[tor-commits] [stem/master] Unexpected exceptions during async tests deadlocked

[atagar]

commit 7901ff113353b9a62e9bf99682eb45933c1fcbcd
Author: Damian Johnson 
Date:   Thu Jul 13 21:43:22 2017 -0700

Unexpected exceptions during async tests deadlocked

When an asynchrously ran test raised a non-assertion exception the 
subsiquent
recv call on the pipe would never complete...

  https://trac.torproject.org/projects/tor/ticket/22902
---
 stem/util/test_tools.py | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/stem/util/test_tools.py b/stem/util/test_tools.py
index cab96e5..3094f5c 100644
--- a/stem/util/test_tools.py
+++ b/stem/util/test_tools.py
@@ -33,8 +33,9 @@ import linecache
 import multiprocessing
 import os
 import re
-import time
 import threading
+import time
+import traceback
 import unittest
 
 import stem.prereq
@@ -167,6 +168,8 @@ class AsyncTest(object):
 conn.send(AsyncResult('failure', str(exc)))
   except SkipTest as exc:
 conn.send(AsyncResult('skipped', str(exc)))
+  except:
+conn.send(AsyncResult('error', traceback.format_exc()))
   finally:
 conn.close()
 
@@ -207,6 +210,8 @@ class AsyncTest(object):
 
   if test and self._result.type == 'failure':
 test.fail(self._result.msg)
+  elif test and self._result.type == 'error':
+test.fail(self._result.msg)
   elif test and self._result.type == 'skipped':
 test.skipTest(self._result.msg)
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Add Roya

[atagar]

commit f673f594dc4bb98369601b0023cfb9b5f785bfd3
Author: Damian Johnson 
Date:   Thu Jul 13 14:37:21 2017 -0700

Add Roya
---
 about/en/corepeople_alternate.wml |  29 +++--
 images/people/roya.png| Bin 0 -> 36754 bytes
 2 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index c21323e..2936a7c 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -569,12 +569,21 @@ table.people tr td:first-child {
 
   
 
+  
+  
+  Roya Ensafi
+  Detects and understands how to manipulate and 
circumvent Tor network censorship attempts.
+
+
+
   
   
   Sebastian Hahn
   Helps people around the world use and 
understand Tor better. Generally helps everything run smoothly. Runs one of the 
directory authorities.
 
+  
 
+  
 
   
   
@@ -583,9 +592,7 @@ table.people tr td:first-child {
   Serene
   Snowflake and Pluggable Transports 
developer.
 
-  
 
-  
 
   
   
@@ -595,7 +602,9 @@ table.people tr td:first-child {
   IRC: ssteele
   Executive Director of the Tor Project, 
Inc.
 
+  
 
+  
 
   
   
@@ -605,9 +614,7 @@ table.people tr td:first-child {
   IRC: hiro
   Hiro builds and runs Tor Project's web 
applications and services.
 
-  
 
-  
 
   
   
@@ -617,7 +624,9 @@ table.people tr td:first-child {
   IRC: stephw
   Directs communications to consistently 
articulate and promote the Tor Project's mission.
 
+  
 
+  
 
   
   
@@ -627,9 +636,7 @@ table.people tr td:first-child {
   IRC: sjmurdoch
   http://www.cs.ucl.ac.uk/staff/s.murdoch/;>Principal Research Fellow 
at University College London and original creator of the https://www.torproject.org/projects/torbrowser.html.en;>Tor 
Browser.
 
-  
 
-  
 
   
   
@@ -638,7 +645,9 @@ table.people tr td:first-child {
   IRC: sukhe
   https://trac.torproject.org/projects/tor/wiki/torbirdy;>TorBirdy and 
https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger;>Tor 
Messenger developer. Volunteer on the https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam;>Community
 Team.
 
+  
 
+  
 
   
   
@@ -647,9 +656,7 @@ table.people tr td:first-child {
   IRC: teor
   Onion services developer, and core member of 
Tor dev team. Researches Tor network measurement and onion service 
scalability.
 
-  
 
-  
 
   
   
@@ -659,7 +666,9 @@ table.people tr td:first-child {
   IRC: tjr
   Maintains https://consensus-health.torproject.org/;>Consensus Health , runs one 
of the bandwidth authorities, and contributes to Tor Browser.
 
+  
 
+  
 
   
   
@@ -668,9 +677,7 @@ table.people tr td:first-child {
   IRC: t0mmy
   Writes and edits grant proposals, one-pagers, 
blogposts, etc.
 
-  
 
-  
 
   
   
@@ -680,7 +687,9 @@ table.people tr td:first-child {
   IRC: wseltzer
   https://wendy.seltzer.org/;>Techie 
lawyer and former Tor board member. She works on legal and policy support 
for private and secure communications.
 
+  
 
+  
 
   
   
diff --git a/images/people/roya.png b/images/people/roya.png
new file mode 100644
index 000..e19e23a
Binary files /dev/null and b/images/people/roya.png differ

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Don't use char * for binary data

[nickm]

commit f64689f3f00d72033ff7544ada4ccdfb7c328b36
Author: David Goulet 
Date:   Wed Jul 12 13:41:33 2017 -0400

prop224: Don't use char * for binary data

It turns out that some char * sneaked in our hs_common.c code. Replace those
by uint8_t *.

Signed-off-by: David Goulet 
---
 src/or/hs_common.c | 18 ++
 src/or/hs_common.h |  2 +-
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index 87c29d5..22a845f 100644
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -367,7 +367,7 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, 
size_t *len_out)
  * checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN). */
 static void
 build_hs_checksum(const ed25519_public_key_t *key, uint8_t version,
-  char *checksum_out)
+  uint8_t *checksum_out)
 {
   size_t offset = 0;
   char data[HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN];
@@ -383,7 +383,8 @@ build_hs_checksum(const ed25519_public_key_t *key, uint8_t 
version,
   tor_assert(offset == HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN);
 
   /* Hash the data payload to create the checksum. */
-  crypto_digest256(checksum_out, data, sizeof(data), DIGEST_SHA3_256);
+  crypto_digest256((char *) checksum_out, data, sizeof(data),
+   DIGEST_SHA3_256);
 }
 
 /* Using an ed25519 public key, checksum and version to build the binary
@@ -392,7 +393,7 @@ build_hs_checksum(const ed25519_public_key_t *key, uint8_t 
version,
  *
  * addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes. */
 static void
-build_hs_address(const ed25519_public_key_t *key, const char *checksum,
+build_hs_address(const ed25519_public_key_t *key, const uint8_t *checksum,
  uint8_t version, char *addr_out)
 {
   size_t offset = 0;
@@ -416,7 +417,7 @@ build_hs_address(const ed25519_public_key_t *key, const 
char *checksum,
  * HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated. */
 static void
 hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out,
-  char *checksum_out, uint8_t *version_out)
+  uint8_t *checksum_out, uint8_t *version_out)
 {
   size_t offset = 0;
 
@@ -449,7 +450,7 @@ hs_parse_address_impl(const char *address, 
ed25519_public_key_t *key_out,
  * Return 0 if parsing went well; return -1 in case of error. */
 int
 hs_parse_address(const char *address, ed25519_public_key_t *key_out,
- char *checksum_out, uint8_t *version_out)
+ uint8_t *checksum_out, uint8_t *version_out)
 {
   char decoded[HS_SERVICE_ADDR_LEN];
 
@@ -485,8 +486,8 @@ int
 hs_address_is_valid(const char *address)
 {
   uint8_t version;
-  char checksum[HS_SERVICE_ADDR_CHECKSUM_LEN_USED];
-  char target_checksum[DIGEST256_LEN];
+  uint8_t checksum[HS_SERVICE_ADDR_CHECKSUM_LEN_USED];
+  uint8_t target_checksum[DIGEST256_LEN];
   ed25519_public_key_t key;
 
   /* Parse the decoded address into the fields we need. */
@@ -521,7 +522,8 @@ void
 hs_build_address(const ed25519_public_key_t *key, uint8_t version,
  char *addr_out)
 {
-  char checksum[DIGEST256_LEN], address[HS_SERVICE_ADDR_LEN];
+  uint8_t checksum[DIGEST256_LEN];
+  char address[HS_SERVICE_ADDR_LEN];
 
   tor_assert(key);
   tor_assert(addr_out);
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index 2b33914..203a5d0 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -93,7 +93,7 @@ void hs_build_address(const ed25519_public_key_t *key, 
uint8_t version,
   char *addr_out);
 int hs_address_is_valid(const char *address);
 int hs_parse_address(const char *address, ed25519_public_key_t *key_out,
- char *checksum_out, uint8_t *version_out);
+ uint8_t *checksum_out, uint8_t *version_out);
 
 void rend_data_free(rend_data_t *data);
 rend_data_t *rend_data_dup(const rend_data_t *data);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Use a common function to parse uint64_t

[nickm]

commit cfa6f8358b4c5ea6c9c82a0818dc81b8aaf44a78
Author: David Goulet 
Date:   Wed Jul 12 10:37:10 2017 -0400

prop224: Use a common function to parse uint64_t

Add a helper function to parse uint64_t and also does logging so we can 
reduce
the amount of duplicate code.

Signed-off-by: David Goulet 
---
 src/or/hs_config.c | 100 +++--
 1 file changed, 44 insertions(+), 56 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 3baab46..f1e130b 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -115,6 +115,33 @@ service_is_duplicate_in_list(const smartlist_t 
*service_list,
   return ret;
 }
 
+/* Helper function: Given an configuration option name, its value, a minimum
+ * min and a maxium max, parse the value as a uint64_t. On success, ok is set
+ * to 1 and ret is the parsed value. On error, ok is set to 0 and ret must be
+ * ignored. This function logs both on error and success. */
+static uint64_t
+helper_parse_uint64(const char *opt, const char *value, uint64_t min,
+uint64_t max, int *ok)
+{
+  uint64_t ret = 0;
+
+  tor_assert(opt);
+  tor_assert(value);
+  tor_assert(ok);
+
+  *ok = 0;
+  ret = tor_parse_uint64(value, 10, min, max, ok, NULL);
+  if (!*ok) {
+log_warn(LD_CONFIG, "%s must be between %" PRIu64 " and %"PRIu64
+", not %s.",
+ opt, min, max, value);
+goto err;
+  }
+  log_info(LD_CONFIG, "%s was parsed to %" PRIu64, opt, ret);
+ err:
+  return ret;
+}
+
 /* Return true iff the given options starting at line_ for a hidden service
  * contains at least one invalid option. Each hidden service option don't
  * apply to all versions so this function can find out. The line_ MUST start
@@ -222,27 +249,21 @@ config_service_v3(const config_line_t *line_,
   config = >config;
 
   for (line = line_; line; line = line->next) {
+int ok = 0;
 if (!strcasecmp(line->key, "HiddenServiceDir")) {
   /* We just hit the next hidden service, stop right now. */
   break;
 }
 /* Number of introduction points. */
 if (!strcasecmp(line->key, "HiddenServiceNumIntroductionPoints")) {
-  int ok = 0;
   config->num_intro_points =
-(unsigned int) tor_parse_ulong(line->value, 10,
-   NUM_INTRO_POINTS_DEFAULT,
-   HS_CONFIG_V3_MAX_INTRO_POINTS,
-   , NULL);
+(unsigned int) helper_parse_uint64(line->key, line->value,
+   NUM_INTRO_POINTS_DEFAULT,
+   HS_CONFIG_V3_MAX_INTRO_POINTS,
+   );
   if (!ok) {
-log_warn(LD_CONFIG, "HiddenServiceNumIntroductionPoints "
- "should be between %d and %d, not %s",
- NUM_INTRO_POINTS_DEFAULT, HS_CONFIG_V3_MAX_INTRO_POINTS,
- line->value);
 goto err;
   }
-  log_info(LD_CONFIG, "HiddenServiceNumIntroductionPoints=%d for %s",
-   config->num_intro_points, escaped(config->directory_path));
   continue;
 }
   }
@@ -277,7 +298,7 @@ config_generic_service(const config_line_t *line_,
const or_options_t *options,
hs_service_t *service)
 {
-  int ok, dir_seen = 0;
+  int dir_seen = 0;
   const config_line_t *line;
   hs_service_config_t *config;
 
@@ -291,6 +312,7 @@ config_generic_service(const config_line_t *line_,
   /* The first line starts with HiddenServiceDir so we consider what's next is
* the configuration of the service. */
   for (line = line_; line ; line = line->next) {
+int ok = 0;
 /* This indicate that we have a new service to configure. */
 if (!strcasecmp(line->key, "HiddenServiceDir")) {
   /* This function only configures one service at a time so if we've
@@ -310,18 +332,12 @@ config_generic_service(const config_line_t *line_,
 }
 /* Version of the service. */
 if (!strcasecmp(line->key, "HiddenServiceVersion")) {
-  service->version = (uint32_t) tor_parse_ulong(line->value,
-10, HS_VERSION_MIN,
-HS_VERSION_MAX,
-, NULL);
+  service->version =
+(uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN,
+   HS_VERSION_MAX, );
   if (!ok) {
-log_warn(LD_CONFIG,
- "HiddenServiceVersion be between %u and %u, not %s",
- HS_VERSION_TWO, HS_VERSION_MAX, line->value);
 goto err;
   }
-  log_info(LD_CONFIG, "HiddenServiceVersion=%" PRIu32 " for %s",
-   service->version, escaped(config->directory_path));
   continue;
 }
 /* Virtual 

[tor-commits] [tor/master] prop224: Service address creation/validation

[nickm]

commit f3899acdbfe121521cbd8cc76983b1e1e149d38c
Author: David Goulet 
Date:   Mon Jan 30 17:33:18 2017 -0500

prop224: Service address creation/validation

This also adds unit test and a small python script generating a 
deterministic
test vector that a unit test tries to match.

Signed-off-by: David Goulet 
---
 src/or/hs_common.c   | 178 +++
 src/or/hs_common.h   |  29 +++
 src/test/hs_build_address.py |  37 +
 src/test/test_hs_service.c   |  83 
 4 files changed, 327 insertions(+)

diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index b524296..00befab 100644
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -346,6 +346,184 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, 
size_t *len_out)
   }
 }
 
+/* Using an ed25519 public key and version to build the checksum of an
+ * address. Put in checksum_out. Format is:
+ *SHA3-256(".onion checksum" || PUBKEY || VERSION)
+ *
+ * checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN). */
+static void
+build_hs_checksum(const ed25519_public_key_t *key, uint8_t version,
+  char *checksum_out)
+{
+  size_t offset = 0;
+  char data[HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN];
+
+  /* Build checksum data. */
+  memcpy(data, HS_SERVICE_ADDR_CHECKSUM_PREFIX,
+ HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN);
+  offset += HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN;
+  memcpy(data + offset, key->pubkey, ED25519_PUBKEY_LEN);
+  offset += ED25519_PUBKEY_LEN;
+  set_uint8(data + offset, version);
+  offset += sizeof(version);
+  tor_assert(offset == HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN);
+
+  /* Hash the data payload to create the checksum. */
+  crypto_digest256(checksum_out, data, sizeof(data), DIGEST_SHA3_256);
+}
+
+/* Using an ed25519 public key, checksum and version to build the binary
+ * representation of a service address. Put in addr_out. Format is:
+ *addr_out = PUBKEY || CHECKSUM || VERSION
+ *
+ * addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes. */
+static void
+build_hs_address(const ed25519_public_key_t *key, const char *checksum,
+ uint8_t version, char *addr_out)
+{
+  size_t offset = 0;
+
+  tor_assert(key);
+  tor_assert(checksum);
+
+  memcpy(addr_out, key->pubkey, ED25519_PUBKEY_LEN);
+  offset += ED25519_PUBKEY_LEN;
+  memcpy(addr_out + offset, checksum, HS_SERVICE_ADDR_CHECKSUM_LEN_USED);
+  offset += HS_SERVICE_ADDR_CHECKSUM_LEN_USED;
+  set_uint8(addr_out + offset, version);
+  offset += sizeof(uint8_t);
+  tor_assert(offset == HS_SERVICE_ADDR_LEN);
+}
+
+/* Helper for hs_parse_address(): Using a binary representation of a service
+ * address, parse its content into the key_out, checksum_out and version_out.
+ * Any out variable can be NULL in case the caller would want only one field.
+ * checksum_out MUST at least be 2 bytes long. address must be at least
+ * HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated. */
+static void
+hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out,
+  char *checksum_out, uint8_t *version_out)
+{
+  size_t offset = 0;
+
+  tor_assert(address);
+
+  if (key_out) {
+/* First is the key. */
+memcpy(key_out->pubkey, address, ED25519_PUBKEY_LEN);
+  }
+  offset += ED25519_PUBKEY_LEN;
+  if (checksum_out) {
+/* Followed by a 2 bytes checksum. */
+memcpy(checksum_out, address + offset, HS_SERVICE_ADDR_CHECKSUM_LEN_USED);
+  }
+  offset += HS_SERVICE_ADDR_CHECKSUM_LEN_USED;
+  if (version_out) {
+/* Finally, version value is 1 byte. */
+*version_out = get_uint8(address + offset);
+  }
+  offset += sizeof(uint8_t);
+  /* Extra safety. */
+  tor_assert(offset == HS_SERVICE_ADDR_LEN);
+}
+
+/* Using a base32 representation of a service address, parse its content into
+ * the key_out, checksum_out and version_out. Any out variable can be NULL in
+ * case the caller would want only one field. checksum_out MUST at least be 2
+ * bytes long.
+ *
+ * Return 0 if parsing went well; return -1 in case of error. */
+int
+hs_parse_address(const char *address, ed25519_public_key_t *key_out,
+ char *checksum_out, uint8_t *version_out)
+{
+  char decoded[HS_SERVICE_ADDR_LEN];
+
+  tor_assert(address);
+
+  /* Obvious length check. */
+  if (strlen(address) != HS_SERVICE_ADDR_LEN_BASE32) {
+log_warn(LD_REND, "Service address %s has an invalid length. "
+  "Expected %ld but got %lu.",
+ escaped_safe_str(address), HS_SERVICE_ADDR_LEN_BASE32,
+ strlen(address));
+goto invalid;
+  }
+
+  /* Decode address so we can extract needed fields. */
+  if (base32_decode(decoded, sizeof(decoded), address, strlen(address)) < 0) {
+log_warn(LD_REND, "Service address %s can't be decoded.",
+ escaped_safe_str(address));
+goto invalid;
+  }
+
+  /* Parse the decoded 

[tor-commits] [tor/master] Merge remote-tracking branch 'dgoulet/ticket21979_032_04'

[nickm]

commit ef4ea864ea66059f7fd71ac68cfe6067f32149f1
Merge: 62d241a 965e3a6
Author: Nick Mathewson 
Date:   Thu Jul 13 17:23:37 2017 -0400

Merge remote-tracking branch 'dgoulet/ticket21979_032_04'

 src/or/circuitlist.h |   1 +
 src/or/config.c  |   7 +-
 src/or/hs_common.c   | 216 ++
 src/or/hs_common.h   |  38 ++-
 src/or/hs_config.c   | 582 +
 src/or/hs_config.h   |  24 ++
 src/or/hs_descriptor.c   |   6 +-
 src/or/hs_intropoint.h   |  12 +
 src/or/hs_service.c  | 665 ++-
 src/or/hs_service.h  | 231 ++-
 src/or/include.am|  24 +-
 src/or/main.c|  10 +-
 src/or/rendservice.c | 356 ---
 src/or/rendservice.h |  11 +-
 src/test/hs_build_address.py |  37 +++
 src/test/include.am  |   1 +
 src/test/test.c  |   1 +
 src/test/test.h  |   1 +
 src/test/test_helpers.c  |  42 ++-
 src/test/test_helpers.h  |   1 +
 src/test/test_hs.c   |  22 +-
 src/test/test_hs_config.c| 477 +++
 src/test/test_hs_service.c   | 249 
 23 files changed, 2730 insertions(+), 284 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Don't use an array of config handlers

[nickm]

commit 750c684fff02fde3054261abbbdcc6a458bea8e0
Author: David Goulet 
Date:   Wed Jul 12 11:17:26 2017 -0400

prop224: Don't use an array of config handlers

As per nickm suggestion, an array of config handlers will not play well with
our callgraph tool.

Instead, we'll go with a switch case on the version which has a good side
effect of allowing us to control what we pass to the function intead of a 
fix
set of parameters.

