[tor-commits] [translation/tbmanual-contentspot_completed] https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot_completed
commit 9287acc6a9779c403144e261b784ca5cd69d042b Author: Translation commit bot Date: Fri Nov 5 23:17:01 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot_completed --- contents+tr.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contents+tr.po b/contents+tr.po index 13dada6822..787662619f 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -852,7 +852,7 @@ msgid "" "alt=\"Configure Tor bridge options\">" msgstr "" "" +"alt=\"Tor Köprüleri Ayarları\">" #: https//tb-manual.torproject.org/running-tor-browser/ #: (content/running-tor-browser/contents+en.lrtopic.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tbmanual-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot
commit dc49d6f38c8747fccc2d7cfed0622c5db5814804 Author: Translation commit bot Date: Fri Nov 5 23:16:56 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot --- contents+tr.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contents+tr.po b/contents+tr.po index 13dada6822..787662619f 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -852,7 +852,7 @@ msgid "" "alt=\"Configure Tor bridge options\">" msgstr "" "" +"alt=\"Tor Köprüleri Ayarları\">" #: https//tb-manual.torproject.org/running-tor-browser/ #: (content/running-tor-browser/contents+en.lrtopic.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-11.0] fixup! Release preparations for 11.0
commit 2aa2889724ebe5d30c77af2a3e5da6265f0f8027 Author: Matthew Finkel Date: Fri Nov 5 22:18:02 2021 + fixup! Release preparations for 11.0 --- projects/firefox/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/firefox/config b/projects/firefox/config index d889fe3..db00bcb 100644 --- a/projects/firefox/config +++ b/projects/firefox/config @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: 'firefox-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %]' -git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build1' +git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build2' tag_gpg_id: 1 git_url: https://git.torproject.org/tor-browser.git git_submodule: 1 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-11.0] Release preparations for 11.0
commit 36b1d7a7c571db00124cc94a96393aa91d13d1da Author: Matthew Finkel Date: Fri Nov 5 16:08:37 2021 + Release preparations for 11.0 --- .../tor-browser/Bundle-Data/Docs/ChangeLog.txt | 67 ++ projects/tor/config| 2 +- rbm.conf | 4 +- 3 files changed, 70 insertions(+), 3 deletions(-) diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index fee227f..4002498 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,70 @@ +Tor Browser 11.0 - November 8 2021 + * Windows + OS X + Linux + * Update Firefox to 91.3.0esr + * Update Tor to tor-0.4.6.8 + * Bug 32624: localStorage is not shared between tabs [tor-browser] + * Bug 33125: Remove xpinstall.whitelist.add* as they don't do anything anymore [tor-browser] + * Bug 34188: Cleanup extensions.* prefs [tor-browser] + * Bug 40004: Convert tl-protocol to async. [tor-launcher] + * Bug 40012: Watch all requested tor events [tor-launcher] + * Bug 40027: Make torbutton_send_ctrl_cmd async [torbutton] + * Bug 40042: Add missing parameter of createTransport [torbutton] + * Bug 40043: Delete all plugin-related protections [torbutton] + * Bug 40045: Teach the controller about status_client [torbutton] + * Bug 40046: Support arbitrary watch events [torbutton] + * Bug 40047: New string for Security Level panel [torbutton] + * Bug 40048: Protonify Circuit Display Panel [torbutton] + * Bug 40053: investigate fingerprinting potential of extended TextMetrics interface [tor-browser] + * Bug 40083: Make sure Region.jsm fetching is disabled [tor-browser] + * Bug 40177: Clean up obsolete preferences in our 000-tor-browser.js [tor-browser] + * Bug 40220: Make sure tracker cookie purging is disabled [tor-browser] + * Bug 40342: Set `gfx.bundled-fonts.activate = 1` to preserve current bundled fonts behaviour [tor-browser] + * Bug 40463: Disable network.http.windows10-sso.enabled in FF 91 [tor-browser] + * Bug 40483: Deutsche Welle v2 redirect [tor-browser] + * Bug 40534: Cannot open URLs on command line with Tor Browser 10.5 [tor-browser] + * Bug 40547: UX: starting in offline mode can result in difficulty to connect later [tor-browser] + * Bug 40548: Set network.proxy.failover_direct to false in FF 91 [tor-browser] + * Bug 40561: Refactor about:torconnect implementation [tor-browser] + * Bug 40567: RFPHelper is not init until after about:torconnect bootstraps [tor-browser] + * Bug 40597: Implement TorSettings module [tor-browser] + * Bug 40600: Multiple pages as home page unreliable in 11.0a4 [tor-browser] + * Bug 40616: UX: multiple about:torconnect [tor-browser] + * Bug 40624: TorConnect banner always visible in about:preferences#tor even after bootstrap [tor-browser] + * Bug 40626: Update Security Level styling to match Proton UI [tor-browser] + * Bug 40628: Checkbox wrong color in about:torconnect in dark mode theme [tor-browser] + * Bug 40630: Update New Identity and New Circuit icons [tor-browser] + * Bug 40631: site identity icons are not being displayed properly [tor-browser] + * Bug 40632: Proton'ify Circuit Display Panel [tor-browser] + * Bug 40634: Style updates for Onion Error Pages [tor-browser] + * Bug 40636: Fix about:torconnect 'Connect' border radius in about:preferences#tor [tor-browser] + * Bug 40641: Update Security Level selection in about:preferences to match style as tracking protection option bubbles [tor-browser] + * Bug 40648: Replace