blob);
-  }
-  tor_cert_free(desc->signing_key_cert);
-
-  memwipe(desc, 0, sizeof(*desc));
-}
-
-/* Free the content of the superencrypted section of a descriptor. */
-static void
-desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc)
-{
-  if (!desc) {
-return;
-  }
-
-  if (desc->encrypted_blob) {
-tor_free(desc->encrypted_blob);
-  }
-  if (desc->clients) {
-SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client,
-  hs_desc_authorized_client_free(client));
-smartlist_free(desc->clients);
-  }
-
-  memwipe(desc, 0, sizeof(*desc));
-}
-
-/* Free the content of the encrypted section of a descriptor. */
-static void
-desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc)
-{
-  if (!desc) {
-return;
-  }
-
-  if (desc->intro_auth_types) {
-SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a));
-smartlist_free(desc->intro_auth_types);
-  }
-  if (desc->intro_points) {
-SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip,
-  hs_desc_intro_point_free(ip));
-smartlist_free(desc->intro_points);
-  }
-  memwipe(desc, 0, sizeof(*desc));
-}
-
 /* Using a key, salt and encrypted payload, build a MAC and put it in mac_out.
  * We use SHA3-256 for the MAC computation.
  * This function can't fail. */
@@ -2288,7 +2232,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc,
 
  err:
   tor_assert(ret < 0);
-  desc_superencrypted_data_free_contents(desc_superencrypted_out);
+  hs_desc_superencrypted_data_free_contents(desc_superencrypted_out);
 
  done:
   if (tokens) {
@@ -2388,7 +2332,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc,
 
  err:
   tor_assert(ret < 0);
-  desc_encrypted_data_free_contents(desc_encrypted_out);
+  hs_desc_encrypted_data_free_contents(desc_encrypted_out);
 
  done:
   if (tokens) {
@@ -2723,11 +2667,67 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc,
   return ret;
 }
 
+/* Free the content of the plaintext section of a descriptor. */
+void
+hs_desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc)
+{
+  if (!desc) {
+return;
+  }
+
+  if (desc->superencrypted_blob) {
+tor_free(desc->superencrypted_blob);
+  }
+  tor_cert_free(desc->signing_key_cert);
+
+  memwipe(desc, 0, sizeof(*desc));
+}
+
+/* Free the content of the superencrypted section of a descriptor. */
+void
+hs_desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc)
+{
+  if (!desc) {
+return;
+  }
+
+  if (desc->encrypted_blob) {
+tor_free(desc->encrypted_blob);
+  }
+  if (desc->clients) {
+SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client,
+  hs_desc_authorized_client_free(client));
+smartlist_free(desc->clients);
+  }
+
+  memwipe(desc, 0, sizeof(*desc));
+}
+
+/* Free the content of the encrypted section of a descriptor. */
+void
+hs_desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc)
+{
+  if (!desc) {
+return;
+  }
+
+  if (desc->intro_auth_types) {
+SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a));
+smartlist_free(desc->intro_auth_types);
+  }
+  if (desc->intro_points) {
+SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip,
+  hs_desc_intro_point_free(ip));
+smartlist_free(desc->intro_points);
+  }
+  memwipe(desc, 0, sizeof(*desc));
+}
+
 /* Free the descriptor plaintext data object. */
 void
 hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc)
 {
-  desc_plaintext_data_free_contents(desc);
+  hs_desc_plaintext_data_free_contents(desc);
   tor_free(desc);
 }
 
@@ -2735,7 +2735,7 @@ hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t 
*desc)
 void
 hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc)
 {
-  desc_superencrypted_data_free_contents(desc);
+  hs_desc_superencrypted_data_free_contents(desc);

[tor-commits] [tor/master] hs-v3: Decrypt the descriptor with client private key

2018-09-07 Thread nickm

commit 7acb720027dd702332fb5a539683742801443f00
Author: Suphanat Chunhapanya 
Date:   Fri Apr 20 02:10:19 2018 +0700

hs-v3: Decrypt the descriptor with client private key

Parse the client authorization section from the descriptor, use the client
private key to decrypt the auth clients, and then use the descriptor cookie 
to
decrypt the descriptor.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 142 +++--
 1 file changed, 137 insertions(+), 5 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index bb2cc1984..3f9b505cb 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1181,6 +1181,42 @@ desc_encode_v3(const hs_descriptor_t *desc,
 
 /* === DECODING === */
 
+/* Given the token tok for an auth client, decode it as
+ * hs_desc_authorized_client_t. tok->args MUST contain at least 3 elements
+ * Return 0 on success else -1 on failure. */
+static int
+decode_auth_client(const directory_token_t *tok,
+   hs_desc_authorized_client_t *client)
+{
+  int ret = -1;
+
+  tor_assert(tok);
+  tor_assert(tok->n_args >= 3);
+  tor_assert(client);
+
+  if (base64_decode((char *) client->client_id, sizeof(client->client_id),
+tok->args[0], strlen(tok->args[0])) !=
+  sizeof(client->client_id)) {
+goto done;
+  }
+  if (base64_decode((char *) client->iv, sizeof(client->iv),
+tok->args[1], strlen(tok->args[1])) !=
+  sizeof(client->iv)) {
+goto done;
+  }
+  if (base64_decode((char *) client->encrypted_cookie,
+sizeof(client->encrypted_cookie),
+tok->args[2], strlen(tok->args[2])) !=
+  sizeof(client->encrypted_cookie)) {
+goto done;
+  }
+
+  /* Success. */
+  ret = 0;
+ done:
+  return ret;
+}
+
 /* Given an encoded string of the link specifiers, return a newly allocated
  * list of decoded link specifiers. Return NULL on error. */
 STATIC smartlist_t *
@@ -1420,6 +1456,73 @@ encrypted_data_length_is_valid(size_t len)
   return 0;
 }
 
+/* Decrypt the descriptor cookie given the descriptor, the auth client,
+ * and the client secret key. On sucess, return 0 and a newly allocated
+ * descriptor cookie descriptor_cookie_out. On error or if the client id
+ * is invalid, return -1 and descriptor_cookie_out is set to
+ * NULL. */
+static int
+decrypt_descriptor_cookie(const hs_descriptor_t *desc,
+  const hs_desc_authorized_client_t *client,
+  const curve25519_secret_key_t *client_sk,
+  uint8_t **descriptor_cookie_out)
+{
+  int ret = -1;
+  uint8_t secret_seed[CURVE25519_OUTPUT_LEN];
+  uint8_t keystream[HS_DESC_CLIENT_ID_LEN + HS_DESC_COOKIE_KEY_LEN];
+  uint8_t *cookie_key = NULL;
+  uint8_t *descriptor_cookie = NULL;
+  crypto_cipher_t *cipher = NULL;
+  crypto_xof_t *xof = NULL;
+
+  tor_assert(desc);
+  tor_assert(client);
+  tor_assert(client_sk);
+  tor_assert(!tor_mem_is_zero(
+(char *) >superencrypted_data.auth_ephemeral_pubkey,
+sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
+  tor_assert(!tor_mem_is_zero((char *) client_sk,
+  sizeof(*client_sk)));
+
+  /* Calculate x25519(client_x, hs_Y) */
+  curve25519_handshake(secret_seed, client_sk,
+   >superencrypted_data.auth_ephemeral_pubkey);
+
+  /* Calculate KEYS = KDF(SECRET_SEED, 40) */
+  xof = crypto_xof_new();
+  crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
+  crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream));
+  crypto_xof_free(xof);
+
+  /* If the client id of auth client is not the same as the calculcated
+   * client id, it means that this auth client is invaild according to the
+   * client secret key client_sk. */
+  if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) {
+goto done;
+  }
+  cookie_key = keystream + HS_DESC_CLIENT_ID_LEN;
+
+  /* This creates a cipher for AES. It can't fail. */
+  cipher = crypto_cipher_new_with_iv_and_bits(cookie_key, client->iv,
+  HS_DESC_COOKIE_KEY_BIT_SIZE);
+  descriptor_cookie = tor_malloc_zero(HS_DESC_DESCRIPTOR_COOKIE_LEN);
+  /* This can't fail. */
+  crypto_cipher_decrypt(cipher, (char *) descriptor_cookie,
+(const char *) client->encrypted_cookie,
+sizeof(client->encrypted_cookie));
+
+  /* Success. */
+  ret = 0;
+ done:
+  *descriptor_cookie_out = descriptor_cookie;
+  if (cipher) {
+crypto_cipher_free(cipher);
+  }
+  memwipe(secret_seed, 0, sizeof(secret_seed));
+  memwipe(keystream, 0, sizeof(keystream));
+  return ret;
+}
+
 /** Decrypt an encrypted descriptor layer at encrypted_blob of size
  *  encrypted_blob_size. The descriptor cookie is optional. Use
  *  the descriptor object desc and descriptor_cookie
@@ -1588,18 +1691,30 @@

[tor-commits] [tor/master] test: HS v3 descriptor decoding with client authorization

2018-09-07 Thread nickm

commit 69fb25b0f6f3c2e7397b3f5e49213025ab1e8173
Author: Suphanat Chunhapanya 
Date:   Sun Apr 22 01:13:50 2018 +0700

test: HS v3 descriptor decoding with client authorization

Signed-off-by: David Goulet 
---
 src/test/hs_test_helpers.c| 26 
 src/test/test_hs_descriptor.c | 70 +++
 2 files changed, 96 insertions(+)

diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c
index bb2ba981f..f8c582afc 100644
--- a/src/test/hs_test_helpers.c
+++ b/src/test/hs_test_helpers.c
@@ -226,6 +226,32 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1,
* encrypted blob. As contrast to the decoding process where we populate a
* descriptor object. */
 
+  /* Superencrypted data section. */
+  tt_mem_op(desc1->superencrypted_data.auth_ephemeral_pubkey.public_key, OP_EQ,
+desc2->superencrypted_data.auth_ephemeral_pubkey.public_key,
+CURVE25519_PUBKEY_LEN);
+
+  /* Auth clients. */
+  {
+tt_assert(desc1->superencrypted_data.clients);
+tt_assert(desc2->superencrypted_data.clients);
+tt_int_op(smartlist_len(desc1->superencrypted_data.clients), ==,
+  smartlist_len(desc2->superencrypted_data.clients));
+for (int i=0;
+ i < smartlist_len(desc1->superencrypted_data.clients);
+ i++) {
+  hs_desc_authorized_client_t
+*client1 = smartlist_get(desc1->superencrypted_data.clients, i),
+*client2 = smartlist_get(desc2->superencrypted_data.clients, i);
+  tor_memeq(client1->client_id, client2->client_id,
+sizeof(client1->client_id));
+  tor_memeq(client1->iv, client2->iv,
+sizeof(client1->iv));
+  tor_memeq(client1->encrypted_cookie, client2->encrypted_cookie,
+sizeof(client1->encrypted_cookie));
+}
+  }
+
   /* Encrypted data section. */
   tt_uint_op(desc1->encrypted_data.create2_ntor, ==,
  desc2->encrypted_data.create2_ntor);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index e003ea5ff..952499a2c 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -330,6 +330,7 @@ static void
 test_decode_descriptor(void *arg)
 {
   int ret;
+  int i;
   char *encoded = NULL;
   ed25519_keypair_t signing_kp;
   hs_descriptor_t *desc = NULL;
@@ -381,6 +382,75 @@ test_decode_descriptor(void *arg)
 tt_assert(decoded);
   }
 