Signed-off-by: David Goulet 
---
 src/or/hs_config.c | 62 +++---
 1 file changed, 31 insertions(+), 31 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 2e75a4e..c29315f 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -19,9 +19,8 @@
  * successful, transfert the service to the main global service list where
  * at that point it is ready to be used.
  *
- * Configuration handlers are per-version (see config_service_handlers[]) and
- * there is a main generic one for every option that is common to all version
- * (config_generic_service).
+ * Configuration functions are per-version and there is a main generic one for
+ * every option that is common to all version (config_generic_service).
  **/
 
 #define HS_CONFIG_PRIVATE
@@ -227,7 +226,7 @@ config_validate_service(const hs_service_config_t *config)
   return -1;
 }
 
-/* Configuration handler for a version 3 service. The line_ must be pointing
+/* Configuration funcion for a version 3 service. The line_ must be pointing
  * to the directive directly after a HiddenServiceDir. That way, when hitting
  * the next HiddenServiceDir line or reaching the end of the list of lines, we
  * know that we have to stop looking for more options. The given service
@@ -445,26 +444,16 @@ config_generic_service(const config_line_t *line_,
   return -1;
 }
 
-/* Configuration handler indexed by version number. */
-static int
-  (*config_service_handlers[])(const config_line_t *line,
-   const or_options_t *options,
-   hs_service_t *service) =
-{
-  NULL, /* v0 */
-  NULL, /* v1 */
-  rend_config_service, /* v2 */
-  config_service_v3, /* v3 */
-};
-
 /* Configure a service using the given line and options. This function will
- * call the corresponding version handler and validate the service against the
- * other one. On success, add the service to the given list and return 0. On
- * error, nothing is added to the list and a negative value is returned. */
+ * call the corresponding configuration function for a specific service
+ * version and validate the service against the other ones. On success, add
+ * the service to the given list and return 0. On error, nothing is added to
+ * the list and a negative value is returned. */
 static int
 config_service(const config_line_t *line, const or_options_t *options,
smartlist_t *service_list)
 {
+  int ret;
   hs_service_t *service = NULL;
 
   tor_assert(line);
@@ -473,13 +462,13 @@ config_service(const config_line_t *line, const 
or_options_t *options,
 
   /* We have a new hidden service. */
   service = hs_service_new(options);
-  /* We'll configure that service as a generic one and then pass it to the
-   * specific handler according to the configured version number. */
+  /* We'll configure that service as a generic one and then pass it to a
+   * specific function according to the configured version number. */
   if (config_generic_service(line, options, service) < 0) {
 goto err;
   }
   tor_assert(service->version <= HS_VERSION_MAX);
-  /* Before we configure the service with the per-version handler, we'll make
+  /* Before we configure the service on a per-version basis, we'll make
* sure that this set of options for a service are valid that is for
* instance an option only for v2 is not used for v3. */
   if (config_has_invalid_options(line->next, service)) {
@@ -495,11 +484,22 @@ config_service(const config_line_t *line, const 
or_options_t *options,
0) < 0) {
 goto err;
   }
-  /* The handler is in charge of specific options for a version. We start
-   * after this service directory line so once we hit another directory
-   * line, the handler knows that it has to stop. */
-  if (config_service_handlers[service->version](line->next, options,
-service) < 0) {
+  /* Different functions are in charge of specific options for a version. We
+   * start just after the service directory line so once we hit another
+   * directory line, the function knows that it has to stop parsing. */
+  switch (service->version) {
+  case HS_VERSION_TWO:
+ret = rend_config_service(line->next, options, service);
+break;
+  case HS_VERSION_THREE:
+ret = config_service_v3(line->next, options, service);
+break;
+  default:
+/* We do validate before if we support the 

[tor-commits] [tor/master] prop224: Add a clear configuration function

[nickm]

commit 1b048fbfaadec04f409ab8d120106025b009fec8
Author: David Goulet 
Date:   Wed Jul 12 11:53:26 2017 -0400

prop224: Add a clear configuration function

The added function frees any allocated pointers in a service configuration
object and reset all values to 0.

Signed-off-by: David Goulet 
---
 src/or/hs_service.c | 24 ++--
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index bfce780..97d3288 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -149,6 +149,23 @@ set_service_default_config(hs_service_config_t *c,
   c->is_ephemeral = 0;
 }
 
+/* From a service configuration object config, clear everything from it
+ * meaning free allocated pointers and reset the values. */
+static void
+service_clear_config(hs_service_config_t *config)
+{
+  if (config == NULL) {
+return;
+  }
+  tor_free(config->directory_path);
+  if (config->ports) {
+SMARTLIST_FOREACH(config->ports, rend_service_port_config_t *, p,
+  rend_service_port_config_free(p););
+smartlist_free(config->ports);
+  }
+  memset(config, 0, sizeof(*config));
+}
+
 /* Helper: Function that needs to return 1 for the HT for each loop which
  * frees every service in an hash map. */
 static int
@@ -592,12 +609,7 @@ hs_service_free(hs_service_t *service)
   }
 
   /* Free service configuration. */
-  tor_free(service->config.directory_path);
-  if (service->config.ports) {
-SMARTLIST_FOREACH(service->config.ports, rend_service_port_config_t *, p,
-  rend_service_port_config_free(p););
-smartlist_free(service->config.ports);
-  }
+  service_clear_config(>config);
 
   /* Wipe service keys. */
   memwipe(>keys.identity_sk, 0, sizeof(service->keys.identity_sk));



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Move service version into config object

[nickm]

commit 5d64ceb12defdc7db8402088fb2946c35274636a
Author: David Goulet 
Date:   Thu Jul 13 08:51:14 2017 -0400

prop224: Move service version into config object

It makes more sense to have the version in the configuration object of the
service because it is afterall a torrc option (HiddenServiceVersion).

Signed-off-by: David Goulet 
---
 src/or/hs_config.c | 15 ---
 src/or/hs_service.c|  9 +
 src/or/hs_service.h|  7 ---
 src/test/test_hs_service.c |  2 +-
 4 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 7e0124b..5f9282e 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -55,7 +55,7 @@ stage_services(smartlist_t *service_list)
* only >= v3 service. And remember, v2 has a different object type which is
* shadow copied from an hs_service_t type. */
   SMARTLIST_FOREACH_BEGIN(service_list, hs_service_t *, s) {
-if (s->version == HS_VERSION_TWO) {
+if (s->config.version == HS_VERSION_TWO) {
   SMARTLIST_DEL_CURRENT(service_list, s);
   hs_service_free(s);
 }
@@ -157,7 +157,7 @@ config_has_invalid_options(const config_line_t *line_,
   const config_line_t *line;
 
   tor_assert(service);
-  tor_assert(service->version <= HS_VERSION_MAX);
+  tor_assert(service->config.version <= HS_VERSION_MAX);
 
   /* List of options that a v3 service doesn't support thus must exclude from
* its configuration. */
@@ -178,7 +178,7 @@ config_has_invalid_options(const config_line_t *line_,
 { opts_exclude_v3 }, /* v3. */
   };
 
-  optlist = exclude_lists[service->version].list;
+  optlist = exclude_lists[service->config.version].list;
   if (optlist == NULL) {
 /* No exclude options to look at for this version. */
 goto end;
@@ -193,7 +193,8 @@ config_has_invalid_options(const config_line_t *line_,
   if (!strcasecmp(line->key, opt)) {
 log_warn(LD_CONFIG, "Hidden service option %s is incompatible with "
 "version %" PRIu32 " of service in %s",
- opt, service->version, service->config.directory_path);
+ opt, service->config.version,
+ service->config.directory_path);
 ret = 1;
 /* Continue the loop so we can find all possible options. */
 continue;
@@ -342,7 +343,7 @@ config_generic_service(const config_line_t *line_,
 }
 /* Version of the service. */
 if (!strcasecmp(line->key, "HiddenServiceVersion")) {
-  service->version =
+  service->config.version =
 (uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN,
HS_VERSION_MAX, );
   if (!ok || have_version) {
@@ -462,7 +463,7 @@ config_service(const config_line_t *line, const 
or_options_t *options,
   if (config_generic_service(line, options, service) < 0) {
 goto err;
   }
-  tor_assert(service->version <= HS_VERSION_MAX);
+  tor_assert(service->config.version <= HS_VERSION_MAX);
   /* Before we configure the service on a per-version basis, we'll make
* sure that this set of options for a service are valid that is for
* instance an option only for v2 is not used for v3. */
@@ -482,7 +483,7 @@ config_service(const config_line_t *line, const 
or_options_t *options,
   /* Different functions are in charge of specific options for a version. We
* start just after the service directory line so once we hit another
* directory line, the function knows that it has to stop parsing. */
-  switch (service->version) {
+  switch (service->config.version) {
   case HS_VERSION_TWO:
 ret = rend_config_service(line->next, options, >config);
 break;
diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index 97d3288..d8b87d1 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -250,7 +250,7 @@ close_service_circuits(hs_service_t *service)
   tor_assert(service);
 
   /* Only support for version >= 3. */
-  if (BUG(service->version < HS_VERSION_THREE)) {
+  if (BUG(service->config.version < HS_VERSION_THREE)) {
 return;
   }
   /* Close intro points. */
@@ -492,8 +492,9 @@ load_service_keys(hs_service_t *service)
   ed25519_keypair_free(kp);
 
   /* Build onion address from the newly loaded keys. */
-  tor_assert(service->version <= UINT8_MAX);
-  hs_build_address(>keys.identity_pk, (uint8_t) service->version,
+  tor_assert(service->config.version <= UINT8_MAX);
+  hs_build_address(>keys.identity_pk,
+   (uint8_t) service->config.version,
service->onion_address);
 
   /* Write onion address to hostname file. */
@@ -572,7 +573,7 @@ hs_service_new(const or_options_t *options)
   /* Set default configuration value. */
   set_service_default_config(>config, options);
   /* Set the default service version. */
-  service->version = HS_SERVICE_DEFAULT_VERSION;
+  service->config.version = 

[tor-commits] [tor/master] Revert "fixup! prop224: Add hs_config.{c|h} with a refactoring"

[nickm]

commit 28f643139951ee6b60cefa7d7a77bbb257c3af50
Author: David Goulet 
Date:   Tue Jul 11 16:17:58 2017 -0400

Revert "fixup! prop224: Add hs_config.{c|h} with a refactoring"

This reverts commit e2497e2ba038133026a475f0f93c9054187b2a1d.
---
 src/or/hs_config.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index afc9631..3baab46 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -287,7 +287,6 @@ config_generic_service(const config_line_t *line_,
 
   /* Makes thing easier. */
   config = >config;
-  memset(config, 0, sizeof(*config));
 
   /* The first line starts with HiddenServiceDir so we consider what's next is
* the configuration of the service. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] test: Add v3 service config and registration test

[nickm]

commit 418059dd96f5f427ece1daeb2a2f6c4adbeb
Author: David Goulet 
Date:   Tue Jan 17 12:09:54 2017 -0500

test: Add v3 service config and registration test

This tests our hs_config.c API to properly load v3 services and register 
them
to the global map. It does NOT test the service object validity, that will 
be
the hs service unit test later on.

At this commit, we have 100% code coverage of hs_config.c.

Signed-off-by: David Goulet 
---
 src/or/hs_service.c   |  20 +++
 src/or/hs_service.h   |  11 ++
 src/test/test_hs_config.c | 349 +-
 3 files changed, 345 insertions(+), 35 deletions(-)

diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index eb58c76..854ce9e 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -6,6 +6,8 @@
  * \brief Implement next generation hidden service functionality
  **/
 
+#define HS_SERVICE_PRIVATE
+
 #include "or.h"
 #include "circuitlist.h"
 #include "config.h"
@@ -786,3 +788,21 @@ generate_establish_intro_cell(const uint8_t 
*circuit_key_material,
   return NULL;
 }
 
+#ifdef TOR_UNIT_TESTS
+
+/* Return the global service map size. Only used by unit test. */
+STATIC unsigned int
+get_hs_service_map_size(void)
+{
+  return HT_SIZE(hs_service_map);
+}
+
+/* Return the staging list size. Only used by unit test. */
+STATIC int
+get_hs_service_staging_list_size(void)
+{
+  return smartlist_len(hs_service_staging_list);
+}
+
+#endif /* TOR_UNIT_TESTS */
+
diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index 90606ac..cd154d3 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -224,5 +224,16 @@ ssize_t
 get_establish_intro_payload(uint8_t *buf, size_t buf_len,
 const trn_cell_establish_intro_t *cell);
 
+#ifdef HS_SERVICE_PRIVATE
+
+#ifdef TOR_UNIT_TESTS
+
+STATIC unsigned int get_hs_service_map_size(void);
+STATIC int get_hs_service_staging_list_size(void);
+
+#endif /* TOR_UNIT_TESTS */
+
+#endif /* HS_SERVICE_PRIVATE */
+
 #endif /* TOR_HS_SERVICE_H */
 
diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c
index 18b1194..343ce9f 100644
--- a/src/test/test_hs_config.c
+++ b/src/test/test_hs_config.c
@@ -7,15 +7,20 @@
  */
 
 #define CONFIG_PRIVATE
+#define HS_SERVICE_PRIVATE
 
 #include "test.h"
 #include "test_helpers.h"
 #include "log_test_helpers.h"
-#include "hs_config.h"
+
 #include "config.h"
+#include "hs_common.h"
+#include "hs_config.h"
+#include "hs_service.h"
+#include "rendservice.h"
 
 static int
-helper_config_service_v2(const char *conf, int validate_only)
+helper_config_service(const char *conf, int validate_only)
 {
   int ret = 0;
   or_options_t *options = NULL;
@@ -29,9 +34,9 @@ helper_config_service_v2(const char *conf, int validate_only)
 }
 
 static void
-test_invalid_service_v2(void *arg)
+test_invalid_service(void *arg)
 {
-  int validate_only = 1, ret;
+  int ret;
 
   (void) arg;
 
@@ -39,11 +44,98 @@ test_invalid_service_v2(void *arg)
   {
 const char *conf =
   "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
-  "HiddenServiceVersion 2\n";
+  "HiddenServiceVersion 1\n"; /* Wrong not supported version. */
 setup_full_capture_of_logs(LOG_WARN);
-ret = helper_config_service_v2(conf, validate_only);
+ret = helper_config_service(conf, 1);
 tt_int_op(ret, OP_EQ, -1);
-expect_log_msg_containing("with no ports configured.");
+expect_log_msg_containing("HiddenServiceVersion must be between 2 and 3");
+teardown_capture_of_logs();
+  }
+
+  /* Bad value of HiddenServiceAllowUnknownPorts. */
+  {
+const char *conf =
+  "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
+  "HiddenServiceVersion 2\n"
+  "HiddenServiceAllowUnknownPorts 2\n"; /* Should be 0 or 1. */
+setup_full_capture_of_logs(LOG_WARN);
+ret = helper_config_service(conf, 1);
+tt_int_op(ret, OP_EQ, -1);
+expect_log_msg_containing("HiddenServiceAllowUnknownPorts must be "
+  "between 0 and 1, not 2");
+teardown_capture_of_logs();
+  }
+
+  /* Bad value of HiddenServiceDirGroupReadable */
+  {
+const char *conf =
+  "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
+  "HiddenServiceVersion 2\n"
+  "HiddenServiceDirGroupReadable 2\n"; /* Should be 0 or 1. */
+setup_full_capture_of_logs(LOG_WARN);
+ret = helper_config_service(conf, 1);
+tt_int_op(ret, OP_EQ, -1);
+expect_log_msg_containing("HiddenServiceDirGroupReadable must be "
+  "between 0 and 1, not 2");
+teardown_capture_of_logs();
+  }
+
+  /* Bad value of HiddenServiceMaxStreamsCloseCircuit */
+  {
+const char *conf =
+  "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
+  "HiddenServiceVersion 2\n"
+  "HiddenServiceMaxStreamsCloseCircuit 2\n"; /* Should be 0 or 1. */
+setup_full_capture_of_logs(LOG_WARN);
+ret = helper_config_service(conf, 1);
+  

[tor-commits] [tor/master] test: Add HS v2 service configuration unit tests

[nickm]

commit 93774dcb5458115652e0be5cdfaf198967b8a31e
Author: David Goulet 
Date:   Fri Jan 13 11:20:31 2017 -0500

test: Add HS v2 service configuration unit tests

Signed-off-by: David Goulet 
---
 src/test/include.am   |   1 +
 src/test/test.c   |   1 +
 src/test/test.h   |   1 +
 src/test/test_helpers.c   |  42 +-
 src/test/test_helpers.h   |   1 +
 src/test/test_hs_config.c | 198 ++
 6 files changed, 242 insertions(+), 2 deletions(-)

diff --git a/src/test/include.am b/src/test/include.am
index e7a2e02..2e448c8 100644
--- a/src/test/include.am
+++ b/src/test/include.am
@@ -114,6 +114,7 @@ src_test_test_SOURCES = \
src/test/test_guardfraction.c \
src/test/test_extorport.c \
src/test/test_hs.c \
+   src/test/test_hs_config.c \
src/test/test_hs_service.c \
src/test/test_hs_client.c  \
src/test/test_hs_intropoint.c \
diff --git a/src/test/test.c b/src/test/test.c
index 31b3db3..b6b11ce 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -1213,6 +1213,7 @@ struct testgroup_t testgroups[] = {
   { "extorport/", extorport_tests },
   { "legacy_hs/", hs_tests },
   { "hs_cache/", hs_cache },
+  { "hs_config/", hs_config_tests },
   { "hs_descriptor/", hs_descriptor },
   { "hs_service/", hs_service_tests },
   { "hs_client/", hs_client_tests },
diff --git a/src/test/test.h b/src/test/test.h
index 4de0da9..9b2a0b8 100644
--- a/src/test/test.h
+++ b/src/test/test.h
@@ -207,6 +207,7 @@ extern struct testcase_t guardfraction_tests[];
 extern struct testcase_t extorport_tests[];
 extern struct testcase_t hs_tests[];
 extern struct testcase_t hs_cache[];
+extern struct testcase_t hs_config_tests[];
 extern struct testcase_t hs_descriptor[];
 extern struct testcase_t hs_service_tests[];
 extern struct testcase_t hs_client_tests[];
diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c
index 22d9de3..e885d27 100644
--- a/src/test/test_helpers.c
+++ b/src/test/test_helpers.c
@@ -7,18 +7,21 @@
  */
 
 #define ROUTERLIST_PRIVATE
+#define CONFIG_PRIVATE
 #define CONNECTION_PRIVATE
 #define MAIN_PRIVATE
 
 #include "orconfig.h"
 #include "or.h"
 
+#include "buffers.h"
+#include "config.h"
+#include "confparse.h"
 #include "connection.h"
 #include "main.h"
+#include "nodelist.h"
 #include "relay.h"
 #include "routerlist.h"
-#include "nodelist.h"
-#include "buffers.h"
 
 #include "test.h"
 #include "test_helpers.h"
@@ -239,3 +242,38 @@ test_conn_get_connection(uint8_t state, uint8_t type, 
uint8_t purpose)
   return NULL;
 }
 
+/* Helper function to parse a set of torrc options in a text format and return
+ * a newly allocated or_options_t object containing the configuration. On
+ * error, NULL is returned indicating that the conf couldn't be parsed
+ * properly. */
+or_options_t *
+helper_parse_options(const char *conf)
+{
+  int ret = 0;
+  char *msg = NULL;
+  or_options_t *opt = NULL;
+  config_line_t *line = NULL;
+
+  /* Kind of pointless to call this with a NULL value. */
+  tt_assert(conf);
+
+  opt = options_new();
+  tt_assert(opt);
+  ret = config_get_lines(conf, , 1);
+  if (ret != 0) {
+goto done;
+  }
+  ret = config_assign(_format, opt, line, 0, );
+  if (ret != 0) {
+goto done;
+  }
+
+ done:
+  config_free_lines(line);
+  if (ret != 0) {
+or_options_free(opt);
+opt = NULL;
+  }
+  return opt;
+}
+
diff --git a/src/test/test_helpers.h b/src/test/test_helpers.h
index 96a4b59..847104a 100644
--- a/src/test/test_helpers.h
+++ b/src/test/test_helpers.h
@@ -24,6 +24,7 @@ int mock_tor_addr_lookup__fail_on_bad_addrs(const char *name,
 
 connection_t *test_conn_get_connection(uint8_t state,
uint8_t type, uint8_t purpose);
+or_options_t *helper_parse_options(const char *conf);
 
 extern const char TEST_DESCRIPTORS[];
 
diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c
new file mode 100644
index 000..18b1194
--- /dev/null
+++ b/src/test/test_hs_config.c
@@ -0,0 +1,198 @@
+/* Copyright (c) 2016, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file test_hs_config.c
+ * \brief Test hidden service configuration functionality.
+ */
+
+#define CONFIG_PRIVATE
+
+#include "test.h"
+#include "test_helpers.h"
+#include "log_test_helpers.h"
+#include "hs_config.h"
+#include "config.h"
+
+static int
+helper_config_service_v2(const char *conf, int validate_only)
+{
+  int ret = 0;
+  or_options_t *options = NULL;
+  tt_assert(conf);
+  options = helper_parse_options(conf);
+  tt_assert(options);
+  ret = hs_config_service_all(options, validate_only);
+ done:
+  or_options_free(options);
+  return ret;
+}
+
+static void
+test_invalid_service_v2(void *arg)
+{
+  int validate_only = 1, ret;
+
+  (void) arg;
+
+  /* Try with a missing port configuration. */
+  {
+const char *conf =
+  "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"

[tor-commits] [tor/master] prop224: Detect duplicate configuration options

[nickm]

commit e9dd4ed16d8606dc0aa0cd6eadc99aa959f93392
Author: David Goulet 
Date:   Wed Jul 12 11:02:59 2017 -0400

prop224: Detect duplicate configuration options

Signed-off-by: David Goulet 
---
 src/or/hs_config.c | 46 --
 1 file changed, 40 insertions(+), 6 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index f1e130b..2e75a4e 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -241,6 +241,8 @@ config_service_v3(const config_line_t *line_,
   hs_service_t *service)
 {
   (void) options;
+  int have_num_ip = 0;
+  const char *dup_opt_seen = NULL;
   const config_line_t *line;
   hs_service_config_t *config;
 