onion pattern divs/css with tiling SVG [tor-browser] + * Bug 40653: Onion Available text not aligned correctly in toolbar in ESR91 [tor-browser] + * Bug 40655: esr91 is suggesting to make Tor Browser the default browse [tor-browser] + * Bug 40657: esr91 is missing "New identity" in hamburger menu [tor-browser] + * Bug 40680: Prepare update to localized assets for YEC [tor-browser] + * Bug 40686: Update Onboarding link for 11.0 [tor-browser] + * Build System + * Windows + OS X + Linux + * Update Go to 1.16.9 + * Bug 40048: Remove projects/clang-source [tor-browser-build] + * Bug 40347: Make the list of toolchain updates needed for firefox91 [tor-browser-build] + * Bug 40363: Change bsaes git url [tor-browser-build] + * Bug 40366: Use bullseye to build https-everywhere [tor-browser-build] + * Bug 40368: Use system's python3 for https-everywhere [tor-browser-build] + * Windows + Linux + * Bug 40357: Update binutils to 2.35.2 [tor-browser-build] + * Windows + * Bug 28240: switch from SJLJ exception handling to Dwarf2 in mingw for win32 [tor-browser-build] + * Bug 40306: Update Windows toolchain to switch to mozilla91 [tor-browser-build] + * Bug 40376: Use python3 for running pe_checksum_fix.py [tor-browser-build] + * OS X +
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 78a8ef5d3b65bef31302908bb4a2878116fbe358 Author: Translation commit bot Date: Fri Nov 5 21:46:46 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- ka.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ka.po b/ka.po index c928d98786..c4f196fbb7 100644 --- a/ka.po +++ b/ka.po @@ -11,8 +11,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-11-04 12:14+0100\n" -"PO-Revision-Date: 2021-11-04 12:25+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2021-11-05 21:31+\n" +"Last-Translator: Georgianization\n" "Language-Team: Georgian (http://www.transifex.com/otf/torproject/language/ka/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit c093eb3fd525a9d2d5f75b4e78ce2276810ff732 Author: Translation commit bot Date: Fri Nov 5 21:45:58 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- ka.po | 26 +- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/ka.po b/ka.po index d17782a550..1ce0b726f5 100644 --- a/ka.po +++ b/ka.po @@ -11,8 +11,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-11-04 12:14+0100\n" -"PO-Revision-Date: 2021-11-04 12:25+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2021-11-05 21:31+\n" +"Last-Translator: Georgianization\n" "Language-Team: Georgian (http://www.transifex.com/otf/torproject/language/ka/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -885,27 +885,27 @@ msgid "" "\n" "\n" "The persistent storage on this USB stick will be lost." -msgstr "" +msgstr "\n\náá£ááááá ááá®á¡ááá ááá áá USB-ááá¬á§ááááááááá áááááá áááá." #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:638 msgid "Delete Persistent Storage and Reinstall" -msgstr "" +msgstr "áá£ááááá ááá®á¡ááá áááá¡ á¬áá¨áá áá áá®ááááá ááá§ááááá" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:640 msgid "" "\n" "\n" "All data on this USB stick will be lost." -msgstr "" +msgstr "\n\ná§áááá áááááªááá áá USB-ááá¬á§ááááááááá áááááá áááá." #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:641 msgid "Delete All Data and Install" -msgstr "" +msgstr "á§ááááá¤á áá¡ á¬áá¨áá áá ááá§ááááá" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:642 #, python-format msgid "%(description)s%(delete_message)s" -msgstr "" +msgstr "%(description)s%(delete_message)s" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:646 msgid "Confirm the target USB stick" @@ -1706,7 +1706,7 @@ msgstr "Tor-áááá¨áá á" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tca/ui/main_window.py:198 msgid "_Use a bridge that you already know" -msgstr "" +msgstr "_á£ááá áááªáááá á®áááá¡ ááááá§ááááá" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tca/ui/main_window.py:239 msgid "" @@ -1987,7 +1987,7 @@ msgid "" "The Unsafe Browser is not anonymous and the websites that you visit can see " "your real IP address.\\n\\nOnly use the Unsafe Browser to sign in to a " "network using a captive portal." -msgstr "" +msgstr "ááá£áªáááá áá áá£ááá á áá á¤áá ááá¡ áááááááá¡ áá á¡ááá¢á á ááááá¡á᪠áá¬ááááá, áá®ááááá¡ áá¥áááá¡ ááááááá IP-ááá¡áááá áá¡.\\n\\nááá£áªáááá áá áá£ááá á áááááá§áááá, áá®áááá ááá¨ááááá¡ áááá ááá¡ áááááá á¥á¡ááá¨á á¨áá¡áá¡áááááá." #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:51 msgid "Starting the Unsafe Browser..." @@ -2607,7 +2607,7 @@ msgstr "_áá®ááá á®áááá¡ áááá®áááá" #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:260 msgid "_Enter a bridge that you already know" -msgstr "" +msgstr "_á¨ááá§ááááá áá¥ááááááá¡ áááªáááá á®ááá" #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:283 msgid "" @@ -2615,7 +2615,7 @@ msgid "" "brid...@torproject.org from a Gmail or Riseup email address.\n" "\n" "For example, you can send the email from your phone and type the bridge in Tails.\n" -msgstr "" +msgstr "áá®ááá á®áááá¡ áááá®ááááá¡áááá¡, á¨áááá«áááá\nááááááááá áªáá áááá á¬áá ááá ááá¤áá¡á¢ááá brid...@torproject.org Gmail áá Riseup ááá¡áááá ááááá.\n\nááááááááá, á¢áááá¤áááááá á¨áááá«áááá ááá¤áá¡á¢áá¡ áááááááá áá á®áááá¡ áááááááá Tail-á¨á.\n" #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:370 msgid "Save bridge to _Persistent Storage" @@ -2645,7 +2645,7 @@ msgstr "⢠áá áá£áá á¡áááá" #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:624 msgid "Your clock and time zone need to be correct to connect to Tor." -msgstr "" +msgstr "áá á áá
[tor-commits] [tor-browser/tor-browser-91.3.0esr-11.0-1] fixup! Bug 26961: New user onboarding.