+  /* Decode a descriptor with auth clients. */
+  {
+uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
+curve25519_keypair_t auth_ephemeral_kp;
+curve25519_keypair_t client_kp, invalid_client_kp;
+smartlist_t *clients;
+hs_desc_authorized_client_t *client, *fake_client;
+client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
+
+/* Prepare all the keys needed to build the auth client. */
+curve25519_keypair_generate(_ephemeral_kp, 0);
+curve25519_keypair_generate(_kp, 0);
+curve25519_keypair_generate(_client_kp, 0);
+crypto_strongest_rand(descriptor_cookie, HS_DESC_DESCRIPTOR_COOKIE_LEN);
+
+memcpy(>superencrypted_data.auth_ephemeral_pubkey,
+   _ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN);
+
+/* Build and add the auth client to the descriptor. */
+clients = desc->superencrypted_data.clients;
+if (!clients) {
+  clients = smartlist_new();
+}
+hs_desc_build_authorized_client(_kp.pubkey,
+_ephemeral_kp.seckey,
+descriptor_cookie, client);
+smartlist_add(clients, client);
+
+/* We need to add fake auth clients here. */
+for (i=0; i < 15; ++i) {
+  fake_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
+  hs_desc_build_fake_authorized_client(fake_client);
+  smartlist_add(clients, fake_client);
+}
+desc->superencrypted_data.clients = clients;
+
+/* Test the encoding/decoding in the following lines. */
+hs_helper_get_subcred_from_identity_keypair(_kp,
+subcredential);
+tor_free(encoded);
+ret = hs_desc_encode_descriptor(desc, _kp,
+descriptor_cookie, );
+tt_int_op(ret, OP_EQ, 0);
+tt_assert(encoded);
+
+/* If we do not have the client secret key, the decoding must fail. */
+hs_descriptor_free(decoded);
+ret = hs_desc_decode_descriptor(encoded, subcredential,
+NULL, );
+tt_int_op(ret, OP_LT, 0);
+tt_assert(!decoded);
+
+/* If we have an invalid client secret key, the decoding must fail. */
+hs_descriptor_free(decoded);
+ret = hs_desc_decode_descriptor(encoded, subcredential,
+_client_kp.seckey, );
+tt_int_op(ret, OP_LT, 0);
+tt_assert(!decoded);
+
+/* If we have the client secret key, the decoding must succeed and the
+ * decoded descriptor must be correct. */
+ret =

[tor-commits] [tor/master] test: HS v3 client authorization loading secret key

2018-09-07 Thread nickm

commit 9c362192361bec379f83f37426236b41c2a17e8e
Author: Suphanat Chunhapanya 
Date:   Sun Aug 19 08:26:43 2018 +0700

test: HS v3 client authorization loading secret key

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_client.c |  14 +++-
 src/feature/hs/hs_client.h |  11 +++
 src/test/test_hs_client.c  | 174 +
 3 files changed, 197 insertions(+), 2 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 7c545c35d..18c79e0c4 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1428,7 +1428,7 @@ client_service_authorization_free_all(void)
 
 /* Check if the auth key file name is valid or not. Return 1 if valid,
  * otherwise return 0. */
-static int
+STATIC int
 auth_key_filename_is_valid(const char *filename)
 {
   int ret = 1;
@@ -1448,7 +1448,7 @@ auth_key_filename_is_valid(const char *filename)
   return ret;
 }
 
-static hs_client_service_authorization_t *
+STATIC hs_client_service_authorization_t *
 parse_auth_file_content(const char *client_key_str)
 {
   char *onion_address = NULL;
@@ -1836,3 +1836,13 @@ hs_client_dir_info_changed(void)
* AP_CONN_STATE_RENDDESC_WAIT state in order to fetch the descriptor. */
   retry_all_socks_conn_waiting_for_desc();
 }
+
+#ifdef TOR_UNIT_TESTS
+
+STATIC digest256map_t *
+get_hs_client_auths_map(void)
+{
+  return client_auths;
+}
+
+#endif /* defined(TOR_UNIT_TESTS) */
diff --git a/src/feature/hs/hs_client.h b/src/feature/hs/hs_client.h
index 6d4c84774..1ba0338dc 100644
--- a/src/feature/hs/hs_client.h
+++ b/src/feature/hs/hs_client.h
@@ -84,6 +84,11 @@ void hs_client_free_all(void);
 
 #ifdef HS_CLIENT_PRIVATE
 
+STATIC int auth_key_filename_is_valid(const char *filename);
+
+STATIC hs_client_service_authorization_t *
+parse_auth_file_content(const char *client_key_str);
+
 STATIC routerstatus_t *
 pick_hsdir_v3(const ed25519_public_key_t *onion_identity_pk);
 
@@ -99,6 +104,12 @@ STATIC int handle_rendezvous2(origin_circuit_t *circ, const 
uint8_t *payload,
 MOCK_DECL(STATIC hs_client_fetch_status_t,
   fetch_v3_desc, (const ed25519_public_key_t *onion_identity_pk));
 
+#ifdef TOR_UNIT_TESTS
+
+STATIC digest256map_t *get_hs_client_auths_map(void);
+
+#endif /* defined(TOR_UNIT_TESTS) */
+
 #endif /* defined(HS_CLIENT_PRIVATE) */
 
 #endif /* !defined(TOR_HS_CLIENT_H) */
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index e03c80098..eacbd328e 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -6,6 +6,7 @@
  * \brief Test prop224 HS client functionality.
  */
 
+#define CONFIG_PRIVATE
 #define CRYPTO_PRIVATE
 #define MAIN_PRIVATE
 #define HS_CLIENT_PRIVATE
@@ -32,6 +33,7 @@
 #include "feature/hs/hs_circuit.h"
 #include "feature/hs/hs_circuitmap.h"
 #include "feature/hs/hs_client.h"
+#include "feature/hs/hs_config.h"
 #include "feature/hs/hs_ident.h"
 #include "feature/hs/hs_cache.h"
 #include "core/or/circuitlist.h"
@@ -73,6 +75,20 @@ mock_networkstatus_get_live_consensus(time_t now)
   return _ns;
 }
 
+static int
+helper_config_client(const char *conf, int validate_only)
+{
+  int ret = 0;
+  or_options_t *options = NULL;
+  tt_assert(conf);
+  options = helper_parse_options(conf);
+  tt_assert(options);
+  ret = hs_config_client_auth_all(options, validate_only);
+ done:
+  or_options_free(options);
+  return ret;
+}
+
 /* Test helper function: Setup a circuit and a stream with the same hidden
  * service destination, and put them in circ_out and
  * conn_out. Make the stream wait for circuits to be established to the
@@ -601,6 +617,158 @@ test_descriptor_fetch(void *arg)
   hs_free_all();
 }
 
+static void
+test_auth_key_filename_is_valid(void *arg)
+{
+  (void) arg;
+
+  /* Valid file name. */
+  tt_assert(auth_key_filename_is_valid("a.auth_private"));
+  /* Valid file name with special character. */
+  tt_assert(auth_key_filename_is_valid("a-.auth_private"));
+  /* Invalid extension. */
+  tt_assert(!auth_key_filename_is_valid("a.ath_private"));
+  /* Nothing before the extension. */
+  tt_assert(!auth_key_filename_is_valid(".auth_private"));
+
+ done:
+  ;
+}
+
+static void
+test_parse_auth_file_content(void *arg)
+{
+  hs_client_service_authorization_t *auth = NULL;
+
+  (void) arg;
+
+  /* Valid authorized client. */
+  auth = parse_auth_file_content(
+  "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
+  "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq");
+  tt_assert(auth);
+
+  /* Wrong number of fields. */
+  tt_assert(!parse_auth_file_content("a:b"));
+  /* Wrong auth type. */
+  tt_assert(!parse_auth_file_content(
+  "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:x:"
+  "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
+  /* Wrong key type. */
+  tt_assert(!parse_auth_file_content(
+  "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
+

[tor-commits] [tor/master] hs-v3: Encrypt the descriptor using a cookie

2018-09-07 Thread nickm

commit fa50aee3663b6f6dca61e330df59af6d8c035fe4
Author: Suphanat Chunhapanya 
Date:   Sat Apr 14 04:04:31 2018 +0700

hs-v3: Encrypt the descriptor using a cookie

Previously, we encrypted the descriptor without the descriptor cookie. This
commit, when the client auth is enabled, the descriptor cookie is always 
used.

I also removed the code that is used to generate fake auth clients because 
it
will not be used anymore.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 285 ++---
 src/feature/hs/hs_descriptor.h |   7 +-
 src/feature/hs/hs_service.c|  39 +-
 src/test/hs_test_helpers.c |  19 +++
 src/test/test_hs_cache.c   |  16 +--
 src/test/test_hs_client.c  |   2 +-
 src/test/test_hs_common.c  |   6 +-
 src/test/test_hs_descriptor.c  |   7 +-
 8 files changed, 256 insertions(+), 125 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 34ff2b0a3..b99797497 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -240,53 +240,72 @@ build_mac(const uint8_t *mac_key, size_t mac_key_len,
   crypto_digest_free(digest);
 }
 
-/* Using a given decriptor object, build the secret input needed for the
- * KDF and put it in the dst pointer which is an already allocated buffer
- * of size dstlen. */
-static void
-build_secret_input(const hs_descriptor_t *desc, uint8_t *dst, size_t dstlen)
+/* Using a secret data and a given decriptor object, build the secret
+ * input needed for the KDF.
+ *
+ * secret_input = SECRET_DATA | subcredential | INT_8(revision_counter)
+ *
+ * Then, set the newly allocated buffer in secret_input_out and return the
+ * length of the buffer. */
+static size_t
+build_secret_input(const hs_descriptor_t *desc,
+   const uint8_t *secret_data,
+   size_t secret_data_len,
+   uint8_t **secret_input_out)
 {
   size_t offset = 0;
+  size_t secret_input_len = secret_data_len + DIGEST256_LEN + sizeof(uint64_t);
+  uint8_t *secret_input = NULL;
 
   tor_assert(desc);
-  tor_assert(dst);
-  tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN <= dstlen);
-
-  /* XXX use the destination length as the memcpy length */
-  /* Copy blinded public key. */
-  memcpy(dst, desc->plaintext_data.blinded_pubkey.pubkey,
- sizeof(desc->plaintext_data.blinded_pubkey.pubkey));
-  offset += sizeof(desc->plaintext_data.blinded_pubkey.pubkey);
+  tor_assert(secret_data);
+  tor_assert(secret_input_out);
+
+  secret_input = tor_malloc_zero(secret_input_len);
+
+  /* Copy the secret data. */
+  memcpy(secret_input, secret_data, secret_data_len);
+  offset += secret_data_len;
   /* Copy subcredential. */
-  memcpy(dst + offset, desc->subcredential, sizeof(desc->subcredential));
-  offset += sizeof(desc->subcredential);
+  memcpy(secret_input + offset, desc->subcredential, DIGEST256_LEN);
+  offset += DIGEST256_LEN;
   /* Copy revision counter value. */
-  set_uint64(dst + offset, tor_htonll(desc->plaintext_data.revision_counter));
+  set_uint64(secret_input + offset,
+ tor_htonll(desc->plaintext_data.revision_counter));
   offset += sizeof(uint64_t);
-  tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN == offset);
+  tor_assert(secret_input_len == offset);
+
+  *secret_input_out = secret_input;
+
+  return secret_input_len;
 }
 