@@ -261,9 +263,12 @@ config_service_v3(const config_line_t *line_,
NUM_INTRO_POINTS_DEFAULT,
HS_CONFIG_V3_MAX_INTRO_POINTS,
);
-  if (!ok) {
+  if (!ok || have_num_ip) {
+if (have_num_ip)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_num_ip = 1;
   continue;
 }
   }
@@ -279,6 +284,9 @@ config_service_v3(const config_line_t *line_,
 
   return 0;
  err:
+  if (dup_opt_seen) {
+log_warn(LD_CONFIG, "Duplicate directive %s.", dup_opt_seen);
+  }
   return -1;
 }
 
@@ -301,6 +309,13 @@ config_generic_service(const config_line_t *line_,
   int dir_seen = 0;
   const config_line_t *line;
   hs_service_config_t *config;
+  /* If this is set, we've seen a duplicate of this option. Keep the string
+   * so we can log the directive. */
+  const char *dup_opt_seen = NULL;
+  /* These variables will tell us if we ever have duplicate. */
+  int have_version = 0, have_allow_unknown_ports = 0;
+  int have_dir_group_read = 0, have_max_streams = 0;
+  int have_max_streams_close = 0;
 
   tor_assert(line_);
   tor_assert(options);
@@ -313,6 +328,7 @@ config_generic_service(const config_line_t *line_,
* the configuration of the service. */
   for (line = line_; line ; line = line->next) {
 int ok = 0;
+
 /* This indicate that we have a new service to configure. */
 if (!strcasecmp(line->key, "HiddenServiceDir")) {
   /* This function only configures one service at a time so if we've
@@ -335,9 +351,12 @@ config_generic_service(const config_line_t *line_,
   service->version =
 (uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN,
HS_VERSION_MAX, );
-  if (!ok) {
+  if (!ok || have_version) {
+if (have_version)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_version = 1;
   continue;
 }
 /* Virtual port. */
@@ -363,18 +382,24 @@ config_generic_service(const config_line_t *line_,
 if (!strcasecmp(line->key, "HiddenServiceAllowUnknownPorts")) {
   config->allow_unknown_ports =
 (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, );
-  if (!ok) {
+  if (!ok || have_allow_unknown_ports) {
+if (have_allow_unknown_ports)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_allow_unknown_ports = 1;
   continue;
 }
 /* Directory group readable. */
 if (!strcasecmp(line->key, "HiddenServiceDirGroupReadable")) {
   config->dir_group_readable =
 (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, );
-  if (!ok) {
+  if (!ok || have_dir_group_read) {
+if (have_dir_group_read)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_dir_group_read = 1;
   continue;
 }
 /* Maximum streams per circuit. */
@@ -382,18 +407,24 @@ config_generic_service(const config_line_t *line_,
   config->max_streams_per_rdv_circuit =
 helper_parse_uint64(line->key, line->value, 0,
 HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT, );
-  if (!ok) {
+  if (!ok || have_max_streams) {
+if (have_max_streams)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_max_streams = 1;
   continue;
 }
 /* Maximum amount of streams before we close the circuit. */
 if (!strcasecmp(line->key, "HiddenServiceMaxStreamsCloseCircuit")) {
   config->max_streams_close_circuit =
 (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, );
-  if (!ok) {
+  if (!ok || have_max_streams_close) {
+if (have_max_streams_close)
+  dup_opt_seen = line->key;
 goto err;
   }
+  have_max_streams_close = 1;
   continue;
 }
   }
@@ -408,6 +439,9 @@ config_generic_service(const config_line_t *line_,
   /* Success */
   return 0;
  err:
+  if (dup_opt_seen) {
+log_warn(LD_CONFIG, "Duplicate directive %s.", dup_opt_seen);
+  }
   return -1;
 }
 



___
tor-commits 

[tor-commits] [tor/master] test: Add v3 service load keys and accessors

[nickm]

commit 09b12c40947ea496c0bfaeeafba7540925c17a32
Author: David Goulet 
Date:   Thu Feb 2 15:26:04 2017 -0500

test: Add v3 service load keys and accessors

Signed-off-by: David Goulet 
---
 src/or/hs_service.c|  27 +---
 src/or/hs_service.h|  14 
 src/test/test_hs_service.c | 166 +
 3 files changed, 199 insertions(+), 8 deletions(-)

diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index 854ce9e..bfce780 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -57,11 +57,6 @@ hs_service_ht_hash(const hs_service_t *service)
sizeof(service->keys.identity_pk.pubkey));
 }
 
-/* For the service global hash map, we define a specific type for it which
- * will make it safe to use and specific to some controlled parameters such as
- * the hashing function and how to compare services. */
-typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht;
-
 /* This is _the_ global hash map of hidden services which indexed the service
  * contained in it by master public identity key which is roughly the onion
  * address of the service. */
@@ -82,7 +77,7 @@ HT_GENERATE2(hs_service_ht, hs_service_t, hs_service_node,
  * if found else NULL. It is also possible to set a directory path in the
  * search query. If pk is NULL, then it will be set to zero indicating the
  * hash table to compare the directory path instead. */
-static hs_service_t *
+STATIC hs_service_t *
 find_service(hs_service_ht *map, const ed25519_public_key_t *pk)
 {
   hs_service_t dummy_service = {0};
@@ -95,7 +90,7 @@ find_service(hs_service_ht *map, const ed25519_public_key_t 
*pk)
 /* Register the given service in the given map. If the service already exists
  * in the map, -1 is returned. On success, 0 is returned and the service
  * ownership has been transfered to the global map. */
-static int
+STATIC int
 register_service(hs_service_ht *map, hs_service_t *service)
 {
   tor_assert(map);
@@ -113,7 +108,7 @@ register_service(hs_service_ht *map, hs_service_t *service)
 
 /* Remove a given service from the given map. If service is NULL or the
  * service key is unset, return gracefully. */
-static void
+STATIC void
 remove_service(hs_service_ht *map, hs_service_t *service)
 {
   hs_service_t *elm;
@@ -804,5 +799,21 @@ get_hs_service_staging_list_size(void)
   return smartlist_len(hs_service_staging_list);
 }
 
+STATIC hs_service_ht *
+get_hs_service_map(void)
+{
+  return hs_service_map;
+}
+
+STATIC hs_service_t *
+get_first_service(void)
+{
+  hs_service_t **obj = HT_START(hs_service_ht, hs_service_map);
+  if (obj == NULL) {
+return NULL;
+  }
+  return *obj;
+}
+
 #endif /* TOR_UNIT_TESTS */
 
diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index cd154d3..a98884f 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -200,6 +200,11 @@ typedef struct hs_service_t {
 
 } hs_service_t;
 
+/* For the service global hash map, we define a specific type for it which
+ * will make it safe to use and specific to some controlled parameters such as
+ * the hashing function and how to compare services. */
+typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht;
+
 /* API */
 
 /* Global initializer and cleanup function. */
@@ -228,8 +233,17 @@ get_establish_intro_payload(uint8_t *buf, size_t buf_len,
 
 #ifdef TOR_UNIT_TESTS
 
+/* Useful getters for unit tests. */
 STATIC unsigned int get_hs_service_map_size(void);
 STATIC int get_hs_service_staging_list_size(void);
+STATIC hs_service_ht *get_hs_service_map(void);
+STATIC hs_service_t *get_first_service(void);
+
+/* Service accessors. */
+STATIC hs_service_t *find_service(hs_service_ht *map,
+  const ed25519_public_key_t *pk);
+STATIC void remove_service(hs_service_ht *map, hs_service_t *service);
+STATIC int register_service(hs_service_ht *map, hs_service_t *service);
 
 #endif /* TOR_UNIT_TESTS */
 
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index e081b7f..c695b90 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -8,14 +8,17 @@
 
 #define CIRCUITBUILD_PRIVATE
 #define CIRCUITLIST_PRIVATE
+#define CONFIG_PRIVATE
 #define CONNECTION_PRIVATE
 #define CRYPTO_PRIVATE
 #define HS_COMMON_PRIVATE
+#define HS_SERVICE_PRIVATE
 #define HS_INTROPOINT_PRIVATE
 #define MAIN_PRIVATE
 #define TOR_CHANNEL_INTERNAL_
 
 #include "test.h"
+#include "test_helpers.h"
 #include "log_test_helpers.h"
 #include "rend_test_helpers.h"
 
@@ -26,8 +29,10 @@
 #include "circuituse.h"
 #include "config.h"
 #include "connection.h"
+#include "crypto.h"
 #include "hs_circuit.h"
 #include "hs_common.h"
+#include "hs_config.h"
 #include "hs_ident.h"
 #include "hs_intropoint.h"
 #include "hs_ntor.h"
@@ -35,6 +40,25 @@
 #include "main.h"
 #include "rendservice.h"
 
+/* Trunnel */
+#include "hs/cell_establish_intro.h"
+
+/* Helper: from a set of options in conf, configure 

[tor-commits] [tor/master] prop224: Add a function to check for invalid opts

[nickm]

commit f76f8731995917366b53f729befd450ed3d417d1
Author: David Goulet 
Date:   Fri Jul 7 15:34:36 2017 -0400

prop224: Add a function to check for invalid opts

Every hidden service option don't apply to every version so this new 
function
makes sure we don't have for instance an option that is only for v2 in a v3
configured service.

This works using an exclude lists for a specific version. Right now, there 
is
only one option that is not allowed in v3. The rest is common.

Signed-off-by: David Goulet 
---
 src/or/hs_config.c | 69 ++
 1 file changed, 69 insertions(+)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 6bb422d..afc9631 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -115,6 +115,69 @@ service_is_duplicate_in_list(const smartlist_t 
*service_list,
   return ret;
 }
 
+/* Return true iff the given options starting at line_ for a hidden service
+ * contains at least one invalid option. Each hidden service option don't
+ * apply to all versions so this function can find out. The line_ MUST start
+ * right after the HiddenServiceDir line of this service.
+ *
+ * This is mainly for usability so we can inform the user of any invalid
+ * option for the hidden service version instead of silently ignoring. */
+static int
+config_has_invalid_options(const config_line_t *line_,
+   const hs_service_t *service)
+{
+  int ret = 0;
+  const char **optlist;
+  const config_line_t *line;
+
+  tor_assert(service);
+  tor_assert(service->version <= HS_VERSION_MAX);
+
+  /* List of options that a v3 service doesn't support thus must exclude from
+   * its configuration. */
+  const char *opts_exclude_v3[] = {
+"HiddenServiceAuthorizeClient",
+NULL /* End marker. */
+  };
+
+  /* Defining the size explicitly allows us to take advantage of the compiler
+   * which warns us if we ever bump the max version but forget to grow this
+   * array. The plus one is because we have a version 0 :). */
+  struct {
+const char **list;
+  } exclude_lists[HS_VERSION_MAX + 1] = {
+{ NULL }, /* v0. */
+{ NULL }, /* v1. */
+{ NULL }, /* v2 */
+{ opts_exclude_v3 }, /* v3. */
+  };
+
+  optlist = exclude_lists[service->version].list;
+  if (optlist == NULL) {
+/* No exclude options to look at for this version. */
+goto end;
+  }
+  for (int i = 0; optlist[i]; i++) {
+const char *opt = optlist[i];
+for (line = line_; line; line = line->next) {
+  if (!strcasecmp(line->key, "HiddenServiceDir")) {
+/* We just hit the next hidden service, stop right now. */
+goto end;
+  }
+  if (!strcasecmp(line->key, opt)) {
+log_warn(LD_CONFIG, "Hidden service option %s is incompatible with "
+"version %" PRIu32 " of service in %s",
+ opt, service->version, service->config.directory_path);
+ret = 1;
+/* Continue the loop so we can find all possible options. */
+continue;
+  }
+}
+  }
+ end:
+  return ret;
+}
+
 /* Validate service configuration. This is used when loading the configuration
  * and once we've setup a service object, it's config object is passed to this
  * function for further validation. This does not validate service key
@@ -395,6 +458,12 @@ config_service(const config_line_t *line, const 
or_options_t *options,
 goto err;
   }
   tor_assert(service->version <= HS_VERSION_MAX);
+  /* Before we configure the service with the per-version handler, we'll make
+   * sure that this set of options for a service are valid that is for
+   * instance an option only for v2 is not used for v3. */
+  if (config_has_invalid_options(line->next, service)) {
+goto err;
+  }
   /* Check permission on service directory that was just parsed. And this must
* be done regardless of the service version. Do not ask for the directory
* to be created, this is done when the keys are loaded because we could be



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs: Add rend_service_init()

[nickm]

commit 87f6f96f4707cc18a58c5de8be0ee10f1893673d
Author: David Goulet 
Date:   Thu Jun 29 11:18:24 2017 -0400

hs: Add rend_service_init()

Initialize both the global and staging service lists.

Signed-off-by: David Goulet 
---
 src/or/hs_service.c  |  3 +++
 src/or/rendservice.c | 11 +++
 src/or/rendservice.h |  1 +
 3 files changed, 15 insertions(+)

diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index bce976e..eb58c76 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -616,6 +616,9 @@ hs_service_init(void)
   tor_assert(!hs_service_map);
   tor_assert(!hs_service_staging_list);
 
+  /* v2 specific. */
+  rend_service_init();
+
   hs_service_map = tor_malloc_zero(sizeof(struct hs_service_ht));
   HT_INIT(hs_service_ht, hs_service_map);
 
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 358efd0..67da760 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -257,6 +257,17 @@ rend_service_free_all(void)
   rend_service_free_staging_list();
 }
 
+/* Initialize the subsystem. */
+void
+rend_service_init(void)
+{
+  tor_assert(!rend_service_list);
+  tor_assert(!rend_service_staging_list);
+
+  rend_service_list = smartlist_new();
+  rend_service_staging_list = smartlist_new();
+}
+
 /* Validate a service. Use the service_list to make sure there
  * is no duplicate entry for the given service object. Return 0 if valid else
  * -1 if not.*/
diff --git a/src/or/rendservice.h b/src/or/rendservice.h
index 361a119..20e827d 100644
--- a/src/or/rendservice.h
+++ b/src/or/rendservice.h
@@ -179,6 +179,7 @@ int rend_service_set_connection_addr_port(edge_connection_t 
*conn,
   origin_circuit_t *circ);
 void rend_service_dump_stats(int severity);
 void rend_service_free_all(void);
+void rend_service_init(void);
 
 rend_service_port_config_t *rend_service_parse_port_config(const char *string,
const char *sep,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Fix clang warnings

[nickm]

commit 965e3a6628f26d5fb1422fb04aa12e807537a32a
Author: David Goulet 
Date:   Thu Jul 13 17:18:11 2017 -0400

prop224: Fix clang warnings

Signed-off-by: David Goulet 
---
 src/or/hs_service.c  |  3 ++-
 src/or/rendservice.c | 10 +-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index d8b87d1..5fde42d 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -80,9 +80,10 @@ HT_GENERATE2(hs_service_ht, hs_service_t, hs_service_node,
 STATIC hs_service_t *
 find_service(hs_service_ht *map, const ed25519_public_key_t *pk)
 {
-  hs_service_t dummy_service = {0};
+  hs_service_t dummy_service;
   tor_assert(map);
   tor_assert(pk);
+  memset(_service, 0, sizeof(dummy_service));
   ed25519_pubkey_copy(_service.keys.identity_pk, pk);
   return HT_FIND(hs_service_ht, map, _service);
 }
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 67de636..2a5d2b7 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -18,6 +18,7 @@
 #include "control.h"
 #include "directory.h"
 #include "hs_common.h"
+#include "hs_config.h"
 #include "main.h"
 #include "networkstatus.h"
 #include "nodelist.h"
@@ -631,7 +632,14 @@ service_config_shadow_copy(rend_service_t *service,
   service->directory = tor_strdup(config->directory_path);
   service->dir_group_readable = config->dir_group_readable;
   service->allow_unknown_ports = config->allow_unknown_ports;
-  service->max_streams_per_circuit = config->max_streams_per_rdv_circuit;
+  /* This value can't go above HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT (65535)
+   * if the code flow is right so this cast is safe. But just in case, we'll
+   * check it. */
+  service->max_streams_per_circuit = (int) config->max_streams_per_rdv_circuit;
+  if (BUG(config->max_streams_per_rdv_circuit >
+  HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT)) {
+service->max_streams_per_circuit = HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT;
+  }
   service->max_streams_close_circuit = config->max_streams_close_circuit;
   service->n_intro_points_wanted = config->num_intro_points;
   /* Switching ownership of the ports to the rend service object. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Use the service config object when configuring

[nickm]

commit 3eeebd1b0ca43bc2523fb39349078277a40d4116
Author: David Goulet 
Date:   Wed Jul 12 13:52:19 2017 -0400

prop224: Use the service config object when configuring

Both configuration function now takes the service config object instead of 
the
service itself.

Signed-off-by: David Goulet 
---
 src/or/hs_config.c   | 13 -
 src/or/rendservice.c | 26 --
 src/or/rendservice.h |  2 +-
 3 files changed, 17 insertions(+), 24 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index c29315f..7e0124b 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -236,18 +236,13 @@ config_validate_service(const hs_service_config_t *config)
  * Return 0 on success else a negative value. */
 static int
 config_service_v3(const config_line_t *line_,
-  const or_options_t *options,
-  hs_service_t *service)
+  hs_service_config_t *config)
 {
-  (void) options;
   int have_num_ip = 0;
   const char *dup_opt_seen = NULL;
   const config_line_t *line;
-  hs_service_config_t *config;
-
-  tor_assert(service);
 
-  config = >config;
+  tor_assert(config);
 
   for (line = line_; line; line = line->next) {
 int ok = 0;
@@ -489,10 +484,10 @@ config_service(const config_line_t *line, const 
or_options_t *options,
* directory line, the function knows that it has to stop parsing. */
   switch (service->version) {
   case HS_VERSION_TWO:
-ret = rend_config_service(line->next, options, service);
+ret = rend_config_service(line->next, options, >config);
 break;
   case HS_VERSION_THREE:
-ret = config_service_v3(line->next, options, service);
+ret = config_service_v3(line->next, >config);
 break;
   default:
 /* We do validate before if we support the parsed version. */
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 67da760..67de636 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -622,14 +622,12 @@ rend_service_prune_list(void)
  * object which so we have to copy the parsed values to a rend service object
  * which is version 2 specific. */
 static void
-service_shadow_copy(rend_service_t *service, hs_service_t *hs_service)
+service_config_shadow_copy(rend_service_t *service,
+   hs_service_config_t *config)
 {
-  hs_service_config_t *config;
-
   tor_assert(service);
-  tor_assert(hs_service);
+  tor_assert(config);
 
-  config = _service->config;
   service->directory = tor_strdup(config->directory_path);
   service->dir_group_readable = config->dir_group_readable;
   service->allow_unknown_ports = config->allow_unknown_ports;
@@ -638,19 +636,19 @@ service_shadow_copy(rend_service_t *service, hs_service_t 
*hs_service)
   service->n_intro_points_wanted = config->num_intro_points;
   /* Switching ownership of the ports to the rend service object. */
   smartlist_add_all(service->ports, config->ports);
-  smartlist_free(hs_service->config.ports);
-  hs_service->config.ports = NULL;
+  smartlist_free(config->ports);
+  config->ports = NULL;
 }
 
 /* Parse the hidden service configuration starting at line_ using the
- * already configured generic service in hs_service. This function will
- * translate the service object to a rend_service_t and add it to the
- * temporary list if valid. If validate_only is set, parse, warn and
- * return as normal but don't actually add the service to the list. */
+ * already configured generic service configuration in config. This
+ * function will translate the config object to a rend_service_t and add it to
+ * the temporary list if valid. If validate_only is set, parse, warn
+ * and return as normal but don't actually add the service to the list. */
 int
 rend_config_service(const config_line_t *line_,
 const or_options_t *options,
-hs_service_t *hs_service)
+hs_service_config_t *config)
 {
   const config_line_t *line;
   rend_service_t *service = NULL;
@@ -658,7 +656,7 @@ rend_config_service(const config_line_t *line_,
   /* line_ can be NULL which would mean that the service configuration only
* have one line that is the directory directive. */
   tor_assert(options);
-  tor_assert(hs_service);
+  tor_assert(config);
 
   /* Use the staging service list so that we can check then do the pruning
* process using the main list at the end. */
@@ -672,7 +670,7 @@ rend_config_service(const config_line_t *line_,
   service->ports = smartlist_new();
   /* From the hs_service object which has been used to load the generic
* options, we'll copy over the useful data to the rend_service_t object. */
-  service_shadow_copy(service, hs_service);
+  service_config_shadow_copy(service, config);
 
   for (line = line_; line; line = line->next) {
 if (!strcasecmp(line->key, "HiddenServiceDir")) {
diff --git a/src/or/rendservice.h b/src/or/rendservice.h
index 20e827d..ffed21d 100644

[tor-commits] [tor/master] prop224: Initial import of hs_service_t

[nickm]

commit b03853b65f109ed6a34ba2924fe3b00d56131ff5
Author: David Goulet 
Date:   Sun Jan 15 10:09:13 2017 -0500

prop224: Initial import of hs_service_t

This object is the foundation of proposal 224 service work. It will change
and be adapted as it's being used more and more in the codebase. So, this
version is just a basic skeleton one that *will* change.