commit 57db7d2e39ab51635c71ee55c39cf0187690577b Author: Matthew Finkel Date: Fri Nov 5 13:55:11 2021 + fixup! Bug 26961: New user onboarding. --- browser/extensions/onboarding/content/Onboarding.jsm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browser/extensions/onboarding/content/Onboarding.jsm b/browser/extensions/onboarding/content/Onboarding.jsm index b3044607bf48..558a94cc35ba 100644 --- a/browser/extensions/onboarding/content/Onboarding.jsm +++ b/browser/extensions/onboarding/content/Onboarding.jsm @@ -909,7 +909,7 @@ class Onboarding { } const kOnionURL = "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/;; // DuckDuckGo -const kLearnMore = "https://www.torproject.org/releases/tor-browser-10-5/;; +const kLearnMore = "https://www.torproject.org/releases/tor-browser-11-0/;; let handledTourActionClick = false; switch (id) { case "onboarding-overlay-button-icon": ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.4.5' into maint-0.4.6
commit 77b265f96ee65871ae7ed3f54642878116c65ff4 Merge: fb6bba1e42 a7fe37f1fa Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.5' into maint-0.4.6 src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) diff --cc src/feature/dirauth/dirvote.h index d6a2d9cc75,81a7733e8c..3420098315 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@@ -264,68 -259,7 +264,10 @@@ STATI char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); +STATIC int64_t extract_param_buggy(const char *params, + const char *param_name, + int64_t default_value); - /** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_CLIENT_PROTO\ - "Cons=2 " \ - "Desc=2 " \ - "Link=4 " \ - "Microdesc=2 "\ - "Relay=2" - #endif /* defined(DIRVOTE_PRIVATE) */ #endif /* !defined(TOR_DIRVOTE_H) */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 47adba879ca215ef1cd5abae93a32e17063eccb2 Merge: 40e2106031 439e17180c Author: David Goulet Date: Fri Nov 5 10:35:08 2021 -0400 Merge branch 'maint-0.3.5' into maint-0.4.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- 3 files changed, 121 insertions(+), 8 deletions(-) diff --cc src/core/or/protover.c index aa96cafff9,82e4f64c94..8b307a8a2f --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@@ -390,11 -387,38 +395,43 @@@ protocol_list_supports_protocol_or_late const char * protover_get_supported_protocols(void) { + /* WARNING! + * + * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you + * are editing this list. + */ + + /* +* XXX: WARNING! +* +* Be EXTREMELY CAREFUL when *removing* versions from this list. If you +* remove an entry while it still appears as "recommended" in the consensus, +* you'll cause all the instances without it to warn. +* +* If you remove an entry while it still appears as "required" in the +* consensus, you'll cause all the instances without it to refuse to connect +* to the network, and shut down. +* +* If you need to remove a version from this list, you need to make sure that +* it is not listed in the _current consensuses_: just removing it from the +* required list below is NOT ENOUGH. You need to remove it from the +* required list, and THEN let the authorities upgrade and vote on new +* consensuses without it. Only once those consensuses are out is it safe to +* remove from this list. +* +* One concrete example of a very dangerous race that could occur: +* +* Suppose that the client supports protocols "HsDir=1-2" and the consensus +* requires protocols "HsDir=1-2. If the client supported protocol list is +* then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", +* then these clients, even very recent ones, will shut down because they +* don't support "HSDir=1". +* +* And so, changes need to be done in strict sequence as described above. +* +* XXX: WARNING! +*/ + return "Cons=1-2 " "Desc=1-2 " @@@ -410,10 -433,83 +447,84 @@@ "LinkAuth=3 " #endif "Microdesc=1-2 " -"Relay=1-2"; +"Padding=2 " +"Relay=1-3"; } + /* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + + /* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + + /** Return the recommended client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_relay_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_relay_protocols(void) + { + return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.4.6' into release-0.4.6
commit 66ddef94a91a0543aee2b92c51eac6d9f4779470 Merge: b5d136088c 77b265f96e Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.6' into release-0.4.6 src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] protover: Fix merge forward from 035
commit a7fe37f1fa7821d0bdbeabe480df8aba7dc1fded Author: David Goulet Date: Fri Nov 5 10:42:54 2021 -0400 protover: Fix merge forward from 035 Signed-off-by: David Goulet --- src/core/or/protover.c| 22 ++-- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 +++--- 3 files changed, 11 insertions(+), 77 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8b307a8a2f..cb9a03d6ec 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -478,20 +478,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ -/* - * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor - * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define - * that can either set "1" or "1,3" and so we can't enforce one or the other - * due to this uncertainty on how tor was built. - */ - /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 Microdesc=2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities @@ -499,8 +492,8 @@ protover_get_recommended_client_protocols(void) const char * protover_get_recommended_relay_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /** Return the required client protocols list that directory authorities @@ -508,8 +501,7 @@ protover_get_recommended_relay_protocols(void) const char * protover_get_required_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2"; } /** Return the required relay protocols list that directory authorities @@ -517,8 +509,8 @@ protover_get_required_client_protocols(void) const char * protover_get_required_relay_protocols(void) { - return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=3-4 Microdesc=1 Relay=1-2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /* diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f9441773a7..81a7733e8c 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -260,64 +260,6 @@ char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); -/** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ -#define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 "
[tor-commits] [tor/release-0.4.6] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/release-0.4.6] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Merge branch 'maint-0.4.5' into release-0.4.5
commit b4237f8288f3a94936cd519c81be368ad58f96f2 Merge: ba278b887c a7fe37f1fa Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.5' into release-0.4.5 src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] protover: Fix merge forward from 035
commit a7fe37f1fa7821d0bdbeabe480df8aba7dc1fded Author: David Goulet Date: Fri Nov 5 10:42:54 2021 -0400 protover: Fix merge forward from 035 Signed-off-by: David Goulet --- src/core/or/protover.c| 22 ++-- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 +++--- 3 files changed, 11 insertions(+), 77 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8b307a8a2f..cb9a03d6ec 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -478,20 +478,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ -/* - * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor - * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define - * that can either set "1" or "1,3" and so we can't enforce one or the other - * due to this uncertainty on how tor was built. - */ - /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 Microdesc=2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities @@ -499,8 +492,8 @@ protover_get_recommended_client_protocols(void) const char * protover_get_recommended_relay_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /** Return the required client protocols list that directory authorities @@ -508,8 +501,7 @@ protover_get_recommended_relay_protocols(void) const char * protover_get_required_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2"; } /** Return the required relay protocols list that directory authorities @@ -517,8 +509,8 @@ protover_get_required_client_protocols(void) const char * protover_get_required_relay_protocols(void) { - return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=3-4 Microdesc=1 Relay=1-2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /* diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f9441773a7..81a7733e8c 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -260,64 +260,6 @@ char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); -/** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ -#define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 "