 /* Do the KDF construction and put the resulting data in key_out which is of
  * key_out_len length. It uses SHAKE-256 as specified in the spec. */
 static void
 build_kdf_key(const hs_descriptor_t *desc,
+  const uint8_t *secret_data,
+  size_t secret_data_len,
   const uint8_t *salt, size_t salt_len,
   uint8_t *key_out, size_t key_out_len,
   int is_superencrypted_layer)
 {
-  uint8_t secret_input[HS_DESC_ENCRYPTED_SECRET_INPUT_LEN];
+  uint8_t *secret_input = NULL;
+  size_t secret_input_len;
   crypto_xof_t *xof;
 
   tor_assert(desc);
+  tor_assert(secret_data);
   tor_assert(salt);
   tor_assert(key_out);
 
   /* Build the secret input for the KDF computation. */
-  build_secret_input(desc, secret_input, sizeof(secret_input));
+  secret_input_len = build_secret_input(desc, secret_data,
+secret_data_len, _input);
 
   xof = crypto_xof_new();
   /* Feed our KDF. [SHAKE it like a polaroid picture --Yawning]. */
-  crypto_xof_add_bytes(xof, secret_input, sizeof(secret_input));
+  crypto_xof_add_bytes(xof, secret_input, secret_input_len);
   crypto_xof_add_bytes(xof, salt, salt_len);
 
   /* Feed in the right string constant based on the desc layer */
@@ -301,14 +320,18 @@ build_kdf_key(const hs_descriptor_t *desc,
   /* Eat from our KDF. */
   crypto_xof_squeeze_bytes(xof, key_out, key_out_len);
   crypto_xof_free(xof);
-  memwipe(secret_input,  0, sizeof(secret_input));
+  memwipe(secret_input,  0, secret_input_len);
+
+  tor_free(secret_input);
 }
 
-/*

[tor-commits] [tor/master] hs-v3: Refactor the descriptor decryption/decoding

2018-09-07 Thread nickm

commit 63576b01663f1af0ee2b7bd29dd840d121103315
Author: Suphanat Chunhapanya 
Date:   Thu Apr 19 22:44:17 2018 +0700

hs-v3: Refactor the descriptor decryption/decoding

This commit refactors the existing decryption code to make it compatible 
with
a new logic for when the client authorization is enabled.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_client.c |  23 ++-
 src/feature/hs/hs_descriptor.c | 402 +
 src/feature/hs/hs_descriptor.h |   7 +-
 src/test/fuzz/fuzz_hsdescv3.c  |   4 +-
 src/test/test_hs_cache.c   |   4 +-
 src/test/test_hs_descriptor.c  | 107 +--
 6 files changed, 279 insertions(+), 268 deletions(-)

diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 18c79e0c4..0038fdfa5 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1181,6 +1181,19 @@ can_client_refetch_desc(const ed25519_public_key_t 
*identity_pk,
   return 0;
 }
 
+/* Return the client auth in the map using the service identity public key.
+ * Return NULL if it does not exist in the map. */
+static hs_client_service_authorization_t *
+find_client_auth(const ed25519_public_key_t *service_identity_pk)
+{
+  /* If the map is not allocated, we can assume that we do not have any client
+   * auth information. */
+  if (!client_auths) {
+return NULL;
+  }
+  return digest256map_get(client_auths, service_identity_pk->pubkey);
+}
+
 /* == */
 /* Public API */
 /* == */
@@ -1219,11 +1232,19 @@ hs_client_decode_descriptor(const char *desc_str,
   int ret;
   uint8_t subcredential[DIGEST256_LEN];
   ed25519_public_key_t blinded_pubkey;
+  hs_client_service_authorization_t *client_auth = NULL;
+  curve25519_secret_key_t *client_sk = NULL;
 
   tor_assert(desc_str);
   tor_assert(service_identity_pk);
   tor_assert(desc);
 
+  /* Check if we have a client authorization for this service in the map. */
+  client_auth = find_client_auth(service_identity_pk);
+  if (client_auth) {
+client_sk = _auth->enc_seckey;
+  }
+
   /* Create subcredential for this HS so that we can decrypt */
   {
 uint64_t current_time_period = hs_get_time_period_num(0);
@@ -1233,7 +1254,7 @@ hs_client_decode_descriptor(const char *desc_str,
   }
 
   /* Parse descriptor */
-  ret = hs_desc_decode_descriptor(desc_str, subcredential, desc);
+  ret = hs_desc_decode_descriptor(desc_str, subcredential, client_sk, desc);
   memwipe(subcredential, 0, sizeof(subcredential));
   if (ret < 0) {
 log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 4eb06c827..bb2cc1984 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -1421,10 +1421,11 @@ encrypted_data_length_is_valid(size_t len)
 }
 
 /** Decrypt an encrypted descriptor layer at encrypted_blob of size
- *  encrypted_blob_size. Use the descriptor object desc to
- *  generate the right decryption keys; set decrypted_out to the
- *  plaintext. If is_superencrypted_layer is set, this is the outter
- *  encrypted layer of the descriptor.
+ *  encrypted_blob_size. The descriptor cookie is optional. Use
+ *  the descriptor object desc and descriptor_cookie
+ *  to generate the right decryption keys; set decrypted_out to
+ *  the plaintext. If is_superencrypted_layer is set, this is
+ *  the outter encrypted layer of the descriptor.
  *
  * On any error case, including an empty output, return 0 and set
  * *decrypted_out to NULL.
@@ -1433,11 +1434,14 @@ MOCK_IMPL(STATIC size_t,
 decrypt_desc_layer,(const hs_descriptor_t *desc,
 const uint8_t *encrypted_blob,
 size_t encrypted_blob_size,
+const uint8_t *descriptor_cookie,
 int is_superencrypted_layer,
 char **decrypted_out))
 {
   uint8_t *decrypted = NULL;
   uint8_t secret_key[HS_DESC_ENCRYPTED_KEY_LEN], secret_iv[CIPHER_IV_LEN];
+  uint8_t *secret_data = NULL;
+  size_t secret_data_len = 0;
   uint8_t mac_key[DIGEST256_LEN], our_mac[DIGEST256_LEN];
   const uint8_t *salt, *encrypted, *desc_mac;
   size_t encrypted_len, result_len = 0;
@@ -1464,13 +1468,14 @@ decrypt_desc_layer,(const hs_descriptor_t *desc,
   /* And last comes the MAC. */
   desc_mac = encrypted_blob + encrypted_blob_size - DIGEST256_LEN;
 
+  /* Build secret data to be used in the decryption. */
+  secret_data_len = build_secret_data(>plaintext_data.blinded_pubkey,
+  descriptor_cookie,
+  _data);
+
   /* KDF construction resulting in a key from which the secret key, IV and MAC
* key are extracted which is what we need for the decryption. */
-  /* XXX: I will put only blinded pubkey for now. I will also put the
-   * descriptor cookie when I implement the descriptor decryption with
-   * client auth. */
-  build_secret_key_iv_mac(desc,

[tor-commits] [tor/master] hs-v3: Load client authorization secret key from file

2018-09-07 Thread nickm

commit 8e81fcd51ae9b9b373f0254381728a8f4d93236d
Author: Suphanat Chunhapanya 
Date:   Sun Aug 19 08:22:13 2018 +0700

hs-v3: Load client authorization secret key from file

The new ClientOnionAuthDir option is introduced which is where tor looks to
find the HS v3 client authorization files containing the client private key
material.

Signed-off-by: David Goulet 
---
 src/app/config/config.c|   7 +-
 src/app/config/or_options_st.h |   2 +
 src/feature/hs/hs_client.c | 215 +
 src/feature/hs/hs_client.h |  13 +++
 src/feature/hs/hs_config.c |  27 ++
 src/feature/hs/hs_config.h |   1 +
 6 files changed, 263 insertions(+), 2 deletions(-)

diff --git a/src/app/config/config.c b/src/app/config/config.c
index 339f8e247..ce9ae8d7c 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -450,6 +450,7 @@ static config_var_t option_vars_[] = {
   VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL),
   VAR("HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option, "1"),
   V(HidServAuth, LINELIST, NULL),
+  V(ClientOnionAuthDir,  FILENAME, NULL),
   OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"),
   OBSOLETE("CloseHSServiceRendCircuitsImmediatelyOnTimeout"),
   V(HiddenServiceSingleHopMode,  BOOL, "0"),
@@ -1917,7 +1918,7 @@ options_act(const or_options_t *old_options)
 // LCOV_EXCL_STOP
   }
 
-  if (running_tor && rend_parse_service_authorization(options, 0) < 0) {
+  if (running_tor && hs_config_client_auth_all(options, 0) < 0) {
 // LCOV_EXCL_START
 log_warn(LD_BUG, "Previously validated client authorization for "
  "hidden services could not be added!");
@@ -3188,6 +3189,8 @@ warn_about_relative_paths(or_options_t *options)
   n += warn_if_option_path_is_relative("AccelDir",options->AccelDir);
   n += warn_if_option_path_is_relative("DataDirectory",options->DataDirectory);
   n += warn_if_option_path_is_relative("PidFile",options->PidFile);
+  n += warn_if_option_path_is_relative("ClientOnionAuthDir",
+options->ClientOnionAuthDir);
 
   for (config_line_t *hs_line = options->RendConfigLines; hs_line;
hs_line = hs_line->next) {
@@ -4339,7 +4342,7 @@ options_validate(or_options_t *old_options, or_options_t 
*options,
 REJECT("Failed to configure rendezvous options. See logs for details.");
 
   /* Parse client-side authorization for hidden services. */
-  if (rend_parse_service_authorization(options, 1) < 0)
+  if (hs_config_client_auth_all(options, 1) < 0)
 REJECT("Failed to configure client authorization for hidden services. "
"See logs for details.");
 
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 8ef01f80e..f6d796638 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -380,6 +380,8 @@ struct or_options_t {
   struct config_line_t *HidServAuth; /**< List of configuration lines for
* client-side authorizations for hidden
* services */
+  char *ClientOnionAuthDir; /**< Directory to keep client
+ * onion service authorization secret keys */
   char *ContactInfo; /**< Contact info to be published in the directory. */
 
   int HeartbeatPeriod; /**< Log heartbeat messages after this many seconds
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 1f9218e15..7c545c35d 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -42,6 +42,10 @@
 #include "core/or/extend_info_st.h"
 #include "core/or/origin_circuit_st.h"
 
+/* Client-side authorizations for hidden services; map of service identity
+ * public key to hs_client_service_authorization_t *. */
+static digest256map_t *client_auths = NULL;
+
 /* Return a human-readable string for the client fetch status code. */
 static const char *
 fetch_status_to_string(hs_client_fetch_status_t status)
@@ -1393,6 +1397,216 @@ hs_client_receive_rendezvous_acked(origin_circuit_t 
*circ,
   return -1;
 }
 
+#define client_service_authorization_free(auth)  \
+  FREE_AND_NULL(hs_client_service_authorization_t,   \
+client_service_authorization_free_, (auth))
+
+static void
+client_service_authorization_free_(hs_client_service_authorization_t *auth)
+{
+  if (auth) {
+memwipe(auth, 0, sizeof(*auth));
+  }
+  tor_free(auth);
+}
+
+/** Helper for digest256map_free. */
+static void
+client_service_authorization_free_void(void *auth)
+{
+  client_service_authorization_free_(auth);
+}
+
+static void
+client_service_authorization_free_all(void)
+{
+  if (!client_auths) {
+return;
+  }
+  digest256map_free(client_auths, client_service_authorization_free_void);
+}
+
+/* Check if the auth key file name is valid or not. Return 1 if valid,
+ * otherwise return 0. */