Signed-off-by: David Goulet 
---
 src/or/hs_service.h | 184 +++-
 1 file changed, 182 insertions(+), 2 deletions(-)

diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index 3302592..fa5dd54 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -3,15 +3,195 @@
 
 /**
  * \file hs_service.h
- * \brief Header file for hs_service.c.
+ * \brief Header file containing service data for the HS subsytem.
  **/
 
 #ifndef TOR_HS_SERVICE_H
 #define TOR_HS_SERVICE_H
 
-#include "or.h"
+#include "crypto_curve25519.h"
+#include "crypto_ed25519.h"
+#include "hs_descriptor.h"
+#include "hs_intropoint.h"
+#include "replaycache.h"
+
+/* Trunnel */
 #include "hs/cell_establish_intro.h"
 
+/* When loading and configuring a service, this is the default version it will
+ * be configured for as it is possible that no HiddenServiceVersion is
+ * present. */
+#define HS_SERVICE_DEFAULT_VERSION HS_VERSION_TWO
+
+/* Service side introduction point. */
+typedef struct hs_service_intro_point_t {
+  /* Top level intropoint "shared" data between client/service. */
+  hs_intropoint_t base;
+
+  /* Authentication keypair used to create the authentication certificate
+   * which is published in the descriptor. */
+  ed25519_keypair_t auth_key_kp;
+
+  /* Encryption private key. */
+  curve25519_secret_key_t enc_key_sk;
+
+  /* Amount of INTRODUCE2 cell accepted from this intro point. */
+  uint64_t introduce2_count;
+
+  /* Maximum number of INTRODUCE2 cell this intro point should accept. */
+  uint64_t introduce2_max;
+
+  /* The time at which this intro point should expire and stop being used. */
+  time_t time_to_expire;
+
+  /* The amount of circuit creation we've made to this intro point. This is
+   * incremented every time we do a circuit relaunch on this intro point which
+   * is triggered when the circuit dies but the node is still in the
+   * consensus. After MAX_INTRO_POINT_CIRCUIT_RETRIES, we give up on it. */
+  uint32_t circuit_retries;
+
+  /* Set if this intro point has an established circuit. */
+  unsigned int circuit_established : 1;
+
+  /* Replay cache recording the encrypted part of an INTRODUCE2 cell that the
+   * circuit associated with this intro point has received. This is used to
+   * prevent replay attacks. */
+  replaycache_t *replay_cache;
+} hs_service_intro_point_t;
+
+/* Object handling introduction points of a service. */
+typedef struct hs_service_intropoints_t {
+  /* The time at which we've started our retry period to build circuits. We
+   * don't want to stress circuit creation so we can only retry for a certain
+   * time and then after we stop and wait. */
+  time_t retry_period_started;
+
+  /* Number of circuit we've launched during a single retry period. */
+  unsigned int num_circuits_launched;
+
+  /* Contains the current hs_service_intro_point_t objects indexed by
+   * authentication public key. */
+  digest256map_t *map;
+} hs_service_intropoints_t;
+
+/* Representation of a service descriptor. */
+typedef struct hs_service_descriptor_t {
+  /* Decoded descriptor. This object is used for encoding when the service
+   * publishes the descriptor. */
+  hs_descriptor_t *desc;
+
+  /* Descriptor signing keypair. */
+  ed25519_keypair_t signing_kp;
+
+  /* Blinded keypair derived from the master identity public key. */
+  ed25519_keypair_t blinded_kp;
+
+  /* When is the next time when we should upload the descriptor. */
+  time_t next_upload_time;
+
+  /* Introduction points assign to this descriptor which contains
+   * hs_service_intropoints_t object indexed by authentication key (the RSA
+   * key if the node is legacy). */
+  hs_service_intropoints_t intro_points;
+} hs_service_descriptor_t;
+
+/* Service key material. */
+typedef struct hs_service_keys_t {
+  /* Master identify public key. */
+  ed25519_public_key_t identity_pk;
+  /* Master identity private key. */
+  ed25519_secret_key_t identity_sk;
+  /* True iff the key is kept offline which means the identity_sk MUST not be
+   * used in that case. */
+  unsigned int is_identify_key_offline : 1;
+} hs_service_keys_t;
+
+/* Service configuration. The following are set from the torrc options either
+ * set by the configuration file or by the control port. Nothing else should
+ * change those values. */
+typedef struct hs_service_config_t {
+  /* List of rend_service_port_config_t */
+  smartlist_t *ports;
+
+  /* Path on the filesystem where the service persistent data is stored. NULL
+   * if the service is ephemeral. Specified by 

[tor-commits] [tor/master] prop224: Add hs_config.{c|h} with a refactoring

[nickm]

commit 02e2edeb33224461d1fbb879722c0948171b9688
Author: David Goulet 
Date:   Mon Jan 16 13:19:44 2017 -0500

prop224: Add hs_config.{c|h} with a refactoring

Add the hs_config.{c|h} files contains everything that the HS subsystem 
needs
to load and configure services. Ultimately, it should also contain client
functions such as client authorization.

This comes with a big refactoring of rend_config_services() which has now
changed to only configure a single service and it is stripped down of the
common directives which are now part of the generic handler.

This is ground work for prop224 of course but only touches version 2 
services
and add XXX note for version 3.

Signed-off-by: David Goulet 
---
 src/or/config.c  |   5 +-
 src/or/hs_common.h   |   3 +
 src/or/hs_config.c   | 292 ++
 src/or/hs_config.h   |  19 
 src/or/hs_service.c  |  85 +++
 src/or/hs_service.h  |   6 ++
 src/or/include.am|  24 +++--
 src/or/main.c|   2 +-
 src/or/rendservice.c | 293 +--
 src/or/rendservice.h |  10 +-
 src/test/test_hs.c   |  22 ++--
 11 files changed, 533 insertions(+), 228 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index 5b5bb90..062ab27 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -91,6 +91,7 @@
 #include "relay.h"
 #include "rendclient.h"
 #include "rendservice.h"
+#include "hs_config.h"
 #include "rephist.h"
 #include "router.h"
 #include "sandbox.h"
@@ -1681,7 +1682,7 @@ options_act(const or_options_t *old_options)
 sweep_bridge_list();
   }
 
-  if (running_tor && rend_config_services(options, 0)<0) {
+  if (running_tor && hs_config_service_all(options, 0)<0) {
 log_warn(LD_BUG,
"Previously validated hidden services line could not be added!");
 return -1;
@@ -4009,7 +4010,7 @@ options_validate(or_options_t *old_options, or_options_t 
*options,
 COMPLAIN("V3AuthVotingInterval does not divide evenly into 24 hours.");
   }
 
-  if (rend_config_services(options, 1) < 0)
+  if (hs_config_service_all(options, 1) < 0)
 REJECT("Failed to configure rendezvous options. See logs for details.");
 
   /* Parse client-side authorization for hidden services. */
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index 872fed7..abc44c0 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -16,6 +16,9 @@
 #define HS_VERSION_TWO 2
 /* Version 3 of the protocol (prop224). */
 #define HS_VERSION_THREE 3
+/* Earliest and latest version we support. */
+#define HS_VERSION_MIN HS_VERSION_TWO
+#define HS_VERSION_MAX HS_VERSION_THREE
 
 /** Try to maintain this many intro points per service by default. */
 #define NUM_INTRO_POINTS_DEFAULT 3
diff --git a/src/or/hs_config.c b/src/or/hs_config.c
new file mode 100644
index 000..6326e90
--- /dev/null
+++ b/src/or/hs_config.c
@@ -0,0 +1,292 @@
+/* Copyright (c) 2017, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file hs_config.c
+ * \brief Implement hidden service configuration subsystem.
+ *
+ * \details
+ *
+ * This file has basically one main entry point: hs_config_service_all(). It
+ * takes the torrc options and configure hidden service from it. In validate
+ * mode, nothing is added to the global service list or keys are not generated
+ * nor loaded.
+ *
+ * A service is configured in two steps. It is first created using the tor
+ * options and then put in a staging list. It will stay there until
+ * hs_service_load_all_keys() is called. That function is responsible to
+ * load/generate the keys for the service in the staging list and if
+ * successful, transfert the service to the main global service list where
+ * at that point it is ready to be used.
+ *
+ * Configuration handlers are per-version (see config_service_handlers[]) and
+ * there is a main generic one for every option that is common to all version
+ * (config_generic_service).
+ **/
+
+#define HS_CONFIG_PRIVATE
+
+#include "hs_common.h"
+#include "hs_config.h"
+#include "hs_service.h"
+#include "rendservice.h"
+
+/* Configuration handler for a version 3 service. Return 0 on success else a
+ * negative value. */
+static int
+config_service_v3(const config_line_t *line,
+  const or_options_t *options, int validate_only,
+  hs_service_t *service)
+{
+  (void) line;
+  (void) service;
+  (void) validate_only;
+  (void) options;
+  /* XXX: Configure a v3 service with specific options. */
+  /* XXX: Add service to v3 list and pruning on reload. */
+  return 0;
+}
+
+/* Configure a service using the given options in line_ and options. This is
+ * called for any service regardless of its version which means that all
+ * directives in this function are generic to any service version. This
+ * function will also check the validity of the service directory path.
+ *
+ * The 

[tor-commits] [tor/master] prop224: Configure v3 service from options

[nickm]

commit c086a59ea1fe63e38b6f83fa0c2c19bf495e977d
Author: David Goulet 
Date:   Fri Jan 13 16:00:07 2017 -0500

prop224: Configure v3 service from options

This commit adds the support in the HS subsystem for loading a service from 
a
set of or_options_t and put them in a staging list.

To achieve this, service accessors have been created and a global hash map
containing service object indexed by master public key. However, this is not
used for now. It's ground work for registration process.

Signed-off-by: David Goulet 
---
 src/or/circuitlist.h |   1 +
 src/or/hs_common.h   |   2 +-
 src/or/hs_config.c   | 318 +
 src/or/hs_config.h   |   2 +
 src/or/hs_service.c  | 360 ++-
 src/or/hs_service.h  |  15 ++-
 src/or/rendservice.c |  55 +++-
 src/or/rendservice.h |   2 +-
 8 files changed, 648 insertions(+), 107 deletions(-)

diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h
index d647062..2f76252 100644
--- a/src/or/circuitlist.h
+++ b/src/or/circuitlist.h
@@ -48,6 +48,7 @@ origin_circuit_t *circuit_get_ready_rend_circ_by_rend_data(
 origin_circuit_t *circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
  const uint8_t *digest, uint8_t purpose);
 origin_circuit_t *circuit_get_next_service_intro_circ(origin_circuit_t *start);
+origin_circuit_t *circuit_get_next_service_hsdir_circ(origin_circuit_t *start);
 origin_circuit_t *circuit_find_to_cannibalize(uint8_t purpose,
   extend_info_t *info, int flags);
 void circuit_mark_all_unused_circs(void);
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index 8016535..d1bc5ac 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -22,7 +22,7 @@
 
 /** Try to maintain this many intro points per service by default. */
 #define NUM_INTRO_POINTS_DEFAULT 3
-/** Maximum number of intro points per service. */
+/** Maximum number of intro points per generic and version 2 service. */
 #define NUM_INTRO_POINTS_MAX 10
 /** Number of extra intro points we launch if our set of intro nodes is empty.
  * See proposal 155, section 4. */
diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 6326e90..6bb422d 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -31,20 +31,171 @@
 #include "hs_service.h"
 #include "rendservice.h"
 
-/* Configuration handler for a version 3 service. Return 0 on success else a
- * negative value. */
+/* Using the given list of services, stage them into our global state. Every
+ * service version are handled. This function can remove entries in the given
+ * service_list.
+ *
+ * Staging a service means that we take all services in service_list and we
+ * put them in the staging list (global) which acts as a temporary list that
+ * is used by the service loading key process. In other words, staging a
+ * service puts it in a list to be considered when loading the keys and then
+ * moved to the main global list. */
+static void
+stage_services(smartlist_t *service_list)
+{
+  tor_assert(service_list);
+
+  /* This is v2 specific. Trigger service pruning which will make sure the
+   * just configured services end up in the main global list. It should only
+   * be done in non validation mode because v2 subsystem handles service
+   * object differently. */
+  rend_service_prune_list();
+
+  /* Cleanup v2 service from the list, we don't need those object anymore
+   * because we validated them all against the others and we want to stage
+   * only >= v3 service. And remember, v2 has a different object type which is
+   * shadow copied from an hs_service_t type. */
+  SMARTLIST_FOREACH_BEGIN(service_list, hs_service_t *, s) {
+if (s->version == HS_VERSION_TWO) {
+  SMARTLIST_DEL_CURRENT(service_list, s);
+  hs_service_free(s);
+}
+  } SMARTLIST_FOREACH_END(s);
+
+  /* This is >= v3 specific. Using the newly configured service list, stage
+   * them into our global state. Every object ownership is lost after. */
+  hs_service_stage_services(service_list);
+}
+
+/* Validate the given service against all service in the given list. If the
+ * service is ephemeral, this function ignores it. Services with the same
+ * directory path aren't allowed and will return an error. If a duplicate is
+ * found, 1 is returned else 0 if none found. */
+static int
+service_is_duplicate_in_list(const smartlist_t *service_list,
+ const hs_service_t *service)
+{
+  int ret = 0;
+
+  tor_assert(service_list);
+  tor_assert(service);
+
+  /* Ephemeral service don't have a directory configured so no need to check
+   * for a service in the list having the same path. */
+  if (service->config.is_ephemeral) {
+goto end;
+  }
+
+  /* XXX: Validate if we have any service that has the given service dir path.
+   * This has two problems:
+   *
+   * a) 

[tor-commits] [tor/master] prop224: Add a init/free_all function for the whole subsystem

[nickm]

commit 765ed5dac160b28fb658560e8f39d1d7ab3d1c75
Author: David Goulet 
Date:   Mon Jan 16 13:29:03 2017 -0500

prop224: Add a init/free_all function for the whole subsystem

Introduces hs_init() located in hs_common.c which initialize the entire HS 
v3
subsystem. This is done _prior_ to the options being loaded because we need 
to
allocate global data structure before we load the configuration.

The hs_free_all() is added to release everything from tor_free_all().

Note that both functions do NOT handle v2 service subsystem but does handle
the common interface that both v2 and v3 needs such as the cache and
circuitmap.

Signed-off-by: David Goulet 
---
 src/or/hs_common.c  | 22 ++
 src/or/hs_common.h  |  3 +++
 src/or/hs_service.c |  7 +++
 src/or/hs_service.h |  1 +
 src/or/main.c   | 10 +++---
 5 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index 4250812..b524296 100644
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -15,7 +15,9 @@
 
 #include "config.h"
 #include "networkstatus.h"
+#include "hs_cache.h"
 #include "hs_common.h"
+#include "hs_service.h"
 #include "rendcommon.h"
 
 /* Make sure that the directory for service is private, using the config
@@ -344,3 +346,23 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, 
size_t *len_out)
   }
 }
 
+/* Initialize the entire HS subsytem. This is called in tor_init() before any
+ * torrc options are loaded. Only for >= v3. */
+void
+hs_init(void)
+{
+  hs_circuitmap_init();
+  hs_service_init();
+  hs_cache_init();
+}
+
+/* Release and cleanup all memory of the HS subsystem (all version). This is
+ * called by tor_free_all(). */
+void
+hs_free_all(void)
+{
+  hs_circuitmap_free_all();
+  hs_service_free_all();
+  hs_cache_free_all();
+}
+
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index abc44c0..8016535 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -58,6 +58,9 @@ typedef enum {
   HS_AUTH_KEY_TYPE_ED25519 = 2,
 } hs_auth_key_type_t;
 
+void hs_init(void);
+void hs_free_all(void);
+
 int hs_check_service_private_dir(const char *username, const char *path,
  unsigned int dir_group_readable,
  unsigned int create);
diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index c62aa8b..16ffc48 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -97,6 +97,13 @@ hs_service_free(hs_service_t *service)
   tor_free(service);
 }
 
+/* Initialize the service HS subsystem. */
+void
+hs_service_init(void)
+{
+  return;
+}
+
 /* Release all global the storage of hidden service subsystem. */
 void
 hs_service_free_all(void)
diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index d29a478..ec47cb7 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -193,6 +193,7 @@ typedef struct hs_service_t {
 /* API */
 
 int hs_service_config_all(const or_options_t *options, int validate_only);
+void hs_service_init(void);
 void hs_service_free_all(void);
 
 void hs_service_free(hs_service_t *service);
diff --git a/src/or/main.c b/src/or/main.c
index 8c269fd..204b3f3 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2499,9 +2499,6 @@ do_main_loop(void)
 }
   }
 
-  /* Initialize relay-side HS circuitmap */
-  hs_circuitmap_init();
-
   /* set up once-a-second callback. */
   if (! second_timer) {
 struct timeval one_second;
@@ -3014,9 +3011,10 @@ tor_init(int argc, char *argv[])
   rep_hist_init();
   /* Initialize the service cache. */
   rend_cache_init();
-  hs_cache_init();
   addressmap_init(); /* Init the client dns cache. Do it always, since it's
   * cheap. */
+  /* Initialize the HS subsystem. */
+  hs_init();
 
   {
   /* We search for the "quiet" option first, since it decides whether we
@@ -3216,10 +3214,8 @@ tor_free_all(int postfork)
   networkstatus_free_all();
   addressmap_free_all();
   dirserv_free_all();
-  hs_service_free_all();
   rend_cache_free_all();
   rend_service_authorization_free_all();
-  hs_cache_free_all();
   rep_hist_free_all();
   dns_free_all();
   clear_pending_onions();
@@ -3232,7 +3228,6 @@ tor_free_all(int postfork)
   connection_edge_free_all();
   scheduler_free_all();
   nodelist_free_all();
-  hs_circuitmap_free_all();
   microdesc_free_all();
   routerparse_free_all();
   ext_orport_free_all();
@@ -3241,6 +3236,7 @@ tor_free_all(int postfork)
   protover_free_all();
   bridges_free_all();
   consdiffmgr_free_all();
+  hs_free_all();
   if (!postfork) {
 config_free_all();
 or_state_free_all();



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop224: Add common intropoint object

[nickm]

commit b50f39fb6fc9d9a4bbb86d760291d6e88bf0987a
Author: David Goulet 
Date:   Sun Jan 15 10:13:37 2017 -0500

prop224: Add common intropoint object

Groundwork for more prop224 service and client code. This object contains
common data that both client and service uses.

Signed-off-by: David Goulet 
---
 src/or/hs_intropoint.h | 12 
 1 file changed, 12 insertions(+)

diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h
index 163ed81..bfb1331 100644
--- a/src/or/hs_intropoint.h
+++ b/src/or/hs_intropoint.h
@@ -9,6 +9,9 @@
 #ifndef TOR_HS_INTRO_H
 #define TOR_HS_INTRO_H
 
+#include "crypto_curve25519.h"
+#include "torcert.h"
+
 /* Authentication key type in an ESTABLISH_INTRO cell. */
 enum hs_intro_auth_key_type {
   HS_INTRO_AUTH_KEY_TYPE_LEGACY0 = 0x00,
@@ -24,6 +27,15 @@ typedef enum {
   HS_INTRO_ACK_STATUS_CANT_RELAY = 0x0003,
 } hs_intro_ack_status_t;
 
+/* Object containing introduction point common data between the service and
+ * the client side. */
+typedef struct hs_intropoint_t {
+  /* Authentication key certificate from the descriptor. */
+  tor_cert_t *auth_key_cert;
+  /* A list of link specifier. */
+  smartlist_t *link_specifiers;
+} hs_intropoint_t;
+
 int hs_intro_received_establish_intro(or_circuit_t *circ,
   const uint8_t *request,
   size_t request_len);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] hs: Use v3 maximum intro points value when decoding v3

[nickm]

commit 74193b932115a82417dc312721ffe0a10a7ed6dc
Author: David Goulet 
Date:   Wed May 10 09:37:41 2017 -0400

hs: Use v3 maximum intro points value when decoding v3

Signed-off-by: David Goulet 
---
 src/or/hs_config.h | 3 +++
 src/or/hs_descriptor.c | 6 --
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/or/hs_config.h b/src/or/hs_config.h
index 08072d1..f420791 100644
--- a/src/or/hs_config.h
+++ b/src/or/hs_config.h
@@ -11,6 +11,9 @@
 
 #include "or.h"
 
+/* Maximum number of intro points per version 3 services. */
+#define HS_CONFIG_V3_MAX_INTRO_POINTS 20
+
 /* API */
 
 int hs_config_service_all(const or_options_t *options, int validate_only);
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index b55f966..2393eac 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -62,6 +62,7 @@
 #include "parsecommon.h"
 #include "rendcache.h"
 #include "hs_cache.h"
+#include "hs_config.h"
 #include "torcert.h" /* tor_cert_encode_ed22519() */
 
 /* Constant string value used for the descriptor format. */
@@ -2035,10 +2036,11 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc,
   decode_intro_points(desc, desc_encrypted_out, message);
 
   /* Validation of maximum introduction points allowed. */
-  if (smartlist_len(desc_encrypted_out->intro_points) > MAX_INTRO_POINTS) {
+  if (smartlist_len(desc_encrypted_out->intro_points) >
+  HS_CONFIG_V3_MAX_INTRO_POINTS) {
 log_warn(LD_REND, "Service descriptor contains too many introduction "
   "points. Maximum allowed is %d but we have %d",
- MAX_INTRO_POINTS,
+ HS_CONFIG_V3_MAX_INTRO_POINTS,
  smartlist_len(desc_encrypted_out->intro_points));
 goto err;
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add changes file for #19476.