[tor-commits] [tor/release-0.4.5] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 47adba879ca215ef1cd5abae93a32e17063eccb2 Merge: 40e2106031 439e17180c Author: David Goulet Date: Fri Nov 5 10:35:08 2021 -0400 Merge branch 'maint-0.3.5' into maint-0.4.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- 3 files changed, 121 insertions(+), 8 deletions(-) diff --cc src/core/or/protover.c index aa96cafff9,82e4f64c94..8b307a8a2f --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@@ -390,11 -387,38 +395,43 @@@ protocol_list_supports_protocol_or_late const char * protover_get_supported_protocols(void) { + /* WARNING! + * + * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you + * are editing this list. + */ + + /* +* XXX: WARNING! +* +* Be EXTREMELY CAREFUL when *removing* versions from this list. If you +* remove an entry while it still appears as "recommended" in the consensus, +* you'll cause all the instances without it to warn. +* +* If you remove an entry while it still appears as "required" in the +* consensus, you'll cause all the instances without it to refuse to connect +* to the network, and shut down. +* +* If you need to remove a version from this list, you need to make sure that +* it is not listed in the _current consensuses_: just removing it from the +* required list below is NOT ENOUGH. You need to remove it from the +* required list, and THEN let the authorities upgrade and vote on new +* consensuses without it. Only once those consensuses are out is it safe to +* remove from this list. +* +* One concrete example of a very dangerous race that could occur: +* +* Suppose that the client supports protocols "HsDir=1-2" and the consensus +* requires protocols "HsDir=1-2. If the client supported protocol list is +* then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", +* then these clients, even very recent ones, will shut down because they +* don't support "HSDir=1". +* +* And so, changes need to be done in strict sequence as described above. +* +* XXX: WARNING! +*/ + return "Cons=1-2 " "Desc=1-2 " @@@ -410,10 -433,83 +447,84 @@@ "LinkAuth=3 " #endif "Microdesc=1-2 " -"Relay=1-2"; +"Padding=2 " +"Relay=1-3"; } + /* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + + /* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + + /** Return the recommended client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_relay_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_relay_protocols(void) + { + return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3
[tor-commits] [tor/release-0.4.5] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/release-0.3.5] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Merge branch 'maint-0.4.5' into maint-0.4.6
commit 77b265f96ee65871ae7ed3f54642878116c65ff4 Merge: fb6bba1e42 a7fe37f1fa Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.5' into maint-0.4.6 src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) diff --cc src/feature/dirauth/dirvote.h index d6a2d9cc75,81a7733e8c..3420098315 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@@ -264,68 -259,7 +264,10 @@@ STATI char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); +STATIC int64_t extract_param_buggy(const char *params, + const char *param_name, + int64_t default_value); - /** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_CLIENT_PROTO\ - "Cons=2 " \ - "Desc=2 " \ - "Link=4 " \ - "Microdesc=2 "\ - "Relay=2" - #endif /* defined(DIRVOTE_PRIVATE) */ #endif /* !defined(TOR_DIRVOTE_H) */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.5' into release-0.3.5
commit e085591c98884296419f6b7d910d06bff7684de7 Merge: 37303de391 439e17180c Author: David Goulet Date: Fri Nov 5 10:33:53 2021 -0400 Merge branch 'maint-0.3.5' into release-0.3.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 13 ++--- 3 files changed, 120 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/maint-0.4.6] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] protover: Fix merge forward from 035
commit a7fe37f1fa7821d0bdbeabe480df8aba7dc1fded Author: David Goulet Date: Fri Nov 5 10:42:54 2021 -0400 protover: Fix merge forward from 035 Signed-off-by: David Goulet --- src/core/or/protover.c| 22 ++-- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 +++--- 3 files changed, 11 insertions(+), 77 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8b307a8a2f..cb9a03d6ec 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -478,20 +478,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ -/* - * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor - * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define - * that can either set "1" or "1,3" and so we can't enforce one or the other - * due to this uncertainty on how tor was built. - */ - /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 Microdesc=2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities @@ -499,8 +492,8 @@ protover_get_recommended_client_protocols(void) const char * protover_get_recommended_relay_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /** Return the required client protocols list that directory authorities @@ -508,8 +501,7 @@ protover_get_recommended_relay_protocols(void) const char * protover_get_required_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2"; } /** Return the required relay protocols list that directory authorities @@ -517,8 +509,8 @@ protover_get_required_client_protocols(void) const char * protover_get_required_relay_protocols(void) { - return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=3-4 Microdesc=1 Relay=1-2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /* diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f9441773a7..81a7733e8c 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -260,64 +260,6 @@ char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); -/** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ -#define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 "
[tor-commits] [tor/release-0.3.5] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 47adba879ca215ef1cd5abae93a32e17063eccb2 Merge: 40e2106031 439e17180c Author: David Goulet Date: Fri Nov 5 10:35:08 2021 -0400 Merge branch 'maint-0.3.5' into maint-0.4.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- 3 files changed, 121 insertions(+), 8 deletions(-) diff --cc src/core/or/protover.c index aa96cafff9,82e4f64c94..8b307a8a2f --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@@ -390,11 -387,38 +395,43 @@@ protocol_list_supports_protocol_or_late const char * protover_get_supported_protocols(void) { + /* WARNING! + * + * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you + * are editing this list. + */ + + /* +* XXX: WARNING! +* +* Be EXTREMELY CAREFUL when *removing* versions from this list. If you +* remove an entry while it still appears as "recommended" in the consensus, +* you'll cause all the instances without it to warn. +* +* If you remove an entry while it still appears as "required" in the +* consensus, you'll cause all the instances without it to refuse to connect +* to the network, and shut down. +* +* If you need to remove a version from this list, you need to make sure that +* it is not listed in the _current consensuses_: just removing it from the +* required list below is NOT ENOUGH. You need to remove it from the +* required list, and THEN let the authorities upgrade and vote on new +* consensuses without it. Only once those consensuses are out is it safe to +* remove from this list. +* +* One concrete example of a very dangerous race that could occur: +* +* Suppose that the client supports protocols "HsDir=1-2" and the consensus +* requires protocols "HsDir=1-2. If the client supported protocol list is +* then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", +* then these clients, even very recent ones, will shut down because they +* don't support "HSDir=1". +* +* And so, changes need to be done in strict sequence as described above. +* +* XXX: WARNING! +*/ + return "Cons=1-2 " "Desc=1-2 " @@@ -410,10 -433,83 +447,84 @@@ "LinkAuth=3 " #endif "Microdesc=1-2 " -"Relay=1-2"; +"Padding=2 " +"Relay=1-3"; } + /* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + + /* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + + /** Return the recommended client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_relay_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_relay_protocols(void) + { + return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3