[tor-commits] [tor/master] test: HS v3 descriptor encoding with client authorization

2018-09-07 Thread nickm

commit fd6bec923c16004ce106d634187f12b57f220b91
Author: Suphanat Chunhapanya 
Date:   Sat Apr 14 17:50:07 2018 +0700

test: HS v3 descriptor encoding with client authorization

Signed-off-by: David Goulet 
---
 src/test/test_hs_descriptor.c | 27 ++-
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index bc72b34c0..78cd9fa47 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -291,7 +291,6 @@ static void
 test_encode_descriptor(void *arg)
 {
   int ret;
-  char *encoded = NULL;
   ed25519_keypair_t signing_kp;
   hs_descriptor_t *desc = NULL;
 
@@ -300,13 +299,31 @@ test_encode_descriptor(void *arg)
   ret = ed25519_keypair_generate(_kp, 0);
   tt_int_op(ret, OP_EQ, 0);
   desc = hs_helper_build_hs_desc_with_ip(_kp);
-  ret = hs_desc_encode_descriptor(desc, _kp, NULL, );
-  tt_int_op(ret, OP_EQ, 0);
-  tt_assert(encoded);
 
+  {
+char *encoded = NULL;
+ret = hs_desc_encode_descriptor(desc, _kp, NULL, );
+tt_int_op(ret, OP_EQ, 0);
+tt_assert(encoded);
+
+tor_free(encoded);
+  }
+
+  {
+char *encoded = NULL;
+uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
+
+crypto_strongest_rand(descriptor_cookie, sizeof(descriptor_cookie));
+
+ret = hs_desc_encode_descriptor(desc, _kp,
+   descriptor_cookie, );
+tt_int_op(ret, OP_EQ, 0);
+tt_assert(encoded);
+
+tor_free(encoded);
+  }
  done:
   hs_descriptor_free(desc);
-  tor_free(encoded);
 }
 
 static void



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] test: HS v3 building a descriptor with client auth

2018-09-07 Thread nickm

commit 0dab4ac2dde6431913761e8365b0d21174b3181e
Author: Suphanat Chunhapanya 
Date:   Fri Apr 13 04:52:46 2018 +0700

test: HS v3 building a descriptor with client auth

This commit tests that the descriptor building result, when the client
authorization is enabled, includes everything that is needed.

Signed-off-by: David Goulet 
---
 src/test/test_hs_service.c | 124 +
 1 file changed, 124 insertions(+)

diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index 573c8bc56..11f542c44 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -228,6 +228,24 @@ helper_create_origin_circuit(int purpose, int flags)
   return circ;
 }
 
+/* Helper: Return a newly allocated authorized client object with
+ * and a newly generated public key. */
+static hs_service_authorized_client_t *
+helper_create_authorized_client(void)
+{
+  int ret;
+  hs_service_authorized_client_t *client;
+  curve25519_secret_key_t seckey;
+  client = tor_malloc_zero(sizeof(hs_service_authorized_client_t));
+
+  ret = curve25519_secret_key_generate(, 0);
+  tt_int_op(ret, OP_EQ, 0);
+  curve25519_public_key_generate(>client_pk, );
+
+ done:
+  return client;
+}
+
 /* Helper: Return a newly allocated service object with the identity keypair
  * sets and the current descriptor. Then register it to the global map.
  * Caller should us hs_free_all() to free this service or remove it from the
@@ -252,6 +270,26 @@ helper_create_service(void)
   return service;
 }
 
+/* Helper: Return a newly allocated service object with clients. */
+static hs_service_t *
+helper_create_service_with_clients(int num_clients)
+{
+  int i;
+  hs_service_t *service = helper_create_service();
+  tt_assert(service);
+  service->config.is_client_auth_enabled = 1;
+  service->config.clients = smartlist_new();
+
+  for (i = 0; i < num_clients; i++) {
+hs_service_authorized_client_t *client;
+client = helper_create_authorized_client();
+smartlist_add(service->config.clients, client);
+  }
+
+ done:
+  return service;
+}
+
 /* Helper: Return a newly allocated service intro point with two link
  * specifiers, one IPv4 and one legacy ID set to As. */
 static hs_service_intro_point_t *
@@ -1562,6 +1600,90 @@ test_build_update_descriptors(void *arg)
   nodelist_free_all();
 }
 
+/** Test building descriptors. We use this separate function instead of
+ *  using test_build_update_descriptors because that function is too complex
+ *  and also too interactive. */
+static void
+test_build_descriptors(void *arg)
+{
+  int ret;
+  time_t now = time(NULL);
+
+  (void) arg;
+
+  hs_init();
+
+  MOCK(get_or_state,
+   get_or_state_replacement);
+  MOCK(networkstatus_get_live_consensus,
+   mock_networkstatus_get_live_consensus);
+
+  dummy_state = tor_malloc_zero(sizeof(or_state_t));
+
+  ret = parse_rfc1123_time("Sat, 26 Oct 1985 03:00:00 UTC",
+   _ns.valid_after);
+  tt_int_op(ret, OP_EQ, 0);
+  ret = parse_rfc1123_time("Sat, 26 Oct 1985 04:00:00 UTC",
+   _ns.fresh_until);
+  tt_int_op(ret, OP_EQ, 0);
+  voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after);
+
+  /* Generate a valid number of fake auth clients when a client authorization
+   * is disabled. */
+  {
+hs_service_t *service = helper_create_service();
+service_descriptor_free(service->desc_current);
+service->desc_current = NULL;
+
+build_all_descriptors(now);
+hs_desc_superencrypted_data_t *superencrypted;
+superencrypted = >desc_current->desc->superencrypted_data;
+tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16);
+  }
+
+  /* Generate a valid number of fake auth clients when the number of
+   * clients is zero. */
+  {
+hs_service_t *service = helper_create_service_with_clients(0);
+service_descriptor_free(service->desc_current);
+service->desc_current = NULL;
+
+build_all_descriptors(now);
+hs_desc_superencrypted_data_t *superencrypted;
+superencrypted = >desc_current->desc->superencrypted_data;
+tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16);
+  }
+
+  /* Generate a valid number of fake auth clients when the number of
+   * clients is not a multiple of 16. */
+  {
+hs_service_t *service = helper_create_service_with_clients(20);
+service_descriptor_free(service->desc_current);
+service->desc_current = NULL;
+
+build_all_descriptors(now);
+hs_desc_superencrypted_data_t *superencrypted;
+superencrypted = >desc_current->desc->superencrypted_data;
+tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 32);
+  }
+
+  /* Do not generate any fake desc client when the number of clients is
+   * a multiple of 16 but not zero. */
+  {
+hs_service_t *service = helper_create_service_with_clients(32);
+service_descriptor_free(service->desc_current);
+service->desc_current = NULL;
+
+build_all_descriptors(now);
+

[tor-commits] [tor/master] test: Build an HSv3 descriptor with authorized client

2018-09-07 Thread nickm

commit 10f4c46e50478e7620f3c23413ddd292d883e8ca
Author: Suphanat Chunhapanya 
Date:   Fri Apr 13 04:56:17 2018 +0700

test: Build an HSv3 descriptor with authorized client

Signed-off-by: David Goulet 
---
 src/lib/crypt_ops/crypto_rand.c |  4 +--
 src/lib/crypt_ops/crypto_rand.h |  2 +-
 src/test/test_hs_descriptor.c   | 70 +
 3 files changed, 73 insertions(+), 3 deletions(-)

diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c
index fb9d0c2c6..554777cf5 100644
--- a/src/lib/crypt_ops/crypto_rand.c
+++ b/src/lib/crypt_ops/crypto_rand.c
@@ -319,8 +319,8 @@ crypto_strongest_rand_raw(uint8_t *out, size_t out_len)
  * Try to get out_len bytes of the strongest entropy we can generate,
  * storing it into out.
  **/
-void
-crypto_strongest_rand(uint8_t *out, size_t out_len)
+MOCK_IMPL(void,
+crypto_strongest_rand,(uint8_t *out, size_t out_len))
 {
 #define DLEN SHA512_DIGEST_LENGTH
   /* We're going to hash DLEN bytes from the system RNG together with some
diff --git a/src/lib/crypt_ops/crypto_rand.h b/src/lib/crypt_ops/crypto_rand.h
index 938f11909..25bcfa1f1 100644
--- a/src/lib/crypt_ops/crypto_rand.h
+++ b/src/lib/crypt_ops/crypto_rand.h
@@ -21,7 +21,7 @@
 int crypto_seed_rng(void) ATTR_WUR;
 MOCK_DECL(void,crypto_rand,(char *to, size_t n));
 void crypto_rand_unmocked(char *to, size_t n);
-void crypto_strongest_rand(uint8_t *out, size_t out_len);
+MOCK_DECL(void,crypto_strongest_rand,(uint8_t *out, size_t out_len));
 int crypto_rand_int(unsigned int max);
 int crypto_rand_int_range(unsigned int min, unsigned int max);
 uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max);
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 9a7e66eae..9191b74d9 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -30,6 +30,13 @@ DISABLE_GCC_WARNING(overlength-strings)
 #include "test_hs_descriptor.inc"
 ENABLE_GCC_WARNING(overlength-strings)
 
+/* Mock function to fill all bytes with 1 */
+static void
+mock_crypto_strongest_rand(uint8_t *out, size_t out_len)
+{
+  memset(out, 1, out_len);
+}
+
 /* Test certificate encoding put in a descriptor. */
 static void
 test_cert_encoding(void *arg)
@@ -764,6 +771,67 @@ test_desc_signature(void *arg)
   tor_free(data);
 }
 
+static void
+test_build_authorized_client(void *arg)
+{
+  int ret;
+  hs_desc_authorized_client_t *desc_client = NULL;
+  uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
+  curve25519_secret_key_t auth_ephemeral_sk;
+  curve25519_secret_key_t client_sk;
+  curve25519_public_key_t client_pk;
+  const char ephemeral_sk_b16[] =
+"d023b674d993a5c8446bd2ca97e9961149b3c0e88c7dc14e844dd3468d6a";
+  const char descriptor_cookie_b16[] =
+"07d087f1d8c68393721f6e70316d3b29";
+  const char client_pubkey_b16[] =
+"8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37";
+  char *mem_op_hex_tmp=NULL;
+
+  (void) arg;
+
+  ret = curve25519_secret_key_generate(_ephemeral_sk, 0);
+  tt_int_op(ret, OP_EQ, 0);
+
+  ret = curve25519_secret_key_generate(_sk, 0);
+  tt_int_op(ret, OP_EQ, 0);
+  curve25519_public_key_generate(_pk, _sk);
+
+  desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
+
+  base16_decode((char *) _ephemeral_sk,
+sizeof(auth_ephemeral_sk),
+ephemeral_sk_b16,
+strlen(ephemeral_sk_b16));
+
+  base16_decode((char *) descriptor_cookie,
+sizeof(descriptor_cookie),
+descriptor_cookie_b16,
+strlen(descriptor_cookie_b16));
+
+  base16_decode((char *) _pk,
+sizeof(client_pk),
+client_pubkey_b16,
+strlen(client_pubkey_b16));
+
+  MOCK(crypto_strongest_rand, mock_crypto_strongest_rand);
+
+  hs_desc_build_authorized_client(_pk, _ephemeral_sk,
+   descriptor_cookie, desc_client);
+
+  test_memeq_hex((char *) desc_client->client_id,
+ "b514ef67192cad5f");
+  test_memeq_hex((char *) desc_client->iv,
+"01010101010101010101010101010101");
+  test_memeq_hex((char *) desc_client->encrypted_cookie,
+"46860a9df37b9f6d708E0D7E730C10C1");
+
+ done:
+  tor_free(desc_client);
+  tor_free(mem_op_hex_tmp);
+  UNMOCK(crypto_strongest_rand);
+}
+
 /* bad desc auth type */
 static const char bad_superencrypted_text1[] = "desc-auth-type scoobysnack\n"
   "desc-auth-ephemeral-key A/O8DVtnUheb3r1JqoB8uJB7wxXL1XJX3eny4yB+eFA=\n"
@@ -891,6 +959,8 @@ struct testcase_t hs_descriptor[] = {
 NULL, NULL },
   { "desc_signature", test_desc_signature, TT_FORK,
 NULL, NULL },
+  { "build_authorized_client", test_build_authorized_client, TT_FORK,
+NULL, NULL },
 