[nickm]

commit 175451d032026f1e1cbf45dfa55a408d5d4abeed
Author: Isis Lovecruft 
Date:   Wed Jul 12 02:47:43 2017 +

Add changes file for #19476.
---
 changes/bug19476 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/changes/bug19476 b/changes/bug19476
new file mode 100644
index 000..25a0578
--- /dev/null
+++ b/changes/bug19476
@@ -0,0 +1,3 @@
+ o Minor changes:
+   - If we fail to write a heartbeat message, schedule a retry for the minimum
+ heartbeat interval number of seconds in the future. Fixes bug 19476.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Use the return value for choosing intervals

[nickm]

commit f516c9ca99e4c3ef1bfeb3693e622befdd7954d2
Author: cypherpunks 
Date:   Tue Jun 21 13:03:38 2016 +

Use the return value for choosing intervals
---
 src/or/main.c | 15 ++-
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/or/main.c b/src/or/main.c
index 5fa3869..4116740 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2071,14 +2071,19 @@ heartbeat_callback(time_t now, const or_options_t 
*options)
 return PERIODIC_EVENT_NO_UPDATE;
   }
 
-  /* Write the heartbeat message */
+  /* Skip the first one. */
   if (first) {
-first = 0; /* Skip the first one. */
-  } else {
-log_heartbeat(now);
+first = 0;
+return options->HeartbeatPeriod;
   }
 
-  return options->HeartbeatPeriod;
+  /* Write the heartbeat message */
+  int r = log_heartbeat(now);
+  if (r == 0) {
+return options->HeartbeatPeriod;
+  }
+
+  return PERIODIC_EVENT_NO_UPDATE;
 }
 
 #define CDM_CLEAN_CALLBACK_INTERVAL 600



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'isis/bug19476'

[nickm]

commit 62d241ad22b173ee908ad9cc2c55f5b10d22c2d9
Merge: 66a564f 175451d
Author: Nick Mathewson 
Date:   Thu Jul 13 16:58:45 2017 -0400

Merge remote-tracking branch 'isis/bug19476'

 changes/bug19476 |  3 +++
 src/or/config.c  |  4 
 src/or/config.h  |  4 
 src/or/main.c| 19 ++-
 4 files changed, 21 insertions(+), 9 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1

[nickm]

commit 05ca8ab5b69cb51e708e74ddeb32188f5f169ca3
Merge: 11b2d36 66258f8
Author: Nick Mathewson 
Date:   Thu Jul 13 16:55:06 2017 -0400

Merge branch 'maint-0.3.1' into release-0.3.1

 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] New configuration option MaxConsensusAgeForDiffs

[nickm]

commit abb9a5bdda9bde028704c01c47191c64cfa088c8
Author: Nick Mathewson 
Date:   Wed Jul 12 13:15:16 2017 -0400

New configuration option MaxConsensusAgeForDiffs

Relay operators (especially bridge operators) can use this to lower
or raise the number of consensuses that they're willing to hold for
diff generation purposes.

This enables a workaround for bug 22883.
---
 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/changes/bug22883-config b/changes/bug22883-config
new file mode 100644
index 000..d60594d
--- /dev/null
+++ b/changes/bug22883-config
@@ -0,0 +1,7 @@
+  o Minor features (directory cache, consensus diff):
+- Add a new MaxConsensusAgeForDiffs option to allow directory cache
+  operators with low-resource environments to adjust the number of
+  consensuses they'll store and generate diffs from. Most cache operators
+  should leave it unchanged. Helps to work around bug 22883.
+
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 2459969..e17c111 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2072,6 +2072,16 @@ details.)
 because clients connect via the ORPort by default. Setting either DirPort
 or BridgeRelay and setting DirCache to 0 is not supported.  (Default: 1)
 
+[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs**  __N__ 
**minutes**|**hours**|**days**|**weeks**::
+When this option is nonzero, Tor caches will not try to generate
+consensus diffs for any consensus older than this amount of time.
+If this option is set to zero, Tor will pick a reasonable default from
+the current networkstatus document.  You should not set this
+option unless your cache is severely low on disk space or CPU.
+If you need to set it, keeping it above 3 or 4 hours will help clients
+much more than setting it to zero.
+(Default: 0)
+
 
 DIRECTORY AUTHORITY SERVER OPTIONS
 --
diff --git a/src/or/config.c b/src/or/config.c
index 7d2ebbd..a0ff0e8 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -393,6 +393,7 @@ static config_var_t option_vars_[] = {
   V(MaxAdvertisedBandwidth,  MEMUNIT,  "1 GB"),
   V(MaxCircuitDirtiness, INTERVAL, "10 minutes"),
   V(MaxClientCircuitsPending,UINT, "32"),
+  V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"),
   VAR("MaxMemInQueues",  MEMUNIT,   MaxMemInQueues_raw, "0"),
   OBSOLETE("MaxOnionsPending"),
   V(MaxOnionQueueDelay,  MSEC_INTERVAL, "1750 msec"),
diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 638fcd6..a3ffed1 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -14,6 +14,7 @@
 #define CONSDIFFMGR_PRIVATE
 
 #include "or.h"
+#include "config.h"
 #include "conscache.h"
 #include "consdiff.h"
 #include "consdiffmgr.h"
@@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, 
time_t valid_after)
 static int32_t
 get_max_age_to_cache(void)
 {
-  /* The parameter is in hours. */
   const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192;
   const int32_t MIN_MAX_AGE_TO_CACHE = 0;
   const int32_t MAX_MAX_AGE_TO_CACHE = 8192;
   const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff";
 
+  const or_options_t *options = get_options();
+
+  if (options->MaxConsensusAgeForDiffs) {
+const int v = options->MaxConsensusAgeForDiffs;
+if (v >= MAX_MAX_AGE_TO_CACHE * 3600)
+  return MAX_MAX_AGE_TO_CACHE;
+else
+  return v;
+  }
+
+  /* The parameter is in hours, so we multiply */
   return 3600 * networkstatus_get_param(NULL,
 MAX_AGE_TO_CACHE_NAME,
 DEFAULT_MAX_AGE_TO_CACHE,
diff --git a/src/or/or.h b/src/or/or.h
index 1f55b55..77207bc 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4558,6 +4558,11 @@ typedef struct {
 
   /** Bool (default: 0): Tells if a %include was used on torrc */
   int IncludeUsed;
+
+  /** The seconds after expiration which we as a relay should keep old
+   * consensuses around so that we can generate diffs from them.  If 0,
+   * use the default. */
+  int MaxConsensusAgeForDiffs;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'fewer-diffs' into maint-0.3.1

[nickm]

commit 66258f8878abe6323c56bcf0b20796e1c43d66fc
Merge: 1ea155b abb9a5b
Author: Nick Mathewson 
Date:   Thu Jul 13 16:55:02 2017 -0400

Merge branch 'fewer-diffs' into maint-0.3.1

 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'fewer-diffs' into maint-0.3.1

[nickm]

commit 66258f8878abe6323c56bcf0b20796e1c43d66fc
Merge: 1ea155b abb9a5b
Author: Nick Mathewson 
Date:   Thu Jul 13 16:55:02 2017 -0400

Merge branch 'fewer-diffs' into maint-0.3.1

 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.1'

[nickm]

commit 66a564fad8a99a21bd6cda6a70982858376b78e9
Merge: ec29cae 66258f8
Author: Nick Mathewson 
Date:   Thu Jul 13 16:55:06 2017 -0400

Merge branch 'maint-0.3.1'

 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] New configuration option MaxConsensusAgeForDiffs

[nickm]

commit abb9a5bdda9bde028704c01c47191c64cfa088c8
Author: Nick Mathewson 
Date:   Wed Jul 12 13:15:16 2017 -0400

New configuration option MaxConsensusAgeForDiffs

Relay operators (especially bridge operators) can use this to lower
or raise the number of consensuses that they're willing to hold for
diff generation purposes.

This enables a workaround for bug 22883.
---
 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/changes/bug22883-config b/changes/bug22883-config
new file mode 100644
index 000..d60594d
--- /dev/null
+++ b/changes/bug22883-config
@@ -0,0 +1,7 @@
+  o Minor features (directory cache, consensus diff):
+- Add a new MaxConsensusAgeForDiffs option to allow directory cache
+  operators with low-resource environments to adjust the number of
+  consensuses they'll store and generate diffs from. Most cache operators
+  should leave it unchanged. Helps to work around bug 22883.
+
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 2459969..e17c111 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2072,6 +2072,16 @@ details.)
 because clients connect via the ORPort by default. Setting either DirPort
 or BridgeRelay and setting DirCache to 0 is not supported.  (Default: 1)
 
+[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs**  __N__ 
**minutes**|**hours**|**days**|**weeks**::
+When this option is nonzero, Tor caches will not try to generate
+consensus diffs for any consensus older than this amount of time.
+If this option is set to zero, Tor will pick a reasonable default from
+the current networkstatus document.  You should not set this
+option unless your cache is severely low on disk space or CPU.
+If you need to set it, keeping it above 3 or 4 hours will help clients
+much more than setting it to zero.
+(Default: 0)
+
 
 DIRECTORY AUTHORITY SERVER OPTIONS
 --
diff --git a/src/or/config.c b/src/or/config.c
index 7d2ebbd..a0ff0e8 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -393,6 +393,7 @@ static config_var_t option_vars_[] = {
   V(MaxAdvertisedBandwidth,  MEMUNIT,  "1 GB"),
   V(MaxCircuitDirtiness, INTERVAL, "10 minutes"),
   V(MaxClientCircuitsPending,UINT, "32"),
+  V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"),
   VAR("MaxMemInQueues",  MEMUNIT,   MaxMemInQueues_raw, "0"),
   OBSOLETE("MaxOnionsPending"),
   V(MaxOnionQueueDelay,  MSEC_INTERVAL, "1750 msec"),
diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 638fcd6..a3ffed1 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -14,6 +14,7 @@
 #define CONSDIFFMGR_PRIVATE
 
 #include "or.h"
+#include "config.h"
 #include "conscache.h"
 #include "consdiff.h"
 #include "consdiffmgr.h"
@@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, 
time_t valid_after)
 static int32_t
 get_max_age_to_cache(void)
 {
-  /* The parameter is in hours. */
   const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192;
   const int32_t MIN_MAX_AGE_TO_CACHE = 0;
   const int32_t MAX_MAX_AGE_TO_CACHE = 8192;
   const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff";
 
+  const or_options_t *options = get_options();
+
+  if (options->MaxConsensusAgeForDiffs) {
+const int v = options->MaxConsensusAgeForDiffs;
+if (v >= MAX_MAX_AGE_TO_CACHE * 3600)
+  return MAX_MAX_AGE_TO_CACHE;
+else
+  return v;
+  }
+
+  /* The parameter is in hours, so we multiply */
   return 3600 * networkstatus_get_param(NULL,
 MAX_AGE_TO_CACHE_NAME,
 DEFAULT_MAX_AGE_TO_CACHE,
diff --git a/src/or/or.h b/src/or/or.h
index 1f55b55..77207bc 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4558,6 +4558,11 @@ typedef struct {
 
   /** Bool (default: 0): Tells if a %include was used on torrc */
   int IncludeUsed;
+
+  /** The seconds after expiration which we as a relay should keep old
+   * consensuses around so that we can generate diffs from them.  If 0,
+   * use the default. */
+  int MaxConsensusAgeForDiffs;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] New configuration option MaxConsensusAgeForDiffs

[nickm]

commit abb9a5bdda9bde028704c01c47191c64cfa088c8
Author: Nick Mathewson 
Date:   Wed Jul 12 13:15:16 2017 -0400

New configuration option MaxConsensusAgeForDiffs

Relay operators (especially bridge operators) can use this to lower
or raise the number of consensuses that they're willing to hold for
diff generation purposes.

This enables a workaround for bug 22883.
---
 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/changes/bug22883-config b/changes/bug22883-config
new file mode 100644
index 000..d60594d
--- /dev/null
+++ b/changes/bug22883-config
@@ -0,0 +1,7 @@
+  o Minor features (directory cache, consensus diff):
+- Add a new MaxConsensusAgeForDiffs option to allow directory cache
+  operators with low-resource environments to adjust the number of
+  consensuses they'll store and generate diffs from. Most cache operators
+  should leave it unchanged. Helps to work around bug 22883.
+
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 2459969..e17c111 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2072,6 +2072,16 @@ details.)
 because clients connect via the ORPort by default. Setting either DirPort
 or BridgeRelay and setting DirCache to 0 is not supported.  (Default: 1)
 
+[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs**  __N__ 
**minutes**|**hours**|**days**|**weeks**::
+When this option is nonzero, Tor caches will not try to generate
+consensus diffs for any consensus older than this amount of time.
+If this option is set to zero, Tor will pick a reasonable default from
+the current networkstatus document.  You should not set this
+option unless your cache is severely low on disk space or CPU.
+If you need to set it, keeping it above 3 or 4 hours will help clients
+much more than setting it to zero.
+(Default: 0)
+
 
 DIRECTORY AUTHORITY SERVER OPTIONS
 --
diff --git a/src/or/config.c b/src/or/config.c
index 7d2ebbd..a0ff0e8 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -393,6 +393,7 @@ static config_var_t option_vars_[] = {
   V(MaxAdvertisedBandwidth,  MEMUNIT,  "1 GB"),
   V(MaxCircuitDirtiness, INTERVAL, "10 minutes"),
   V(MaxClientCircuitsPending,UINT, "32"),
+  V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"),
   VAR("MaxMemInQueues",  MEMUNIT,   MaxMemInQueues_raw, "0"),
   OBSOLETE("MaxOnionsPending"),
   V(MaxOnionQueueDelay,  MSEC_INTERVAL, "1750 msec"),
diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 638fcd6..a3ffed1 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -14,6 +14,7 @@
 #define CONSDIFFMGR_PRIVATE
 
 #include "or.h"
+#include "config.h"
 #include "conscache.h"
 #include "consdiff.h"
 #include "consdiffmgr.h"
@@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, 
time_t valid_after)
 static int32_t
 get_max_age_to_cache(void)
 {
-  /* The parameter is in hours. */
   const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192;
   const int32_t MIN_MAX_AGE_TO_CACHE = 0;
   const int32_t MAX_MAX_AGE_TO_CACHE = 8192;
   const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff";
 
+  const or_options_t *options = get_options();
+
+  if (options->MaxConsensusAgeForDiffs) {
+const int v = options->MaxConsensusAgeForDiffs;
+if (v >= MAX_MAX_AGE_TO_CACHE * 3600)
+  return MAX_MAX_AGE_TO_CACHE;
+else
+  return v;
+  }
+
+  /* The parameter is in hours, so we multiply */
   return 3600 * networkstatus_get_param(NULL,
 MAX_AGE_TO_CACHE_NAME,
 DEFAULT_MAX_AGE_TO_CACHE,
diff --git a/src/or/or.h b/src/or/or.h
index 1f55b55..77207bc 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4558,6 +4558,11 @@ typedef struct {
 
   /** Bool (default: 0): Tells if a %include was used on torrc */
   int IncludeUsed;
+
+  /** The seconds after expiration which we as a relay should keep old
+   * consensuses around so that we can generate diffs from them.  If 0,
+   * use the default. */
+  int MaxConsensusAgeForDiffs;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Merge branch 'fewer-diffs' into maint-0.3.1

[nickm]

commit 66258f8878abe6323c56bcf0b20796e1c43d66fc
Merge: 1ea155b abb9a5b
Author: Nick Mathewson 
Date:   Thu Jul 13 16:55:02 2017 -0400

Merge branch 'fewer-diffs' into maint-0.3.1

 changes/bug22883-config |  7 +++
 doc/tor.1.txt   | 10 ++
 src/or/config.c |  1 +
 src/or/consdiffmgr.c| 13 -
 src/or/or.h |  5 +
 5 files changed, 35 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1

[nickm]

commit 11b2d36db3b14fb1fd17b021757764bb898b7440
Merge: 4d52b74 1ea155b
Author: Nick Mathewson 
Date:   Thu Jul 13 16:52:20 2017 -0400

Merge branch 'maint-0.3.1' into release-0.3.1

 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Merge branch 'bug22520_031' into maint-0.3.1

[nickm]

commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d
Merge: e6d2059 63ceadb
Author: Nick Mathewson 
Date:   Thu Jul 13 16:52:16 2017 -0400

Merge branch 'bug22520_031' into maint-0.3.1

 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Use LANG_ENGLISH in windows error messages

[nickm]

commit 63ceadb485f6618da99e8a3b7822ede8da27989d
Author: Nick Mathewson 
Date:   Fri Jul 7 13:11:18 2017 -0400

Use LANG_ENGLISH in windows error messages

This change prevents us from generating corrupt messages when we
are confused about codepage settings, and makes Windows errors
consistent with the rest of our logs.

Fixes bug 22520; bugfix on 0.1.2.8-alpha.  Patch from "Vort".
---
 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/changes/bug22520 b/changes/bug22520
new file mode 100644
index 000..cc14f72
--- /dev/null
+++ b/changes/bug22520
@@ -0,0 +1,5 @@
+  o Minor bugfixes (error reporting, windows):
+- When formatting Windows error messages, use the English format
+  to avoid codepage issues. Fixes bug 22520; bugfix on
+  0.1.2.8-alpha. Patch from "Vort".
+
diff --git a/src/common/compat.c b/src/common/compat.c
index 3bea626..4d110ab 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -3261,7 +3261,7 @@ format_win32_error(DWORD err)
  FORMAT_MESSAGE_FROM_SYSTEM |
  FORMAT_MESSAGE_IGNORE_INSERTS,
  NULL, err,
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+ MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT),
  (LPVOID),
  0, NULL);
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.1'

[nickm]

commit ec29cae8d7e97d652a87d753d93e4289e5a0ed26
Merge: c73b35d 1ea155b
Author: Nick Mathewson 
Date:   Thu Jul 13 16:52:20 2017 -0400

Merge branch 'maint-0.3.1'

 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'bug22520_031' into maint-0.3.1

[nickm]

commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d
Merge: e6d2059 63ceadb
Author: Nick Mathewson 
Date:   Thu Jul 13 16:52:16 2017 -0400

Merge branch 'bug22520_031' into maint-0.3.1

 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Use LANG_ENGLISH in windows error messages

[nickm]

commit 63ceadb485f6618da99e8a3b7822ede8da27989d
Author: Nick Mathewson 
Date:   Fri Jul 7 13:11:18 2017 -0400

Use LANG_ENGLISH in windows error messages

This change prevents us from generating corrupt messages when we
are confused about codepage settings, and makes Windows errors
consistent with the rest of our logs.

Fixes bug 22520; bugfix on 0.1.2.8-alpha.  Patch from "Vort".
---
 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/changes/bug22520 b/changes/bug22520
new file mode 100644
index 000..cc14f72
--- /dev/null
+++ b/changes/bug22520
@@ -0,0 +1,5 @@
+  o Minor bugfixes (error reporting, windows):
+- When formatting Windows error messages, use the English format
+  to avoid codepage issues. Fixes bug 22520; bugfix on
+  0.1.2.8-alpha. Patch from "Vort".
+
diff --git a/src/common/compat.c b/src/common/compat.c
index 3bea626..4d110ab 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -3261,7 +3261,7 @@ format_win32_error(DWORD err)
  FORMAT_MESSAGE_FROM_SYSTEM |
  FORMAT_MESSAGE_IGNORE_INSERTS,
  NULL, err,
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+ MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT),
  (LPVOID),
  0, NULL);
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Use LANG_ENGLISH in windows error messages

[nickm]

commit 63ceadb485f6618da99e8a3b7822ede8da27989d
Author: Nick Mathewson 
Date:   Fri Jul 7 13:11:18 2017 -0400

Use LANG_ENGLISH in windows error messages

This change prevents us from generating corrupt messages when we
are confused about codepage settings, and makes Windows errors
consistent with the rest of our logs.