[tor-commits] [tor/maint-0.4.6] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/maint-0.4.5] protover: Fix merge forward from 035
commit a7fe37f1fa7821d0bdbeabe480df8aba7dc1fded Author: David Goulet Date: Fri Nov 5 10:42:54 2021 -0400 protover: Fix merge forward from 035 Signed-off-by: David Goulet --- src/core/or/protover.c| 22 ++-- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 +++--- 3 files changed, 11 insertions(+), 77 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8b307a8a2f..cb9a03d6ec 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -478,20 +478,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ -/* - * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor - * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define - * that can either set "1" or "1,3" and so we can't enforce one or the other - * due to this uncertainty on how tor was built. - */ - /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 Microdesc=2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities @@ -499,8 +492,8 @@ protover_get_recommended_client_protocols(void) const char * protover_get_recommended_relay_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /** Return the required client protocols list that directory authorities @@ -508,8 +501,7 @@ protover_get_recommended_relay_protocols(void) const char * protover_get_required_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2"; } /** Return the required relay protocols list that directory authorities @@ -517,8 +509,8 @@ protover_get_required_client_protocols(void) const char * protover_get_required_relay_protocols(void) { - return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=3-4 Microdesc=1 Relay=1-2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /* diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f9441773a7..81a7733e8c 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -260,64 +260,6 @@ char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); -/** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ -#define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 "
[tor-commits] [tor/maint-0.4.5] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 47adba879ca215ef1cd5abae93a32e17063eccb2 Merge: 40e2106031 439e17180c Author: David Goulet Date: Fri Nov 5 10:35:08 2021 -0400 Merge branch 'maint-0.3.5' into maint-0.4.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- 3 files changed, 121 insertions(+), 8 deletions(-) diff --cc src/core/or/protover.c index aa96cafff9,82e4f64c94..8b307a8a2f --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@@ -390,11 -387,38 +395,43 @@@ protocol_list_supports_protocol_or_late const char * protover_get_supported_protocols(void) { + /* WARNING! + * + * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you + * are editing this list. + */ + + /* +* XXX: WARNING! +* +* Be EXTREMELY CAREFUL when *removing* versions from this list. If you +* remove an entry while it still appears as "recommended" in the consensus, +* you'll cause all the instances without it to warn. +* +* If you remove an entry while it still appears as "required" in the +* consensus, you'll cause all the instances without it to refuse to connect +* to the network, and shut down. +* +* If you need to remove a version from this list, you need to make sure that +* it is not listed in the _current consensuses_: just removing it from the +* required list below is NOT ENOUGH. You need to remove it from the +* required list, and THEN let the authorities upgrade and vote on new +* consensuses without it. Only once those consensuses are out is it safe to +* remove from this list. +* +* One concrete example of a very dangerous race that could occur: +* +* Suppose that the client supports protocols "HsDir=1-2" and the consensus +* requires protocols "HsDir=1-2. If the client supported protocol list is +* then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", +* then these clients, even very recent ones, will shut down because they +* don't support "HSDir=1". +* +* And so, changes need to be done in strict sequence as described above. +* +* XXX: WARNING! +*/ + return "Cons=1-2 " "Desc=1-2 " @@@ -410,10 -433,83 +447,84 @@@ "LinkAuth=3 " #endif "Microdesc=1-2 " -"Relay=1-2"; +"Padding=2 " +"Relay=1-3"; } + /* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + + /* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + + /** Return the recommended client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_relay_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_relay_protocols(void) + { + return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3
[tor-commits] [tor/maint-0.4.5] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.5] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.5] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/maint-0.4.5] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge branch 'maint-0.4.5' into maint-0.4.6
commit 77b265f96ee65871ae7ed3f54642878116c65ff4 Merge: fb6bba1e42 a7fe37f1fa Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.5' into maint-0.4.6 src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) diff --cc src/feature/dirauth/dirvote.h index d6a2d9cc75,81a7733e8c..3420098315 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@@ -264,68 -259,7 +264,10 @@@ STATI char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); +STATIC int64_t extract_param_buggy(const char *params, + const char *param_name, + int64_t default_value); - /** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ - #define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - - /** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ - #define DIRVOTE_REQUIRE_CLIENT_PROTO\ - "Cons=2 " \ - "Desc=2 " \ - "Link=4 " \ - "Microdesc=2 "\ - "Relay=2" - #endif /* defined(DIRVOTE_PRIVATE) */ #endif /* !defined(TOR_DIRVOTE_H) */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge branch 'maint-0.4.6'
commit 1c77deca4f8e8027eaf130b6454af758e4d9ccc4 Merge: c363e2017f 77b265f96e Author: David Goulet Date: Fri Nov 5 10:44:10 2021 -0400 Merge branch 'maint-0.4.6' src/core/or/protover.c| 105 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 ++-- 5 files changed, 117 insertions(+), 70 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/main] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 47adba879ca215ef1cd5abae93a32e17063eccb2 Merge: 40e2106031 439e17180c Author: David Goulet Date: Fri Nov 5 10:35:08 2021 -0400 Merge branch 'maint-0.3.5' into maint-0.4.5 src/core/or/protover.c| 113 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 12 ++--- 3 files changed, 121 insertions(+), 8 deletions(-) diff --cc src/core/or/protover.c index aa96cafff9,82e4f64c94..8b307a8a2f --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@@ -390,11 -387,38 +395,43 @@@ protocol_list_supports_protocol_or_late const char * protover_get_supported_protocols(void) { + /* WARNING! + * + * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you + * are editing this list. + */ + + /* +* XXX: WARNING! +* +* Be EXTREMELY CAREFUL when *removing* versions from this list. If you +* remove an entry while it still appears as "recommended" in the consensus, +* you'll cause all the instances without it to warn. +* +* If you remove an entry while it still appears as "required" in the +* consensus, you'll cause all the instances without it to refuse to connect +* to the network, and shut down. +* +* If you need to remove a version from this list, you need to make sure that +* it is not listed in the _current consensuses_: just removing it from the +* required list below is NOT ENOUGH. You need to remove it from the +* required list, and THEN let the authorities upgrade and vote on new +* consensuses without it. Only once those consensuses are out is it safe to +* remove from this list. +* +* One concrete example of a very dangerous race that could occur: +* +* Suppose that the client supports protocols "HsDir=1-2" and the consensus +* requires protocols "HsDir=1-2. If the client supported protocol list is +* then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", +* then these clients, even very recent ones, will shut down because they +* don't support "HSDir=1". +* +* And so, changes need to be done in strict sequence as described above. +* +* XXX: WARNING! +*/ + return "Cons=1-2 " "Desc=1-2 " @@@ -410,10 -433,83 +447,84 @@@ "LinkAuth=3 " #endif "Microdesc=1-2 " -"Relay=1-2"; +"Padding=2 " +"Relay=1-3"; } + /* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + + /* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + + /** Return the recommended client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_recommended_relay_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required client protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_client_protocols(void) + { + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; + } + + /** Return the required relay protocols list that directory authorities + * put in the consensus. */ + const char * + protover_get_required_relay_protocols(void) + { + return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3