   { "parse_hs_desc_superencrypted", test_parse_hs_desc_superencrypted,
 TT_FORK, NULL, NULL },



___
tor-commits mailing list
tor-commits@lists.torproject.org

[tor-commits] [tor/master] test: HS v3 loading client auth keys service side

2018-09-07 Thread nickm

commit 15af47ede07a858bfa0871befa6e1fe76cdd372d
Author: Suphanat Chunhapanya 
Date:   Sat Aug 18 21:24:26 2018 +0700

test: HS v3 loading client auth keys service side

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_service.c |   4 +-
 src/feature/hs/hs_service.h |   3 +
 src/test/test_hs_service.c  | 197 
 3 files changed, 202 insertions(+), 2 deletions(-)

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index d61b2809b..8d1ee82ab 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1091,7 +1091,7 @@ load_service_keys(hs_service_t *service)
 
 /* Check if the client file name is valid or not. Return 1 if valid,
  * otherwise return 0. */
-static int
+STATIC int
 client_filename_is_valid(const char *filename)
 {
   int ret = 1;
@@ -1120,7 +1120,7 @@ client_filename_is_valid(const char *filename)
  * The  can only be "x25519".
  *
  * Return the key on success, return NULL, otherwise. */
-static hs_service_authorized_client_t *
+STATIC hs_service_authorized_client_t *
 parse_authorized_client(const char *client_key_str)
 {
   char *auth_type = NULL;
diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h
index c64eb7763..cab9b41bc 100644
--- a/src/feature/hs/hs_service.h
+++ b/src/feature/hs/hs_service.h
@@ -349,6 +349,9 @@ STATIC hs_service_descriptor_t *service_desc_find_by_intro(
  const hs_service_t *service,
  const hs_service_intro_point_t *ip);
 /* Helper functions. */
+STATIC int client_filename_is_valid(const char *filename);
+STATIC hs_service_authorized_client_t *
+parse_authorized_client(const char *client_key_str);
 STATIC void get_objects_from_ident(const hs_ident_circuit_t *ident,
hs_service_t **service,
hs_service_intro_point_t **ip,
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index f8a465629..573c8bc56 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -34,6 +34,7 @@
 #include "core/or/circuitlist.h"
 #include "core/or/circuituse.h"
 #include "lib/crypt_ops/crypto_rand.h"
+#include "lib/fs/dir.h"
 #include "feature/dirauth/dirvote.h"
 #include "feature/nodelist/networkstatus.h"
 #include "feature/nodelist/nodelist.h"
@@ -65,6 +66,13 @@
 /* Trunnel */
 #include "trunnel/hs/cell_establish_intro.h"
 
+#ifdef HAVE_SYS_STAT_H
+#include 
+#endif
+#ifdef HAVE_UNISTD_H
+#include 
+#endif
+
 static networkstatus_t mock_ns;
 
 static networkstatus_t *
@@ -303,6 +311,8 @@ test_load_keys(void *arg)
   /* It's in staging? */
   tt_int_op(get_hs_service_staging_list_size(), OP_EQ, 1);
 
+#undef conf_fmt
+
   /* Load the keys for these. After that, the v3 service should be registered
* in the global map. */
   hs_service_load_all_keys();
@@ -322,6 +332,9 @@ test_load_keys(void *arg)
   tt_int_op(hs_address_is_valid(addr), OP_EQ, 1);
   tt_str_op(addr, OP_EQ, s->onion_address);
 
+  /* Check that the is_client_auth_enabled is not set. */
+  tt_assert(!s->config.is_client_auth_enabled);
+
  done:
   tor_free(hsdir_v2);
   tor_free(hsdir_v3);
@@ -329,6 +342,184 @@ test_load_keys(void *arg)
 }
 
 static void
+test_client_filename_is_valid(void *arg)
+{
+  (void) arg;
+
+  /* Valid file name. */
+  tt_assert(client_filename_is_valid("a.auth"));
+  /* Valid file name with special character. */
+  tt_assert(client_filename_is_valid("a-.auth"));
+  /* Invalid extension. */
+  tt_assert(!client_filename_is_valid("a.ath"));
+  /* Nothing before the extension. */
+  tt_assert(!client_filename_is_valid(".auth"));
+
+ done:
+  ;
+}
+
+static void
+test_parse_authorized_client(void *arg)
+{
+  hs_service_authorized_client_t *client = NULL;
+
+  (void) arg;
+
+  /* Valid authorized client. */
+  client = parse_authorized_client(
+"descriptor:x25519:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja");
+  tt_assert(client);
+
+  /* Wrong number of fields. */
+  tt_assert(!parse_authorized_client("a:b:c:d:e"));
+  /* Wrong auth type. */
+  tt_assert(!parse_authorized_client(
+"x:x25519:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja"));
+  /* Wrong key type. */
+  tt_assert(!parse_authorized_client(
+"descriptor:x:dz4q5xqlb4ldnbs72iarrml4ephk3du4i7o2cgiva5lwr6wkquja"));
+  /* Some malformed string. */
+  tt_assert(!parse_authorized_client("descriptor:x25519:aa=="));
+  tt_assert(!parse_authorized_client("descriptor:"));
+  tt_assert(!parse_authorized_client("descriptor:x25519"));
+  tt_assert(!parse_authorized_client("descriptor:x25519:"));
+  tt_assert(!parse_authorized_client(""));
+
+ done:
+  service_authorized_client_free(client);
+}
+
+static char *
+mock_read_file_to_str(const char *filename, int flags, struct stat *stat_out)
+{
+  char *ret = NULL;
+
+  (void) flags;
+  (void) stat_out;
+
+  if (!strcmp(filename, get_fname("hs3" PATH_SEPARATOR
+

[tor-commits] [tor/master] hs-v3: Generate all descriptor related keys

2018-09-07 Thread nickm

commit 08bbcffc0ef6e69c02cc746568724df662654d2b
Author: Suphanat Chunhapanya 
Date:   Mon Apr 9 23:09:41 2018 +0700

hs-v3: Generate all descriptor related keys

We need to generate all the related keys when building the descriptor, so 
that
we can encrypt the descriptor.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_descriptor.c | 107 +
 src/feature/hs/hs_descriptor.h |  64 
 src/feature/hs/hs_service.c| 104 +--
 src/feature/hs/hs_service.h|   7 +++
 4 files changed, 278 insertions(+), 4 deletions(-)

diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 392800016..34ff2b0a3 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -168,6 +168,26 @@ desc_plaintext_data_free_contents(hs_desc_plaintext_data_t 
*desc)
   memwipe(desc, 0, sizeof(*desc));
 }
 
+/* Free the content of the superencrypted section of a descriptor. */
+static void
+desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc)
+{
+  if (!desc) {
+return;
+  }
+
+  if (desc->encrypted_blob) {
+tor_free(desc->encrypted_blob);
+  }
+  if (desc->clients) {
+SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client,
+  hs_desc_authorized_client_free(client));
+smartlist_free(desc->clients);
+  }
+
+  memwipe(desc, 0, sizeof(*desc));
+}
+
 /* Free the content of the encrypted section of a descriptor. */
 static void
 desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc)
@@ -2383,6 +2403,14 @@ hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t 
*desc)
   tor_free(desc);
 }
 
+/* Free the descriptor plaintext data object. */
+void
+hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc)
+{
+  desc_superencrypted_data_free_contents(desc);
+  tor_free(desc);
+}
+
 /* Free the descriptor encrypted data object. */
 void
 hs_desc_encrypted_data_free_(hs_desc_encrypted_data_t *desc)
@@ -2400,6 +2428,7 @@ hs_descriptor_free_(hs_descriptor_t *desc)
   }
 
   desc_plaintext_data_free_contents(>plaintext_data);
+  desc_superencrypted_data_free_contents(>superencrypted_data);
   desc_encrypted_data_free_contents(>encrypted_data);
   tor_free(desc);
 }
@@ -2475,6 +2504,84 @@ hs_desc_intro_point_free_(hs_desc_intro_point_t *ip)
   tor_free(ip);
 }
 
+/* Build a fake client info for the descriptor */
+void
+hs_desc_build_fake_authorized_client(hs_desc_authorized_client_t *client_out)
+{
+  tor_assert(client_out);
+
+  crypto_rand((char *) client_out->client_id,
+  sizeof(client_out->client_id));
+  crypto_rand((char *) client_out->iv,
+  sizeof(client_out->iv));
+  crypto_rand((char *) client_out->encrypted_cookie,
+  sizeof(client_out->encrypted_cookie));
+}
+
+/* Using the client public key, auth ephemeral secret key, and descriptor
+ * cookie, build the auth client so we can then encode the descriptor for
+ * publication. client_out must be already allocated. */
+void
+hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk,
+const curve25519_secret_key_t *
+auth_ephemeral_sk,
+const uint8_t *descriptor_cookie,
+hs_desc_authorized_client_t *client_out)
+{
+  uint8_t secret_seed[CURVE25519_OUTPUT_LEN];
+  uint8_t keystream[HS_DESC_CLIENT_ID_LEN + HS_DESC_COOKIE_KEY_LEN];
+  uint8_t *cookie_key;
+  crypto_cipher_t *cipher;
+  crypto_xof_t *xof;
+
+  tor_assert(client_pk);
+  tor_assert(auth_ephemeral_sk);
+  tor_assert(descriptor_cookie);
+  tor_assert(client_out);
+  tor_assert(!tor_mem_is_zero((char *) auth_ephemeral_sk,
+  sizeof(*auth_ephemeral_sk)));
+  tor_assert(!tor_mem_is_zero((char *) client_pk, sizeof(*client_pk)));
+  tor_assert(!tor_mem_is_zero((char *) descriptor_cookie,
+  HS_DESC_DESCRIPTOR_COOKIE_LEN));
+
+  /* Calculate x25519(hs_y, client_X) */
+  curve25519_handshake(secret_seed,
+   auth_ephemeral_sk,
+   client_pk);
+
+  /* Calculate KEYS = KDF(SECRET_SEED, 40) */
+  xof = crypto_xof_new();
+  crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
+  crypto_xof_squeeze_bytes(xof, keystream, sizeof(keystream));
+  crypto_xof_free(xof);
+
+  memcpy(client_out->client_id, keystream, HS_DESC_CLIENT_ID_LEN);
+  cookie_key = keystream + HS_DESC_CLIENT_ID_LEN;
+
+  /* Random IV */
+  crypto_strongest_rand(client_out->iv, sizeof(client_out->iv));
+
+  /* This creates a cipher for AES. It can't fail. */
+  cipher = crypto_cipher_new_with_iv_and_bits(cookie_key, client_out->iv,
+  HS_DESC_COOKIE_KEY_BIT_SIZE);
+  /* This can't fail. */
+  crypto_cipher_encrypt(cipher, (char *) client_out->encrypted_cookie,
+(const

[tor-commits] [tor/master] hs-v3: Load all client auth keys to the service

2018-09-07 Thread nickm

commit b894b40e647b4839f33f3a57704cafe9e644230c
Author: Suphanat Chunhapanya 
Date:   Sat Aug 18 12:28:12 2018 +0700

hs-v3: Load all client auth keys to the service

This commit loads all client public keys from every file in
`authorized_clients/` directory.