Fixes bug 22520; bugfix on 0.1.2.8-alpha.  Patch from "Vort".
---
 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/changes/bug22520 b/changes/bug22520
new file mode 100644
index 000..cc14f72
--- /dev/null
+++ b/changes/bug22520
@@ -0,0 +1,5 @@
+  o Minor bugfixes (error reporting, windows):
+- When formatting Windows error messages, use the English format
+  to avoid codepage issues. Fixes bug 22520; bugfix on
+  0.1.2.8-alpha. Patch from "Vort".
+
diff --git a/src/common/compat.c b/src/common/compat.c
index 3bea626..4d110ab 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -3261,7 +3261,7 @@ format_win32_error(DWORD err)
  FORMAT_MESSAGE_FROM_SYSTEM |
  FORMAT_MESSAGE_IGNORE_INSERTS,
  NULL, err,
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+ MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT),
  (LPVOID),
  0, NULL);
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'bug22520_031' into maint-0.3.1

[nickm]

commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d
Merge: e6d2059 63ceadb
Author: Nick Mathewson 
Date:   Thu Jul 13 16:52:16 2017 -0400

Merge branch 'bug22520_031' into maint-0.3.1

 changes/bug22520| 5 +
 src/common/compat.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] use CARGO_HOME instead of HOME when building with rust

[nickm]

commit eb355e031e86a229b8d8375a5112f8484198373b
Author: Chelsea H. Komlo 
Date:   Sun Jul 9 22:33:34 2017 -0400

use CARGO_HOME instead of HOME when building with rust
---
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am
index 17a755f..f0cd639 100644
--- a/src/rust/tor_util/include.am
+++ b/src/rust/tor_util/include.am
@@ -7,7 +7,7 @@ EXTRA_DIST +=\
 src/rust/target/release/libtor_util.a: FORCE
( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \
CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \
-   HOME="$(abs_top_builddir)/src/rust" \
+   CARGO_HOME="$(abs_top_builddir)/src/rust" \
$(CARGO) build --release --quiet $(CARGO_ONLINE) )
 
 FORCE:
diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh
index 4427c70..d559f94 100755
--- a/src/test/test_rust.sh
+++ b/src/test/test_rust.sh
@@ -7,7 +7,7 @@ exitcode=0
 
 for crate in $crates; do
 cd "${abs_top_srcdir:-.}/src/rust/${crate}"
-CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
+CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
 done
 
 exit $exitcode



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] use CARGO_HOME instead of HOME when building with rust

[nickm]

commit eb355e031e86a229b8d8375a5112f8484198373b
Author: Chelsea H. Komlo 
Date:   Sun Jul 9 22:33:34 2017 -0400

use CARGO_HOME instead of HOME when building with rust
---
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am
index 17a755f..f0cd639 100644
--- a/src/rust/tor_util/include.am
+++ b/src/rust/tor_util/include.am
@@ -7,7 +7,7 @@ EXTRA_DIST +=\
 src/rust/target/release/libtor_util.a: FORCE
( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \
CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \
-   HOME="$(abs_top_builddir)/src/rust" \
+   CARGO_HOME="$(abs_top_builddir)/src/rust" \
$(CARGO) build --release --quiet $(CARGO_ONLINE) )
 
 FORCE:
diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh
index 4427c70..d559f94 100755
--- a/src/test/test_rust.sh
+++ b/src/test/test_rust.sh
@@ -7,7 +7,7 @@ exitcode=0
 
 for crate in $crates; do
 cd "${abs_top_srcdir:-.}/src/rust/${crate}"
-CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
+CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
 done
 
 exit $exitcode



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1

[nickm]

commit 4d52b740f982d4f0078ae13fd4a582d1c4fceabc
Merge: d5c1b7f e6d2059
Author: Nick Mathewson 
Date:   Thu Jul 13 16:51:18 2017 -0400

Merge branch 'maint-0.3.1' into release-0.3.1

 changes/bug22830 | 5 +
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add a changes file for bug22830.

[nickm]

commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43
Author: Isis Lovecruft 
Date:   Thu Jul 13 18:01:54 2017 +

Add a changes file for bug22830.
---
 changes/bug22830 | 5 +
 1 file changed, 5 insertions(+)

diff --git a/changes/bug22830 b/changes/bug22830
new file mode 100644
index 000..123b725
--- /dev/null
+++ b/changes/bug22830
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+   - Fix a problem with Rust toolchains not being found when building
+ without --enable-cargo-online-mode, due to setting the $HOME
+ environment variable instead of $CARGO_HOME.  Fixes bug 22830;
+ fix by Chelsea Komlo.  Bugfix on 0.3.1.1-alpha.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

[nickm]

commit e6d2059751da008a1fb00b42039eb4cbc638e638
Merge: 5636b16 8de1b94
Author: Nick Mathewson 
Date:   Thu Jul 13 16:51:09 2017 -0400

Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

 changes/bug22830 | 5 +
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Add a changes file for bug22830.

[nickm]

commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43
Author: Isis Lovecruft 
Date:   Thu Jul 13 18:01:54 2017 +

Add a changes file for bug22830.
---
 changes/bug22830 | 5 +
 1 file changed, 5 insertions(+)

diff --git a/changes/bug22830 b/changes/bug22830
new file mode 100644
index 000..123b725
--- /dev/null
+++ b/changes/bug22830
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+   - Fix a problem with Rust toolchains not being found when building
+ without --enable-cargo-online-mode, due to setting the $HOME
+ environment variable instead of $CARGO_HOME.  Fixes bug 22830;
+ fix by Chelsea Komlo.  Bugfix on 0.3.1.1-alpha.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.1'

[nickm]

commit c73b35d4288af17920e4a93ff88d759dea685b86
Merge: c59ba01 e6d2059
Author: Nick Mathewson 
Date:   Thu Jul 13 16:51:18 2017 -0400

Merge branch 'maint-0.3.1'

 changes/bug22830 | 5 +
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

[nickm]

commit e6d2059751da008a1fb00b42039eb4cbc638e638
Merge: 5636b16 8de1b94
Author: Nick Mathewson 
Date:   Thu Jul 13 16:51:09 2017 -0400

Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

 changes/bug22830 | 5 +
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

[nickm]

commit e6d2059751da008a1fb00b42039eb4cbc638e638
Merge: 5636b16 8de1b94
Author: Nick Mathewson 
Date:   Thu Jul 13 16:51:09 2017 -0400

Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1

 changes/bug22830 | 5 +
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] use CARGO_HOME instead of HOME when building with rust

[nickm]

commit eb355e031e86a229b8d8375a5112f8484198373b
Author: Chelsea H. Komlo 
Date:   Sun Jul 9 22:33:34 2017 -0400

use CARGO_HOME instead of HOME when building with rust
---
 src/rust/tor_util/include.am | 2 +-
 src/test/test_rust.sh| 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am
index 17a755f..f0cd639 100644
--- a/src/rust/tor_util/include.am
+++ b/src/rust/tor_util/include.am
@@ -7,7 +7,7 @@ EXTRA_DIST +=\
 src/rust/target/release/libtor_util.a: FORCE
( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \
CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \
-   HOME="$(abs_top_builddir)/src/rust" \
+   CARGO_HOME="$(abs_top_builddir)/src/rust" \
$(CARGO) build --release --quiet $(CARGO_ONLINE) )
 
 FORCE:
diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh
index 4427c70..d559f94 100755
--- a/src/test/test_rust.sh
+++ b/src/test/test_rust.sh
@@ -7,7 +7,7 @@ exitcode=0
 
 for crate in $crates; do
 cd "${abs_top_srcdir:-.}/src/rust/${crate}"
-CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
+CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" 
CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test 
${CARGO_ONLINE-"--frozen"} || exitcode=1
 done
 
 exit $exitcode



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Add a changes file for bug22830.

[nickm]

commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43
Author: Isis Lovecruft 
Date:   Thu Jul 13 18:01:54 2017 +

Add a changes file for bug22830.
---
 changes/bug22830 | 5 +
 1 file changed, 5 insertions(+)

diff --git a/changes/bug22830 b/changes/bug22830
new file mode 100644
index 000..123b725
--- /dev/null
+++ b/changes/bug22830
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+   - Fix a problem with Rust toolchains not being found when building
+ without --enable-cargo-online-mode, due to setting the $HOME
+ environment variable instead of $CARGO_HOME.  Fixes bug 22830;
+ fix by Chelsea Komlo.  Bugfix on 0.3.1.1-alpha.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] rephist: Remove unused crypto_pk statistics.

[nickm]

commit c59ba015500aba040371a6d32134cb10d045e7bd
Author: Isis Lovecruft 
Date:   Thu Jul 13 19:31:13 2017 +

rephist: Remove unused crypto_pk statistics.

These statistics were largely ununsed, and kept track of statistical 
information
on things like how many time we had done TLS or how many signatures we had
verified.  This information is largely not useful, and would only be logged
after receiving a SIGUSR1 signal (but only if the logging severity level was
less than LOG_INFO).

 * FIXES #19871.
 * REMOVES note_crypto_pk_op(), dump_pk_op(), and pk_op_counts from
   src/or/rephist.c.
 * REMOVES every external call to these functions.
---
 changes/bug19871   |  4 ++
 src/or/connection_or.c |  1 -
 src/or/dirvote.c   |  1 -
 src/or/main.c  |  1 -
 src/or/onion_tap.c |  3 --
 src/or/rendclient.c|  1 -
 src/or/rendmid.c   |  1 -
 src/or/rendservice.c   |  3 --
 src/or/rephist.c   | 99 --
 src/or/rephist.h   |  3 --
 src/or/router.c|  1 -
 src/or/routerparse.c   |  3 --
 12 files changed, 4 insertions(+), 117 deletions(-)

diff --git a/changes/bug19871 b/changes/bug19871
new file mode 100644
index 000..5f1c9dc
--- /dev/null
+++ b/changes/bug19871
@@ -0,0 +1,4 @@
+ o Code refactoring:
+   - Remove dead code for largely unused statistics on the number of
+ times we've attempted various public key operations. Fixes bug
+ 19871; fix by Isis Lovecruft. Bugfix on 0.1.2.4-alpha.
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 7531482..051bf9a 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1369,7 +1369,6 @@ connection_tls_start_handshake,(or_connection_t *conn, 
int receiving))
   connection_start_reading(TO_CONN(conn));
   log_debug(LD_HANDSHAKE,"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT,
 conn->base_.s);
-  note_crypto_pk_op(receiving ? TLS_HANDSHAKE_S : TLS_HANDSHAKE_C);
 
   if (connection_tls_continue_handshake(conn) < 0)
 return -1;
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 11cd020..c65945f 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -306,7 +306,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
signing_key_fingerprint);
   }
 
-  note_crypto_pk_op(SIGN_DIR);
   {
 char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
 private_signing_key);
diff --git a/src/or/main.c b/src/or/main.c
index 5fa3869..7e2652c 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2877,7 +2877,6 @@ dumpstats(int severity)
 
   rep_hist_dump_stats(now,severity);
   rend_service_dump_stats(severity);
-  dump_pk_ops(severity);
   dump_distinct_digest_count(severity);
 }
 
diff --git a/src/or/onion_tap.c b/src/or/onion_tap.c
index 294fc0d..928fcaa 100644
--- a/src/or/onion_tap.c
+++ b/src/or/onion_tap.c
@@ -72,8 +72,6 @@ onion_skin_TAP_create(crypto_pk_t *dest_router_key,
   if (crypto_dh_get_public(dh, challenge, dhbytes))
 goto err;
 
-  note_crypto_pk_op(ENC_ONIONSKIN);
-
   /* set meeting point, meeting cookie, etc here. Leave zero for now. */
   if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
   TAP_ONIONSKIN_CHALLENGE_LEN,
@@ -124,7 +122,6 @@ onion_skin_TAP_server_handshake(
 k = i==0?private_key:prev_private_key;
 if (!k)
   break;
-note_crypto_pk_op(DEC_ONIONSKIN);
 len = crypto_pk_private_hybrid_decrypt(k, challenge,
TAP_ONIONSKIN_CHALLENGE_LEN,
onion_skin,
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 3d160bd..441c371 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -286,7 +286,6 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
 goto perm_err;
   }
 
-  note_crypto_pk_op(REND_CLIENT);
   /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
* to avoid buffer overflows? */
   r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index 23c3ded..66d2f93 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -71,7 +71,6 @@ rend_mid_establish_intro_legacy(or_circuit_t *circ, const 
uint8_t *request,
 goto err;
   }
   /* Rest of body: signature of previous data */
-  note_crypto_pk_op(REND_MID);
   if (crypto_pk_public_checksig_digest(pk,
(char*)request, 2+asn1len+DIGEST_LEN,
(char*)(request+2+DIGEST_LEN+asn1len),
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index b8e704e..4eef72c 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -2845,8 +2845,6 @@ rend_service_decrypt_intro(
   }
 
   /* Decrypt the encrypted part */
-
-  note_crypto_pk_op(REND_SERVER);
   result =
 

[tor-commits] [webwml/master] Add brade

[atagar]

commit 54475d3d927db46654d71ff5bef0c2fad579bcbc
Author: Damian Johnson 
Date:   Thu Jul 13 12:07:14 2017 -0700

Add brade
---
 about/en/corepeople_alternate.wml | 113 --
 1 file changed, 61 insertions(+), 52 deletions(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index 5d86c39..c21323e 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -141,13 +141,24 @@ table.people tr td:first-child {
 
   
 
+  
+  
+  https://db.torproject.org/fetchkey.cgi?fingerprint=F711FA29D61F88CE6879BAD0D91A345E56B01B25;>
+  brade
+  IRC: brade
+  Developer on the Tor Browser team.
+
+
+
   
   
   https://www.eff.org/files/key_cindy.txt;>
   Cindy Cohn
   Tor Board member and https://www.eff.org/about/staff/cindy-cohn;>Executive Director of the 
EFF. Lawyer by training, https://blog.torproject.org/blog/tor-heart-notes-board-member;>my 
focus is on making sure Tor stays available and that Tor users stay 
safe.
 
+  
 
+  
 
   
   
@@ -157,9 +168,7 @@ table.people tr td:first-child {
   IRC: Phoul
   Support and translation coordinator, GSoC 
administrator, member of the community team and a director of https://www.coldhak.ca;>Coldhak.
 
-  
 
-  
 
   
   
@@ -168,7 +177,9 @@ table.people tr td:first-child {
   IRC: atagar
   Author of the https://stem.torproject.org/;>Stem python controller library and https://www.atagar.com/arm/;>Nyx relay monitor.
 
+  
 
+  
 
   
   
@@ -177,9 +188,7 @@ table.people tr td:first-child {
   IRC: dgoulet
   Tor development team focusing on onion services 
and our torsocks maintainer.
 
-  
 
-  
 
   
   
@@ -189,7 +198,9 @@ table.people tr td:first-child {
   IRC: dawuud
   https://github.com/david415/;>Author 
of roflcoptor and honeybadger. Researches mixnets and contributes to 
txtorcon.
 
+  
 
+  
 
   
   
@@ -199,9 +210,7 @@ table.people tr td:first-child {
   IRC: DonnchaC
   Onion services developer, OnionBalance 
developer, hunter of bad relays.
 
-  
 
-  
 
   
   
@@ -210,7 +219,9 @@ table.people tr td:first-child {
   IRC: ewyatt
   Non-technical switchboard for people-related 
things: recruiting, onboarding, benefits, contracts, TPI policy questions, and 
baked goods.
 
+  
 
+  
 
   
   
@@ -220,9 +231,7 @@ table.people tr td:first-child {
   IRC: biella
   http://gabriellacoleman.org/;>Anthropologist and Wolfe Chair in 
Scientific and Technological Literacy at McGill University.
 
-  
 
-  
 
   
   
@@ -231,7 +240,9 @@ table.people tr td:first-child {
   IRC: GeKo
   Currently lead of the Tor Browser team.
 
+  
 
+  
 
   
   
@@ -240,9 +251,7 @@ table.people tr td:first-child {
   IRC: asn
   Onion services. Security analysis. Used to 
obfsproxy. Follower of the onion.
 
-  
 
-  
 
   
   
@@ -252,7 +261,9 @@ table.people tr td:first-child {
   IRC: saint
   Tamper-resistant software distribution, 
censorship detection, https://github.com/glamrock/cupcake;>Cupcake, and security training 
of activists and domestic violence survivors.
 
+  
 
+  
 
   
   
@@ -260,9 +271,7 @@ table.people tr td:first-child {
   Ian Goldberg
   https://cs.uwaterloo.ca/~iang/;>Professor of CS at the https://uwaterloo.ca/;>University of Waterloo, developing https://otr.cypherpunks.ca/;>Off-the-Record Messaging among other 
things.
 
-  
 
-  
 
   
   
@@ -270,7 +279,9 @@ table.people tr td:first-child {
   intrigeri
   Our main interface with the https://tails.boum.org/;>Tails project.
 
+  
 
+  
 
   
   
@@ -280,9 +291,7 @@ table.people tr td:first-child {
   IRC: isabela
   Coordinates Tor's development teams and 
roadmaps. Keeps track of priorities, and ensures Tor always thinks of the 
user first.
 
-  
 
-  
 
   
   
@@ -292,16 +301,16 @@ table.people tr td:first-child {
   IRC: isis
   Tor developer working on censorship 
circumvention, https://gitweb.torproject.org/bridgedb.git;>BridgeDB, and 
cryptographic research, design, and implementations.
 
+  
 
+  
 
   
   
   iwakeh
   Speaks Java and other languages, streamlines 
build processes, and scrutinizes mathematical concepts behind aggregating tons 
of Tor network data.
 
-  
 
-  
 
   
   
@@ -311,7 +320,9 @@ table.people tr td:first-child {
   IRC: qbi
   Volunteer that helped translate the website, is 
part of TorServers.net, and Tor's sysadmin team.
 
+  
 
+  
 
   
   
@@ -320,9 +331,7 @@ table.people tr td:first-child {
   IRC: jselon
   Event Coordination, donor management, general 
office operations.
 
-  
 
-  
 
 

[tor-commits] [webwml/master] Shorten Roger's description a tad

[atagar]

commit 092021a77242944c3af05da94ebbadcad6990ec7
Author: Damian Johnson 
Date:   Thu Jul 13 11:58:36 2017 -0700

Shorten Roger's description a tad

Damnit! Now that Roger has a twitter link his name wraps, pushing his
description down so it wraps too. Rewording his entry just a tad so it's
shorter.
---
 about/en/corepeople_alternate.wml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index 45149d9..5d86c39 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -554,7 +554,7 @@ table.people tr td:first-child {
   https://db.torproject.org/fetchkey.cgi?fingerprint=B1172656DFF983C3042BC699EB5A896A28988BF5;>
   Roger Dingledine
   IRC: arma
-  Original developer of Tor along with Nick and 
Paul. Leading researcher in anonymous communication, coordinating developers 
and researchers.
+  Original developer of Tor along with Nick and 
Paul. Leading privacy researcher, coordinating developers and researchers.
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Photo for Nick

[atagar]

commit 6f28350337d4d099a6a0e50e4502a9d2cd0e2ae3
Author: Damian Johnson 
Date:   Thu Jul 13 11:52:43 2017 -0700

Photo for Nick
---
 about/en/corepeople_alternate.wml |   2 +-
 images/people/nickm.png   | Bin 0 -> 41516 bytes
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index 423f71d..45149d9 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -467,7 +467,7 @@ table.people tr td:first-child {
   
 
   
-  
+  
   https://twitter.com/nickm_tor;>
   https://db.torproject.org/fetchkey.cgi?fingerprint=2133BC600AB133E1D826D173FE43009C4607B1FB;>
   Nick Mathewson
diff --git a/images/people/nickm.png b/images/people/nickm.png
new file mode 100644
index 000..0ec422b
Binary files /dev/null and b/images/people/nickm.png differ

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Typo in Brad's entry

[atagar]

commit a19d1ae64e50de7f77ca7c4e2a309f970e37932b
Author: Damian Johnson 
Date:   Thu Jul 13 11:19:32 2017 -0700

Typo in Brad's entry
---
 about/en/corepeople_alternate.wml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index 7522089..e2e5abe 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -135,7 +135,7 @@ table.people tr td:first-child {
   
   Brad Parker
   IRC: bparker
-  Chief ginancial  grants officer at the Tor 
Project.
+  Chief financial  grants officer at the Tor 
Project.
 