[tor-commits] [tor/main] protover: Fix merge forward from 035
commit a7fe37f1fa7821d0bdbeabe480df8aba7dc1fded Author: David Goulet Date: Fri Nov 5 10:42:54 2021 -0400 protover: Fix merge forward from 035 Signed-off-by: David Goulet --- src/core/or/protover.c| 22 ++-- src/feature/dirauth/dirvote.h | 58 --- src/test/test_protover.c | 8 +++--- 3 files changed, 11 insertions(+), 77 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8b307a8a2f..cb9a03d6ec 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -478,20 +478,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ -/* - * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor - * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define - * that can either set "1" or "1,3" and so we can't enforce one or the other - * due to this uncertainty on how tor was built. - */ - /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 Microdesc=2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities @@ -499,8 +492,8 @@ protover_get_recommended_client_protocols(void) const char * protover_get_recommended_relay_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /** Return the required client protocols list that directory authorities @@ -508,8 +501,7 @@ protover_get_recommended_relay_protocols(void) const char * protover_get_required_client_protocols(void) { - return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=4 Microdesc=1-2 Relay=2"; + return "Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2"; } /** Return the required relay protocols list that directory authorities @@ -517,8 +509,8 @@ protover_get_required_client_protocols(void) const char * protover_get_required_relay_protocols(void) { - return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " - "Link=3-4 Microdesc=1 Relay=1-2"; + return "Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 " + "Link=4-5 LinkAuth=3 Microdesc=2 Relay=2"; } /* diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f9441773a7..81a7733e8c 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -260,64 +260,6 @@ char *networkstatus_get_detached_signatures(smartlist_t *consensuses); STATIC microdesc_t *dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method); -/** The recommended relay protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "LinkAuth=3 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The recommended client protocols for this authority's votes. - * Recommending a new protocol causes old tor versions to log a warning. - */ -#define DIRVOTE_RECOMMEND_CLIENT_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 " \ - "Microdesc=2 "\ - "Relay=2" - -/** The required relay protocols for this authority's votes. - * WARNING: Requiring a new protocol causes old tor versions to shut down. - * Requiring the wrong protocols can break the tor network. - * See Proposal 303: When and how to remove support for protocol versions. - */ -#define DIRVOTE_REQUIRE_RELAY_PROTO \ - "Cons=2 " \ - "Desc=2 " \ - "DirCache=2 " \ - "HSDir=2 "\ - "HSIntro=4 " \ - "HSRend=2 " \ - "Link=4-5 "
[tor-commits] [tor/main] protover: Move all hardcoded lists in one place
commit 3d1a49908c2727746928d40bc71da0373aad7fcf Author: David Goulet Date: Fri Nov 5 10:10:24 2021 -0400 protover: Move all hardcoded lists in one place This also moves the warnings and add some theatrical effect around the code so anyone modifying those list should notice the warnings signs and read the comment accordingly. Signed-off-by: David Goulet --- src/core/or/protover.c| 107 +- src/core/or/protover.h| 4 ++ src/feature/dirauth/dirvote.c | 37 ++- 3 files changed, 104 insertions(+), 44 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index a882d1a77d..0183704c2c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -376,6 +376,10 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } +/* + * XXX START OF HAZARDOUS ZONE XXX + */ + /** Return the canonical string containing the list of protocols * that we support. **/ @@ -383,25 +387,37 @@ protocol_list_supports_protocol_or_later(const char *list, const char * protover_get_supported_protocols(void) { + /* - * WARNING! + * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, - * you'll cause all the instances without it to warn. If you remove an entry - * while it still appears as "required" in the consensus, you'll cause - * all the instances without it to refuse to connect to the network, and - * shut down. + * you'll cause all the instances without it to warn. + * + * If you remove an entry while it still appears as "required" in the + * consensus, you'll cause all the instances without it to refuse to connect + * to the network, and shut down. + * + * If you need to remove a version from this list, you need to make sure that + * it is not listed in the _current consensuses_: just removing it from the + * required list below is NOT ENOUGH. You need to remove it from the + * required list, and THEN let the authorities update and vote on new + * consensuses without it. Only once those consensuses are out is it safe to + * remove from this list. * - * If you need to remove a version from this list, you need to make sure - * that it is not listed in the _current consensuses_: just removing it from - * the required list in dirvote.c is NOT ENOUGH. You need to remove it from - * the required list dirvote.c, and THEN let the authorities update and vote - * on new consensuses without it. Only once those consensuses are out is - * it safe to remove from this list. + * One concrete example of a very dangerous race that could occur: * - * WARNING! + * If the client required protocol "HSDir=1-2" is then changed in the code + * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shutdown because they + * don't support "HSDir=1". + * + * And so, changes need to be done in lockstep as described above. + * + * XXX: WARNING! */ + return "Cons=1-2 " "Desc=1-2 " @@ -419,6 +435,73 @@ protover_get_supported_protocols(void) "Relay=1-2"; } +/* + * XXX: WARNING! + * + * The recommended and required values are hardwired, to avoid disaster. Voting + * on the wrong subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new versions + * to the required protocol list. Doing so will cause every relay or client + * that doesn't support those versions to refuse to connect to the network and + * shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * The following required and recommended lists MUST be changed BEFORE the + * supported list above is changed in order for those lists to appear in the + * consensus BEFORE. + * + * Please, see the warning in protocol_get_supported_versions(). + * + * XXX: WARNING! + */ + +/** Return the recommended client protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_client_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} + +/** Return the recommended relay protocols list that directory authorities + * put in the consensus. */ +const char * +protover_get_recommended_relay_protocols(void) +{ + return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " + "Link=4 Microdesc=1-2 Relay=2"; +} +
[tor-commits] [tor/main] protover: Add a note on why LinkAuth is not recommended or required
commit f93cd5deb8f4731920043016c082e44e81afcfbf Author: David Goulet Date: Fri Nov 5 10:16:08 2021 -0400 protover: Add a note on why LinkAuth is not recommended or required Signed-off-by: David Goulet --- src/core/or/protover.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 0183704c2c..8075dd425c 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -462,6 +462,13 @@ protover_get_supported_protocols(void) * XXX: WARNING! */ +/* + * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor + * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define + * that can either set "1" or "1,3" and so we can't enforce one or the other + * due to this uncertainty on how tor was built. + */ + /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Light edit to protover warnings.