Signed-off-by: David Goulet 
---
 src/feature/hs/hs_service.c | 208 +++-
 src/feature/hs/hs_service.h |  20 +
 2 files changed, 227 insertions(+), 1 deletion(-)

diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 30d01540f..d61b2809b 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -88,6 +88,7 @@
 
 /* Onion service directory file names. */
 static const char fname_keyfile_prefix[] = "hs_ed25519";
+static const char dname_client_pubkeys[] = "authorized_clients";
 static const char fname_hostname[] = "hostname";
 static const char address_tld[] = "onion";
 
@@ -103,6 +104,7 @@ static smartlist_t *hs_service_staging_list;
 static int consider_republishing_hs_descriptors = 0;
 
 /* Static declaration. */
+static int load_client_keys(hs_service_t *service);
 static void set_descriptor_revision_counter(hs_service_descriptor_t *hs_desc,
 time_t now, bool is_current);
 static void move_descriptors(hs_service_t *src, hs_service_t *dst);
@@ -247,6 +249,11 @@ service_clear_config(hs_service_config_t *config)
   rend_service_port_config_free(p););
 smartlist_free(config->ports);
   }
+  if (config->clients) {
+SMARTLIST_FOREACH(config->clients, hs_service_authorized_client_t *, p,
+  service_authorized_client_free(p));
+smartlist_free(config->clients);
+  }
   memset(config, 0, sizeof(*config));
 }
 
@@ -1070,6 +1077,11 @@ load_service_keys(hs_service_t *service)
 goto end;
   }
 
+  /* Load all client authorization keys in the service. */
+  if (load_client_keys(service) < 0) {
+goto end;
+  }
+
   /* Succes. */
   ret = 0;
  end:
@@ -1077,6 +1089,200 @@ load_service_keys(hs_service_t *service)
   return ret;
 }
 
+/* Check if the client file name is valid or not. Return 1 if valid,
+ * otherwise return 0. */
+static int
+client_filename_is_valid(const char *filename)
+{
+  int ret = 1;
+  const char *valid_extension = ".auth";
+
+  tor_assert(filename);
+
+  /* The file extension must match and the total filename length can't be the
+   * length of the extension else we do not have a filename. */
+  if (!strcmpend(filename, valid_extension) &&
+  strlen(filename) != strlen(valid_extension)) {
+ret = 1;
+  } else {
+ret = 0;
+  }
+
+  return ret;
+}
+
+/* Parse an authorized client from a string. The format of a client string
+ * looks like (see rend-spec-v3.txt):
+ *
+ *  ::
+ *
+ * The  can only be "descriptor".
+ * The  can only be "x25519".
+ *
+ * Return the key on success, return NULL, otherwise. */
+static hs_service_authorized_client_t *
+parse_authorized_client(const char *client_key_str)
+{
+  char *auth_type = NULL;
+  char *key_type = NULL;
+  char *pubkey_b32 = NULL;
+  hs_service_authorized_client_t *client = NULL;
+  smartlist_t *fields = smartlist_new();
+
+  tor_assert(client_key_str);
+
+  smartlist_split_string(fields, client_key_str, ":",
+ SPLIT_SKIP_SPACE, 0);
+  /* Wrong number of fields. */
+  if (smartlist_len(fields) != 3) {
+goto err;
+  }
+
+  auth_type = smartlist_get(fields, 0);
+  key_type = smartlist_get(fields, 1);
+  pubkey_b32 = smartlist_get(fields, 2);
+
+  /* Currently, the only supported auth type is "descriptor" and the only
+   * supported key type is "x25519". */
+  if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) {
+goto err;
+  }
+
+  /* We expect a specific length of the base32 encoded key so make sure we
+   * have that so we don't successfully decode a value with a different length
+   * and end up in trouble when copying the decoded key into a fixed length
+   * buffer. */
+  if (strlen(pubkey_b32) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
+log_warn(LD_REND, "Client authorization encoded base32 public key "
+  "length is invalid: %s", pubkey_b32);
+goto err;
+  }
+
+  client = tor_malloc_zero(sizeof(hs_service_authorized_client_t));
+  if (base32_decode((char *) client->client_pk.public_key,
+sizeof(client->client_pk.public_key),
+pubkey_b32, strlen(pubkey_b32)) < 0) {
+goto err;
+  }
+
+  /* Success. */
+  goto done;
+
+ err:
+  service_authorized_client_free(client);
+ done:
+  /* It is also a good idea to wipe the public key. */
+  if (pubkey_b32) {
+memwipe(pubkey_b32, 0, strlen(pubkey_b32));
+  }
+  if (fields) {
+SMARTLIST_FOREACH(fields, char *, s, tor_free(s));
+smartlist_free(fields);
+  }
+  return client;
+}
+
+/* Load all the client public keys for the given service. Return 0 on
+ * success else -1 on failure. */
+static int

[tor-commits] [translation/tails-misc] Update translations for tails-misc

2018-09-07 Thread translation

commit 852621570bf8437792765ddeaa783dd8b966a339
Author: Translation commit bot 
Date:   Fri Sep 7 18:45:53 2018 +

Update translations for tails-misc
---
 da.po | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/da.po b/da.po
index 33ac2d4e6..d919b57fc 100644
--- a/da.po
+++ b/da.po
@@ -21,7 +21,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-09-04 11:37+0200\n"
-"PO-Revision-Date: 2018-09-07 05:38+\n"
+"PO-Revision-Date: 2018-09-07 18:21+\n"
 "Last-Translator: scootergrisen\n"
 "Language-Team: Danish 
(http://www.transifex.com/otf/torproject/language/da/)\n"
 "MIME-Version: 1.0\n"
@@ -586,7 +586,7 @@ msgstr ""
 #: 
config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume.py:122
 #, python-brace-format
 msgid "{partition_name} on {drive_name}"
-msgstr ""
+msgstr "{partition_name} pÃ¥ {drive_name}"
 
 #. Translators: Don't translate {volume_name} and {drive_name},
 #. they are placeholders and will be replaced. You should only have to
@@ -595,7 +595,7 @@ msgstr ""
 #: 
config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume.py:129
 #, python-brace-format
 msgid "{volume_name} â {drive_name}"
-msgstr ""
+msgstr "{volume_name} â {drive_name}"
 
 #: 
config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_list.py:83
 msgid "No file containers added"
@@ -612,7 +612,7 @@ msgstr "Beholderen er allerede tilfÃ¸jet"
 #: 
config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_manager.py:115
 #, python-format
 msgid "The file container %s should already be listed."
-msgstr ""
+msgstr "Filbeholderen %s skulle allerede vÃ¦re oplistet."
 
 #: 
config/chroot_local-includes/usr/local/lib/python3/dist-packages/unlock_veracrypt_volumes/volume_manager.py:131
 msgid "Container opened read-only"
@@ -688,11 +688,11 @@ msgstr "Usikker webbrowser"
 
 #: 
../config/chroot_local-includes/usr/share/applications/unlock-veracrypt-volumes.desktop.in.h:1
 msgid "Unlock VeraCrypt Volumes"
-msgstr ""
+msgstr "LÃ¥s op for VeraCrypt-diskomrÃ¥der"
 
 #: 
../config/chroot_local-includes/usr/share/applications/unlock-veracrypt-volumes.desktop.in.h:2
 msgid "Mount VeraCrypt encrypted file containers and devices"
-msgstr ""
+msgstr "Monter VeraCrypt-krypterede filbeholdere og enheder"
 
 #: 
../config/chroot_local-includes/usr/share/applications/org.boum.tails.additional-software-config.desktop.in.h:1
 msgid "Additional Software"
@@ -720,7 +720,7 @@ msgstr "Fjern en pakke med yderligere software"
 msgid ""
 "Authentication is required to remove a package from your additional software"
 " ($(command_line))"
-msgstr ""
+msgstr "Der krÃ¦ves autentifikation for at fjerne en pakke fra dine yderligere 
software ($(command_line))"
 
 #: 
../config/chroot_local-includes/usr/share/unlock-veracrypt-volumes/ui/main.ui.in:61
 msgid "File Containers"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-browseronboardingproperties] Update translations for torbutton-browseronboardingproperties

2018-09-07 Thread translation

commit d1f3a115c78279a235dda48e8a2570bb8cf2a4d4
Author: Translation commit bot 
Date:   Fri Sep 7 18:18:16 2018 +

Update translations for torbutton-browseronboardingproperties
---
 da/browserOnboarding.properties | 42 -
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/da/browserOnboarding.properties b/da/browserOnboarding.properties
index 95530ce34..bfe93b65b 100644
--- a/da/browserOnboarding.properties
+++ b/da/browserOnboarding.properties
@@ -2,53 +2,53 @@
 # See LICENSE for licensing information.
 # vim: set sw=2 sts=2 ts=8 et:
 
-onboarding.tour-tor-welcome=Welcome
-onboarding.tour-tor-welcome.title=Youâre ready.
-onboarding.tour-tor-welcome.description=Tor Browser offers the highest 
standard of privacy and security while browsing the web. Youâre now protected 
against tracking, surveillance, and censorship. This quick onboarding will show 
you how.
-onboarding.tour-tor-welcome.button=Start Now
+onboarding.tour-tor-welcome=Velkommen
+onboarding.tour-tor-welcome.title=Du er klar.
+onboarding.tour-tor-welcome.description=Tor Browser tilbyder den hÃ¸jeste 
standard indenfor privatliv og sikkerhed pÃ¥ webbet. Du er nu beskyttet mod 
sporing, overvÃ¥gning og censur. Denne hurtige introduktion viser dig hvordan.
+onboarding.tour-tor-welcome.button=Start nu
 
 onboarding.tour-tor-privacy=Privatliv
-onboarding.tour-tor-privacy.title=Snub trackers and snoopers.
+onboarding.tour-tor-privacy.title=SÃ¦t en stopper for trackere og snoopers.
 onboarding.tour-tor-privacy.description=Tor Browser isolates cookies and 
deletes your browser history after your session. These modifications ensure 
your privacy and security are protected in the browser. Click âTor Networkâ 
to learn how we protect you on the network level.
-onboarding.tour-tor-privacy.button=Go to Tor Network
+onboarding.tour-tor-privacy.button=GÃ¥ til Tor-netvÃ¦rk
 
-onboarding.tour-tor-network=Tor Network
-onboarding.tour-tor-network.title=Travel a decentralized network.
+onboarding.tour-tor-network=Tor-netvÃ¦rk
+onboarding.tour-tor-network.title=Rejs pÃ¥ et decentraliseret netvÃ¦rk.
 onboarding.tour-tor-network.description=Tor Browser connects you to the Tor 
network run by thousands of volunteers around the world. Unlike a VPN, 
thereâs no one point of failure or centralized entity you need to trust in 
order to enjoy the internet privately.
-onboarding.tour-tor-network.button=Go to Circuit Display
+onboarding.tour-tor-network.button=GÃ¥ til kredslÃ¸b-visning
 
-onboarding.tour-tor-circuit-display=Circuit Display
-onboarding.tour-tor-circuit-display.title=See your path.
+onboarding.tour-tor-circuit-display=KredslÃ¸b-visning
+onboarding.tour-tor-circuit-display.title=Se din sti.
 onboarding.tour-tor-circuit-display.description=For each domain you visit, 
your traffic is relayed and encrypted in a circuit across three Tor relays 
around the world. No website knows where you are connecting from. You can 
request a new circuit by clicking âNew Circuit for this Siteâ on our 
Circuit Display.
-onboarding.tour-tor-circuit-display.button=See My Path
+onboarding.tour-tor-circuit-display.button=Se min sti
 
 onboarding.tour-tor-security=Sikkerhed
-onboarding.tour-tor-security.title=Choose your experience.
+onboarding.tour-tor-security.title=VÃ¦lg din oplevelse.
 onboarding.tour-tor-security.description=We also provide you with additional 
settings for bumping up your browser security. Our Security Settings allow you 
to block elements that could be used to attack your computer. Click below to 
see what the different options do.
 onboarding.tour-tor-security.button=Review Settings
 
 onboarding.tour-tor-expect-differences=Experience Tips
-onboarding.tour-tor-expect-differences.title=Expect some differences.
+onboarding.tour-tor-expect-differences.title=Forvent nogen forskelle.
 onboarding.tour-tor-expect-differences.description=With all the security and 
privacy features provided by Tor, your experience while browsing the internet 
may be a little different. Things may be a bit slower, and depending on your 
security level, some elements may not work or load. You may also be asked to 
prove you are a human and not a robot.
 onboarding.tour-tor-expect-differences.button=See FAQs
 
 onboarding.tour-tor-onion-services=Onion-tjenester
-onboarding.tour-tor-onion-services.title=Be extra protected.
+onboarding.tour-tor-onion-services.title=VÃ¦r ekstra beskyttet.
 onboarding.tour-tor-onion-services.description=Onion services are sites that 
end with a .onion that provide extra protections to publishers and visitors, 
including added safeguards against censorship. Onion services allow anyone to 
provide content and services anonymously. Click below to visit the DuckDuckGo 
onion site.
 onboarding.tour-tor-onion-services.button=Visit an Onion
 
 # Circuit Display onboarding.
 onboarding.tor-circuit-display.next=NÃ¦ste
 onboarding.tor-circuit-display.done=FuldfÃ¸rt

[tor-commits] [translation/tba-android_stringsdtd] Update translations for tba-android_stringsdtd

2018-09-07 Thread translation

commit c545022604575c3d64aefdeb11d084d016589c99
Author: Translation commit bot 
Date:   Fri Sep 7 18:16:50 2018 +

Update translations for tba-android_stringsdtd
---
 da/android_strings.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/da/android_strings.dtd b/da/android_strings.dtd
index e8e8139c5..87752f8c6 100644
--- a/da/android_strings.dtd
+++ b/da/android_strings.dtd
@@ -2,7 +2,7 @@
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit 8fa305fa77f703b56db6ca112df2ec5d2434b1f7
Author: Translation commit bot 
Date:   Fri Sep 7 17:19:05 2018 +

Update translations for support-portal
---
 contents+fr.po| 11 +++
 contents+ga.po|  4 
 contents+he.po|  2 ++
 contents+id.po| 10 ++
 contents+it.po|  2 ++
 contents+nb.po|  5 -
 contents+pt_BR.po | 10 ++
 contents+ru.po|  6 +-
 contents+tr.po|  2 ++
 9 files changed, 50 insertions(+), 2 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 1963829c6..70266beac 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -1207,6 +1207,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"Veuillez consulter la https://www.eff.org/https-;
+"everywhere/faq\">FAQ de HTTPS partout."
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
@@ -2595,6 +2597,15 @@ msgid ""
 "href=\"https://www.facebook.com/notes/protect-the-graph/making-connections-;
 "to-facebook-more-secure/1526085754298237/\">Facebook."
 msgstr ""
+"Les services oignons sont aussi utilisÃ©s pour permettre la messagerie et le "
+"partage de fichiers sans mÃ©tadonnÃ©es, des interactions plus sÃ»res entre 
des "
+"journalistes et leurs sources avec https://securedrop.org/\;>SecureDrop ou https://onionshare.org/\;>OnionShare, des mises Ã  jour "
+"logicielles plus sÃ»res, et des maniÃ¨res plus sÃ©curitaires dâatteindre 
des "
+"sites populaires comme https://www.facebook.com/notes;
+"/protect-the-graph/making-connections-to-facebook-more-"
+"secure/1526085754298237/\">Facebook."
 
 #: http//localhost/onionservices/onionservices-1/
 #: (content/onionservices/onionservices-1/contents+en.lrquestion.description)
diff --git a/contents+ga.po b/contents+ga.po
index 28683e8c2..51b92a569 100644
--- a/contents+ga.po
+++ b/contents+ga.po
@@ -1186,6 +1186,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"FÃ©ach na ceisteanna coitianta ar shuÃomh https://www.eff.org;
+"/https-everywhere/faq\">HTTPS Everywhere."
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
@@ -3924,6 +3926,8 @@ msgid ""
 "The Torbutton icon (the little onion in the top left corner of the browser) "
 "will display a yellow triangle."
 msgstr ""
+"TaispeÃ¡nfaidh deilbhÃn an chnaipe Tor (an t-oinniÃºn beag glas sa chÃºinne 
ag "
+"barr ar chlÃ© den bhrabhsÃ¡laÃ) triantÃ¡n buÃ."
 
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
diff --git a/contents+he.po b/contents+he.po
index 8af9eb0d0..086cb8fc4 100644
--- a/contents+he.po
+++ b/contents+he.po
@@ -1024,6 +1024,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"×× × ×¨×× ××ª https://www.eff.org/https-everywhere/faq\;>HTTPS "
+"Everywhere."
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
diff --git a/contents+id.po b/contents+id.po
index d463ea8c0..26653d25c 100644
--- a/contents+id.po
+++ b/contents+id.po
@@ -1187,6 +1187,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"Silakan lihat https://www.eff.org/https-;
+"everywhere/faq\">HTTPS Everywhere."
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
@@ -2455,6 +2457,8 @@ msgid ""
 "Tor Browser will prompt you to update the software once a new version has "
 "been released."
 msgstr ""
+"Tor Browser akan meminta Anda untuk memperbarui perangkat lunak ketika versi"
+" baru telah dirilis."
 
 #: http//localhost/faq/faq-3/
 #: (content/faq/faq-3/contents+en.lrquestion.description)
@@ -2464,6 +2468,10 @@ msgid ""
 "and https://noscript.net/\;>NoScript â and 
adding"
 " anything else could deanonymize you."
 msgstr ""
+"Tor Browser sudah terpasang dua add-on â https://www.eff.org;
+"/https-everywhere\">HTTPS Everywhere dan https://noscript.net/\;>NoScript â menambahkan add-on 
lain"
+" akan merusak anomimisitas Anda. "
 
 #: http//localhost/gettor/ (content/gettor/contents+en.lrtopic.title)
 #: (content/gettor/contents+en.lrtopic.seo_slug)
@@ -4016,6 +4024,8 @@ msgid ""
 "The Torbutton icon (the little onion in the top left corner of the browser) "
 "will display a yellow triangle."
 msgstr ""
+"Ikon Torbutton (gambar bawang hijau di sudut kiri atas browser) akan "
+"menampilkan segi tiga kuning."
 
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
diff --git a/contents+it.po b/contents+it.po
index b9ca270a3..946ad9fc4 100644
--- a/contents+it.po
+++ b/contents+it.po
@@ -4096,6 +4096,8 @@ msgid ""
 "The Torbutton icon (the little onion in the top left corner of the browser) "
 "will display a yellow triangle."
 msgstr ""
+"L'icona di Torbutton (la

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-09-07 Thread translation

commit 0ae500ab0d37cf9e46a92f697b2cb6d1af45a8f0
Author: Translation commit bot 
Date:   Fri Sep 7 16:49:00 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 397 +++--
 1 file changed, 158 insertions(+), 239 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 0c29e919d..86cd486fb 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -10,7 +10,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-09-07 15:19+CET\n"
+"POT-Creation-Date: 2018-09-07 17:41+CET\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: Silvana Nunez , 2018\n"
 "Language-Team: Spanish (https://www.transifex.com/otf/teams/1519/es/)\n"
@@ -73,6 +73,11 @@ msgstr ""
 "desde un repetidor de salida al otro lado del mundo, pueden bloquear tu "
 "cuenta o suspenderla)."
 
+#: http//localhost/https/https-1/
+#: (content/https/https-1/contents+en.lrquestion.description)
+msgid "Tor prevents eavesdroppers from learning sites that you visit."
+msgstr "Tor evita que alguien a la escucha sepa los sitios que visitas."
+
 #: http//localhost/tbb/tbb-41/
 #: (content/tbb/tbb-41/contents+en.lrquestion.description)
 msgid ""
@@ -258,16 +263,6 @@ msgstr ""
 msgid "What is a .onion or what are onion services?"
 msgstr "Â¿QuÃ© es un .onion o quÃ© son los servicios onion?"
 
-#: http//localhost/operators/operators-1/
-#: (content/operators/operators-1/contents+en.lrquestion.description)
-msgid ""
-"After a few hours (to give it enough time to propagate), you can query Atlas"
-" to see whether your relay has successfully registered in the network."
-msgstr ""
-"DespuÃ©s de unas horas (para darle suficiente tiempo para reproducirse), "
-"puedes consultar a Atlas para ver si tu repetidor se ha registrado "
-"correctamente en la red."
-
 #: http//localhost/misc/misc-12/
 #: (content/misc/misc-12/contents+en.lrquestion.description)
 msgid ""
@@ -314,14 +309,10 @@ msgstr ""
 "Desafortunadamente, aÃºn no tenemos una versiÃ³n del Tor Browser para "
 "ChromeOS."
 
-#: http//localhost/operators/operators-6/
-#: (content/operators/operators-6/contents+en.lrquestion.description)
-msgid ""
-"* Look for a log entry in /var/log/syslog such as \"Self-testing indicates "
-"your ORPort is reachable from the outside. Excellent.\""
-msgstr ""
-"* Busca una entrada de registro en /var/log/syslog como \"La autoprueba "
-"indica que tu ORPort es accesible desde el exterior. Excelente.\""
+#: http//localhost/tbb/tbb-27/
+#: (content/tbb/tbb-27/contents+en.lrquestion.description)
+msgid ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -406,6 +397,8 @@ msgstr ""
 msgid "RunAsDaemon 1"
 msgstr "RunAsDaemon 1"
 
+#: http//localhost/connecting/connecting-2/
+#: (content/connecting/connecting-2/contents+en.lrquestion.description)
 #: http//localhost/censorship/censorship-5/
 #: (content/censorship/censorship-5/contents+en.lrquestion.description)
 msgid ""
@@ -563,15 +556,6 @@ msgstr ""
 "Puedes ayudar a mejorar la velocidad de la red con tu propio repetidor, o "
 "animando a otros a hacerlo."
 
-#: http//localhost/onionservices/onionservices-2/
-#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
-msgid ""
-""
-msgstr ""
-""
-
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
@@ -587,14 +571,14 @@ msgid "You can update Tor Browser as soon as a new 
version is released."
 msgstr ""
 "Puedes actualizar el navegador Tor en cuanto se publica una nueva versiÃ³n."
 
-#: http//localhost/tbb/tbb-29/
-#: (content/tbb/tbb-29/contents+en.lrquestion.description)
+#: http//localhost/onionservices/onionservices-2/
+#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
-""
+""
 msgstr ""
-""
+""
 
 #: http//localhost/tbb/tbb-18/
 #: (content/tbb/tbb-18/contents+en.lrquestion.description)
@@ -605,14 +589,8 @@ msgstr ""
 "Lo sentimos, pero actualmente no hay soporte oficial para ejecutar el "
 "navegador Tor sobre *BSD."
 
-#: http//localhost/tbb/tbb-27/
-#: (content/tbb/tbb-27/contents+en.lrquestion.description)
-#: http//localhost/tbb/tbb-29/
-#: (content/tbb/tbb-29/contents+en.lrquestion.description)
 #: http//localhost/https/https-1/
 #: (content/https/https-1/contents+en.lrquestion.description)
-#: http//localhost/onionservices/onionservices-2/
-#: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
 msgstr ""
 
@@ -668,14 +646,14 @@ msgstr "onion-services"
 msgid "Onion Services"
 msgstr "Servicios Onion"
 
-#: http//localhost/tbb/tbb-27/
-#: (content/tbb/tbb-27/contents+en.lrquestion.description)
+#: http//localhost/operators/operators-7/
+#: (content/operators/operators-7/contents+en.lrquestion.description)
 msgid ""
-""
+"If law enforcement becomes interested in traffic from your exit relay, it's "
+"possible that

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit c4d4c0ce54a160366ca0d5ce31e7ba6ae532642d
Author: Translation commit bot 
Date:   Fri Sep 7 16:48:55 2018 +

Update translations for support-portal
---
 contents+es.po | 16 +---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 0f5c2a637..86cd486fb 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -312,7 +312,7 @@ msgstr ""
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.title)
@@ -577,6 +577,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/tbb/tbb-18/
 #: (content/tbb/tbb-18/contents+en.lrquestion.description)
@@ -1632,7 +1634,7 @@ msgstr "conectar-a-tor"
 #: http//localhost/tbb/tbb-27/
 #: (content/tbb/tbb-27/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.description)
@@ -1681,6 +1683,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/tbb/tbb-28/
 #: (content/tbb/tbb-28/contents+en.lrquestion.description)
@@ -3593,6 +3597,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/onionservices/onionservices-1/
 #: (content/onionservices/onionservices-1/contents+en.lrquestion.description)
@@ -3620,6 +3626,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/operators/operators-7/
 #: (content/operators/operators-7/contents+en.lrquestion.description)
@@ -4102,6 +4110,8 @@ msgid ""
 "The Torbutton icon (the little onion in the top left corner of the browser) "
 "will display a yellow triangle."
 msgstr ""
+"El icono de Torbutton (la cebollita en la esquina superior izquierda del "
+"navegador) mostrarÃ¡ un triÃ¡ngulo amarillo."
 
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
@@ -4272,7 +4282,7 @@ msgstr ""
 #: http//localhost/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
+msgstr ""
 
 #: http//localhost/connecting/connecting-2/
 #: (content/connecting/connecting-2/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-09-07 Thread translation

commit 49699acd23e50f136c30e9446d1d93e79a263361
Author: Translation commit bot 
Date:   Fri Sep 7 16:19:08 2018 +

Update translations for support-portal
---
 contents+bn_BD.po | 10 ++
 contents+de.po|  2 +-
 contents+es.po|  4 +++-
 contents+tr.po|  4 
 contents+zh_CN.po | 12 +++-
 5 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/contents+bn_BD.po b/contents+bn_BD.po
index 04750ba11..eee389737 100644
--- a/contents+bn_BD.po
+++ b/contents+bn_BD.po
@@ -939,6 +939,8 @@ msgid ""
 "If you see lines like this in your Tor log, it means that Tor failed to "
 "complete a TLS handshake with the directory authorities."
 msgstr ""
+"à¦¯à¦¦à¦¿ à¦à¦ªà¦¨à¦¿ à¦à¦ªà¦¨à¦¾à¦° à¦à¦° à¦²à¦à§ à¦à¦ 
à¦§à¦°à¦¨à§à¦° à¦²à¦¾à¦à¦¨à¦à§à¦²à§ à¦¦à§à¦à§à¦¨, à¦à¦° à¦®à¦¾à¦¨à§ 
à¦¹à¦à§à¦à§ à¦¯à§ à¦à¦° "
+"à¦¨à¦¿à¦°à§à¦¦à§à¦¶à¦¿à¦à¦¾ à¦à¦°à§à¦¤à§à¦ªà¦à§à¦·à§à¦° à¦¸à¦¾à¦¥à§ 
à¦à¦à¦à¦¿ TLS à¦¹à§à¦¯à¦¾à¦¨à§à¦¡à¦¶à§à¦ à¦¸à¦®à§à¦ªà¦¨à§à¦¨ 
à¦à¦°à¦¤à§ à¦¬à§à¦¯à¦°à§à¦¥ à¦¹à¦¯à¦¼à§à¦à§ à¥¤"
 
 #: http//localhost/tbb/tbb-19/
 #: (content/tbb/tbb-19/contents+en.lrquestion.description)
@@ -1127,6 +1129,8 @@ msgid ""
 "If you are unable to connect to an onion service, please see I cannot reach X.onion!"
 msgstr ""
+"à¦à¦ªà¦¨à¦¿ à¦¯à¦¦à¦¿ à¦à§à¦¨ à¦ªà§à¦à¦¯à¦¼à¦¾à¦à§à¦° 
à¦¸à§à¦¬à¦¾à¦¯à¦¼ à¦¸à¦à¦¯à§à¦ à¦à¦°à¦¤à§ à¦¨à¦¾ à¦ªà¦¾à¦°à§à¦¨, 
à¦¤à¦¾à¦¹à¦²à§ à¦¦à§à¦à§ à¦¨à¦¿à¦¨ à¦à¦®à¦¿ X-à¦ à¦ªà§à¦à¦à¦¾à¦¤à§ 
à¦ªà¦¾à¦°à¦à¦¿ à¦¨à¦¾ à¥¤"
 
 #: http//localhost/connecting/connecting-2/
 #: (content/connecting/connecting-2/contents+en.lrquestion.description)
@@ -1172,6 +1176,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"à¦¦à¦¯à¦¼à¦¾ à¦à¦°à§ https://www.eff.org/https-everywhere/faq\;>HTTPS "
+"Everywhere à¦¦à§à¦à§à¦¨ à¥¤"
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
@@ -2434,6 +2440,8 @@ msgid ""
 "Tor Browser will prompt you to update the software once a new version has "
 "been released."
 msgstr ""
+"à¦à¦à¦à¦¿ à¦¨à¦¤à§à¦¨ à¦¸à¦à¦¸à§à¦à¦°à¦£ à¦ªà§à¦°à¦à¦¾à¦¶ à¦à¦°à¦¾ 
à¦¹à¦¯à¦¼à§à¦à§ à¦à¦à¦¬à¦¾à¦° à¦à¦° à¦¬à§à¦°à¦¾à¦à¦à¦¾à¦° 
à¦à¦ªà¦¨à¦¾à¦à§ à¦¸à¦«à§à¦à¦à¦¯à¦¼à§à¦¯à¦¾à¦° "
+"à¦à¦ªà¦¡à§à¦ à¦à¦°à¦¤à§ à¦à¦¨à§à¦°à§à¦§ à¦à¦°à¦¬à§à¥¤"
 
 #: http//localhost/faq/faq-3/
 #: (content/faq/faq-3/contents+en.lrquestion.description)
@@ -4006,6 +4014,8 @@ msgid ""
 "The Torbutton icon (the little onion in the top left corner of the browser) "
 "will display a yellow triangle."
 msgstr ""
+"Torbutton à¦à¦à¦à¦¨ (à¦¬à§à¦°à¦¾à¦à¦à¦¾à¦°à§à¦° à¦à¦ªà¦°à§à¦° 
à¦¬à¦¾à¦ à¦à§à¦£à§ à¦à§à¦ à¦¸à¦¬à§à¦ à¦ªà§à¦à¦¯à¦¼à¦¾à¦) 
à¦à¦à¦à¦¿ à¦¹à¦²à§à¦¦ "
+"à¦¤à§à¦°à¦¿à¦à§à¦ à¦ªà§à¦°à¦¦à¦°à§à¦¶à¦¨ à¦à¦°à¦¬à§ à¥¤"
 
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
diff --git a/contents+de.po b/contents+de.po
index d8390c23d..ee7f33b55 100644
--- a/contents+de.po
+++ b/contents+de.po
@@ -3367,7 +3367,7 @@ msgstr "tor-browser-macht-mich-zum-relay"
 #: http//localhost/tbb/tbb-37/
 #: (content/tbb/tbb-37/contents+en.lrquestion.description)
 msgid "* EspaÃ±ol (es-ES)"
-msgstr ""
+msgstr "* EspaÃ±ol (es-ES)"
 
 #: http//localhost/tbb/tbb-19/
 #: (content/tbb/tbb-19/contents+en.lrquestion.seo_slug)
diff --git a/contents+es.po b/contents+es.po
index 6ebb0c2d0..0f5c2a637 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -76,7 +76,7 @@ msgstr ""
 #: http//localhost/https/https-1/
 #: (content/https/https-1/contents+en.lrquestion.description)
 msgid "Tor prevents eavesdroppers from learning sites that you visit."
-msgstr ""
+msgstr "Tor evita que alguien a la escucha sepa los sitios que visitas."
 
 #: http//localhost/tbb/tbb-41/
 #: (content/tbb/tbb-41/contents+en.lrquestion.description)
@@ -1197,6 +1197,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"Por favor, mira las âhttps://www.eff.org/https-;
+"everywhere/faq\">preguntas frecuentes (FAQ) de HTTPS Everywhere."
 
 #: http//localhost/misc/misc-5/
 #: (content/misc/misc-5/contents+en.lrquestion.seo_slug)
diff --git a/contents+tr.po b/contents+tr.po
index fdbdac904..acea91730 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -74,6 +74,8 @@ msgstr ""
 #: (content/https/https-1/contents+en.lrquestion.description)
 msgid "Tor prevents eavesdroppers from learning sites that you visit."
 msgstr ""
+"Tor baÄlantÄ±nÄ±zÄ± izleyen kiÅi ya da kuruluÅlarÄ±n ziyaret ettiÄiniz 
siteleri "
+"gÃ¶rmesini engeller."
 
 #: http//localhost/tbb/tbb-41/
 #: (content/tbb/tbb-41/contents+en.lrquestion.description)
@@ -1186,6 +1188,8 @@ msgid ""
 "Please see the https://www.eff.org/https-;
 "everywhere/faq\">HTTPS Everywhere FAQ."
 msgstr ""
+"https://www.eff.org/https-everywhere/faq\;>HTTPS Everywhere "
+"SSS bÃ¶lÃ¼mÃ¼ne

1 2 3 4 >

1 - 100 of 320 matches

Mail list logo