   
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Fix Roger's key

[atagar]

commit dbf39e64f4dc85ef40edb6e738342962eff1fc9e
Author: Damian Johnson 
Date:   Thu Jul 13 10:52:45 2017 -0700

Fix Roger's key

Used the one from...

  http://pgp.mit.edu/pks/lookup?op=vindex=0xD5650E0743756B99

... but Roger reports that's not him. Replacing with the one from...

  http://pgp.mit.edu/pks/lookup?op=vindex=0xEB5A896A28988BF5
---
 keys/arma.txt | 735 --
 1 file changed, 712 insertions(+), 23 deletions(-)

diff --git a/keys/arma.txt b/keys/arma.txt
index 784b91f..f934298 100644
--- a/keys/arma.txt
+++ b/keys/arma.txt
@@ -2,27 +2,716 @@
 Version: SKS 1.1.5
 Comment: Hostname: pgp.mit.edu
 
-mQENBFlcuyEBCACraxgRKjIq3q1/z1tgZEmrjlNKIr7hU5F0bsiW90owh36qZLjQeGccsSLE
-VhRwISbiRbhuDT1qmsL9dWZby2ZgOMnfYd8rQ+/YFUvLX0deJQDIgrG9itHx61EAklpnbm8U
-JEZxbr3VmXnHh2llobxnxceu2HasTggTmH4l56G9a6JUYxOA8H2rjmwchH+anJ6lcrOFvzbW
-3/IYQXSW9v8aJ8uvE1vDTiODKUN4a1KN0khnoshac1elVcOfcpI+hE4vwezkBHWODgcgg5Sn
-bM64wyNNLy4zgY3R8i7v0+4nNYvt8545wewo46a5dWasILnnhx+IWbZQq+z7pSF5j25BABEB
-AAG0H1JvZ2VyIERpbmdsZWRpbmUgPGFybWFAbWl0LmVkdT6JATkEEwEIACMFAllcuyECGwMH
-CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDVZQ4HQ3VrmfitB/9nOIOCjwRXzRez7jcM
-0x/GyKXyjgfmXosah9GJ+QZAx3wvPPLY68hYi0QWk3cZHon9hJQSOza8+z0gRRKAJ81ykVYz
-/zDwclcaw3lWRzr1907EQEkE1gB1MCeEBX0EmKNKSuxXko0MkwVPEskPonlJ0EOM08XKo0l4
-EsdqaGMmIyVanmW340Cp9bl5aM7B/lfVZLkj/X7eOrXb4m7XYfgRGubEmGQrcFAHEEm7di5p
-mmXK6ocTFgXeyL8O/AZRwPuyyGsevkCFbl0WccmS7cQnj1IlggTcbYqf7QAZ73HbnCAs4lbP
-OW+Q2dugbnfSSrWkr1OUC3+NNYDrZkNRofymuQENBFlcuyEBCADBqoSwuGtPRKqCFONadVbc
-FlBu9Qk/II+85o7W0DP5N+p7ZWf6SCgNPdP6dHvNExvOLgpeQhNeaesiFV3uodaJxZdgB1D2
-4ctmEDuVXdzEv4oUQJfkX5phm3KmN/DicMUBbv+WoljKICCPjaMj8nzmpTHuC7adqpJW5/tR
-mnG10Wx7JctjrgUPCnmii38ZhHrsP3UDieryF40cEb+hScwAEIeh9APufoxgkR/iOf6GgwRK
-J5/1Gdhnu/YmuDqRhAcaI5Af9Ht/tmPi0R3N49QgO9GNW0nmhMqXlQ0GRyeALMRyseEesspf
-Un9GeEmEocakQFYG1nrkxBI4LIEQ9t/xABEBAAGJAR8EGAEIAAkFAllcuyECGwwACgkQ1WUO
-B0N1a5mvpAf/ZCCm/DQQMNKlFjCIdpbm/H8UMlRmaxMpXjZ10asKBRoBC31sio7Uu1sv/H7e
-mDoqknTOOSZReuvnMAjXHdbPf2MPG1ktSYA7/skmjv3Ykpev2iCt1aweNWig1f6RJ5g2kiC2
-fWhpj088+jES7JqXnBBPrmCQpXxf/IFXvimhgRac1iQUQXW7hkmYYedxk5OYwDpBc6LJLR4S
-0MqGpVqZUxTZt69FW9dKtKmQPnqAKAFdLHFxGq/yLEwX7PerkqIw4iP84pz/rTz2LKxzCJyq
-3cwoZScEmOqf7h4M+F2iSpg/GciLhx+DxpOAeb4yzwRE3O+gD/9Nsuuz9fpduOslHQ==
-=jMv7
+mQGiBDi5qEURBADitpDzvvzW+9lj/zYgK78G3D76hvvvIT6gpTIlwg6WIJNLKJat01yNpMIY
+Nvpwi7EUd/lSNl6t1/A022p7s7bDbE4T5NJda0IOAgWeOZ/plIJC4+o2tD2RNuSkwDQcxzm8
+KUNZOJla4LvgRkm/oUubxyeY5omus7hcfNrBOwjC1wCg4Jntm7s3eNfMu72Cv+6FzBgFog8E
+ANirkNdC1Q8oSMDihWj1ogiWbBz4s6HMxzAaqNf/rCJ9qoK5SLFeoB/r5ksRWty9QKV4Vdhh
+CIy1U2B9tSTlEPYXJHQPZ3mwCxUnJpGD8UgFM5uKXaEq2pwpArTm367k0tTpMQgXAN2HwiZv
+//ahQXH4ov30kBBVL5VFxMULUJ+yA/4r5HLTpP2SbbqtPWdeW7uDwhe2dTqffAGuf0kuCpHw
+CTAHr83ivXzT/7OMCsETcYwtSp0KVgK0Aup10MyLrjKz01c6OSMslNOq7WG+T0S/dn49/UUL
+nylWb7ARZ2cUEKc098wRFu5bkHJJ+ECUFyGjr99LD820lLOIpsBNzxzzG7QfUm9nZXIgRGlu
+Z2xlZGluZSA8YXJtYUBtaXQuZWR1PohGBBARAgAGBQI8BNTLAAoJEJx74H/vjugIW8UAoOHX
+KbxBVyg9gYXZbFPp5hRMM4DPAJ9TvFyZ65RW5zVkqdnRwG7oMutA+ohGBBARAgAGBQI+D3Wh
+AAoJEM4Iphw7Ti7uRjQAnRH4TDLt2l3YmNneKLzAXwk2JXGFAJ43e1k3+bkCP5s4A+QydMke
+S4IttIhGBBARAgAGBQI/Q8cAAAoJECBMYRUOYGaZOh8AoKWmnRbi81Gm3imklbns0xRwA9fV
+AKC38DAQaTi18IKqo3K3+Zk0N9wCPIhGBBARAgAGBQI/zZgkAAoJEOCrKu1X7xk9KmgAn0US
+cMfSezpXdnxMUtolUoW6/D2sAJ4/UGghc9zlAuwgLPlCzpu5oHkFMYhGBBARAgAGBQJAS7xL
+AAoJEMsocoKAckl78VAAoJr2aLa+nlHpvung4S4lSY1y2YTvAJ91pZcQ93pyQcW2Kcw1rQJH
+38tsFIhGBBARAgAGBQJBCWSvAAoJEFK/Wka8mOY96AsAoIdvyxRieIf3ax/XuZzsbC9Aszev
+AJ0Zg8BHqKjO1e9Q6waNMTczjnH9yIhGBBARAgAGBQJBCWTHAAoJELE3nVmTg94GJ3sAn0Au
+rEfQyEpfU8Eah40aL21mJzI5AJwJjoxEzvU2kpUW5jD0PCpKjT8txIhGBBARAgAGBQJBEmeq
+AAoJEAhhSI+BVeTz8u0AoI7CuU4j3HQrtnezVUFSWRm3ubW0AKCHQHOO04XLbAiVz+TKcurg
+T5z6n4hGBBARAgAGBQJBFBaCAAoJEFawMV8BZ8o4TyYAnjjMq/oCo2P8MrVKbfKYMTRqAig3
+AJ9+Whyun3+MFSNd6VnqzFwb6R/0O4hGBBARAgAGBQJBFYThAAoJEMuFlu8JRpsDvYoAnjGv
+7jyK/KsiiB5vx/cmgdbN1rfMAKCPK86Nh+v2+Q9Z8fxtiQxvu1AJUYhGBBARAgAGBQJBIB/S
+AAoJENfKOrov6HXMpSIAn1zCorc4KeQjvDirrAPW/6iAhCl2AJ0XdfXHduEfvLE+e43pGn1u
+D5Vf6IhGBBARAgAGBQJBzAyMAAoJEDN+IZvssYq6jXQAn2DOxFlkTaNirl4hM6mim6EkF2zp
+AKCBXdFYf6Dj9s4u2UnpxIcZH6ERaohGBBARAgAGBQJClS6BAAoJEDf2HVyMgMNfIkgAoOP4
+r8Ag5PEALCk0mGfpPhmFXcszAJ0SVdZqMvnlDtLZ3mapD0/JEao8e4hGBBARAgAGBQJC9oW5
+AAoJEInNSyFgdVnmzO0AoKrnE836t4iGWPe8liBm6RLNxPHJAJ48WdXVEz/xZLzMvFiK6Vef
+vUJybYhGBBARAgAGBQJC9oy7AAoJENVOrkvJmHCxgZQAnjfh3I9rhGS38ejY3896OfTeijq9
+AJwKS7lSmDFh2Roa4suJCU0jR5PAkIhGBBARAgAGBQJC/DgEAAoJEMBBXtEVcjZbYa0AnRrB
+j0kaACcI5XLNEuwOaNrhFCGzAKDZ4aJNuWTubjaAjNjECqzdwyNsyohGBBARAgAGBQJDEbMA
+AAoJELHEcxc+e0tzmcYAn2P6ZoEUcZSBPl8IoH1Aka5AUJE4AJ43wgJs4CAvjly3Kl70sIaJ
+hU27oohGBBARAgAGBQJDGiQLAAoJEFBy0DasWDUg/q8AnRU3D464VjOnMHsdCFpAWpZ0rI/D
+AKCJ5rQ0HoyeWzQ1TX/GCF75euLG7IhGBBARAgAGBQJD+gCwAAoJENqWTWeXwbcbJIcAoNES
+WOQQiCLPBcCBeRjvZxBl7OnlAJ4xECBE4xA8gUmCZEu6x4vqMb9XfohGBBARAgAGBQJE41zj
+AAoJEN4RAYMSEkW1WyQAn2oErtZ6+wHbEm9eLFbCEdBEz6CeAJsGhtP3/qbj7Wo2ye2Ey10/

[tor-commits] [webwml/master] Twitter link for Roger

[atagar]

commit 218105d7704f95abcc7a859651d662ac843b64d8
Author: Damian Johnson 
Date:   Thu Jul 13 10:28:16 2017 -0700

Twitter link for Roger
---
 about/en/corepeople_alternate.wml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index b703187..7522089 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -550,6 +550,7 @@ table.people tr td:first-child {
 
   
   
+  https://twitter.com/RogerDingledine;>
   
   Roger Dingledine
   IRC: arma

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Add Brad

[atagar]

commit 3a3a704e7f96ace91c3ad436c5ce2e750c67d842
Author: Damian Johnson 
Date:   Thu Jul 13 10:20:43 2017 -0700

Add Brad
---
 about/en/corepeople_alternate.wml | 115 +-
 images/people/bparker.png | Bin 0 -> 21887 bytes
 keys/bparker.txt  |  63 +
 3 files changed, 126 insertions(+), 52 deletions(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index cb98427..b703187 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -130,15 +130,24 @@ table.people tr td:first-child {
 
 
 
+  
+  
+  
+  Brad Parker
+  IRC: bparker
+  Chief ginancial  grants officer at the Tor 
Project.
+
+  
+
+  
+
   
   
   https://www.eff.org/files/key_cindy.txt;>
   Cindy Cohn
   Tor Board member and https://www.eff.org/about/staff/cindy-cohn;>Executive Director of the 
EFF. Lawyer by training, https://blog.torproject.org/blog/tor-heart-notes-board-member;>my 
focus is on making sure Tor stays available and that Tor users stay 
safe.
 
-  
 
-  
 
   
   
@@ -148,7 +157,9 @@ table.people tr td:first-child {
   IRC: Phoul
   Support and translation coordinator, GSoC 
administrator, member of the community team and a director of https://www.coldhak.ca;>Coldhak.
 
+  
 
+  
 
   
   
@@ -157,9 +168,7 @@ table.people tr td:first-child {
   IRC: atagar
   Author of the https://stem.torproject.org/;>Stem python controller library and https://www.atagar.com/arm/;>Nyx relay monitor.
 
-  
 
-  
 
   
   
@@ -168,7 +177,9 @@ table.people tr td:first-child {
   IRC: dgoulet
   Tor development team focusing on onion services 
and our torsocks maintainer.
 
+  
 
+  
 
   
   
@@ -178,9 +189,7 @@ table.people tr td:first-child {
   IRC: dawuud
   https://github.com/david415/;>Author 
of roflcoptor and honeybadger. Researches mixnets and contributes to 
txtorcon.
 
-  
 
-  
 
   
   
@@ -190,7 +199,9 @@ table.people tr td:first-child {
   IRC: DonnchaC
   Onion services developer, OnionBalance 
developer, hunter of bad relays.
 
+  
 
+  
 
   
   
@@ -199,9 +210,7 @@ table.people tr td:first-child {
   IRC: ewyatt
   Non-technical switchboard for people-related 
things: recruiting, onboarding, benefits, contracts, TPI policy questions, and 
baked goods.
 
-  
 
-  
 
   
   
@@ -211,7 +220,9 @@ table.people tr td:first-child {
   IRC: biella
   http://gabriellacoleman.org/;>Anthropologist and Wolfe Chair in 
Scientific and Technological Literacy at McGill University.
 
+  
 
+  
 
   
   
@@ -220,9 +231,7 @@ table.people tr td:first-child {
   IRC: GeKo
   Currently lead of the Tor Browser team.
 
-  
 
-  
 
   
   
@@ -231,7 +240,9 @@ table.people tr td:first-child {
   IRC: asn
   Onion services. Security analysis. Used to 
obfsproxy. Follower of the onion.
 
+  
 
+  
 
   
   
@@ -241,9 +252,7 @@ table.people tr td:first-child {
   IRC: saint
   Tamper-resistant software distribution, 
censorship detection, https://github.com/glamrock/cupcake;>Cupcake, and security training 
of activists and domestic violence survivors.
 
-  
 
-  
 
   
   
@@ -251,7 +260,9 @@ table.people tr td:first-child {
   Ian Goldberg
   https://cs.uwaterloo.ca/~iang/;>Professor of CS at the https://uwaterloo.ca/;>University of Waterloo, developing https://otr.cypherpunks.ca/;>Off-the-Record Messaging among other 
things.
 
+  
 
+  
 
   
   
@@ -259,9 +270,7 @@ table.people tr td:first-child {
   intrigeri
   Our main interface with the https://tails.boum.org/;>Tails project.
 
-  
 
-  
 
   
   
@@ -271,7 +280,9 @@ table.people tr td:first-child {
   IRC: isabela
   Coordinates Tor's development teams and 
roadmaps. Keeps track of priorities, and ensures Tor always thinks of the 
user first.
 
+  
 
+  
 
   
   
@@ -281,16 +292,16 @@ table.people tr td:first-child {
   IRC: isis
   Tor developer working on censorship 
circumvention, https://gitweb.torproject.org/bridgedb.git;>BridgeDB, and 
cryptographic research, design, and implementations.
 
-  
 
-  
 
   
   
   iwakeh
   Speaks Java and other languages, streamlines 
build processes, and scrutinizes mathematical concepts behind aggregating tons 
of Tor network data.
 
+  
 
+  
 
   
   
@@ -300,9 +311,7 @@ table.people tr td:first-child {
   IRC: qbi
   Volunteer that helped translate the website, is 
part of TorServers.net, and Tor's sysadmin team.
 
-  
 
-  
 
   
   
@@ -311,7 +320,9 @@ table.people tr td:first-child {
   IRC: jselon
   Event Coordination, 

[tor-commits] [webwml/master] Note Linus is on the board

[atagar]

commit faf04cb889be3e0b6dfca16cfe51320844f00bef
Author: Damian Johnson 
Date:   Thu Jul 13 09:52:39 2017 -0700

Note Linus is on the board
---
 about/en/corepeople_alternate.wml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index 2e6bed1..cb98427 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -370,7 +370,7 @@ table.people tr td:first-child {
   
   Linus Nordberg
   IRC: ln5
-  Swedish Tor advocate. Works on implementing 
IPv6 in Tor, build automation, and runs a directory authority.
+  Swedish advocate and Tor Board member. Works on 
implementing IPv6 in Tor, build automation, and runs a directory 
authority.
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Add Pepijn

[atagar]

commit eb8e1aa22ccd9adedf334ce8b8a4b4781de506b6
Author: Damian Johnson 
Date:   Thu Jul 13 09:49:50 2017 -0700

Add Pepijn
---
 about/en/corepeople_alternate.wml |  41 +++---
 images/people/orig/pepijn.jpg | Bin 0 -> 1025994 bytes
 images/people/pepijn.png  | Bin 0 -> 31866 bytes
 keys/pepijn.txt   | 285 ++
 4 files changed, 310 insertions(+), 16 deletions(-)

diff --git a/about/en/corepeople_alternate.wml 
b/about/en/corepeople_alternate.wml
index e3ed4a4..2e6bed1 100644
--- a/about/en/corepeople_alternate.wml
+++ b/about/en/corepeople_alternate.wml
@@ -496,6 +496,17 @@ table.people tr td:first-child {
 
 
 
+  
+  
+  https://twitter.com/lehoax;>
+  
+  Pepijn Le Heux
+  Lawyer based in The Netherlands and co-founder 
of Hart voor Internetvrijheid.
+
+  
+
+  
+
   
   
   https://twitter.com/__phw;>
@@ -504,9 +515,7 @@ table.people tr td:first-child {
   IRC: phw
   Maintains https://gitweb.torproject.org/user/phw/exitmap.git/;>exitmap and https://gitweb.torproject.org/user/phw/sybilhunter.git/;>sybilhunter, 
works on https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays;>bad 
relay detection, and does https://nymity.ch/papers.html;>security 
and privacy research.
 
-  
 
-  
 
   
   
@@ -514,7 +523,9 @@ table.people tr td:first-child {
   Rabbi Rob Thomas
   CEO of Team Cymru, which supports Tor through 
hosting, research, and infosec assistance.
 
+  
 
+  
 
   
   
@@ -524,9 +535,7 @@ table.people tr td:first-child {
   IRC: robgjansen
   https://www.nrl.navy.mil;>NRL 
research scientist, http://www.robgjansen.com/;>leading expert in Tor 
network performance, and author of https://shadow.github.io/;>Shadow.
 
-  
 
-  
 
   
   
@@ -535,16 +544,16 @@ table.people tr td:first-child {
   IRC: arma
   Original developer of Tor along with Nick and 
Paul. Leading researcher in anonymous communication, coordinating developers 
and researchers.
 
+  
 
+  
 
   
   
   Sebastian Hahn
   Helps people around the world use and 
understand Tor better. Generally helps everything run smoothly. Runs one of the 
directory authorities.
 
-  
 
-  
 
   
   
@@ -553,7 +562,9 @@ table.people tr td:first-child {
   Serene
   Snowflake and Pluggable Transports 
developer.
 
+  
 
+  
 
   
   
@@ -563,9 +574,7 @@ table.people tr td:first-child {
   IRC: ssteele
   Executive Director of the Tor Project, 
Inc.
 
-  
 
-  
 
   
   
@@ -575,7 +584,9 @@ table.people tr td:first-child {
   IRC: hiro
   Hiro builds and runs Tor Project's web 
applications and services.
 
+  
 
+  
 
   
   
@@ -585,9 +596,7 @@ table.people tr td:first-child {
   IRC: stephw
   Directs communications to consistently 
articulate and promote the Tor Project's mission.
 
-  
 
-  
 
   
   
@@ -597,7 +606,9 @@ table.people tr td:first-child {
   IRC: sjmurdoch
   http://www.cs.ucl.ac.uk/staff/s.murdoch/;>Principal Research Fellow 
at University College London and original creator of the https://www.torproject.org/projects/torbrowser.html.en;>Tor 
Browser.
 
+  
 
+  
 
   
   
@@ -606,9 +617,7 @@ table.people tr td:first-child {
   IRC: sukhe
   https://trac.torproject.org/projects/tor/wiki/torbirdy;>TorBirdy and 
https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger;>Tor 
Messenger developer. Volunteer on the https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam;>Community
 Team.
 
-  
 
-  
 
   
   
@@ -617,7 +626,9 @@ table.people tr td:first-child {
   IRC: teor
   Onion services developer, and core member of 
Tor dev team. Researches Tor network measurement and onion service 
scalability.
 
+  
 
+  
 
   
   
@@ -627,9 +638,7 @@ table.people tr td:first-child {
   IRC: tjr
   Maintains https://consensus-health.torproject.org/;>Consensus Health , runs one 
of the bandwidth authorities, and contributes to Tor Browser.
 
-  
 
-  
 
   
   
@@ -638,7 +647,9 @@ table.people tr td:first-child {
   IRC: t0mmy
   Writes and edits grant proposals, one-pagers, 
blogposts, etc.
 
+  
 
+  
 
   
   
@@ -648,9 +659,7 @@ table.people tr td:first-child {
   IRC: wseltzer
   https://wendy.seltzer.org/;>Techie 
lawyer and former Tor board member. She works on legal and policy support 
for private and secure communications.
 
-  
 
-  
 
   
   
diff --git a/images/people/orig/pepijn.jpg b/images/people/orig/pepijn.jpg
new file mode 100644
index 000..dc2c0c5
Binary files /dev/null and b/images/people/orig/pepijn.jpg differ
diff --git a/images/people/pepijn.png b/images/people/pepijn.png
new file mode 100644
index 

[tor-commits] [tor-browser/tor-browser-52.2.0esr-7.5-1] fixup! TB4: Tor Browser's Firefox preference overrides.

[gk]

commit b3989f16138112084c008f89d54ecbe9cd4804d7
Author: Georg Koppen 
Date:   Thu Jul 13 08:48:59 2017 +

fixup! TB4: Tor Browser's Firefox preference overrides.

We disable the GetAddons item on the about:addons page as we don't know
which extensions Mozilla is advertising to our users and we don't want
to have some random Google Analytics script running either on
about:addons. Fixes bug 22073.
---
 browser/app/profile/000-tor-browser.js | 4 
 1 file changed, 4 insertions(+)

diff --git a/browser/app/profile/000-tor-browser.js 
b/browser/app/profile/000-tor-browser.js
index d2fb5e5..aaeba63 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -294,6 +294,10 @@ pref("extensions.enabledScopes", 1);
 pref("extensions.pendingOperations", false);
 pref("xpinstall.whitelist.add", "");
 pref("xpinstall.whitelist.add.36", "");
+// We don't know what extensions Mozilla is advertising to our users and we
+// don't want to have some random Google Analytics script running either on the
+// about:addons page, see bug 22073 and 22900.
+pref("extensions.getAddons.showPane", false);
 
 // Toolbar layout
 pref("browser.uiCustomization.state", 
"{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\",\"https-everywhere-button\",\"downloads-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"noscript-tbb\",\"torbutton-button\",\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"loop-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\",\"addon-bar\"],\"currentVersion\":4,\"newElementCount\":0}");

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit ff366cd53c2fc0526ae3fbb7f6b6c31906b6ee11
Author: Translation commit bot 
Date:   Thu Jul 13 10:48:27 2017 +

Update translations for tor-browser-manual
---
 uk/uk.po | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/uk/uk.po b/uk/uk.po
index 982b668..13bb751 100644
--- a/uk/uk.po
+++ b/uk/uk.po
@@ -931,6 +931,12 @@ msgid ""
 "connections. Tor Browser will warn you that all activity and downloads will "
 "be stopped, so take this into account before clicking “New Identity”."
 msgstr ""
+"Ця опція корисна, якщо ви не хочете, щоб 
ваша подальша діяльність у браузері"
+" пов'язувалася з тим, що вони робили 
раніше. Якщо її вибрати, буде закрито "
+"усі відкриті вкладки і вікна, очищено усю 
приватну інформацію (як-то куки та"
+" історія) і встановлено нові схеми Tor для 
усіх з'єднань. Браузер Tor "
+"попередить вас, що всю діяльність та 
завантаження буде припинено, тому майте"
+" це на увазі, натискаючи на кнопку «Нова 
ідентичність»."
 
 #: managing-identities.page:123
 msgid "New Tor Circuit for this Site"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 508640e01fb6f6d14f963c50472e375652be8f12
Author: Translation commit bot 
Date:   Thu Jul 13 09:49:53 2017 +

Update translations for tor-browser-manual
---
 uk/uk.po | 47 ---
 1 file changed, 44 insertions(+), 3 deletions(-)

diff --git a/uk/uk.po b/uk/uk.po
index 2e6d905..982b668 100644
--- a/uk/uk.po
+++ b/uk/uk.po
@@ -774,10 +774,15 @@ msgid ""
 " Browser includes some additional features that help you control what "
 "information can be tied to your identity."
 msgstr ""
+"Використання мережі Tor унеможливлює 
розкриття вашого місця розташування та "
+"IP-адреси спостерігачами, але й без цієї 
інформації вони можуть поєднати "
+"різні поля вашої діяльності в одне ціле. З 
цієї причини Tor-браузер містить "
+"деякі додаткові функції, які допомагають 
вам котролювати, яка інформація "
+"прив'язується до вашої ідентичності."
 
 #: managing-identities.page:29
 msgid "The URL bar"
-msgstr ""
+msgstr "Адресний рядок"
 
 #: managing-identities.page:30
 msgid ""
@@ -787,6 +792,11 @@ msgid ""
 " be served over two different Tor circuits, so the tracker will not know "
 "that both connections originate from your browser."
 msgstr ""
+"Tor Browser засереджує вашу діяльність на 
відносинах з веб-сайтом, введеним "
+"в адресному рядку. Навіть якщо ви зайдете 
на два різні сайти, які "
+"використовують той же сервіс трекінгу від 
третьої сторони, браузер Tor "
+"пропустить контент через дві різні схеми 
Tor, тому трекер не знатиме, що "
+"обидва відвідування були з вашого 
браузера."
 
 #: managing-identities.page:38
 msgid ""
@@ -795,6 +805,9 @@ msgid ""
 "single website in separate tabs or windows, without any loss of "
 "functionality."
 msgstr ""
+"З іншого боку, усі відвідування одної 
адреси веб-сайту робитимуться через "
+"одну схему Tor, тобто ви можете відвідувати 
різні вкладки того ж веб-сайту у"
+" різних вкладках чи вікнах без втрати 
функціоналу."
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -806,16 +819,20 @@ msgid ""
 "external ref='media/managing-identities/circuit_full.png' "
 "md5='bd46d22de952fee42643be46d3f95928'"
 msgstr ""
+"external ref='media/managing-identities/circuit_full.png' "
+"md5='bd46d22de952fee42643be46d3f95928'"
 
 #: managing-identities.page:48
 msgid ""
 "You can see a diagram of the circuit that Tor Browser is using for the "
 "current tab in the onion menu."
 msgstr ""
+"Ви можете побачити діаграму схеми, яку 
Tor-браузер використовує для поточної"
+" вкладки у меню цибулини."
 
 #: managing-identities.page:55
 msgid "Logging in over Tor"
-msgstr ""
+msgstr "Вхід в систему через Tor"
 
 #: managing-identities.page:56
 msgid ""
@@ -823,6 +840,9 @@ msgid ""
 "there may be situations in which it makes sense to use Tor with websites "
 "that require usernames, passwords, or other identifying information."
 msgstr ""
+"Хоча браузер Tor призначений для 
забезпечення тотальної анонімності у вебі, 
"
+"можуть бути ситуації, коли доцільно 
використовувати Tor для веб-сайтів, що "
+"вимагають ім'я користувача, пароль чи іншу 
інформацію ідентифікації."
 
 #: managing-identities.page:62
 msgid ""
@@ -833,18 +853,29 @@ msgid ""
 "you reveal to the websites you browse. Logging in using Tor Browser is also "
 "useful if the website you are trying to reach is censored on your network."
 msgstr ""
+"Якщо ви входите на веб-сайт через 
звичайний браузер, то в процесі також "
+"розкриваєте свою IP-адресу та географічне 
розташування. Те саме часто "
+"справедливо і для надсилання ел. пошти. Вх
ід у соціальну мережу чи поштовик "
+"з використанням браузера Tor дозволяє 
вибрати, яку саме інформацію "

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 5c156cbffb447e60a3669d7d68a633eeedeaee87
Author: Translation commit bot 
Date:   Thu Jul 13 09:18:28 2017 +

Update translations for tor-browser-manual
---
 uk/uk.po | 104 ++-
 1 file changed, 89 insertions(+), 15 deletions(-)

diff --git a/uk/uk.po b/uk/uk.po
index 30f41ca..2e6d905 100644
--- a/uk/uk.po
+++ b/uk/uk.po
@@ -429,10 +429,15 @@ msgid ""
 "“32-bit” or “64-bit” software: this depends on the model of the 
computer you"
 " are using."
 msgstr ""
+"GetTor відповість листом, що міститиме 
посилання на завантаження пакету Tor "
+"Browser, криптографічного підпису (що 
потрібний для перевірки завантаження),"
+" відбитку ключа, використаного для 
підпису, та контрольної суми пакета. Ви "
+"можете отримати на вибір 32-бітну чи 
64-бітну весію програмного "
+"забезпечення, залежно від моделі вашого 
комп'ютера."
 
 #: downloading.page:57
 msgid "To use GetTor via Twitter:"
-msgstr ""
+msgstr "Щоб скористатися GetTor через Twitter:"
 
 #: downloading.page:62
 msgid ""
@@ -440,38 +445,47 @@ msgid ""
 "Message to @get_tor with the words \"osx en\" in it (you don't need to "
 "follow the account)."
 msgstr ""
+"Щоб отримати посилання на завантаження 
браузера Tor англійською мовою для OS"
+" X, надішліть приватне повідомлення 
користувачу @get_tor зі словами «osx en»"
+" (для цього не потрібно стежити за 
користувачем)."
 
 #: downloading.page:70
 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):"
 msgstr ""
+"Щоб скористатися GetTor через Jabber/XMPP (Tor Messenger, 
Jitsi, CoyIM):"
 
 #: downloading.page:75
 msgid ""
 "To get links for downloading Tor Browser in Chinese for Linux, send a "
 "message to get...@torproject.org with the words \"linux zh\" in it."
 msgstr ""
+"Щоб отримати посилання на завантаження 
браузера Tor Browser китайською мовою"
+" для Linux, надішліть повідмлення 
get...@torproject.org зі словами «linux "
+"zh»."
 
 #: downloading.page:84
 msgid "Satori"
-msgstr ""
+msgstr "Satori"
 
 #: downloading.page:85
 msgid ""
 "Satori is an add-on for the Chrome or Chromium browsers that allows you to "
 "download several security and privacy programs from different sources."
 msgstr ""
+"Satori — це додаток до браузерів Chrome чи Chromium, 
який дозволяє "
+"завантажити кілька програм безпеки та 
приватності з різних джерел."
 
 #: downloading.page:90
 msgid "To download Tor Browser using Satori:"
-msgstr ""
+msgstr "Щоб завантажити Tor Browser через Satori:"
 
 #: downloading.page:95
 msgid "Install Satori from the Chrome App Store."
-msgstr ""
+msgstr "Встановіть Satori з Chrome App Store."
 
 #: downloading.page:100
 msgid "Select Satori from your browser’s Apps menu."
-msgstr ""
+msgstr "Оберіть Satori у меню додатків свого 
браузера."
 
 #: downloading.page:105
 msgid ""
@@ -481,12 +495,19 @@ msgid ""
 "after the name of the program — each one represents a different source from 
"
 "which to get the software. Your download will then begin."
 msgstr ""
+"Коли Satori відкриється, виберіть зручну для 
вас мову. Відкриється меню зі "
+"списком доступних завантажень цією мовою. 
Знайдіть Tor Browser під назвою "
+"вашої операційної системи. Оберіть «A» або 
«B» після назви програми — це "
+"різні джерела, з яких можна отримати 
програму. Тоді розпочнеться "
+"завантаження."
 
 #: downloading.page:115
 msgid ""
 "Wait for your download to finish, then find the “Generate Hash” section 
in "
 "Satori’s menu and click “Select Files”."
 msgstr ""
+"Зачекайте, поки завантаження завешиться, 
тоді знайдіть розділ «Генервати "
+"хеш» у меню Satori і натисніть «Обрати 
файли»."
 
 #: downloading.page:121
 msgid ""
@@ -498,14 +519,21 @@ msgid ""
 "Browser. If they do not match, you may need to try downloading again,"
 " or from a different source."
 msgstr ""
+"Оберіть завантажений файл Tor Browser. Satori 

[tor-commits] [metrics-web/master] Remove unused image files.

[karsten]

commit dbe669bfb519cdd9dbcd7cd016e9c2d31ea1411c
Author: Karsten Loesing 
Date:   Thu Jul 13 10:41:27 2017 +0200

Remove unused image files.
---
 website/src/main/resources/web/images/default-logo.png | Bin 96441 -> 0 bytes
 .../main/resources/web/images/metrics-logo-large.png   | Bin 119786 -> 0 bytes
 .../resources/web/images/metrics-wordmark-small.png| Bin 4473 -> 0 bytes
 .../src/main/resources/web/images/metrics-wordmark.png | Bin 17612 -> 0 bytes
 website/src/main/resources/web/images/ooni-logo.png| Bin 5573 -> 0 bytes
 5 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/website/src/main/resources/web/images/default-logo.png 
b/website/src/main/resources/web/images/default-logo.png
deleted file mode 100644
index ef0cd90..000
Binary files a/website/src/main/resources/web/images/default-logo.png and 
/dev/null differ
diff --git a/website/src/main/resources/web/images/metrics-logo-large.png 
b/website/src/main/resources/web/images/metrics-logo-large.png
deleted file mode 100644
index 24001c6..000
Binary files a/website/src/main/resources/web/images/metrics-logo-large.png and 
/dev/null differ
diff --git a/website/src/main/resources/web/images/metrics-wordmark-small.png 
b/website/src/main/resources/web/images/metrics-wordmark-small.png
deleted file mode 100644
index d2132d1..000
Binary files a/website/src/main/resources/web/images/metrics-wordmark-small.png 
and /dev/null differ
diff --git a/website/src/main/resources/web/images/metrics-wordmark.png 
b/website/src/main/resources/web/images/metrics-wordmark.png
deleted file mode 100644
index c6977a0..000
Binary files a/website/src/main/resources/web/images/metrics-wordmark.png and 
/dev/null differ
diff --git a/website/src/main/resources/web/images/ooni-logo.png 
b/website/src/main/resources/web/images/ooni-logo.png
deleted file mode 100644
index 777481b..000
Binary files a/website/src/main/resources/web/images/ooni-logo.png and 
/dev/null differ



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [metrics-web/master] Remove unused submodule, update the one we use.

[karsten]

commit c93d9ccc5a2719142c625ad11ad75b6eea93b4a9
Author: Karsten Loesing 
Date:   Thu Jul 13 10:35:03 2017 +0200

Remove unused submodule, update the one we use.
---
 .gitmodules   | 6 --
 submods/collector | 1 -
 submods/metrics-lib   | 2 +-
 submods/onionoo   | 1 -
 website/src/main/resources/web-prepare.sh | 2 +-
 5 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/.gitmodules b/.gitmodules
index 4d4d0bb..7e4601a 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,9 +1,3 @@
-[submodule "submods/onionoo"]
-   path = submods/onionoo
-   url = https://git.torproject.org/onionoo.git
 [submodule "submods/metrics-lib"]
path = submods/metrics-lib
url = https://git.torproject.org/metrics-lib.git
-[submodule "submods/collector"]
-   path = submods/collector
-   url = https://git.torproject.org/collector.git
diff --git a/submods/collector b/submods/collector
deleted file mode 16
index 788e72e..000
--- a/submods/collector
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 788e72e4e9a1fed321c307fe99e61c2d09cfd936
diff --git a/submods/metrics-lib b/submods/metrics-lib
index a57b1f7..8678345 16
--- a/submods/metrics-lib
+++ b/submods/metrics-lib
@@ -1 +1 @@
-Subproject commit a57b1f7698bb03abe023ce2aa95cb9d0c8144a1d
+Subproject commit 8678345af9922ca4431b084d75419961dac562fa
diff --git a/submods/onionoo b/submods/onionoo
deleted file mode 16
index 445f303..000
--- a/submods/onionoo
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 445f3030c9c7455cdb1583e3e0254334f05ca6b8
diff --git a/website/src/main/resources/web-prepare.sh 
b/website/src/main/resources/web-prepare.sh
index 2da4c4e..02b604b 100755
--- a/website/src/main/resources/web-prepare.sh
+++ b/website/src/main/resources/web-prepare.sh
@@ -5,7 +5,7 @@
 
 cd $1
 
-for x in  metrics-lib collector onionoo ; do
+for x in  metrics-lib ; do
 cd $1/$x
 src/main/resources/bootstrap-development.sh
 if  ! [ -d lib ] ; then



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [metrics-web/master] Fix typo.

[karsten]

commit e7315204a81a456610598a578aaf1377db47c212
Author: Karsten Loesing 
Date:   Thu Jul 13 10:38:28 2017 +0200

Fix typo.
---
 website/src/main/resources/web/WEB-INF/sources.jsp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/src/main/resources/web/WEB-INF/sources.jsp 
b/website/src/main/resources/web/WEB-INF/sources.jsp
index 301a2ea..43a926b 100644
--- a/website/src/main/resources/web/WEB-INF/sources.jsp
+++ b/website/src/main/resources/web/WEB-INF/sources.jsp
@@ -36,7 +36,7 @@
 https://gitweb.torproject.org/torperf.git; 
target="_blank">Torperf measures Tor performance with a set of utilities 
and Python scripts.
 https://github.com/robgjansen/onionperf; 
target="_blank">OnionPerf measures the performance of onion services.
 https://ooni.torproject.org/; target="_blank">OONI 
detects censorship, surveillance, and traffic manipulation on the internet.
-https://gitweb.torproject.org/user/phw/sybilhunter.git/; 
target="_blank">Sybilhunter attempts to detect Sybil attacks onthe Tor 
network.
+https://gitweb.torproject.org/user/phw/sybilhunter.git/; 
target="_blank">Sybilhunter attempts to detect Sybil attacks on the Tor 
network.
 https://webstats.torproject.org/; 
target="_blank">Webstats collects logs from torproject.org web 
servers and provides them as a stripped-down version of Apache's "combined" log 
format without IP addresses, log times, HTTP parameters, referers, and user 
agent strings.
   
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [metrics-web/master] Update news.

[karsten]

commit 23ab4d36d7881599a655e28f569347e2038fa1be
Author: Karsten Loesing 
Date:   Thu Jul 13 10:24:30 2017 +0200

Update news.
---
 website/src/main/resources/etc/news.json | 50 
 1 file changed, 50 insertions(+)

diff --git a/website/src/main/resources/etc/news.json 
b/website/src/main/resources/etc/news.json
index fbb8a97..e62a8cc 100644
--- a/website/src/main/resources/etc/news.json
+++ b/website/src/main/resources/etc/news.json
@@ -584,6 +584,56 @@
 ]
   },
   {
+"start": "2017-07-02",
+"description": "deb.torproject.org upgrades from tor 0.2.9 to tor 0.3.0",
+"links": [
+  "https://metrics.torproject.org/versions.html?start=2017-05-01=2017-07-15\;>relay
 versions graph",
+  "https://twitter.com/nusenu_/status/884128686764687361\;>tweet"
+]
+  },
+  {
+"start": "2017-06-26",
+"end": "2017-07-03",
+"protocols": [
+  "obfs4"
+],
+"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/854173307E33686BBBAC36A3A093BEF320B719D4\;>frosty",
+"links": [
+  "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing
 list post"
+]
+  },
+  {
+"start": "2017-06-26",
+"end": "2017-07-02",
+"protocols": [
+  "obfs4"
+],
+"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/D9E712E593400635462172121B7DB90B07669F71\;>dragon",
+"links": [
+  "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing
 list post"
+]
+  },
+  {
+"start": "2017-07-04",
+"protocols": [
+  "obfs4"
+],
+"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/D9E712E593400635462172121B7DB90B07669F71\;>dragon",
+"links": [
+  "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing
 list post"
+]
+  },
+  {
+"start": "2017-07-04",
+"protocols": [
+  "obfs4"
+],
+"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/854173307E33686BBBAC36A3A093BEF320B719D4\;>frosty.",
+"links": [
+  "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing
 list post"
+]
+  },
+  {
 "start": "2016-02-24",
 "place": "tm",
 "protocols": [



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual

[translation]

commit 30b8d2abc1c3616fcd41c25c594e6159239e7c8e
Author: Translation commit bot 
Date:   Thu Jul 13 08:48:27 2017 +

Update translations for tor-browser-manual
---
 uk/uk.po | 103 ---
 1 file changed, 79 insertions(+), 24 deletions(-)

diff --git a/uk/uk.po b/uk/uk.po
index cd32fdd..30f41ca 100644
--- a/uk/uk.po
+++ b/uk/uk.po
@@ -140,12 +140,12 @@ msgid ""
 " in combination with pluggable transports helps to disguise the fact that "
 "you are using Tor."
 msgstr ""
-"Більшість вставних траспортерів (Pluggable "
+"Більшість вставних траспортів (Pluggable "
 "Transports), як obfs3 та obfs4, залежать від 
використання «мостових» "
 "реле. Подібно до звичайних реле Tor'у, мости 
підтримують волонтери, але на "
 "відміну від звичайних реле, вони не 
згадуються публічно, тому противник не "
 "зможе легко їх ідентифікувати. 
Використання мостів у поєднанні зі 
вставними "
-"транспортерами допомагає приховати той 
факт, що ви використовуєте Tor."
+"транспортами допомагає приховати той 
факт, що ви використовуєте Tor."
 
 #: bridges.page:21
 msgid ""
@@ -153,19 +153,21 @@ msgid ""
 "techniques that do not rely on bridges. You do not need to obtain bridge "
 "addresses in order to use these transports."
 msgstr ""
-"Інші вставні транспортери, як meek, 
використовують різні протицензурні "
-"методи, що не базуються на мостах. Вам не 
треба мати адреси мостів, щоб "
-"користуватися цими транспортерами. "
+"Інші вставні транспорти, як meek, 
використовують різні протицензурні 
методи,"
+" що не базуються на мостах. Вам не треба 
мати адреси мостів, щоб "
+"користуватися цими транспортами. "
 
 #: bridges.page:28
 msgid "Getting bridge addresses"
-msgstr ""
+msgstr "Отримання адрес мостів"
 
 #: bridges.page:29
 msgid ""
 "Because bridge addresses are not public, you will need to request them "
 "yourself. You have two options:"
 msgstr ""
+"Оскільки адреси мостів не публічні, вам 
треба подати на них запит. Є два "
+"способи:"
 
 #: bridges.page:36
 msgid ""
@@ -173,22 +175,29 @@ msgid ""
 
"href=\"https://bridges.torproject.org/\;>https://bridges.torproject.org/"
 " and follow the instructions, or"
 msgstr ""
+"Перейдіть на https://bridges.torproject.org/\;>https://bridges.torproject.org/"
+" та виконайте інструкції, або "
 
 #: bridges.page:42
 msgid ""
 "Email brid...@torproject.org from a Gmail, Yahoo, or Riseup email address, "
 "or"
 msgstr ""
+"Напишіть на brid...@torproject.org з електронної 
пошти Gmail, Yahoo чи "
+"Riseup, або"
 
 #: bridges.page:51
 msgid "Entering bridge addresses"
-msgstr ""
+msgstr "Введення адрес мостів"
 
 #: bridges.page:52
 msgid ""
 "Once you have obtained some bridge addresses, you will need to enter them "
 "into Tor Launcher."
 msgstr ""
+"Коли ви отримали якісь адреси мостів, вам 
треба ввести їх у своєму Tor "
+"Launcher.."
 
 #: bridges.page:57
 msgid ""
@@ -196,6 +205,9 @@ msgid ""
 " to the Tor network. Select “Use custom bridges” and enter each bridge "
 "address on a separate line."
 msgstr ""
+"Оберіть «так» у відповідь на запитання, чи 
ваш інтернет-провайдер блокує "
+"з'єднання з мережею Tor. Оберіть 
«Використовувати власні мости» і введіть "
+"кожну адресу моста окремим рядком."
 
 #. This is a reference to an external file such as an image or video. When
 #. the file changes, the md5 hash will change to let you know you need to
@@ -207,6 +219,8 @@ msgid ""
 "external ref='media/tor-launcher-custom-bridges_en-US.png' "
 "md5='93365c2aa3fb4d627497e83f28a39b7e'"
 msgstr ""
+"external ref='media/tor-launcher-custom-bridges_en-US.png' "
+"md5='93365c2aa3fb4d627497e83f28a39b7e'"
 
 #: bridges.page:65
 msgid ""
@@ -215,14 +229,19 @@ msgid ""
 " may be down. Please use one of the above methods to obtain more bridge "
 "addresses, and try again."
 msgstr ""
+"Натисніть «З'єднатися». Використання 
мостів може