commit 439e17180c362962abfdf2301dddbdaa323df24a Author: Nick Mathewson Date: Fri Nov 5 10:30:57 2021 -0400 Light edit to protover warnings. --- src/core/or/protover.c | 15 --- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 8075dd425c..82e4f64c94 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -402,18 +402,19 @@ protover_get_supported_protocols(void) * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the - * required list, and THEN let the authorities update and vote on new + * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * - * If the client required protocol "HSDir=1-2" is then changed in the code - * and released to "HSDir=2" while the consensus stills lists "HSDir=1-2", - * then these clients, even very recent ones, will shutdown because they + * Suppose that the client supports protocols "HsDir=1-2" and the consensus + * requires protocols "HsDir=1-2. If the client supported protocol list is + * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", + * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * - * And so, changes need to be done in lockstep as described above. + * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ @@ -454,8 +455,8 @@ protover_get_supported_protocols(void) * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the - * supported list above is changed in order for those lists to appear in the - * consensus BEFORE. + * supported list above is changed, so that these lists appear in the + * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Add scary warnings about changing the protover list.
commit 7c085490f5324f374dd7caa570dff5902f0e32cc Author: Nick Mathewson Date: Fri Nov 5 09:15:10 2021 -0400 Add scary warnings about changing the protover list. Doing this in the wrong way has potential to cause serious havoc on the network, so let's make it harder for future programmers to mess it up. --- src/core/or/protover.c| 22 +- src/feature/dirauth/dirvote.c | 26 -- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/src/core/or/protover.c b/src/core/or/protover.c index dfb0e9e303..a882d1a77d 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -377,11 +377,31 @@ protocol_list_supports_protocol_or_later(const char *list, } /** Return the canonical string containing the list of protocols - * that we support. */ + * that we support. + **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) { + /* + * WARNING! + * + * Be EXTREMELY CAREFUL when *removing* versions from this list. If you + * remove an entry while it still appears as "recommended" in the consensus, + * you'll cause all the instances without it to warn. If you remove an entry + * while it still appears as "required" in the consensus, you'll cause + * all the instances without it to refuse to connect to the network, and + * shut down. + * + * If you need to remove a version from this list, you need to make sure + * that it is not listed in the _current consensuses_: just removing it from + * the required list in dirvote.c is NOT ENOUGH. You need to remove it from + * the required list dirvote.c, and THEN let the authorities update and vote + * on new consensuses without it. Only once those consensuses are out is + * it safe to remove from this list. + * + * WARNING! + */ return "Cons=1-2 " "Desc=1-2 " diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9e01cee42a..5ecf680f02 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -180,7 +180,7 @@ format_protocols_lines_for_vote(const networkstatus_t *v3_ns) char *required_relay_protocols_line = NULL; char *required_client_protocols_line = NULL; - recommended_relay_protocols_line = + recommended_relay_protocols_line = format_line_if_present("recommended-relay-protocols", v3_ns->recommended_relay_protocols); recommended_client_protocols_line = @@ -4577,7 +4577,29 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; - /* These are hardwired, to avoid disaster. */ + /* + * WARNING! + * + * These values are hardwired, to avoid disaster. Voting on the wrong + * subprotocols here has the potential to take down the network. + * + * In particular, you need to be EXTREMELY CAREFUL before adding new + * versions to the required protocol list. Doing so will cause every relay + * or client that doesn't support those versions to refuse to connect to the + * network and shut down. + * + * Note that this applies to versions, not just protocols! If you say that + * Foobar=8-9 is required, and the client only has Foobar=9, it will shut + * down. + * + * It is okay to do this only for SUPER OLD relays that are not supported on + * the network anyway. For clients, we really shouldn't kick them off the + * network unless their presence is causing serious active harm. + * + * See also the warning in protocol_get_supported_versions(). + * + * WARNING! + */ v3_out->recommended_relay_protocols = tor_strdup("Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tbmanual-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot
commit 34bc3b8f5c02bcfddec5bfcc451e155b4a0effd7 Author: Translation commit bot Date: Fri Nov 5 14:47:19 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tbmanual-contentspot --- contents+id.po | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/contents+id.po b/contents+id.po index 4860b8f0bf..a03a30ee4e 100644 --- a/contents+id.po +++ b/contents+id.po @@ -9,8 +9,8 @@ # erinm, 2021 # Sidiq Pangestu , 2021 # ical, 2021 -# hadymaggot <9...@tuta.io>, 2021 # Emma Peel, 2021 +# 9hs <9...@tuta.io>, 2021 # msgid "" msgstr "" @@ -18,7 +18,7 @@ msgstr "" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-11-01 21:33+CET\n" "PO-Revision-Date: 2018-11-14 12:31+\n" -"Last-Translator: Emma Peel, 2021\n" +"Last-Translator: 9hs <9...@tuta.io>, 2021\n" "Language-Team: Indonesian (https://www.transifex.com/otf/teams/1519/id/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -2829,6 +2829,7 @@ msgstr "" msgid "" "* Then type `~/Library/Application Support/` in the window and click Go." msgstr "" +"* Kemudian ketik `~/Library/Application Support/` di jendela dan klik Go." #: https//tb-manual.torproject.org/uninstalling/ #: (content/uninstalling/contents+en.lrtopic.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 2dc331487e3ea85e18dcf33fb214ad91206e109d Author: Translation commit bot Date: Fri Nov 5 14:46:54 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- id.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/id.po b/id.po index 64529e7031..cd3dcd5f54 100644 --- a/id.po +++ b/id.po @@ -10,7 +10,7 @@ # Fery Setiawan , 2020 # Frengky Sinaga , 2016 # Ibnu Daru Aji, 2014 -# hadymaggot <9...@tuta.io>, 2021 +# 9hs <9...@tuta.io>, 2021 # ical, 2018-2021 # I Putu Cahya Adi Ganesha, 2021 # Joshua P, 2019-2020 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Minor 11.0a10 ChangeLog fixups
commit e5008ad992c657ad6a3b9c530c20886fc20056c7 Author: Matthew Finkel Date: Fri Nov 5 13:58:29 2021 + Minor 11.0a10 ChangeLog fixups --- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index d868f20..1d2ec13 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -1,4 +1,4 @@ -Tor Browser 11.0a10 - November 8 2021 +Tor Browser 11.0a10 - November 4 2021 * Windows + OS X + Linux * Update Firefox to 91.3.0esr * Update Tor to 0.4.7.2-alpha @@ -22,8 +22,8 @@ Tor Browser 11.0a10 - November 8 2021 * Bug 40680: Prepare update to localized assets for YEC [tor-browser] * Build System * Windows + OS X + Linux - * Bug 40366: Use bullseye to build https-everywhere - * Bug 40368: Use system's python3 for https-everywhere + * Bug 40366: Use bullseye to build https-everywhere [tor-browser-build] + * Bug 40368: Use system's python3 for https-everywhere [tor-browser-build] Tor Browser 11.0a9 -- October 15 2021 * Windows + OS X + Linux ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Add 10.5.10 changelog
commit 310e077dfe6d6baee78304c0d21989f7bbdb30bd Author: Matthew Finkel Date: Fri Nov 5 14:00:35 2021 + Add 10.5.10 changelog --- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 10 ++ 1 file changed, 10 insertions(+) diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index 1d2ec13..fee227f 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -25,6 +25,16 @@ Tor Browser 11.0a10 - November 4 2021 * Bug 40366: Use bullseye to build https-everywhere [tor-browser-build] * Bug 40368: Use system's python3 for https-everywhere [tor-browser-build] +Tor Browser 10.5.10 -- October 23 2021 + * All Platforms + * Translations Update + * Windows + OS X + Linux + * Revert bug 40049 [torbutton] + * Bug 40051: Implement 2021 Year End Campaign look in about:tor [torbutton] + * Android + * Revert bug 40193 [fenix] + * Bug 40194: Add 2021 YEC home screen [fenix] + Tor Browser 11.0a9 -- October 15 2021 * Windows + OS X + Linux * Update Firefox to 91.2.0esr ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 40e21060312ebcd0ff5ab4db5fc22f93bed474de Merge: ea5eebf431 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into maint-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Merge branch 'maint-0.4.5' into release-0.4.5
commit ba278b887cea585a287620c27ffa6f329fd59d01 Merge: 70e49331b6 40e2106031 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.5' into release-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.4.6' into release-0.4.6
commit b5d136088cc6f13a27dcba0a66278f33a0c8e517 Merge: ef08058927 fb6bba1e42 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.6' into release-0.4.6 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 40e21060312ebcd0ff5ab4db5fc22f93bed474de Merge: ea5eebf431 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into maint-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.6] Merge branch 'maint-0.4.5' into maint-0.4.6
commit fb6bba1e42c465ed5e93b1a194f259e4a1be9131 Merge: 33fb0f1d8f 40e2106031 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.5' into maint-0.4.6 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.5' into release-0.3.5
commit 37303de391e367da9b4be23b003e058a6c698726 Merge: 5117492620 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into release-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.5] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.5] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 40e21060312ebcd0ff5ab4db5fc22f93bed474de Merge: ea5eebf431 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into maint-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 40e21060312ebcd0ff5ab4db5fc22f93bed474de Merge: ea5eebf431 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into maint-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Merge branch 'maint-0.4.5' into maint-0.4.6
commit fb6bba1e42c465ed5e93b1a194f259e4a1be9131 Merge: 33fb0f1d8f 40e2106031 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.5' into maint-0.4.6 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.6] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.5] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.5] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.5] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge branch 'maint-0.4.5' into maint-0.4.6
commit fb6bba1e42c465ed5e93b1a194f259e4a1be9131 Merge: 33fb0f1d8f 40e2106031 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.5' into maint-0.4.6 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge branch 'maint-0.4.6' into main
commit c363e2017f28d1bd8fe8a7bb3ad8f80a396f9b5c Merge: 89ba63a619 fb6bba1e42 Author: Alexander Færøy Date: Fri Nov 5 03:10:29 2021 + Merge branch 'maint-0.4.6' into main .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5
commit cfd1482f78b4542703b078587c5d52309ce8b999 Merge: 1902edaf52 d83c6bf80f Author: Alexander Færøy Date: Fri Nov 5 03:10:12 2021 + Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
commit d83c6bf80fd633ed7cf9b77ea564c4fffbb96387 Author: Alexander Færøy Date: Wed Nov 3 12:36:30 2021 + Add i386 version of debian-minimal for 32-bit Gitlab CI builds. See: tpo/core/tor#40505 --- .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b83079aa4a..28cf3aa7bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,6 +111,14 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh +# Minmal check on debian/i386: just make, make check. +# +debian-i386-minimal: + image: i386/debian:buster + <<: *debian-template + script: +- ./scripts/ci/ci-driver.sh + # # Run "make check" with a hardened clang on debian stable. This takes # care of a hardening check, and a compile-with-clang check. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/main] Merge branch 'maint-0.3.5' into maint-0.4.5
commit 40e21060312ebcd0ff5ab4db5fc22f93bed474de Merge: ea5eebf431 cfd1482f78 Author: Alexander Færøy Date: Fri Nov 5 03:10:28 2021 + Merge branch 'maint-0.3.5' into maint-0.4.5 .gitlab-ci.yml | 8 1 file changed, 8 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit d369ce7e026ea8c63f87e2d60299a713532d1bde Author: Translation commit bot Date: Fri Nov 5 07:46:41 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- sv.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sv.po b/sv.po index 38412479d2..3655481e95 100644 --- a/sv.po +++ b/sv.po @@ -3,7 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: -# Anders Nilsson , 2016,2018-2019 +# Anders Nilsson , 2016,2018-2019,2021 # Anders Nilsson , 2015 # Emil Johansson , 2015 # Filip Nyquist , 2015 @@ -25,8 +25,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-11-04 12:14+0100\n" -"PO-Revision-Date: 2021-11-04 12:25+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2021-11-05 07:25+\n" +"Last-Translator: Anders Nilsson \n" "Language-Team: Swedish (http://www.transifex.com/otf/torproject/language/sv/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit 6c7c61abf339459d4bdc8f0fab833017c3a91b8d Author: Translation commit bot Date: Fri Nov 5 07:45:50 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- sv.po | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sv.po b/sv.po index 80ea1ea9ff..1fd1d7e7f1 100644 --- a/sv.po +++ b/sv.po @@ -3,7 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: -# Anders Nilsson , 2016,2018-2019 +# Anders Nilsson , 2016,2018-2019,2021 # Anders Nilsson , 2015 # Emil Johansson , 2015 # Filip Nyquist , 2015 @@ -25,8 +25,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-11-04 12:14+0100\n" -"PO-Revision-Date: 2021-11-04 12:25+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2021-11-05 07:25+\n" +"Last-Translator: Anders Nilsson \n" "Language-Team: Swedish (http://www.transifex.com/otf/torproject/language/sv/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -914,7 +914,7 @@ msgstr "" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:641 msgid "Delete All Data and Install" -msgstr "" +msgstr "Radera alla data och installera" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/gui.py:642 #, python-format ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits