[tor-commits] [stem/master] Unexpected exceptions during async tests deadlocked
commit 7901ff113353b9a62e9bf99682eb45933c1fcbcd Author: Damian JohnsonDate: Thu Jul 13 21:43:22 2017 -0700 Unexpected exceptions during async tests deadlocked When an asynchrously ran test raised a non-assertion exception the subsiquent recv call on the pipe would never complete... https://trac.torproject.org/projects/tor/ticket/22902 --- stem/util/test_tools.py | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/stem/util/test_tools.py b/stem/util/test_tools.py index cab96e5..3094f5c 100644 --- a/stem/util/test_tools.py +++ b/stem/util/test_tools.py @@ -33,8 +33,9 @@ import linecache import multiprocessing import os import re -import time import threading +import time +import traceback import unittest import stem.prereq @@ -167,6 +168,8 @@ class AsyncTest(object): conn.send(AsyncResult('failure', str(exc))) except SkipTest as exc: conn.send(AsyncResult('skipped', str(exc))) + except: +conn.send(AsyncResult('error', traceback.format_exc())) finally: conn.close() @@ -207,6 +210,8 @@ class AsyncTest(object): if test and self._result.type == 'failure': test.fail(self._result.msg) + elif test and self._result.type == 'error': +test.fail(self._result.msg) elif test and self._result.type == 'skipped': test.skipTest(self._result.msg) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Add Roya
commit f673f594dc4bb98369601b0023cfb9b5f785bfd3 Author: Damian JohnsonDate: Thu Jul 13 14:37:21 2017 -0700 Add Roya --- about/en/corepeople_alternate.wml | 29 +++-- images/people/roya.png| Bin 0 -> 36754 bytes 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index c21323e..2936a7c 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -569,12 +569,21 @@ table.people tr td:first-child { + + + Roya Ensafi + Detects and understands how to manipulate and circumvent Tor network censorship attempts. + + + Sebastian Hahn Helps people around the world use and understand Tor better. Generally helps everything run smoothly. Runs one of the directory authorities. + + @@ -583,9 +592,7 @@ table.people tr td:first-child { Serene Snowflake and Pluggable Transports developer. - - @@ -595,7 +602,9 @@ table.people tr td:first-child { IRC: ssteele Executive Director of the Tor Project, Inc. + + @@ -605,9 +614,7 @@ table.people tr td:first-child { IRC: hiro Hiro builds and runs Tor Project's web applications and services. - - @@ -617,7 +624,9 @@ table.people tr td:first-child { IRC: stephw Directs communications to consistently articulate and promote the Tor Project's mission. + + @@ -627,9 +636,7 @@ table.people tr td:first-child { IRC: sjmurdoch http://www.cs.ucl.ac.uk/staff/s.murdoch/;>Principal Research Fellow at University College London and original creator of the https://www.torproject.org/projects/torbrowser.html.en;>Tor Browser. - - @@ -638,7 +645,9 @@ table.people tr td:first-child { IRC: sukhe https://trac.torproject.org/projects/tor/wiki/torbirdy;>TorBirdy and https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger;>Tor Messenger developer. Volunteer on the https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam;>Community Team. + + @@ -647,9 +656,7 @@ table.people tr td:first-child { IRC: teor Onion services developer, and core member of Tor dev team. Researches Tor network measurement and onion service scalability. - - @@ -659,7 +666,9 @@ table.people tr td:first-child { IRC: tjr Maintains https://consensus-health.torproject.org/;>Consensus Health , runs one of the bandwidth authorities, and contributes to Tor Browser. + + @@ -668,9 +677,7 @@ table.people tr td:first-child { IRC: t0mmy Writes and edits grant proposals, one-pagers, blogposts, etc. - - @@ -680,7 +687,9 @@ table.people tr td:first-child { IRC: wseltzer https://wendy.seltzer.org/;>Techie lawyer and former Tor board member. She works on legal and policy support for private and secure communications. + + diff --git a/images/people/roya.png b/images/people/roya.png new file mode 100644 index 000..e19e23a Binary files /dev/null and b/images/people/roya.png differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Don't use char * for binary data
commit f64689f3f00d72033ff7544ada4ccdfb7c328b36 Author: David GouletDate: Wed Jul 12 13:41:33 2017 -0400 prop224: Don't use char * for binary data It turns out that some char * sneaked in our hs_common.c code. Replace those by uint8_t *. Signed-off-by: David Goulet --- src/or/hs_common.c | 18 ++ src/or/hs_common.h | 2 +- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/src/or/hs_common.c b/src/or/hs_common.c index 87c29d5..22a845f 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -367,7 +367,7 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out) * checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN). */ static void build_hs_checksum(const ed25519_public_key_t *key, uint8_t version, - char *checksum_out) + uint8_t *checksum_out) { size_t offset = 0; char data[HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN]; @@ -383,7 +383,8 @@ build_hs_checksum(const ed25519_public_key_t *key, uint8_t version, tor_assert(offset == HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN); /* Hash the data payload to create the checksum. */ - crypto_digest256(checksum_out, data, sizeof(data), DIGEST_SHA3_256); + crypto_digest256((char *) checksum_out, data, sizeof(data), + DIGEST_SHA3_256); } /* Using an ed25519 public key, checksum and version to build the binary @@ -392,7 +393,7 @@ build_hs_checksum(const ed25519_public_key_t *key, uint8_t version, * * addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes. */ static void -build_hs_address(const ed25519_public_key_t *key, const char *checksum, +build_hs_address(const ed25519_public_key_t *key, const uint8_t *checksum, uint8_t version, char *addr_out) { size_t offset = 0; @@ -416,7 +417,7 @@ build_hs_address(const ed25519_public_key_t *key, const char *checksum, * HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated. */ static void hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out, - char *checksum_out, uint8_t *version_out) + uint8_t *checksum_out, uint8_t *version_out) { size_t offset = 0; @@ -449,7 +450,7 @@ hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out, * Return 0 if parsing went well; return -1 in case of error. */ int hs_parse_address(const char *address, ed25519_public_key_t *key_out, - char *checksum_out, uint8_t *version_out) + uint8_t *checksum_out, uint8_t *version_out) { char decoded[HS_SERVICE_ADDR_LEN]; @@ -485,8 +486,8 @@ int hs_address_is_valid(const char *address) { uint8_t version; - char checksum[HS_SERVICE_ADDR_CHECKSUM_LEN_USED]; - char target_checksum[DIGEST256_LEN]; + uint8_t checksum[HS_SERVICE_ADDR_CHECKSUM_LEN_USED]; + uint8_t target_checksum[DIGEST256_LEN]; ed25519_public_key_t key; /* Parse the decoded address into the fields we need. */ @@ -521,7 +522,8 @@ void hs_build_address(const ed25519_public_key_t *key, uint8_t version, char *addr_out) { - char checksum[DIGEST256_LEN], address[HS_SERVICE_ADDR_LEN]; + uint8_t checksum[DIGEST256_LEN]; + char address[HS_SERVICE_ADDR_LEN]; tor_assert(key); tor_assert(addr_out); diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 2b33914..203a5d0 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -93,7 +93,7 @@ void hs_build_address(const ed25519_public_key_t *key, uint8_t version, char *addr_out); int hs_address_is_valid(const char *address); int hs_parse_address(const char *address, ed25519_public_key_t *key_out, - char *checksum_out, uint8_t *version_out); + uint8_t *checksum_out, uint8_t *version_out); void rend_data_free(rend_data_t *data); rend_data_t *rend_data_dup(const rend_data_t *data); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Use a common function to parse uint64_t
commit cfa6f8358b4c5ea6c9c82a0818dc81b8aaf44a78 Author: David GouletDate: Wed Jul 12 10:37:10 2017 -0400 prop224: Use a common function to parse uint64_t Add a helper function to parse uint64_t and also does logging so we can reduce the amount of duplicate code. Signed-off-by: David Goulet --- src/or/hs_config.c | 100 +++-- 1 file changed, 44 insertions(+), 56 deletions(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index 3baab46..f1e130b 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -115,6 +115,33 @@ service_is_duplicate_in_list(const smartlist_t *service_list, return ret; } +/* Helper function: Given an configuration option name, its value, a minimum + * min and a maxium max, parse the value as a uint64_t. On success, ok is set + * to 1 and ret is the parsed value. On error, ok is set to 0 and ret must be + * ignored. This function logs both on error and success. */ +static uint64_t +helper_parse_uint64(const char *opt, const char *value, uint64_t min, +uint64_t max, int *ok) +{ + uint64_t ret = 0; + + tor_assert(opt); + tor_assert(value); + tor_assert(ok); + + *ok = 0; + ret = tor_parse_uint64(value, 10, min, max, ok, NULL); + if (!*ok) { +log_warn(LD_CONFIG, "%s must be between %" PRIu64 " and %"PRIu64 +", not %s.", + opt, min, max, value); +goto err; + } + log_info(LD_CONFIG, "%s was parsed to %" PRIu64, opt, ret); + err: + return ret; +} + /* Return true iff the given options starting at line_ for a hidden service * contains at least one invalid option. Each hidden service option don't * apply to all versions so this function can find out. The line_ MUST start @@ -222,27 +249,21 @@ config_service_v3(const config_line_t *line_, config = >config; for (line = line_; line; line = line->next) { +int ok = 0; if (!strcasecmp(line->key, "HiddenServiceDir")) { /* We just hit the next hidden service, stop right now. */ break; } /* Number of introduction points. */ if (!strcasecmp(line->key, "HiddenServiceNumIntroductionPoints")) { - int ok = 0; config->num_intro_points = -(unsigned int) tor_parse_ulong(line->value, 10, - NUM_INTRO_POINTS_DEFAULT, - HS_CONFIG_V3_MAX_INTRO_POINTS, - , NULL); +(unsigned int) helper_parse_uint64(line->key, line->value, + NUM_INTRO_POINTS_DEFAULT, + HS_CONFIG_V3_MAX_INTRO_POINTS, + ); if (!ok) { -log_warn(LD_CONFIG, "HiddenServiceNumIntroductionPoints " - "should be between %d and %d, not %s", - NUM_INTRO_POINTS_DEFAULT, HS_CONFIG_V3_MAX_INTRO_POINTS, - line->value); goto err; } - log_info(LD_CONFIG, "HiddenServiceNumIntroductionPoints=%d for %s", - config->num_intro_points, escaped(config->directory_path)); continue; } } @@ -277,7 +298,7 @@ config_generic_service(const config_line_t *line_, const or_options_t *options, hs_service_t *service) { - int ok, dir_seen = 0; + int dir_seen = 0; const config_line_t *line; hs_service_config_t *config; @@ -291,6 +312,7 @@ config_generic_service(const config_line_t *line_, /* The first line starts with HiddenServiceDir so we consider what's next is * the configuration of the service. */ for (line = line_; line ; line = line->next) { +int ok = 0; /* This indicate that we have a new service to configure. */ if (!strcasecmp(line->key, "HiddenServiceDir")) { /* This function only configures one service at a time so if we've @@ -310,18 +332,12 @@ config_generic_service(const config_line_t *line_, } /* Version of the service. */ if (!strcasecmp(line->key, "HiddenServiceVersion")) { - service->version = (uint32_t) tor_parse_ulong(line->value, -10, HS_VERSION_MIN, -HS_VERSION_MAX, -, NULL); + service->version = +(uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN, + HS_VERSION_MAX, ); if (!ok) { -log_warn(LD_CONFIG, - "HiddenServiceVersion be between %u and %u, not %s", - HS_VERSION_TWO, HS_VERSION_MAX, line->value); goto err; } - log_info(LD_CONFIG, "HiddenServiceVersion=%" PRIu32 " for %s", - service->version, escaped(config->directory_path)); continue; } /* Virtual
[tor-commits] [tor/master] prop224: Service address creation/validation
commit f3899acdbfe121521cbd8cc76983b1e1e149d38c Author: David GouletDate: Mon Jan 30 17:33:18 2017 -0500 prop224: Service address creation/validation This also adds unit test and a small python script generating a deterministic test vector that a unit test tries to match. Signed-off-by: David Goulet --- src/or/hs_common.c | 178 +++ src/or/hs_common.h | 29 +++ src/test/hs_build_address.py | 37 + src/test/test_hs_service.c | 83 4 files changed, 327 insertions(+) diff --git a/src/or/hs_common.c b/src/or/hs_common.c index b524296..00befab 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -346,6 +346,184 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out) } } +/* Using an ed25519 public key and version to build the checksum of an + * address. Put in checksum_out. Format is: + *SHA3-256(".onion checksum" || PUBKEY || VERSION) + * + * checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN). */ +static void +build_hs_checksum(const ed25519_public_key_t *key, uint8_t version, + char *checksum_out) +{ + size_t offset = 0; + char data[HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN]; + + /* Build checksum data. */ + memcpy(data, HS_SERVICE_ADDR_CHECKSUM_PREFIX, + HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN); + offset += HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN; + memcpy(data + offset, key->pubkey, ED25519_PUBKEY_LEN); + offset += ED25519_PUBKEY_LEN; + set_uint8(data + offset, version); + offset += sizeof(version); + tor_assert(offset == HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN); + + /* Hash the data payload to create the checksum. */ + crypto_digest256(checksum_out, data, sizeof(data), DIGEST_SHA3_256); +} + +/* Using an ed25519 public key, checksum and version to build the binary + * representation of a service address. Put in addr_out. Format is: + *addr_out = PUBKEY || CHECKSUM || VERSION + * + * addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes. */ +static void +build_hs_address(const ed25519_public_key_t *key, const char *checksum, + uint8_t version, char *addr_out) +{ + size_t offset = 0; + + tor_assert(key); + tor_assert(checksum); + + memcpy(addr_out, key->pubkey, ED25519_PUBKEY_LEN); + offset += ED25519_PUBKEY_LEN; + memcpy(addr_out + offset, checksum, HS_SERVICE_ADDR_CHECKSUM_LEN_USED); + offset += HS_SERVICE_ADDR_CHECKSUM_LEN_USED; + set_uint8(addr_out + offset, version); + offset += sizeof(uint8_t); + tor_assert(offset == HS_SERVICE_ADDR_LEN); +} + +/* Helper for hs_parse_address(): Using a binary representation of a service + * address, parse its content into the key_out, checksum_out and version_out. + * Any out variable can be NULL in case the caller would want only one field. + * checksum_out MUST at least be 2 bytes long. address must be at least + * HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated. */ +static void +hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out, + char *checksum_out, uint8_t *version_out) +{ + size_t offset = 0; + + tor_assert(address); + + if (key_out) { +/* First is the key. */ +memcpy(key_out->pubkey, address, ED25519_PUBKEY_LEN); + } + offset += ED25519_PUBKEY_LEN; + if (checksum_out) { +/* Followed by a 2 bytes checksum. */ +memcpy(checksum_out, address + offset, HS_SERVICE_ADDR_CHECKSUM_LEN_USED); + } + offset += HS_SERVICE_ADDR_CHECKSUM_LEN_USED; + if (version_out) { +/* Finally, version value is 1 byte. */ +*version_out = get_uint8(address + offset); + } + offset += sizeof(uint8_t); + /* Extra safety. */ + tor_assert(offset == HS_SERVICE_ADDR_LEN); +} + +/* Using a base32 representation of a service address, parse its content into + * the key_out, checksum_out and version_out. Any out variable can be NULL in + * case the caller would want only one field. checksum_out MUST at least be 2 + * bytes long. + * + * Return 0 if parsing went well; return -1 in case of error. */ +int +hs_parse_address(const char *address, ed25519_public_key_t *key_out, + char *checksum_out, uint8_t *version_out) +{ + char decoded[HS_SERVICE_ADDR_LEN]; + + tor_assert(address); + + /* Obvious length check. */ + if (strlen(address) != HS_SERVICE_ADDR_LEN_BASE32) { +log_warn(LD_REND, "Service address %s has an invalid length. " + "Expected %ld but got %lu.", + escaped_safe_str(address), HS_SERVICE_ADDR_LEN_BASE32, + strlen(address)); +goto invalid; + } + + /* Decode address so we can extract needed fields. */ + if (base32_decode(decoded, sizeof(decoded), address, strlen(address)) < 0) { +log_warn(LD_REND, "Service address %s can't be decoded.", + escaped_safe_str(address)); +goto invalid; + } + + /* Parse the decoded
[tor-commits] [tor/master] Merge remote-tracking branch 'dgoulet/ticket21979_032_04'
commit ef4ea864ea66059f7fd71ac68cfe6067f32149f1 Merge: 62d241a 965e3a6 Author: Nick MathewsonDate: Thu Jul 13 17:23:37 2017 -0400 Merge remote-tracking branch 'dgoulet/ticket21979_032_04' src/or/circuitlist.h | 1 + src/or/config.c | 7 +- src/or/hs_common.c | 216 ++ src/or/hs_common.h | 38 ++- src/or/hs_config.c | 582 + src/or/hs_config.h | 24 ++ src/or/hs_descriptor.c | 6 +- src/or/hs_intropoint.h | 12 + src/or/hs_service.c | 665 ++- src/or/hs_service.h | 231 ++- src/or/include.am| 24 +- src/or/main.c| 10 +- src/or/rendservice.c | 356 --- src/or/rendservice.h | 11 +- src/test/hs_build_address.py | 37 +++ src/test/include.am | 1 + src/test/test.c | 1 + src/test/test.h | 1 + src/test/test_helpers.c | 42 ++- src/test/test_helpers.h | 1 + src/test/test_hs.c | 22 +- src/test/test_hs_config.c| 477 +++ src/test/test_hs_service.c | 249 23 files changed, 2730 insertions(+), 284 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Don't use an array of config handlers
commit 750c684fff02fde3054261abbbdcc6a458bea8e0 Author: David GouletDate: Wed Jul 12 11:17:26 2017 -0400 prop224: Don't use an array of config handlers As per nickm suggestion, an array of config handlers will not play well with our callgraph tool. Instead, we'll go with a switch case on the version which has a good side effect of allowing us to control what we pass to the function intead of a fix set of parameters. Signed-off-by: David Goulet --- src/or/hs_config.c | 62 +++--- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index 2e75a4e..c29315f 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -19,9 +19,8 @@ * successful, transfert the service to the main global service list where * at that point it is ready to be used. * - * Configuration handlers are per-version (see config_service_handlers[]) and - * there is a main generic one for every option that is common to all version - * (config_generic_service). + * Configuration functions are per-version and there is a main generic one for + * every option that is common to all version (config_generic_service). **/ #define HS_CONFIG_PRIVATE @@ -227,7 +226,7 @@ config_validate_service(const hs_service_config_t *config) return -1; } -/* Configuration handler for a version 3 service. The line_ must be pointing +/* Configuration funcion for a version 3 service. The line_ must be pointing * to the directive directly after a HiddenServiceDir. That way, when hitting * the next HiddenServiceDir line or reaching the end of the list of lines, we * know that we have to stop looking for more options. The given service @@ -445,26 +444,16 @@ config_generic_service(const config_line_t *line_, return -1; } -/* Configuration handler indexed by version number. */ -static int - (*config_service_handlers[])(const config_line_t *line, - const or_options_t *options, - hs_service_t *service) = -{ - NULL, /* v0 */ - NULL, /* v1 */ - rend_config_service, /* v2 */ - config_service_v3, /* v3 */ -}; - /* Configure a service using the given line and options. This function will - * call the corresponding version handler and validate the service against the - * other one. On success, add the service to the given list and return 0. On - * error, nothing is added to the list and a negative value is returned. */ + * call the corresponding configuration function for a specific service + * version and validate the service against the other ones. On success, add + * the service to the given list and return 0. On error, nothing is added to + * the list and a negative value is returned. */ static int config_service(const config_line_t *line, const or_options_t *options, smartlist_t *service_list) { + int ret; hs_service_t *service = NULL; tor_assert(line); @@ -473,13 +462,13 @@ config_service(const config_line_t *line, const or_options_t *options, /* We have a new hidden service. */ service = hs_service_new(options); - /* We'll configure that service as a generic one and then pass it to the - * specific handler according to the configured version number. */ + /* We'll configure that service as a generic one and then pass it to a + * specific function according to the configured version number. */ if (config_generic_service(line, options, service) < 0) { goto err; } tor_assert(service->version <= HS_VERSION_MAX); - /* Before we configure the service with the per-version handler, we'll make + /* Before we configure the service on a per-version basis, we'll make * sure that this set of options for a service are valid that is for * instance an option only for v2 is not used for v3. */ if (config_has_invalid_options(line->next, service)) { @@ -495,11 +484,22 @@ config_service(const config_line_t *line, const or_options_t *options, 0) < 0) { goto err; } - /* The handler is in charge of specific options for a version. We start - * after this service directory line so once we hit another directory - * line, the handler knows that it has to stop. */ - if (config_service_handlers[service->version](line->next, options, -service) < 0) { + /* Different functions are in charge of specific options for a version. We + * start just after the service directory line so once we hit another + * directory line, the function knows that it has to stop parsing. */ + switch (service->version) { + case HS_VERSION_TWO: +ret = rend_config_service(line->next, options, service); +break; + case HS_VERSION_THREE: +ret = config_service_v3(line->next, options, service); +break; + default: +/* We do validate before if we support the
[tor-commits] [tor/master] prop224: Add a clear configuration function
commit 1b048fbfaadec04f409ab8d120106025b009fec8 Author: David GouletDate: Wed Jul 12 11:53:26 2017 -0400 prop224: Add a clear configuration function The added function frees any allocated pointers in a service configuration object and reset all values to 0. Signed-off-by: David Goulet --- src/or/hs_service.c | 24 ++-- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/or/hs_service.c b/src/or/hs_service.c index bfce780..97d3288 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -149,6 +149,23 @@ set_service_default_config(hs_service_config_t *c, c->is_ephemeral = 0; } +/* From a service configuration object config, clear everything from it + * meaning free allocated pointers and reset the values. */ +static void +service_clear_config(hs_service_config_t *config) +{ + if (config == NULL) { +return; + } + tor_free(config->directory_path); + if (config->ports) { +SMARTLIST_FOREACH(config->ports, rend_service_port_config_t *, p, + rend_service_port_config_free(p);); +smartlist_free(config->ports); + } + memset(config, 0, sizeof(*config)); +} + /* Helper: Function that needs to return 1 for the HT for each loop which * frees every service in an hash map. */ static int @@ -592,12 +609,7 @@ hs_service_free(hs_service_t *service) } /* Free service configuration. */ - tor_free(service->config.directory_path); - if (service->config.ports) { -SMARTLIST_FOREACH(service->config.ports, rend_service_port_config_t *, p, - rend_service_port_config_free(p);); -smartlist_free(service->config.ports); - } + service_clear_config(>config); /* Wipe service keys. */ memwipe(>keys.identity_sk, 0, sizeof(service->keys.identity_sk)); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Move service version into config object
commit 5d64ceb12defdc7db8402088fb2946c35274636a Author: David GouletDate: Thu Jul 13 08:51:14 2017 -0400 prop224: Move service version into config object It makes more sense to have the version in the configuration object of the service because it is afterall a torrc option (HiddenServiceVersion). Signed-off-by: David Goulet --- src/or/hs_config.c | 15 --- src/or/hs_service.c| 9 + src/or/hs_service.h| 7 --- src/test/test_hs_service.c | 2 +- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index 7e0124b..5f9282e 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -55,7 +55,7 @@ stage_services(smartlist_t *service_list) * only >= v3 service. And remember, v2 has a different object type which is * shadow copied from an hs_service_t type. */ SMARTLIST_FOREACH_BEGIN(service_list, hs_service_t *, s) { -if (s->version == HS_VERSION_TWO) { +if (s->config.version == HS_VERSION_TWO) { SMARTLIST_DEL_CURRENT(service_list, s); hs_service_free(s); } @@ -157,7 +157,7 @@ config_has_invalid_options(const config_line_t *line_, const config_line_t *line; tor_assert(service); - tor_assert(service->version <= HS_VERSION_MAX); + tor_assert(service->config.version <= HS_VERSION_MAX); /* List of options that a v3 service doesn't support thus must exclude from * its configuration. */ @@ -178,7 +178,7 @@ config_has_invalid_options(const config_line_t *line_, { opts_exclude_v3 }, /* v3. */ }; - optlist = exclude_lists[service->version].list; + optlist = exclude_lists[service->config.version].list; if (optlist == NULL) { /* No exclude options to look at for this version. */ goto end; @@ -193,7 +193,8 @@ config_has_invalid_options(const config_line_t *line_, if (!strcasecmp(line->key, opt)) { log_warn(LD_CONFIG, "Hidden service option %s is incompatible with " "version %" PRIu32 " of service in %s", - opt, service->version, service->config.directory_path); + opt, service->config.version, + service->config.directory_path); ret = 1; /* Continue the loop so we can find all possible options. */ continue; @@ -342,7 +343,7 @@ config_generic_service(const config_line_t *line_, } /* Version of the service. */ if (!strcasecmp(line->key, "HiddenServiceVersion")) { - service->version = + service->config.version = (uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN, HS_VERSION_MAX, ); if (!ok || have_version) { @@ -462,7 +463,7 @@ config_service(const config_line_t *line, const or_options_t *options, if (config_generic_service(line, options, service) < 0) { goto err; } - tor_assert(service->version <= HS_VERSION_MAX); + tor_assert(service->config.version <= HS_VERSION_MAX); /* Before we configure the service on a per-version basis, we'll make * sure that this set of options for a service are valid that is for * instance an option only for v2 is not used for v3. */ @@ -482,7 +483,7 @@ config_service(const config_line_t *line, const or_options_t *options, /* Different functions are in charge of specific options for a version. We * start just after the service directory line so once we hit another * directory line, the function knows that it has to stop parsing. */ - switch (service->version) { + switch (service->config.version) { case HS_VERSION_TWO: ret = rend_config_service(line->next, options, >config); break; diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 97d3288..d8b87d1 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -250,7 +250,7 @@ close_service_circuits(hs_service_t *service) tor_assert(service); /* Only support for version >= 3. */ - if (BUG(service->version < HS_VERSION_THREE)) { + if (BUG(service->config.version < HS_VERSION_THREE)) { return; } /* Close intro points. */ @@ -492,8 +492,9 @@ load_service_keys(hs_service_t *service) ed25519_keypair_free(kp); /* Build onion address from the newly loaded keys. */ - tor_assert(service->version <= UINT8_MAX); - hs_build_address(>keys.identity_pk, (uint8_t) service->version, + tor_assert(service->config.version <= UINT8_MAX); + hs_build_address(>keys.identity_pk, + (uint8_t) service->config.version, service->onion_address); /* Write onion address to hostname file. */ @@ -572,7 +573,7 @@ hs_service_new(const or_options_t *options) /* Set default configuration value. */ set_service_default_config(>config, options); /* Set the default service version. */ - service->version = HS_SERVICE_DEFAULT_VERSION; + service->config.version =
[tor-commits] [tor/master] Revert "fixup! prop224: Add hs_config.{c|h} with a refactoring"
commit 28f643139951ee6b60cefa7d7a77bbb257c3af50 Author: David GouletDate: Tue Jul 11 16:17:58 2017 -0400 Revert "fixup! prop224: Add hs_config.{c|h} with a refactoring" This reverts commit e2497e2ba038133026a475f0f93c9054187b2a1d. --- src/or/hs_config.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index afc9631..3baab46 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -287,7 +287,6 @@ config_generic_service(const config_line_t *line_, /* Makes thing easier. */ config = >config; - memset(config, 0, sizeof(*config)); /* The first line starts with HiddenServiceDir so we consider what's next is * the configuration of the service. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] test: Add v3 service config and registration test
commit 418059dd96f5f427ece1daeb2a2f6c4adbeb Author: David GouletDate: Tue Jan 17 12:09:54 2017 -0500 test: Add v3 service config and registration test This tests our hs_config.c API to properly load v3 services and register them to the global map. It does NOT test the service object validity, that will be the hs service unit test later on. At this commit, we have 100% code coverage of hs_config.c. Signed-off-by: David Goulet --- src/or/hs_service.c | 20 +++ src/or/hs_service.h | 11 ++ src/test/test_hs_config.c | 349 +- 3 files changed, 345 insertions(+), 35 deletions(-) diff --git a/src/or/hs_service.c b/src/or/hs_service.c index eb58c76..854ce9e 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -6,6 +6,8 @@ * \brief Implement next generation hidden service functionality **/ +#define HS_SERVICE_PRIVATE + #include "or.h" #include "circuitlist.h" #include "config.h" @@ -786,3 +788,21 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material, return NULL; } +#ifdef TOR_UNIT_TESTS + +/* Return the global service map size. Only used by unit test. */ +STATIC unsigned int +get_hs_service_map_size(void) +{ + return HT_SIZE(hs_service_map); +} + +/* Return the staging list size. Only used by unit test. */ +STATIC int +get_hs_service_staging_list_size(void) +{ + return smartlist_len(hs_service_staging_list); +} + +#endif /* TOR_UNIT_TESTS */ + diff --git a/src/or/hs_service.h b/src/or/hs_service.h index 90606ac..cd154d3 100644 --- a/src/or/hs_service.h +++ b/src/or/hs_service.h @@ -224,5 +224,16 @@ ssize_t get_establish_intro_payload(uint8_t *buf, size_t buf_len, const trn_cell_establish_intro_t *cell); +#ifdef HS_SERVICE_PRIVATE + +#ifdef TOR_UNIT_TESTS + +STATIC unsigned int get_hs_service_map_size(void); +STATIC int get_hs_service_staging_list_size(void); + +#endif /* TOR_UNIT_TESTS */ + +#endif /* HS_SERVICE_PRIVATE */ + #endif /* TOR_HS_SERVICE_H */ diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c index 18b1194..343ce9f 100644 --- a/src/test/test_hs_config.c +++ b/src/test/test_hs_config.c @@ -7,15 +7,20 @@ */ #define CONFIG_PRIVATE +#define HS_SERVICE_PRIVATE #include "test.h" #include "test_helpers.h" #include "log_test_helpers.h" -#include "hs_config.h" + #include "config.h" +#include "hs_common.h" +#include "hs_config.h" +#include "hs_service.h" +#include "rendservice.h" static int -helper_config_service_v2(const char *conf, int validate_only) +helper_config_service(const char *conf, int validate_only) { int ret = 0; or_options_t *options = NULL; @@ -29,9 +34,9 @@ helper_config_service_v2(const char *conf, int validate_only) } static void -test_invalid_service_v2(void *arg) +test_invalid_service(void *arg) { - int validate_only = 1, ret; + int ret; (void) arg; @@ -39,11 +44,98 @@ test_invalid_service_v2(void *arg) { const char *conf = "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" - "HiddenServiceVersion 2\n"; + "HiddenServiceVersion 1\n"; /* Wrong not supported version. */ setup_full_capture_of_logs(LOG_WARN); -ret = helper_config_service_v2(conf, validate_only); +ret = helper_config_service(conf, 1); tt_int_op(ret, OP_EQ, -1); -expect_log_msg_containing("with no ports configured."); +expect_log_msg_containing("HiddenServiceVersion must be between 2 and 3"); +teardown_capture_of_logs(); + } + + /* Bad value of HiddenServiceAllowUnknownPorts. */ + { +const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" + "HiddenServiceVersion 2\n" + "HiddenServiceAllowUnknownPorts 2\n"; /* Should be 0 or 1. */ +setup_full_capture_of_logs(LOG_WARN); +ret = helper_config_service(conf, 1); +tt_int_op(ret, OP_EQ, -1); +expect_log_msg_containing("HiddenServiceAllowUnknownPorts must be " + "between 0 and 1, not 2"); +teardown_capture_of_logs(); + } + + /* Bad value of HiddenServiceDirGroupReadable */ + { +const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" + "HiddenServiceVersion 2\n" + "HiddenServiceDirGroupReadable 2\n"; /* Should be 0 or 1. */ +setup_full_capture_of_logs(LOG_WARN); +ret = helper_config_service(conf, 1); +tt_int_op(ret, OP_EQ, -1); +expect_log_msg_containing("HiddenServiceDirGroupReadable must be " + "between 0 and 1, not 2"); +teardown_capture_of_logs(); + } + + /* Bad value of HiddenServiceMaxStreamsCloseCircuit */ + { +const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" + "HiddenServiceVersion 2\n" + "HiddenServiceMaxStreamsCloseCircuit 2\n"; /* Should be 0 or 1. */ +setup_full_capture_of_logs(LOG_WARN); +ret = helper_config_service(conf, 1); +
[tor-commits] [tor/master] test: Add HS v2 service configuration unit tests
commit 93774dcb5458115652e0be5cdfaf198967b8a31e Author: David GouletDate: Fri Jan 13 11:20:31 2017 -0500 test: Add HS v2 service configuration unit tests Signed-off-by: David Goulet --- src/test/include.am | 1 + src/test/test.c | 1 + src/test/test.h | 1 + src/test/test_helpers.c | 42 +- src/test/test_helpers.h | 1 + src/test/test_hs_config.c | 198 ++ 6 files changed, 242 insertions(+), 2 deletions(-) diff --git a/src/test/include.am b/src/test/include.am index e7a2e02..2e448c8 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -114,6 +114,7 @@ src_test_test_SOURCES = \ src/test/test_guardfraction.c \ src/test/test_extorport.c \ src/test/test_hs.c \ + src/test/test_hs_config.c \ src/test/test_hs_service.c \ src/test/test_hs_client.c \ src/test/test_hs_intropoint.c \ diff --git a/src/test/test.c b/src/test/test.c index 31b3db3..b6b11ce 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1213,6 +1213,7 @@ struct testgroup_t testgroups[] = { { "extorport/", extorport_tests }, { "legacy_hs/", hs_tests }, { "hs_cache/", hs_cache }, + { "hs_config/", hs_config_tests }, { "hs_descriptor/", hs_descriptor }, { "hs_service/", hs_service_tests }, { "hs_client/", hs_client_tests }, diff --git a/src/test/test.h b/src/test/test.h index 4de0da9..9b2a0b8 100644 --- a/src/test/test.h +++ b/src/test/test.h @@ -207,6 +207,7 @@ extern struct testcase_t guardfraction_tests[]; extern struct testcase_t extorport_tests[]; extern struct testcase_t hs_tests[]; extern struct testcase_t hs_cache[]; +extern struct testcase_t hs_config_tests[]; extern struct testcase_t hs_descriptor[]; extern struct testcase_t hs_service_tests[]; extern struct testcase_t hs_client_tests[]; diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c index 22d9de3..e885d27 100644 --- a/src/test/test_helpers.c +++ b/src/test/test_helpers.c @@ -7,18 +7,21 @@ */ #define ROUTERLIST_PRIVATE +#define CONFIG_PRIVATE #define CONNECTION_PRIVATE #define MAIN_PRIVATE #include "orconfig.h" #include "or.h" +#include "buffers.h" +#include "config.h" +#include "confparse.h" #include "connection.h" #include "main.h" +#include "nodelist.h" #include "relay.h" #include "routerlist.h" -#include "nodelist.h" -#include "buffers.h" #include "test.h" #include "test_helpers.h" @@ -239,3 +242,38 @@ test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose) return NULL; } +/* Helper function to parse a set of torrc options in a text format and return + * a newly allocated or_options_t object containing the configuration. On + * error, NULL is returned indicating that the conf couldn't be parsed + * properly. */ +or_options_t * +helper_parse_options(const char *conf) +{ + int ret = 0; + char *msg = NULL; + or_options_t *opt = NULL; + config_line_t *line = NULL; + + /* Kind of pointless to call this with a NULL value. */ + tt_assert(conf); + + opt = options_new(); + tt_assert(opt); + ret = config_get_lines(conf, , 1); + if (ret != 0) { +goto done; + } + ret = config_assign(_format, opt, line, 0, ); + if (ret != 0) { +goto done; + } + + done: + config_free_lines(line); + if (ret != 0) { +or_options_free(opt); +opt = NULL; + } + return opt; +} + diff --git a/src/test/test_helpers.h b/src/test/test_helpers.h index 96a4b59..847104a 100644 --- a/src/test/test_helpers.h +++ b/src/test/test_helpers.h @@ -24,6 +24,7 @@ int mock_tor_addr_lookup__fail_on_bad_addrs(const char *name, connection_t *test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose); +or_options_t *helper_parse_options(const char *conf); extern const char TEST_DESCRIPTORS[]; diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c new file mode 100644 index 000..18b1194 --- /dev/null +++ b/src/test/test_hs_config.c @@ -0,0 +1,198 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_hs_config.c + * \brief Test hidden service configuration functionality. + */ + +#define CONFIG_PRIVATE + +#include "test.h" +#include "test_helpers.h" +#include "log_test_helpers.h" +#include "hs_config.h" +#include "config.h" + +static int +helper_config_service_v2(const char *conf, int validate_only) +{ + int ret = 0; + or_options_t *options = NULL; + tt_assert(conf); + options = helper_parse_options(conf); + tt_assert(options); + ret = hs_config_service_all(options, validate_only); + done: + or_options_free(options); + return ret; +} + +static void +test_invalid_service_v2(void *arg) +{ + int validate_only = 1, ret; + + (void) arg; + + /* Try with a missing port configuration. */ + { +const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
[tor-commits] [tor/master] prop224: Detect duplicate configuration options
commit e9dd4ed16d8606dc0aa0cd6eadc99aa959f93392 Author: David GouletDate: Wed Jul 12 11:02:59 2017 -0400 prop224: Detect duplicate configuration options Signed-off-by: David Goulet --- src/or/hs_config.c | 46 -- 1 file changed, 40 insertions(+), 6 deletions(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index f1e130b..2e75a4e 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -241,6 +241,8 @@ config_service_v3(const config_line_t *line_, hs_service_t *service) { (void) options; + int have_num_ip = 0; + const char *dup_opt_seen = NULL; const config_line_t *line; hs_service_config_t *config; @@ -261,9 +263,12 @@ config_service_v3(const config_line_t *line_, NUM_INTRO_POINTS_DEFAULT, HS_CONFIG_V3_MAX_INTRO_POINTS, ); - if (!ok) { + if (!ok || have_num_ip) { +if (have_num_ip) + dup_opt_seen = line->key; goto err; } + have_num_ip = 1; continue; } } @@ -279,6 +284,9 @@ config_service_v3(const config_line_t *line_, return 0; err: + if (dup_opt_seen) { +log_warn(LD_CONFIG, "Duplicate directive %s.", dup_opt_seen); + } return -1; } @@ -301,6 +309,13 @@ config_generic_service(const config_line_t *line_, int dir_seen = 0; const config_line_t *line; hs_service_config_t *config; + /* If this is set, we've seen a duplicate of this option. Keep the string + * so we can log the directive. */ + const char *dup_opt_seen = NULL; + /* These variables will tell us if we ever have duplicate. */ + int have_version = 0, have_allow_unknown_ports = 0; + int have_dir_group_read = 0, have_max_streams = 0; + int have_max_streams_close = 0; tor_assert(line_); tor_assert(options); @@ -313,6 +328,7 @@ config_generic_service(const config_line_t *line_, * the configuration of the service. */ for (line = line_; line ; line = line->next) { int ok = 0; + /* This indicate that we have a new service to configure. */ if (!strcasecmp(line->key, "HiddenServiceDir")) { /* This function only configures one service at a time so if we've @@ -335,9 +351,12 @@ config_generic_service(const config_line_t *line_, service->version = (uint32_t) helper_parse_uint64(line->key, line->value, HS_VERSION_MIN, HS_VERSION_MAX, ); - if (!ok) { + if (!ok || have_version) { +if (have_version) + dup_opt_seen = line->key; goto err; } + have_version = 1; continue; } /* Virtual port. */ @@ -363,18 +382,24 @@ config_generic_service(const config_line_t *line_, if (!strcasecmp(line->key, "HiddenServiceAllowUnknownPorts")) { config->allow_unknown_ports = (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, ); - if (!ok) { + if (!ok || have_allow_unknown_ports) { +if (have_allow_unknown_ports) + dup_opt_seen = line->key; goto err; } + have_allow_unknown_ports = 1; continue; } /* Directory group readable. */ if (!strcasecmp(line->key, "HiddenServiceDirGroupReadable")) { config->dir_group_readable = (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, ); - if (!ok) { + if (!ok || have_dir_group_read) { +if (have_dir_group_read) + dup_opt_seen = line->key; goto err; } + have_dir_group_read = 1; continue; } /* Maximum streams per circuit. */ @@ -382,18 +407,24 @@ config_generic_service(const config_line_t *line_, config->max_streams_per_rdv_circuit = helper_parse_uint64(line->key, line->value, 0, HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT, ); - if (!ok) { + if (!ok || have_max_streams) { +if (have_max_streams) + dup_opt_seen = line->key; goto err; } + have_max_streams = 1; continue; } /* Maximum amount of streams before we close the circuit. */ if (!strcasecmp(line->key, "HiddenServiceMaxStreamsCloseCircuit")) { config->max_streams_close_circuit = (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, ); - if (!ok) { + if (!ok || have_max_streams_close) { +if (have_max_streams_close) + dup_opt_seen = line->key; goto err; } + have_max_streams_close = 1; continue; } } @@ -408,6 +439,9 @@ config_generic_service(const config_line_t *line_, /* Success */ return 0; err: + if (dup_opt_seen) { +log_warn(LD_CONFIG, "Duplicate directive %s.", dup_opt_seen); + } return -1; } ___ tor-commits
[tor-commits] [tor/master] test: Add v3 service load keys and accessors
commit 09b12c40947ea496c0bfaeeafba7540925c17a32 Author: David GouletDate: Thu Feb 2 15:26:04 2017 -0500 test: Add v3 service load keys and accessors Signed-off-by: David Goulet --- src/or/hs_service.c| 27 +--- src/or/hs_service.h| 14 src/test/test_hs_service.c | 166 + 3 files changed, 199 insertions(+), 8 deletions(-) diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 854ce9e..bfce780 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -57,11 +57,6 @@ hs_service_ht_hash(const hs_service_t *service) sizeof(service->keys.identity_pk.pubkey)); } -/* For the service global hash map, we define a specific type for it which - * will make it safe to use and specific to some controlled parameters such as - * the hashing function and how to compare services. */ -typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht; - /* This is _the_ global hash map of hidden services which indexed the service * contained in it by master public identity key which is roughly the onion * address of the service. */ @@ -82,7 +77,7 @@ HT_GENERATE2(hs_service_ht, hs_service_t, hs_service_node, * if found else NULL. It is also possible to set a directory path in the * search query. If pk is NULL, then it will be set to zero indicating the * hash table to compare the directory path instead. */ -static hs_service_t * +STATIC hs_service_t * find_service(hs_service_ht *map, const ed25519_public_key_t *pk) { hs_service_t dummy_service = {0}; @@ -95,7 +90,7 @@ find_service(hs_service_ht *map, const ed25519_public_key_t *pk) /* Register the given service in the given map. If the service already exists * in the map, -1 is returned. On success, 0 is returned and the service * ownership has been transfered to the global map. */ -static int +STATIC int register_service(hs_service_ht *map, hs_service_t *service) { tor_assert(map); @@ -113,7 +108,7 @@ register_service(hs_service_ht *map, hs_service_t *service) /* Remove a given service from the given map. If service is NULL or the * service key is unset, return gracefully. */ -static void +STATIC void remove_service(hs_service_ht *map, hs_service_t *service) { hs_service_t *elm; @@ -804,5 +799,21 @@ get_hs_service_staging_list_size(void) return smartlist_len(hs_service_staging_list); } +STATIC hs_service_ht * +get_hs_service_map(void) +{ + return hs_service_map; +} + +STATIC hs_service_t * +get_first_service(void) +{ + hs_service_t **obj = HT_START(hs_service_ht, hs_service_map); + if (obj == NULL) { +return NULL; + } + return *obj; +} + #endif /* TOR_UNIT_TESTS */ diff --git a/src/or/hs_service.h b/src/or/hs_service.h index cd154d3..a98884f 100644 --- a/src/or/hs_service.h +++ b/src/or/hs_service.h @@ -200,6 +200,11 @@ typedef struct hs_service_t { } hs_service_t; +/* For the service global hash map, we define a specific type for it which + * will make it safe to use and specific to some controlled parameters such as + * the hashing function and how to compare services. */ +typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht; + /* API */ /* Global initializer and cleanup function. */ @@ -228,8 +233,17 @@ get_establish_intro_payload(uint8_t *buf, size_t buf_len, #ifdef TOR_UNIT_TESTS +/* Useful getters for unit tests. */ STATIC unsigned int get_hs_service_map_size(void); STATIC int get_hs_service_staging_list_size(void); +STATIC hs_service_ht *get_hs_service_map(void); +STATIC hs_service_t *get_first_service(void); + +/* Service accessors. */ +STATIC hs_service_t *find_service(hs_service_ht *map, + const ed25519_public_key_t *pk); +STATIC void remove_service(hs_service_ht *map, hs_service_t *service); +STATIC int register_service(hs_service_ht *map, hs_service_t *service); #endif /* TOR_UNIT_TESTS */ diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index e081b7f..c695b90 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -8,14 +8,17 @@ #define CIRCUITBUILD_PRIVATE #define CIRCUITLIST_PRIVATE +#define CONFIG_PRIVATE #define CONNECTION_PRIVATE #define CRYPTO_PRIVATE #define HS_COMMON_PRIVATE +#define HS_SERVICE_PRIVATE #define HS_INTROPOINT_PRIVATE #define MAIN_PRIVATE #define TOR_CHANNEL_INTERNAL_ #include "test.h" +#include "test_helpers.h" #include "log_test_helpers.h" #include "rend_test_helpers.h" @@ -26,8 +29,10 @@ #include "circuituse.h" #include "config.h" #include "connection.h" +#include "crypto.h" #include "hs_circuit.h" #include "hs_common.h" +#include "hs_config.h" #include "hs_ident.h" #include "hs_intropoint.h" #include "hs_ntor.h" @@ -35,6 +40,25 @@ #include "main.h" #include "rendservice.h" +/* Trunnel */ +#include "hs/cell_establish_intro.h" + +/* Helper: from a set of options in conf, configure
[tor-commits] [tor/master] prop224: Add a function to check for invalid opts
commit f76f8731995917366b53f729befd450ed3d417d1 Author: David GouletDate: Fri Jul 7 15:34:36 2017 -0400 prop224: Add a function to check for invalid opts Every hidden service option don't apply to every version so this new function makes sure we don't have for instance an option that is only for v2 in a v3 configured service. This works using an exclude lists for a specific version. Right now, there is only one option that is not allowed in v3. The rest is common. Signed-off-by: David Goulet --- src/or/hs_config.c | 69 ++ 1 file changed, 69 insertions(+) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index 6bb422d..afc9631 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -115,6 +115,69 @@ service_is_duplicate_in_list(const smartlist_t *service_list, return ret; } +/* Return true iff the given options starting at line_ for a hidden service + * contains at least one invalid option. Each hidden service option don't + * apply to all versions so this function can find out. The line_ MUST start + * right after the HiddenServiceDir line of this service. + * + * This is mainly for usability so we can inform the user of any invalid + * option for the hidden service version instead of silently ignoring. */ +static int +config_has_invalid_options(const config_line_t *line_, + const hs_service_t *service) +{ + int ret = 0; + const char **optlist; + const config_line_t *line; + + tor_assert(service); + tor_assert(service->version <= HS_VERSION_MAX); + + /* List of options that a v3 service doesn't support thus must exclude from + * its configuration. */ + const char *opts_exclude_v3[] = { +"HiddenServiceAuthorizeClient", +NULL /* End marker. */ + }; + + /* Defining the size explicitly allows us to take advantage of the compiler + * which warns us if we ever bump the max version but forget to grow this + * array. The plus one is because we have a version 0 :). */ + struct { +const char **list; + } exclude_lists[HS_VERSION_MAX + 1] = { +{ NULL }, /* v0. */ +{ NULL }, /* v1. */ +{ NULL }, /* v2 */ +{ opts_exclude_v3 }, /* v3. */ + }; + + optlist = exclude_lists[service->version].list; + if (optlist == NULL) { +/* No exclude options to look at for this version. */ +goto end; + } + for (int i = 0; optlist[i]; i++) { +const char *opt = optlist[i]; +for (line = line_; line; line = line->next) { + if (!strcasecmp(line->key, "HiddenServiceDir")) { +/* We just hit the next hidden service, stop right now. */ +goto end; + } + if (!strcasecmp(line->key, opt)) { +log_warn(LD_CONFIG, "Hidden service option %s is incompatible with " +"version %" PRIu32 " of service in %s", + opt, service->version, service->config.directory_path); +ret = 1; +/* Continue the loop so we can find all possible options. */ +continue; + } +} + } + end: + return ret; +} + /* Validate service configuration. This is used when loading the configuration * and once we've setup a service object, it's config object is passed to this * function for further validation. This does not validate service key @@ -395,6 +458,12 @@ config_service(const config_line_t *line, const or_options_t *options, goto err; } tor_assert(service->version <= HS_VERSION_MAX); + /* Before we configure the service with the per-version handler, we'll make + * sure that this set of options for a service are valid that is for + * instance an option only for v2 is not used for v3. */ + if (config_has_invalid_options(line->next, service)) { +goto err; + } /* Check permission on service directory that was just parsed. And this must * be done regardless of the service version. Do not ask for the directory * to be created, this is done when the keys are loaded because we could be ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs: Add rend_service_init()
commit 87f6f96f4707cc18a58c5de8be0ee10f1893673d Author: David GouletDate: Thu Jun 29 11:18:24 2017 -0400 hs: Add rend_service_init() Initialize both the global and staging service lists. Signed-off-by: David Goulet --- src/or/hs_service.c | 3 +++ src/or/rendservice.c | 11 +++ src/or/rendservice.h | 1 + 3 files changed, 15 insertions(+) diff --git a/src/or/hs_service.c b/src/or/hs_service.c index bce976e..eb58c76 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -616,6 +616,9 @@ hs_service_init(void) tor_assert(!hs_service_map); tor_assert(!hs_service_staging_list); + /* v2 specific. */ + rend_service_init(); + hs_service_map = tor_malloc_zero(sizeof(struct hs_service_ht)); HT_INIT(hs_service_ht, hs_service_map); diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 358efd0..67da760 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -257,6 +257,17 @@ rend_service_free_all(void) rend_service_free_staging_list(); } +/* Initialize the subsystem. */ +void +rend_service_init(void) +{ + tor_assert(!rend_service_list); + tor_assert(!rend_service_staging_list); + + rend_service_list = smartlist_new(); + rend_service_staging_list = smartlist_new(); +} + /* Validate a service. Use the service_list to make sure there * is no duplicate entry for the given service object. Return 0 if valid else * -1 if not.*/ diff --git a/src/or/rendservice.h b/src/or/rendservice.h index 361a119..20e827d 100644 --- a/src/or/rendservice.h +++ b/src/or/rendservice.h @@ -179,6 +179,7 @@ int rend_service_set_connection_addr_port(edge_connection_t *conn, origin_circuit_t *circ); void rend_service_dump_stats(int severity); void rend_service_free_all(void); +void rend_service_init(void); rend_service_port_config_t *rend_service_parse_port_config(const char *string, const char *sep, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Fix clang warnings
commit 965e3a6628f26d5fb1422fb04aa12e807537a32a Author: David GouletDate: Thu Jul 13 17:18:11 2017 -0400 prop224: Fix clang warnings Signed-off-by: David Goulet --- src/or/hs_service.c | 3 ++- src/or/rendservice.c | 10 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/or/hs_service.c b/src/or/hs_service.c index d8b87d1..5fde42d 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -80,9 +80,10 @@ HT_GENERATE2(hs_service_ht, hs_service_t, hs_service_node, STATIC hs_service_t * find_service(hs_service_ht *map, const ed25519_public_key_t *pk) { - hs_service_t dummy_service = {0}; + hs_service_t dummy_service; tor_assert(map); tor_assert(pk); + memset(_service, 0, sizeof(dummy_service)); ed25519_pubkey_copy(_service.keys.identity_pk, pk); return HT_FIND(hs_service_ht, map, _service); } diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 67de636..2a5d2b7 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -18,6 +18,7 @@ #include "control.h" #include "directory.h" #include "hs_common.h" +#include "hs_config.h" #include "main.h" #include "networkstatus.h" #include "nodelist.h" @@ -631,7 +632,14 @@ service_config_shadow_copy(rend_service_t *service, service->directory = tor_strdup(config->directory_path); service->dir_group_readable = config->dir_group_readable; service->allow_unknown_ports = config->allow_unknown_ports; - service->max_streams_per_circuit = config->max_streams_per_rdv_circuit; + /* This value can't go above HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT (65535) + * if the code flow is right so this cast is safe. But just in case, we'll + * check it. */ + service->max_streams_per_circuit = (int) config->max_streams_per_rdv_circuit; + if (BUG(config->max_streams_per_rdv_circuit > + HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT)) { +service->max_streams_per_circuit = HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT; + } service->max_streams_close_circuit = config->max_streams_close_circuit; service->n_intro_points_wanted = config->num_intro_points; /* Switching ownership of the ports to the rend service object. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Use the service config object when configuring
commit 3eeebd1b0ca43bc2523fb39349078277a40d4116 Author: David GouletDate: Wed Jul 12 13:52:19 2017 -0400 prop224: Use the service config object when configuring Both configuration function now takes the service config object instead of the service itself. Signed-off-by: David Goulet --- src/or/hs_config.c | 13 - src/or/rendservice.c | 26 -- src/or/rendservice.h | 2 +- 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/src/or/hs_config.c b/src/or/hs_config.c index c29315f..7e0124b 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -236,18 +236,13 @@ config_validate_service(const hs_service_config_t *config) * Return 0 on success else a negative value. */ static int config_service_v3(const config_line_t *line_, - const or_options_t *options, - hs_service_t *service) + hs_service_config_t *config) { - (void) options; int have_num_ip = 0; const char *dup_opt_seen = NULL; const config_line_t *line; - hs_service_config_t *config; - - tor_assert(service); - config = >config; + tor_assert(config); for (line = line_; line; line = line->next) { int ok = 0; @@ -489,10 +484,10 @@ config_service(const config_line_t *line, const or_options_t *options, * directory line, the function knows that it has to stop parsing. */ switch (service->version) { case HS_VERSION_TWO: -ret = rend_config_service(line->next, options, service); +ret = rend_config_service(line->next, options, >config); break; case HS_VERSION_THREE: -ret = config_service_v3(line->next, options, service); +ret = config_service_v3(line->next, >config); break; default: /* We do validate before if we support the parsed version. */ diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 67da760..67de636 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -622,14 +622,12 @@ rend_service_prune_list(void) * object which so we have to copy the parsed values to a rend service object * which is version 2 specific. */ static void -service_shadow_copy(rend_service_t *service, hs_service_t *hs_service) +service_config_shadow_copy(rend_service_t *service, + hs_service_config_t *config) { - hs_service_config_t *config; - tor_assert(service); - tor_assert(hs_service); + tor_assert(config); - config = _service->config; service->directory = tor_strdup(config->directory_path); service->dir_group_readable = config->dir_group_readable; service->allow_unknown_ports = config->allow_unknown_ports; @@ -638,19 +636,19 @@ service_shadow_copy(rend_service_t *service, hs_service_t *hs_service) service->n_intro_points_wanted = config->num_intro_points; /* Switching ownership of the ports to the rend service object. */ smartlist_add_all(service->ports, config->ports); - smartlist_free(hs_service->config.ports); - hs_service->config.ports = NULL; + smartlist_free(config->ports); + config->ports = NULL; } /* Parse the hidden service configuration starting at line_ using the - * already configured generic service in hs_service. This function will - * translate the service object to a rend_service_t and add it to the - * temporary list if valid. If validate_only is set, parse, warn and - * return as normal but don't actually add the service to the list. */ + * already configured generic service configuration in config. This + * function will translate the config object to a rend_service_t and add it to + * the temporary list if valid. If validate_only is set, parse, warn + * and return as normal but don't actually add the service to the list. */ int rend_config_service(const config_line_t *line_, const or_options_t *options, -hs_service_t *hs_service) +hs_service_config_t *config) { const config_line_t *line; rend_service_t *service = NULL; @@ -658,7 +656,7 @@ rend_config_service(const config_line_t *line_, /* line_ can be NULL which would mean that the service configuration only * have one line that is the directory directive. */ tor_assert(options); - tor_assert(hs_service); + tor_assert(config); /* Use the staging service list so that we can check then do the pruning * process using the main list at the end. */ @@ -672,7 +670,7 @@ rend_config_service(const config_line_t *line_, service->ports = smartlist_new(); /* From the hs_service object which has been used to load the generic * options, we'll copy over the useful data to the rend_service_t object. */ - service_shadow_copy(service, hs_service); + service_config_shadow_copy(service, config); for (line = line_; line; line = line->next) { if (!strcasecmp(line->key, "HiddenServiceDir")) { diff --git a/src/or/rendservice.h b/src/or/rendservice.h index 20e827d..ffed21d 100644
[tor-commits] [tor/master] prop224: Initial import of hs_service_t
commit b03853b65f109ed6a34ba2924fe3b00d56131ff5 Author: David GouletDate: Sun Jan 15 10:09:13 2017 -0500 prop224: Initial import of hs_service_t This object is the foundation of proposal 224 service work. It will change and be adapted as it's being used more and more in the codebase. So, this version is just a basic skeleton one that *will* change. Signed-off-by: David Goulet --- src/or/hs_service.h | 184 +++- 1 file changed, 182 insertions(+), 2 deletions(-) diff --git a/src/or/hs_service.h b/src/or/hs_service.h index 3302592..fa5dd54 100644 --- a/src/or/hs_service.h +++ b/src/or/hs_service.h @@ -3,15 +3,195 @@ /** * \file hs_service.h - * \brief Header file for hs_service.c. + * \brief Header file containing service data for the HS subsytem. **/ #ifndef TOR_HS_SERVICE_H #define TOR_HS_SERVICE_H -#include "or.h" +#include "crypto_curve25519.h" +#include "crypto_ed25519.h" +#include "hs_descriptor.h" +#include "hs_intropoint.h" +#include "replaycache.h" + +/* Trunnel */ #include "hs/cell_establish_intro.h" +/* When loading and configuring a service, this is the default version it will + * be configured for as it is possible that no HiddenServiceVersion is + * present. */ +#define HS_SERVICE_DEFAULT_VERSION HS_VERSION_TWO + +/* Service side introduction point. */ +typedef struct hs_service_intro_point_t { + /* Top level intropoint "shared" data between client/service. */ + hs_intropoint_t base; + + /* Authentication keypair used to create the authentication certificate + * which is published in the descriptor. */ + ed25519_keypair_t auth_key_kp; + + /* Encryption private key. */ + curve25519_secret_key_t enc_key_sk; + + /* Amount of INTRODUCE2 cell accepted from this intro point. */ + uint64_t introduce2_count; + + /* Maximum number of INTRODUCE2 cell this intro point should accept. */ + uint64_t introduce2_max; + + /* The time at which this intro point should expire and stop being used. */ + time_t time_to_expire; + + /* The amount of circuit creation we've made to this intro point. This is + * incremented every time we do a circuit relaunch on this intro point which + * is triggered when the circuit dies but the node is still in the + * consensus. After MAX_INTRO_POINT_CIRCUIT_RETRIES, we give up on it. */ + uint32_t circuit_retries; + + /* Set if this intro point has an established circuit. */ + unsigned int circuit_established : 1; + + /* Replay cache recording the encrypted part of an INTRODUCE2 cell that the + * circuit associated with this intro point has received. This is used to + * prevent replay attacks. */ + replaycache_t *replay_cache; +} hs_service_intro_point_t; + +/* Object handling introduction points of a service. */ +typedef struct hs_service_intropoints_t { + /* The time at which we've started our retry period to build circuits. We + * don't want to stress circuit creation so we can only retry for a certain + * time and then after we stop and wait. */ + time_t retry_period_started; + + /* Number of circuit we've launched during a single retry period. */ + unsigned int num_circuits_launched; + + /* Contains the current hs_service_intro_point_t objects indexed by + * authentication public key. */ + digest256map_t *map; +} hs_service_intropoints_t; + +/* Representation of a service descriptor. */ +typedef struct hs_service_descriptor_t { + /* Decoded descriptor. This object is used for encoding when the service + * publishes the descriptor. */ + hs_descriptor_t *desc; + + /* Descriptor signing keypair. */ + ed25519_keypair_t signing_kp; + + /* Blinded keypair derived from the master identity public key. */ + ed25519_keypair_t blinded_kp; + + /* When is the next time when we should upload the descriptor. */ + time_t next_upload_time; + + /* Introduction points assign to this descriptor which contains + * hs_service_intropoints_t object indexed by authentication key (the RSA + * key if the node is legacy). */ + hs_service_intropoints_t intro_points; +} hs_service_descriptor_t; + +/* Service key material. */ +typedef struct hs_service_keys_t { + /* Master identify public key. */ + ed25519_public_key_t identity_pk; + /* Master identity private key. */ + ed25519_secret_key_t identity_sk; + /* True iff the key is kept offline which means the identity_sk MUST not be + * used in that case. */ + unsigned int is_identify_key_offline : 1; +} hs_service_keys_t; + +/* Service configuration. The following are set from the torrc options either + * set by the configuration file or by the control port. Nothing else should + * change those values. */ +typedef struct hs_service_config_t { + /* List of rend_service_port_config_t */ + smartlist_t *ports; + + /* Path on the filesystem where the service persistent data is stored. NULL + * if the service is ephemeral. Specified by
[tor-commits] [tor/master] prop224: Add hs_config.{c|h} with a refactoring
commit 02e2edeb33224461d1fbb879722c0948171b9688 Author: David GouletDate: Mon Jan 16 13:19:44 2017 -0500 prop224: Add hs_config.{c|h} with a refactoring Add the hs_config.{c|h} files contains everything that the HS subsystem needs to load and configure services. Ultimately, it should also contain client functions such as client authorization. This comes with a big refactoring of rend_config_services() which has now changed to only configure a single service and it is stripped down of the common directives which are now part of the generic handler. This is ground work for prop224 of course but only touches version 2 services and add XXX note for version 3. Signed-off-by: David Goulet --- src/or/config.c | 5 +- src/or/hs_common.h | 3 + src/or/hs_config.c | 292 ++ src/or/hs_config.h | 19 src/or/hs_service.c | 85 +++ src/or/hs_service.h | 6 ++ src/or/include.am| 24 +++-- src/or/main.c| 2 +- src/or/rendservice.c | 293 +-- src/or/rendservice.h | 10 +- src/test/test_hs.c | 22 ++-- 11 files changed, 533 insertions(+), 228 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index 5b5bb90..062ab27 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -91,6 +91,7 @@ #include "relay.h" #include "rendclient.h" #include "rendservice.h" +#include "hs_config.h" #include "rephist.h" #include "router.h" #include "sandbox.h" @@ -1681,7 +1682,7 @@ options_act(const or_options_t *old_options) sweep_bridge_list(); } - if (running_tor && rend_config_services(options, 0)<0) { + if (running_tor && hs_config_service_all(options, 0)<0) { log_warn(LD_BUG, "Previously validated hidden services line could not be added!"); return -1; @@ -4009,7 +4010,7 @@ options_validate(or_options_t *old_options, or_options_t *options, COMPLAIN("V3AuthVotingInterval does not divide evenly into 24 hours."); } - if (rend_config_services(options, 1) < 0) + if (hs_config_service_all(options, 1) < 0) REJECT("Failed to configure rendezvous options. See logs for details."); /* Parse client-side authorization for hidden services. */ diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 872fed7..abc44c0 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -16,6 +16,9 @@ #define HS_VERSION_TWO 2 /* Version 3 of the protocol (prop224). */ #define HS_VERSION_THREE 3 +/* Earliest and latest version we support. */ +#define HS_VERSION_MIN HS_VERSION_TWO +#define HS_VERSION_MAX HS_VERSION_THREE /** Try to maintain this many intro points per service by default. */ #define NUM_INTRO_POINTS_DEFAULT 3 diff --git a/src/or/hs_config.c b/src/or/hs_config.c new file mode 100644 index 000..6326e90 --- /dev/null +++ b/src/or/hs_config.c @@ -0,0 +1,292 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_config.c + * \brief Implement hidden service configuration subsystem. + * + * \details + * + * This file has basically one main entry point: hs_config_service_all(). It + * takes the torrc options and configure hidden service from it. In validate + * mode, nothing is added to the global service list or keys are not generated + * nor loaded. + * + * A service is configured in two steps. It is first created using the tor + * options and then put in a staging list. It will stay there until + * hs_service_load_all_keys() is called. That function is responsible to + * load/generate the keys for the service in the staging list and if + * successful, transfert the service to the main global service list where + * at that point it is ready to be used. + * + * Configuration handlers are per-version (see config_service_handlers[]) and + * there is a main generic one for every option that is common to all version + * (config_generic_service). + **/ + +#define HS_CONFIG_PRIVATE + +#include "hs_common.h" +#include "hs_config.h" +#include "hs_service.h" +#include "rendservice.h" + +/* Configuration handler for a version 3 service. Return 0 on success else a + * negative value. */ +static int +config_service_v3(const config_line_t *line, + const or_options_t *options, int validate_only, + hs_service_t *service) +{ + (void) line; + (void) service; + (void) validate_only; + (void) options; + /* XXX: Configure a v3 service with specific options. */ + /* XXX: Add service to v3 list and pruning on reload. */ + return 0; +} + +/* Configure a service using the given options in line_ and options. This is + * called for any service regardless of its version which means that all + * directives in this function are generic to any service version. This + * function will also check the validity of the service directory path. + * + * The
[tor-commits] [tor/master] prop224: Configure v3 service from options
commit c086a59ea1fe63e38b6f83fa0c2c19bf495e977d Author: David GouletDate: Fri Jan 13 16:00:07 2017 -0500 prop224: Configure v3 service from options This commit adds the support in the HS subsystem for loading a service from a set of or_options_t and put them in a staging list. To achieve this, service accessors have been created and a global hash map containing service object indexed by master public key. However, this is not used for now. It's ground work for registration process. Signed-off-by: David Goulet --- src/or/circuitlist.h | 1 + src/or/hs_common.h | 2 +- src/or/hs_config.c | 318 + src/or/hs_config.h | 2 + src/or/hs_service.c | 360 ++- src/or/hs_service.h | 15 ++- src/or/rendservice.c | 55 +++- src/or/rendservice.h | 2 +- 8 files changed, 648 insertions(+), 107 deletions(-) diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h index d647062..2f76252 100644 --- a/src/or/circuitlist.h +++ b/src/or/circuitlist.h @@ -48,6 +48,7 @@ origin_circuit_t *circuit_get_ready_rend_circ_by_rend_data( origin_circuit_t *circuit_get_next_by_pk_and_purpose(origin_circuit_t *start, const uint8_t *digest, uint8_t purpose); origin_circuit_t *circuit_get_next_service_intro_circ(origin_circuit_t *start); +origin_circuit_t *circuit_get_next_service_hsdir_circ(origin_circuit_t *start); origin_circuit_t *circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info, int flags); void circuit_mark_all_unused_circs(void); diff --git a/src/or/hs_common.h b/src/or/hs_common.h index 8016535..d1bc5ac 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -22,7 +22,7 @@ /** Try to maintain this many intro points per service by default. */ #define NUM_INTRO_POINTS_DEFAULT 3 -/** Maximum number of intro points per service. */ +/** Maximum number of intro points per generic and version 2 service. */ #define NUM_INTRO_POINTS_MAX 10 /** Number of extra intro points we launch if our set of intro nodes is empty. * See proposal 155, section 4. */ diff --git a/src/or/hs_config.c b/src/or/hs_config.c index 6326e90..6bb422d 100644 --- a/src/or/hs_config.c +++ b/src/or/hs_config.c @@ -31,20 +31,171 @@ #include "hs_service.h" #include "rendservice.h" -/* Configuration handler for a version 3 service. Return 0 on success else a - * negative value. */ +/* Using the given list of services, stage them into our global state. Every + * service version are handled. This function can remove entries in the given + * service_list. + * + * Staging a service means that we take all services in service_list and we + * put them in the staging list (global) which acts as a temporary list that + * is used by the service loading key process. In other words, staging a + * service puts it in a list to be considered when loading the keys and then + * moved to the main global list. */ +static void +stage_services(smartlist_t *service_list) +{ + tor_assert(service_list); + + /* This is v2 specific. Trigger service pruning which will make sure the + * just configured services end up in the main global list. It should only + * be done in non validation mode because v2 subsystem handles service + * object differently. */ + rend_service_prune_list(); + + /* Cleanup v2 service from the list, we don't need those object anymore + * because we validated them all against the others and we want to stage + * only >= v3 service. And remember, v2 has a different object type which is + * shadow copied from an hs_service_t type. */ + SMARTLIST_FOREACH_BEGIN(service_list, hs_service_t *, s) { +if (s->version == HS_VERSION_TWO) { + SMARTLIST_DEL_CURRENT(service_list, s); + hs_service_free(s); +} + } SMARTLIST_FOREACH_END(s); + + /* This is >= v3 specific. Using the newly configured service list, stage + * them into our global state. Every object ownership is lost after. */ + hs_service_stage_services(service_list); +} + +/* Validate the given service against all service in the given list. If the + * service is ephemeral, this function ignores it. Services with the same + * directory path aren't allowed and will return an error. If a duplicate is + * found, 1 is returned else 0 if none found. */ +static int +service_is_duplicate_in_list(const smartlist_t *service_list, + const hs_service_t *service) +{ + int ret = 0; + + tor_assert(service_list); + tor_assert(service); + + /* Ephemeral service don't have a directory configured so no need to check + * for a service in the list having the same path. */ + if (service->config.is_ephemeral) { +goto end; + } + + /* XXX: Validate if we have any service that has the given service dir path. + * This has two problems: + * + * a)
[tor-commits] [tor/master] prop224: Add a init/free_all function for the whole subsystem
commit 765ed5dac160b28fb658560e8f39d1d7ab3d1c75 Author: David GouletDate: Mon Jan 16 13:29:03 2017 -0500 prop224: Add a init/free_all function for the whole subsystem Introduces hs_init() located in hs_common.c which initialize the entire HS v3 subsystem. This is done _prior_ to the options being loaded because we need to allocate global data structure before we load the configuration. The hs_free_all() is added to release everything from tor_free_all(). Note that both functions do NOT handle v2 service subsystem but does handle the common interface that both v2 and v3 needs such as the cache and circuitmap. Signed-off-by: David Goulet --- src/or/hs_common.c | 22 ++ src/or/hs_common.h | 3 +++ src/or/hs_service.c | 7 +++ src/or/hs_service.h | 1 + src/or/main.c | 10 +++--- 5 files changed, 36 insertions(+), 7 deletions(-) diff --git a/src/or/hs_common.c b/src/or/hs_common.c index 4250812..b524296 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -15,7 +15,9 @@ #include "config.h" #include "networkstatus.h" +#include "hs_cache.h" #include "hs_common.h" +#include "hs_service.h" #include "rendcommon.h" /* Make sure that the directory for service is private, using the config @@ -344,3 +346,23 @@ rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out) } } +/* Initialize the entire HS subsytem. This is called in tor_init() before any + * torrc options are loaded. Only for >= v3. */ +void +hs_init(void) +{ + hs_circuitmap_init(); + hs_service_init(); + hs_cache_init(); +} + +/* Release and cleanup all memory of the HS subsystem (all version). This is + * called by tor_free_all(). */ +void +hs_free_all(void) +{ + hs_circuitmap_free_all(); + hs_service_free_all(); + hs_cache_free_all(); +} + diff --git a/src/or/hs_common.h b/src/or/hs_common.h index abc44c0..8016535 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -58,6 +58,9 @@ typedef enum { HS_AUTH_KEY_TYPE_ED25519 = 2, } hs_auth_key_type_t; +void hs_init(void); +void hs_free_all(void); + int hs_check_service_private_dir(const char *username, const char *path, unsigned int dir_group_readable, unsigned int create); diff --git a/src/or/hs_service.c b/src/or/hs_service.c index c62aa8b..16ffc48 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -97,6 +97,13 @@ hs_service_free(hs_service_t *service) tor_free(service); } +/* Initialize the service HS subsystem. */ +void +hs_service_init(void) +{ + return; +} + /* Release all global the storage of hidden service subsystem. */ void hs_service_free_all(void) diff --git a/src/or/hs_service.h b/src/or/hs_service.h index d29a478..ec47cb7 100644 --- a/src/or/hs_service.h +++ b/src/or/hs_service.h @@ -193,6 +193,7 @@ typedef struct hs_service_t { /* API */ int hs_service_config_all(const or_options_t *options, int validate_only); +void hs_service_init(void); void hs_service_free_all(void); void hs_service_free(hs_service_t *service); diff --git a/src/or/main.c b/src/or/main.c index 8c269fd..204b3f3 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -2499,9 +2499,6 @@ do_main_loop(void) } } - /* Initialize relay-side HS circuitmap */ - hs_circuitmap_init(); - /* set up once-a-second callback. */ if (! second_timer) { struct timeval one_second; @@ -3014,9 +3011,10 @@ tor_init(int argc, char *argv[]) rep_hist_init(); /* Initialize the service cache. */ rend_cache_init(); - hs_cache_init(); addressmap_init(); /* Init the client dns cache. Do it always, since it's * cheap. */ + /* Initialize the HS subsystem. */ + hs_init(); { /* We search for the "quiet" option first, since it decides whether we @@ -3216,10 +3214,8 @@ tor_free_all(int postfork) networkstatus_free_all(); addressmap_free_all(); dirserv_free_all(); - hs_service_free_all(); rend_cache_free_all(); rend_service_authorization_free_all(); - hs_cache_free_all(); rep_hist_free_all(); dns_free_all(); clear_pending_onions(); @@ -3232,7 +3228,6 @@ tor_free_all(int postfork) connection_edge_free_all(); scheduler_free_all(); nodelist_free_all(); - hs_circuitmap_free_all(); microdesc_free_all(); routerparse_free_all(); ext_orport_free_all(); @@ -3241,6 +3236,7 @@ tor_free_all(int postfork) protover_free_all(); bridges_free_all(); consdiffmgr_free_all(); + hs_free_all(); if (!postfork) { config_free_all(); or_state_free_all(); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] prop224: Add common intropoint object
commit b50f39fb6fc9d9a4bbb86d760291d6e88bf0987a Author: David GouletDate: Sun Jan 15 10:13:37 2017 -0500 prop224: Add common intropoint object Groundwork for more prop224 service and client code. This object contains common data that both client and service uses. Signed-off-by: David Goulet --- src/or/hs_intropoint.h | 12 1 file changed, 12 insertions(+) diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h index 163ed81..bfb1331 100644 --- a/src/or/hs_intropoint.h +++ b/src/or/hs_intropoint.h @@ -9,6 +9,9 @@ #ifndef TOR_HS_INTRO_H #define TOR_HS_INTRO_H +#include "crypto_curve25519.h" +#include "torcert.h" + /* Authentication key type in an ESTABLISH_INTRO cell. */ enum hs_intro_auth_key_type { HS_INTRO_AUTH_KEY_TYPE_LEGACY0 = 0x00, @@ -24,6 +27,15 @@ typedef enum { HS_INTRO_ACK_STATUS_CANT_RELAY = 0x0003, } hs_intro_ack_status_t; +/* Object containing introduction point common data between the service and + * the client side. */ +typedef struct hs_intropoint_t { + /* Authentication key certificate from the descriptor. */ + tor_cert_t *auth_key_cert; + /* A list of link specifier. */ + smartlist_t *link_specifiers; +} hs_intropoint_t; + int hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request, size_t request_len); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] hs: Use v3 maximum intro points value when decoding v3
commit 74193b932115a82417dc312721ffe0a10a7ed6dc Author: David GouletDate: Wed May 10 09:37:41 2017 -0400 hs: Use v3 maximum intro points value when decoding v3 Signed-off-by: David Goulet --- src/or/hs_config.h | 3 +++ src/or/hs_descriptor.c | 6 -- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/or/hs_config.h b/src/or/hs_config.h index 08072d1..f420791 100644 --- a/src/or/hs_config.h +++ b/src/or/hs_config.h @@ -11,6 +11,9 @@ #include "or.h" +/* Maximum number of intro points per version 3 services. */ +#define HS_CONFIG_V3_MAX_INTRO_POINTS 20 + /* API */ int hs_config_service_all(const or_options_t *options, int validate_only); diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index b55f966..2393eac 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -62,6 +62,7 @@ #include "parsecommon.h" #include "rendcache.h" #include "hs_cache.h" +#include "hs_config.h" #include "torcert.h" /* tor_cert_encode_ed22519() */ /* Constant string value used for the descriptor format. */ @@ -2035,10 +2036,11 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, decode_intro_points(desc, desc_encrypted_out, message); /* Validation of maximum introduction points allowed. */ - if (smartlist_len(desc_encrypted_out->intro_points) > MAX_INTRO_POINTS) { + if (smartlist_len(desc_encrypted_out->intro_points) > + HS_CONFIG_V3_MAX_INTRO_POINTS) { log_warn(LD_REND, "Service descriptor contains too many introduction " "points. Maximum allowed is %d but we have %d", - MAX_INTRO_POINTS, + HS_CONFIG_V3_MAX_INTRO_POINTS, smartlist_len(desc_encrypted_out->intro_points)); goto err; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add changes file for #19476.
commit 175451d032026f1e1cbf45dfa55a408d5d4abeed Author: Isis LovecruftDate: Wed Jul 12 02:47:43 2017 + Add changes file for #19476. --- changes/bug19476 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/changes/bug19476 b/changes/bug19476 new file mode 100644 index 000..25a0578 --- /dev/null +++ b/changes/bug19476 @@ -0,0 +1,3 @@ + o Minor changes: + - If we fail to write a heartbeat message, schedule a retry for the minimum + heartbeat interval number of seconds in the future. Fixes bug 19476. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Use the return value for choosing intervals
commit f516c9ca99e4c3ef1bfeb3693e622befdd7954d2 Author: cypherpunksDate: Tue Jun 21 13:03:38 2016 + Use the return value for choosing intervals --- src/or/main.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/or/main.c b/src/or/main.c index 5fa3869..4116740 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -2071,14 +2071,19 @@ heartbeat_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } - /* Write the heartbeat message */ + /* Skip the first one. */ if (first) { -first = 0; /* Skip the first one. */ - } else { -log_heartbeat(now); +first = 0; +return options->HeartbeatPeriod; } - return options->HeartbeatPeriod; + /* Write the heartbeat message */ + int r = log_heartbeat(now); + if (r == 0) { +return options->HeartbeatPeriod; + } + + return PERIODIC_EVENT_NO_UPDATE; } #define CDM_CLEAN_CALLBACK_INTERVAL 600 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'isis/bug19476'
commit 62d241ad22b173ee908ad9cc2c55f5b10d22c2d9 Merge: 66a564f 175451d Author: Nick MathewsonDate: Thu Jul 13 16:58:45 2017 -0400 Merge remote-tracking branch 'isis/bug19476' changes/bug19476 | 3 +++ src/or/config.c | 4 src/or/config.h | 4 src/or/main.c| 19 ++- 4 files changed, 21 insertions(+), 9 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1
commit 05ca8ab5b69cb51e708e74ddeb32188f5f169ca3 Merge: 11b2d36 66258f8 Author: Nick MathewsonDate: Thu Jul 13 16:55:06 2017 -0400 Merge branch 'maint-0.3.1' into release-0.3.1 changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] New configuration option MaxConsensusAgeForDiffs
commit abb9a5bdda9bde028704c01c47191c64cfa088c8 Author: Nick MathewsonDate: Wed Jul 12 13:15:16 2017 -0400 New configuration option MaxConsensusAgeForDiffs Relay operators (especially bridge operators) can use this to lower or raise the number of consensuses that they're willing to hold for diff generation purposes. This enables a workaround for bug 22883. --- changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) diff --git a/changes/bug22883-config b/changes/bug22883-config new file mode 100644 index 000..d60594d --- /dev/null +++ b/changes/bug22883-config @@ -0,0 +1,7 @@ + o Minor features (directory cache, consensus diff): +- Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache operators + should leave it unchanged. Helps to work around bug 22883. + + diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 2459969..e17c111 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2072,6 +2072,16 @@ details.) because clients connect via the ORPort by default. Setting either DirPort or BridgeRelay and setting DirCache to 0 is not supported. (Default: 1) +[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs** __N__ **minutes**|**hours**|**days**|**weeks**:: +When this option is nonzero, Tor caches will not try to generate +consensus diffs for any consensus older than this amount of time. +If this option is set to zero, Tor will pick a reasonable default from +the current networkstatus document. You should not set this +option unless your cache is severely low on disk space or CPU. +If you need to set it, keeping it above 3 or 4 hours will help clients +much more than setting it to zero. +(Default: 0) + DIRECTORY AUTHORITY SERVER OPTIONS -- diff --git a/src/or/config.c b/src/or/config.c index 7d2ebbd..a0ff0e8 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -393,6 +393,7 @@ static config_var_t option_vars_[] = { V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending,UINT, "32"), + V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"), VAR("MaxMemInQueues", MEMUNIT, MaxMemInQueues_raw, "0"), OBSOLETE("MaxOnionsPending"), V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c index 638fcd6..a3ffed1 100644 --- a/src/or/consdiffmgr.c +++ b/src/or/consdiffmgr.c @@ -14,6 +14,7 @@ #define CONSDIFFMGR_PRIVATE #include "or.h" +#include "config.h" #include "conscache.h" #include "consdiff.h" #include "consdiffmgr.h" @@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after) static int32_t get_max_age_to_cache(void) { - /* The parameter is in hours. */ const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192; const int32_t MIN_MAX_AGE_TO_CACHE = 0; const int32_t MAX_MAX_AGE_TO_CACHE = 8192; const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff"; + const or_options_t *options = get_options(); + + if (options->MaxConsensusAgeForDiffs) { +const int v = options->MaxConsensusAgeForDiffs; +if (v >= MAX_MAX_AGE_TO_CACHE * 3600) + return MAX_MAX_AGE_TO_CACHE; +else + return v; + } + + /* The parameter is in hours, so we multiply */ return 3600 * networkstatus_get_param(NULL, MAX_AGE_TO_CACHE_NAME, DEFAULT_MAX_AGE_TO_CACHE, diff --git a/src/or/or.h b/src/or/or.h index 1f55b55..77207bc 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4558,6 +4558,11 @@ typedef struct { /** Bool (default: 0): Tells if a %include was used on torrc */ int IncludeUsed; + + /** The seconds after expiration which we as a relay should keep old + * consensuses around so that we can generate diffs from them. If 0, + * use the default. */ + int MaxConsensusAgeForDiffs; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'fewer-diffs' into maint-0.3.1
commit 66258f8878abe6323c56bcf0b20796e1c43d66fc Merge: 1ea155b abb9a5b Author: Nick MathewsonDate: Thu Jul 13 16:55:02 2017 -0400 Merge branch 'fewer-diffs' into maint-0.3.1 changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'fewer-diffs' into maint-0.3.1
commit 66258f8878abe6323c56bcf0b20796e1c43d66fc Merge: 1ea155b abb9a5b Author: Nick MathewsonDate: Thu Jul 13 16:55:02 2017 -0400 Merge branch 'fewer-diffs' into maint-0.3.1 changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.1'
commit 66a564fad8a99a21bd6cda6a70982858376b78e9 Merge: ec29cae 66258f8 Author: Nick MathewsonDate: Thu Jul 13 16:55:06 2017 -0400 Merge branch 'maint-0.3.1' changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] New configuration option MaxConsensusAgeForDiffs
commit abb9a5bdda9bde028704c01c47191c64cfa088c8 Author: Nick MathewsonDate: Wed Jul 12 13:15:16 2017 -0400 New configuration option MaxConsensusAgeForDiffs Relay operators (especially bridge operators) can use this to lower or raise the number of consensuses that they're willing to hold for diff generation purposes. This enables a workaround for bug 22883. --- changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) diff --git a/changes/bug22883-config b/changes/bug22883-config new file mode 100644 index 000..d60594d --- /dev/null +++ b/changes/bug22883-config @@ -0,0 +1,7 @@ + o Minor features (directory cache, consensus diff): +- Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache operators + should leave it unchanged. Helps to work around bug 22883. + + diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 2459969..e17c111 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2072,6 +2072,16 @@ details.) because clients connect via the ORPort by default. Setting either DirPort or BridgeRelay and setting DirCache to 0 is not supported. (Default: 1) +[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs** __N__ **minutes**|**hours**|**days**|**weeks**:: +When this option is nonzero, Tor caches will not try to generate +consensus diffs for any consensus older than this amount of time. +If this option is set to zero, Tor will pick a reasonable default from +the current networkstatus document. You should not set this +option unless your cache is severely low on disk space or CPU. +If you need to set it, keeping it above 3 or 4 hours will help clients +much more than setting it to zero. +(Default: 0) + DIRECTORY AUTHORITY SERVER OPTIONS -- diff --git a/src/or/config.c b/src/or/config.c index 7d2ebbd..a0ff0e8 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -393,6 +393,7 @@ static config_var_t option_vars_[] = { V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending,UINT, "32"), + V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"), VAR("MaxMemInQueues", MEMUNIT, MaxMemInQueues_raw, "0"), OBSOLETE("MaxOnionsPending"), V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c index 638fcd6..a3ffed1 100644 --- a/src/or/consdiffmgr.c +++ b/src/or/consdiffmgr.c @@ -14,6 +14,7 @@ #define CONSDIFFMGR_PRIVATE #include "or.h" +#include "config.h" #include "conscache.h" #include "consdiff.h" #include "consdiffmgr.h" @@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after) static int32_t get_max_age_to_cache(void) { - /* The parameter is in hours. */ const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192; const int32_t MIN_MAX_AGE_TO_CACHE = 0; const int32_t MAX_MAX_AGE_TO_CACHE = 8192; const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff"; + const or_options_t *options = get_options(); + + if (options->MaxConsensusAgeForDiffs) { +const int v = options->MaxConsensusAgeForDiffs; +if (v >= MAX_MAX_AGE_TO_CACHE * 3600) + return MAX_MAX_AGE_TO_CACHE; +else + return v; + } + + /* The parameter is in hours, so we multiply */ return 3600 * networkstatus_get_param(NULL, MAX_AGE_TO_CACHE_NAME, DEFAULT_MAX_AGE_TO_CACHE, diff --git a/src/or/or.h b/src/or/or.h index 1f55b55..77207bc 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4558,6 +4558,11 @@ typedef struct { /** Bool (default: 0): Tells if a %include was used on torrc */ int IncludeUsed; + + /** The seconds after expiration which we as a relay should keep old + * consensuses around so that we can generate diffs from them. If 0, + * use the default. */ + int MaxConsensusAgeForDiffs; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] New configuration option MaxConsensusAgeForDiffs
commit abb9a5bdda9bde028704c01c47191c64cfa088c8 Author: Nick MathewsonDate: Wed Jul 12 13:15:16 2017 -0400 New configuration option MaxConsensusAgeForDiffs Relay operators (especially bridge operators) can use this to lower or raise the number of consensuses that they're willing to hold for diff generation purposes. This enables a workaround for bug 22883. --- changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) diff --git a/changes/bug22883-config b/changes/bug22883-config new file mode 100644 index 000..d60594d --- /dev/null +++ b/changes/bug22883-config @@ -0,0 +1,7 @@ + o Minor features (directory cache, consensus diff): +- Add a new MaxConsensusAgeForDiffs option to allow directory cache + operators with low-resource environments to adjust the number of + consensuses they'll store and generate diffs from. Most cache operators + should leave it unchanged. Helps to work around bug 22883. + + diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 2459969..e17c111 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2072,6 +2072,16 @@ details.) because clients connect via the ORPort by default. Setting either DirPort or BridgeRelay and setting DirCache to 0 is not supported. (Default: 1) +[[MaxConsensusAgeForDiffs]] **MaxConsensusAgeForDiffs** __N__ **minutes**|**hours**|**days**|**weeks**:: +When this option is nonzero, Tor caches will not try to generate +consensus diffs for any consensus older than this amount of time. +If this option is set to zero, Tor will pick a reasonable default from +the current networkstatus document. You should not set this +option unless your cache is severely low on disk space or CPU. +If you need to set it, keeping it above 3 or 4 hours will help clients +much more than setting it to zero. +(Default: 0) + DIRECTORY AUTHORITY SERVER OPTIONS -- diff --git a/src/or/config.c b/src/or/config.c index 7d2ebbd..a0ff0e8 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -393,6 +393,7 @@ static config_var_t option_vars_[] = { V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending,UINT, "32"), + V(MaxConsensusAgeForDiffs, INTERVAL, "0 seconds"), VAR("MaxMemInQueues", MEMUNIT, MaxMemInQueues_raw, "0"), OBSOLETE("MaxOnionsPending"), V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c index 638fcd6..a3ffed1 100644 --- a/src/or/consdiffmgr.c +++ b/src/or/consdiffmgr.c @@ -14,6 +14,7 @@ #define CONSDIFFMGR_PRIVATE #include "or.h" +#include "config.h" #include "conscache.h" #include "consdiff.h" #include "consdiffmgr.h" @@ -462,12 +463,22 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after) static int32_t get_max_age_to_cache(void) { - /* The parameter is in hours. */ const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192; const int32_t MIN_MAX_AGE_TO_CACHE = 0; const int32_t MAX_MAX_AGE_TO_CACHE = 8192; const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff"; + const or_options_t *options = get_options(); + + if (options->MaxConsensusAgeForDiffs) { +const int v = options->MaxConsensusAgeForDiffs; +if (v >= MAX_MAX_AGE_TO_CACHE * 3600) + return MAX_MAX_AGE_TO_CACHE; +else + return v; + } + + /* The parameter is in hours, so we multiply */ return 3600 * networkstatus_get_param(NULL, MAX_AGE_TO_CACHE_NAME, DEFAULT_MAX_AGE_TO_CACHE, diff --git a/src/or/or.h b/src/or/or.h index 1f55b55..77207bc 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4558,6 +4558,11 @@ typedef struct { /** Bool (default: 0): Tells if a %include was used on torrc */ int IncludeUsed; + + /** The seconds after expiration which we as a relay should keep old + * consensuses around so that we can generate diffs from them. If 0, + * use the default. */ + int MaxConsensusAgeForDiffs; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Merge branch 'fewer-diffs' into maint-0.3.1
commit 66258f8878abe6323c56bcf0b20796e1c43d66fc Merge: 1ea155b abb9a5b Author: Nick MathewsonDate: Thu Jul 13 16:55:02 2017 -0400 Merge branch 'fewer-diffs' into maint-0.3.1 changes/bug22883-config | 7 +++ doc/tor.1.txt | 10 ++ src/or/config.c | 1 + src/or/consdiffmgr.c| 13 - src/or/or.h | 5 + 5 files changed, 35 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1
commit 11b2d36db3b14fb1fd17b021757764bb898b7440 Merge: 4d52b74 1ea155b Author: Nick MathewsonDate: Thu Jul 13 16:52:20 2017 -0400 Merge branch 'maint-0.3.1' into release-0.3.1 changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Merge branch 'bug22520_031' into maint-0.3.1
commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d Merge: e6d2059 63ceadb Author: Nick MathewsonDate: Thu Jul 13 16:52:16 2017 -0400 Merge branch 'bug22520_031' into maint-0.3.1 changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Use LANG_ENGLISH in windows error messages
commit 63ceadb485f6618da99e8a3b7822ede8da27989d Author: Nick MathewsonDate: Fri Jul 7 13:11:18 2017 -0400 Use LANG_ENGLISH in windows error messages This change prevents us from generating corrupt messages when we are confused about codepage settings, and makes Windows errors consistent with the rest of our logs. Fixes bug 22520; bugfix on 0.1.2.8-alpha. Patch from "Vort". --- changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/changes/bug22520 b/changes/bug22520 new file mode 100644 index 000..cc14f72 --- /dev/null +++ b/changes/bug22520 @@ -0,0 +1,5 @@ + o Minor bugfixes (error reporting, windows): +- When formatting Windows error messages, use the English format + to avoid codepage issues. Fixes bug 22520; bugfix on + 0.1.2.8-alpha. Patch from "Vort". + diff --git a/src/common/compat.c b/src/common/compat.c index 3bea626..4d110ab 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -3261,7 +3261,7 @@ format_win32_error(DWORD err) FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, err, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), + MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), (LPVOID), 0, NULL); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.1'
commit ec29cae8d7e97d652a87d753d93e4289e5a0ed26 Merge: c73b35d 1ea155b Author: Nick MathewsonDate: Thu Jul 13 16:52:20 2017 -0400 Merge branch 'maint-0.3.1' changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'bug22520_031' into maint-0.3.1
commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d Merge: e6d2059 63ceadb Author: Nick MathewsonDate: Thu Jul 13 16:52:16 2017 -0400 Merge branch 'bug22520_031' into maint-0.3.1 changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Use LANG_ENGLISH in windows error messages
commit 63ceadb485f6618da99e8a3b7822ede8da27989d Author: Nick MathewsonDate: Fri Jul 7 13:11:18 2017 -0400 Use LANG_ENGLISH in windows error messages This change prevents us from generating corrupt messages when we are confused about codepage settings, and makes Windows errors consistent with the rest of our logs. Fixes bug 22520; bugfix on 0.1.2.8-alpha. Patch from "Vort". --- changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/changes/bug22520 b/changes/bug22520 new file mode 100644 index 000..cc14f72 --- /dev/null +++ b/changes/bug22520 @@ -0,0 +1,5 @@ + o Minor bugfixes (error reporting, windows): +- When formatting Windows error messages, use the English format + to avoid codepage issues. Fixes bug 22520; bugfix on + 0.1.2.8-alpha. Patch from "Vort". + diff --git a/src/common/compat.c b/src/common/compat.c index 3bea626..4d110ab 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -3261,7 +3261,7 @@ format_win32_error(DWORD err) FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, err, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), + MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), (LPVOID), 0, NULL); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Use LANG_ENGLISH in windows error messages
commit 63ceadb485f6618da99e8a3b7822ede8da27989d Author: Nick MathewsonDate: Fri Jul 7 13:11:18 2017 -0400 Use LANG_ENGLISH in windows error messages This change prevents us from generating corrupt messages when we are confused about codepage settings, and makes Windows errors consistent with the rest of our logs. Fixes bug 22520; bugfix on 0.1.2.8-alpha. Patch from "Vort". --- changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/changes/bug22520 b/changes/bug22520 new file mode 100644 index 000..cc14f72 --- /dev/null +++ b/changes/bug22520 @@ -0,0 +1,5 @@ + o Minor bugfixes (error reporting, windows): +- When formatting Windows error messages, use the English format + to avoid codepage issues. Fixes bug 22520; bugfix on + 0.1.2.8-alpha. Patch from "Vort". + diff --git a/src/common/compat.c b/src/common/compat.c index 3bea626..4d110ab 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -3261,7 +3261,7 @@ format_win32_error(DWORD err) FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, err, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), + MAKELANGID(LANG_ENGLISH, SUBLANG_DEFAULT), (LPVOID), 0, NULL); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'bug22520_031' into maint-0.3.1
commit 1ea155b28fbe15408d96019ef0a75fe0c74ac39d Merge: e6d2059 63ceadb Author: Nick MathewsonDate: Thu Jul 13 16:52:16 2017 -0400 Merge branch 'bug22520_031' into maint-0.3.1 changes/bug22520| 5 + src/common/compat.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] use CARGO_HOME instead of HOME when building with rust
commit eb355e031e86a229b8d8375a5112f8484198373b Author: Chelsea H. KomloDate: Sun Jul 9 22:33:34 2017 -0400 use CARGO_HOME instead of HOME when building with rust --- src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am index 17a755f..f0cd639 100644 --- a/src/rust/tor_util/include.am +++ b/src/rust/tor_util/include.am @@ -7,7 +7,7 @@ EXTRA_DIST +=\ src/rust/target/release/libtor_util.a: FORCE ( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \ CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \ - HOME="$(abs_top_builddir)/src/rust" \ + CARGO_HOME="$(abs_top_builddir)/src/rust" \ $(CARGO) build --release --quiet $(CARGO_ONLINE) ) FORCE: diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh index 4427c70..d559f94 100755 --- a/src/test/test_rust.sh +++ b/src/test/test_rust.sh @@ -7,7 +7,7 @@ exitcode=0 for crate in $crates; do cd "${abs_top_srcdir:-.}/src/rust/${crate}" -CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 +CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 done exit $exitcode ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] use CARGO_HOME instead of HOME when building with rust
commit eb355e031e86a229b8d8375a5112f8484198373b Author: Chelsea H. KomloDate: Sun Jul 9 22:33:34 2017 -0400 use CARGO_HOME instead of HOME when building with rust --- src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am index 17a755f..f0cd639 100644 --- a/src/rust/tor_util/include.am +++ b/src/rust/tor_util/include.am @@ -7,7 +7,7 @@ EXTRA_DIST +=\ src/rust/target/release/libtor_util.a: FORCE ( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \ CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \ - HOME="$(abs_top_builddir)/src/rust" \ + CARGO_HOME="$(abs_top_builddir)/src/rust" \ $(CARGO) build --release --quiet $(CARGO_ONLINE) ) FORCE: diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh index 4427c70..d559f94 100755 --- a/src/test/test_rust.sh +++ b/src/test/test_rust.sh @@ -7,7 +7,7 @@ exitcode=0 for crate in $crates; do cd "${abs_top_srcdir:-.}/src/rust/${crate}" -CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 +CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 done exit $exitcode ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1
commit 4d52b740f982d4f0078ae13fd4a582d1c4fceabc Merge: d5c1b7f e6d2059 Author: Nick MathewsonDate: Thu Jul 13 16:51:18 2017 -0400 Merge branch 'maint-0.3.1' into release-0.3.1 changes/bug22830 | 5 + src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add a changes file for bug22830.
commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43 Author: Isis LovecruftDate: Thu Jul 13 18:01:54 2017 + Add a changes file for bug22830. --- changes/bug22830 | 5 + 1 file changed, 5 insertions(+) diff --git a/changes/bug22830 b/changes/bug22830 new file mode 100644 index 000..123b725 --- /dev/null +++ b/changes/bug22830 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a problem with Rust toolchains not being found when building + without --enable-cargo-online-mode, due to setting the $HOME + environment variable instead of $CARGO_HOME. Fixes bug 22830; + fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1
commit e6d2059751da008a1fb00b42039eb4cbc638e638 Merge: 5636b16 8de1b94 Author: Nick MathewsonDate: Thu Jul 13 16:51:09 2017 -0400 Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1 changes/bug22830 | 5 + src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Add a changes file for bug22830.
commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43 Author: Isis LovecruftDate: Thu Jul 13 18:01:54 2017 + Add a changes file for bug22830. --- changes/bug22830 | 5 + 1 file changed, 5 insertions(+) diff --git a/changes/bug22830 b/changes/bug22830 new file mode 100644 index 000..123b725 --- /dev/null +++ b/changes/bug22830 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a problem with Rust toolchains not being found when building + without --enable-cargo-online-mode, due to setting the $HOME + environment variable instead of $CARGO_HOME. Fixes bug 22830; + fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.1'
commit c73b35d4288af17920e4a93ff88d759dea685b86 Merge: c59ba01 e6d2059 Author: Nick MathewsonDate: Thu Jul 13 16:51:18 2017 -0400 Merge branch 'maint-0.3.1' changes/bug22830 | 5 + src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1
commit e6d2059751da008a1fb00b42039eb4cbc638e638 Merge: 5636b16 8de1b94 Author: Nick MathewsonDate: Thu Jul 13 16:51:09 2017 -0400 Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1 changes/bug22830 | 5 + src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1
commit e6d2059751da008a1fb00b42039eb4cbc638e638 Merge: 5636b16 8de1b94 Author: Nick MathewsonDate: Thu Jul 13 16:51:09 2017 -0400 Merge remote-tracking branch 'isis/bug22830_0.3.1' into maint-0.3.1 changes/bug22830 | 5 + src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] use CARGO_HOME instead of HOME when building with rust
commit eb355e031e86a229b8d8375a5112f8484198373b Author: Chelsea H. KomloDate: Sun Jul 9 22:33:34 2017 -0400 use CARGO_HOME instead of HOME when building with rust --- src/rust/tor_util/include.am | 2 +- src/test/test_rust.sh| 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rust/tor_util/include.am b/src/rust/tor_util/include.am index 17a755f..f0cd639 100644 --- a/src/rust/tor_util/include.am +++ b/src/rust/tor_util/include.am @@ -7,7 +7,7 @@ EXTRA_DIST +=\ src/rust/target/release/libtor_util.a: FORCE ( cd "$(abs_top_srcdir)/src/rust/tor_util" ; \ CARGO_TARGET_DIR="$(abs_top_builddir)/src/rust/target" \ - HOME="$(abs_top_builddir)/src/rust" \ + CARGO_HOME="$(abs_top_builddir)/src/rust" \ $(CARGO) build --release --quiet $(CARGO_ONLINE) ) FORCE: diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh index 4427c70..d559f94 100755 --- a/src/test/test_rust.sh +++ b/src/test/test_rust.sh @@ -7,7 +7,7 @@ exitcode=0 for crate in $crates; do cd "${abs_top_srcdir:-.}/src/rust/${crate}" -CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 +CARGO_TARGET_DIR="${abs_top_builddir}/src/rust/target" CARGO_HOME="${abs_top_builddir}/src/rust" "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} || exitcode=1 done exit $exitcode ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Add a changes file for bug22830.
commit 8de1b94b9db9156e1d8cdce9fab8a911cdb1ee43 Author: Isis LovecruftDate: Thu Jul 13 18:01:54 2017 + Add a changes file for bug22830. --- changes/bug22830 | 5 + 1 file changed, 5 insertions(+) diff --git a/changes/bug22830 b/changes/bug22830 new file mode 100644 index 000..123b725 --- /dev/null +++ b/changes/bug22830 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a problem with Rust toolchains not being found when building + without --enable-cargo-online-mode, due to setting the $HOME + environment variable instead of $CARGO_HOME. Fixes bug 22830; + fix by Chelsea Komlo. Bugfix on 0.3.1.1-alpha. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] rephist: Remove unused crypto_pk statistics.
commit c59ba015500aba040371a6d32134cb10d045e7bd Author: Isis LovecruftDate: Thu Jul 13 19:31:13 2017 + rephist: Remove unused crypto_pk statistics. These statistics were largely ununsed, and kept track of statistical information on things like how many time we had done TLS or how many signatures we had verified. This information is largely not useful, and would only be logged after receiving a SIGUSR1 signal (but only if the logging severity level was less than LOG_INFO). * FIXES #19871. * REMOVES note_crypto_pk_op(), dump_pk_op(), and pk_op_counts from src/or/rephist.c. * REMOVES every external call to these functions. --- changes/bug19871 | 4 ++ src/or/connection_or.c | 1 - src/or/dirvote.c | 1 - src/or/main.c | 1 - src/or/onion_tap.c | 3 -- src/or/rendclient.c| 1 - src/or/rendmid.c | 1 - src/or/rendservice.c | 3 -- src/or/rephist.c | 99 -- src/or/rephist.h | 3 -- src/or/router.c| 1 - src/or/routerparse.c | 3 -- 12 files changed, 4 insertions(+), 117 deletions(-) diff --git a/changes/bug19871 b/changes/bug19871 new file mode 100644 index 000..5f1c9dc --- /dev/null +++ b/changes/bug19871 @@ -0,0 +1,4 @@ + o Code refactoring: + - Remove dead code for largely unused statistics on the number of + times we've attempted various public key operations. Fixes bug + 19871; fix by Isis Lovecruft. Bugfix on 0.1.2.4-alpha. diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 7531482..051bf9a 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1369,7 +1369,6 @@ connection_tls_start_handshake,(or_connection_t *conn, int receiving)) connection_start_reading(TO_CONN(conn)); log_debug(LD_HANDSHAKE,"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT, conn->base_.s); - note_crypto_pk_op(receiving ? TLS_HANDSHAKE_S : TLS_HANDSHAKE_C); if (connection_tls_continue_handshake(conn) < 0) return -1; diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 11cd020..c65945f 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -306,7 +306,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, signing_key_fingerprint); } - note_crypto_pk_op(SIGN_DIR); { char *sig = router_get_dirobj_signature(digest, DIGEST_LEN, private_signing_key); diff --git a/src/or/main.c b/src/or/main.c index 5fa3869..7e2652c 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -2877,7 +2877,6 @@ dumpstats(int severity) rep_hist_dump_stats(now,severity); rend_service_dump_stats(severity); - dump_pk_ops(severity); dump_distinct_digest_count(severity); } diff --git a/src/or/onion_tap.c b/src/or/onion_tap.c index 294fc0d..928fcaa 100644 --- a/src/or/onion_tap.c +++ b/src/or/onion_tap.c @@ -72,8 +72,6 @@ onion_skin_TAP_create(crypto_pk_t *dest_router_key, if (crypto_dh_get_public(dh, challenge, dhbytes)) goto err; - note_crypto_pk_op(ENC_ONIONSKIN); - /* set meeting point, meeting cookie, etc here. Leave zero for now. */ if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out, TAP_ONIONSKIN_CHALLENGE_LEN, @@ -124,7 +122,6 @@ onion_skin_TAP_server_handshake( k = i==0?private_key:prev_private_key; if (!k) break; -note_crypto_pk_op(DEC_ONIONSKIN); len = crypto_pk_private_hybrid_decrypt(k, challenge, TAP_ONIONSKIN_CHALLENGE_LEN, onion_skin, diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 3d160bd..441c371 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -286,7 +286,6 @@ rend_client_send_introduction(origin_circuit_t *introcirc, goto perm_err; } - note_crypto_pk_op(REND_CLIENT); /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg, * to avoid buffer overflows? */ r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN, diff --git a/src/or/rendmid.c b/src/or/rendmid.c index 23c3ded..66d2f93 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -71,7 +71,6 @@ rend_mid_establish_intro_legacy(or_circuit_t *circ, const uint8_t *request, goto err; } /* Rest of body: signature of previous data */ - note_crypto_pk_op(REND_MID); if (crypto_pk_public_checksig_digest(pk, (char*)request, 2+asn1len+DIGEST_LEN, (char*)(request+2+DIGEST_LEN+asn1len), diff --git a/src/or/rendservice.c b/src/or/rendservice.c index b8e704e..4eef72c 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -2845,8 +2845,6 @@ rend_service_decrypt_intro( } /* Decrypt the encrypted part */ - - note_crypto_pk_op(REND_SERVER); result =
[tor-commits] [webwml/master] Add brade
commit 54475d3d927db46654d71ff5bef0c2fad579bcbc Author: Damian JohnsonDate: Thu Jul 13 12:07:14 2017 -0700 Add brade --- about/en/corepeople_alternate.wml | 113 -- 1 file changed, 61 insertions(+), 52 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 5d86c39..c21323e 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -141,13 +141,24 @@ table.people tr td:first-child { + + + https://db.torproject.org/fetchkey.cgi?fingerprint=F711FA29D61F88CE6879BAD0D91A345E56B01B25;> + brade + IRC: brade + Developer on the Tor Browser team. + + + https://www.eff.org/files/key_cindy.txt;> Cindy Cohn Tor Board member and https://www.eff.org/about/staff/cindy-cohn;>Executive Director of the EFF. Lawyer by training, https://blog.torproject.org/blog/tor-heart-notes-board-member;>my focus is on making sure Tor stays available and that Tor users stay safe. + + @@ -157,9 +168,7 @@ table.people tr td:first-child { IRC: Phoul Support and translation coordinator, GSoC administrator, member of the community team and a director of https://www.coldhak.ca;>Coldhak. - - @@ -168,7 +177,9 @@ table.people tr td:first-child { IRC: atagar Author of the https://stem.torproject.org/;>Stem python controller library and https://www.atagar.com/arm/;>Nyx relay monitor. + + @@ -177,9 +188,7 @@ table.people tr td:first-child { IRC: dgoulet Tor development team focusing on onion services and our torsocks maintainer. - - @@ -189,7 +198,9 @@ table.people tr td:first-child { IRC: dawuud https://github.com/david415/;>Author of roflcoptor and honeybadger. Researches mixnets and contributes to txtorcon. + + @@ -199,9 +210,7 @@ table.people tr td:first-child { IRC: DonnchaC Onion services developer, OnionBalance developer, hunter of bad relays. - - @@ -210,7 +219,9 @@ table.people tr td:first-child { IRC: ewyatt Non-technical switchboard for people-related things: recruiting, onboarding, benefits, contracts, TPI policy questions, and baked goods. + + @@ -220,9 +231,7 @@ table.people tr td:first-child { IRC: biella http://gabriellacoleman.org/;>Anthropologist and Wolfe Chair in Scientific and Technological Literacy at McGill University. - - @@ -231,7 +240,9 @@ table.people tr td:first-child { IRC: GeKo Currently lead of the Tor Browser team. + + @@ -240,9 +251,7 @@ table.people tr td:first-child { IRC: asn Onion services. Security analysis. Used to obfsproxy. Follower of the onion. - - @@ -252,7 +261,9 @@ table.people tr td:first-child { IRC: saint Tamper-resistant software distribution, censorship detection, https://github.com/glamrock/cupcake;>Cupcake, and security training of activists and domestic violence survivors. + + @@ -260,9 +271,7 @@ table.people tr td:first-child { Ian Goldberg https://cs.uwaterloo.ca/~iang/;>Professor of CS at the https://uwaterloo.ca/;>University of Waterloo, developing https://otr.cypherpunks.ca/;>Off-the-Record Messaging among other things. - - @@ -270,7 +279,9 @@ table.people tr td:first-child { intrigeri Our main interface with the https://tails.boum.org/;>Tails project. + + @@ -280,9 +291,7 @@ table.people tr td:first-child { IRC: isabela Coordinates Tor's development teams and roadmaps. Keeps track of priorities, and ensures Tor always thinks of the user first. - - @@ -292,16 +301,16 @@ table.people tr td:first-child { IRC: isis Tor developer working on censorship circumvention, https://gitweb.torproject.org/bridgedb.git;>BridgeDB, and cryptographic research, design, and implementations. + + iwakeh Speaks Java and other languages, streamlines build processes, and scrutinizes mathematical concepts behind aggregating tons of Tor network data. - - @@ -311,7 +320,9 @@ table.people tr td:first-child { IRC: qbi Volunteer that helped translate the website, is part of TorServers.net, and Tor's sysadmin team. + + @@ -320,9 +331,7 @@ table.people tr td:first-child { IRC: jselon Event Coordination, donor management, general office operations. - -
[tor-commits] [webwml/master] Shorten Roger's description a tad
commit 092021a77242944c3af05da94ebbadcad6990ec7 Author: Damian JohnsonDate: Thu Jul 13 11:58:36 2017 -0700 Shorten Roger's description a tad Damnit! Now that Roger has a twitter link his name wraps, pushing his description down so it wraps too. Rewording his entry just a tad so it's shorter. --- about/en/corepeople_alternate.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 45149d9..5d86c39 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -554,7 +554,7 @@ table.people tr td:first-child { https://db.torproject.org/fetchkey.cgi?fingerprint=B1172656DFF983C3042BC699EB5A896A28988BF5;> Roger Dingledine IRC: arma - Original developer of Tor along with Nick and Paul. Leading researcher in anonymous communication, coordinating developers and researchers. + Original developer of Tor along with Nick and Paul. Leading privacy researcher, coordinating developers and researchers. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Photo for Nick
commit 6f28350337d4d099a6a0e50e4502a9d2cd0e2ae3 Author: Damian JohnsonDate: Thu Jul 13 11:52:43 2017 -0700 Photo for Nick --- about/en/corepeople_alternate.wml | 2 +- images/people/nickm.png | Bin 0 -> 41516 bytes 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 423f71d..45149d9 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -467,7 +467,7 @@ table.people tr td:first-child { - + https://twitter.com/nickm_tor;> https://db.torproject.org/fetchkey.cgi?fingerprint=2133BC600AB133E1D826D173FE43009C4607B1FB;> Nick Mathewson diff --git a/images/people/nickm.png b/images/people/nickm.png new file mode 100644 index 000..0ec422b Binary files /dev/null and b/images/people/nickm.png differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Typo in Brad's entry
commit a19d1ae64e50de7f77ca7c4e2a309f970e37932b Author: Damian JohnsonDate: Thu Jul 13 11:19:32 2017 -0700 Typo in Brad's entry --- about/en/corepeople_alternate.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 7522089..e2e5abe 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -135,7 +135,7 @@ table.people tr td:first-child { Brad Parker IRC: bparker - Chief ginancial grants officer at the Tor Project. + Chief financial grants officer at the Tor Project. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Fix Roger's key
commit dbf39e64f4dc85ef40edb6e738342962eff1fc9e Author: Damian JohnsonDate: Thu Jul 13 10:52:45 2017 -0700 Fix Roger's key Used the one from... http://pgp.mit.edu/pks/lookup?op=vindex=0xD5650E0743756B99 ... but Roger reports that's not him. Replacing with the one from... http://pgp.mit.edu/pks/lookup?op=vindex=0xEB5A896A28988BF5 --- keys/arma.txt | 735 -- 1 file changed, 712 insertions(+), 23 deletions(-) diff --git a/keys/arma.txt b/keys/arma.txt index 784b91f..f934298 100644 --- a/keys/arma.txt +++ b/keys/arma.txt @@ -2,27 +2,716 @@ Version: SKS 1.1.5 Comment: Hostname: pgp.mit.edu -mQENBFlcuyEBCACraxgRKjIq3q1/z1tgZEmrjlNKIr7hU5F0bsiW90owh36qZLjQeGccsSLE -VhRwISbiRbhuDT1qmsL9dWZby2ZgOMnfYd8rQ+/YFUvLX0deJQDIgrG9itHx61EAklpnbm8U -JEZxbr3VmXnHh2llobxnxceu2HasTggTmH4l56G9a6JUYxOA8H2rjmwchH+anJ6lcrOFvzbW -3/IYQXSW9v8aJ8uvE1vDTiODKUN4a1KN0khnoshac1elVcOfcpI+hE4vwezkBHWODgcgg5Sn -bM64wyNNLy4zgY3R8i7v0+4nNYvt8545wewo46a5dWasILnnhx+IWbZQq+z7pSF5j25BABEB -AAG0H1JvZ2VyIERpbmdsZWRpbmUgPGFybWFAbWl0LmVkdT6JATkEEwEIACMFAllcuyECGwMH -CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDVZQ4HQ3VrmfitB/9nOIOCjwRXzRez7jcM -0x/GyKXyjgfmXosah9GJ+QZAx3wvPPLY68hYi0QWk3cZHon9hJQSOza8+z0gRRKAJ81ykVYz -/zDwclcaw3lWRzr1907EQEkE1gB1MCeEBX0EmKNKSuxXko0MkwVPEskPonlJ0EOM08XKo0l4 -EsdqaGMmIyVanmW340Cp9bl5aM7B/lfVZLkj/X7eOrXb4m7XYfgRGubEmGQrcFAHEEm7di5p -mmXK6ocTFgXeyL8O/AZRwPuyyGsevkCFbl0WccmS7cQnj1IlggTcbYqf7QAZ73HbnCAs4lbP -OW+Q2dugbnfSSrWkr1OUC3+NNYDrZkNRofymuQENBFlcuyEBCADBqoSwuGtPRKqCFONadVbc -FlBu9Qk/II+85o7W0DP5N+p7ZWf6SCgNPdP6dHvNExvOLgpeQhNeaesiFV3uodaJxZdgB1D2 -4ctmEDuVXdzEv4oUQJfkX5phm3KmN/DicMUBbv+WoljKICCPjaMj8nzmpTHuC7adqpJW5/tR -mnG10Wx7JctjrgUPCnmii38ZhHrsP3UDieryF40cEb+hScwAEIeh9APufoxgkR/iOf6GgwRK -J5/1Gdhnu/YmuDqRhAcaI5Af9Ht/tmPi0R3N49QgO9GNW0nmhMqXlQ0GRyeALMRyseEesspf -Un9GeEmEocakQFYG1nrkxBI4LIEQ9t/xABEBAAGJAR8EGAEIAAkFAllcuyECGwwACgkQ1WUO -B0N1a5mvpAf/ZCCm/DQQMNKlFjCIdpbm/H8UMlRmaxMpXjZ10asKBRoBC31sio7Uu1sv/H7e -mDoqknTOOSZReuvnMAjXHdbPf2MPG1ktSYA7/skmjv3Ykpev2iCt1aweNWig1f6RJ5g2kiC2 -fWhpj088+jES7JqXnBBPrmCQpXxf/IFXvimhgRac1iQUQXW7hkmYYedxk5OYwDpBc6LJLR4S -0MqGpVqZUxTZt69FW9dKtKmQPnqAKAFdLHFxGq/yLEwX7PerkqIw4iP84pz/rTz2LKxzCJyq -3cwoZScEmOqf7h4M+F2iSpg/GciLhx+DxpOAeb4yzwRE3O+gD/9Nsuuz9fpduOslHQ== -=jMv7 +mQGiBDi5qEURBADitpDzvvzW+9lj/zYgK78G3D76hvvvIT6gpTIlwg6WIJNLKJat01yNpMIY +Nvpwi7EUd/lSNl6t1/A022p7s7bDbE4T5NJda0IOAgWeOZ/plIJC4+o2tD2RNuSkwDQcxzm8 +KUNZOJla4LvgRkm/oUubxyeY5omus7hcfNrBOwjC1wCg4Jntm7s3eNfMu72Cv+6FzBgFog8E +ANirkNdC1Q8oSMDihWj1ogiWbBz4s6HMxzAaqNf/rCJ9qoK5SLFeoB/r5ksRWty9QKV4Vdhh +CIy1U2B9tSTlEPYXJHQPZ3mwCxUnJpGD8UgFM5uKXaEq2pwpArTm367k0tTpMQgXAN2HwiZv +//ahQXH4ov30kBBVL5VFxMULUJ+yA/4r5HLTpP2SbbqtPWdeW7uDwhe2dTqffAGuf0kuCpHw +CTAHr83ivXzT/7OMCsETcYwtSp0KVgK0Aup10MyLrjKz01c6OSMslNOq7WG+T0S/dn49/UUL +nylWb7ARZ2cUEKc098wRFu5bkHJJ+ECUFyGjr99LD820lLOIpsBNzxzzG7QfUm9nZXIgRGlu +Z2xlZGluZSA8YXJtYUBtaXQuZWR1PohGBBARAgAGBQI8BNTLAAoJEJx74H/vjugIW8UAoOHX +KbxBVyg9gYXZbFPp5hRMM4DPAJ9TvFyZ65RW5zVkqdnRwG7oMutA+ohGBBARAgAGBQI+D3Wh +AAoJEM4Iphw7Ti7uRjQAnRH4TDLt2l3YmNneKLzAXwk2JXGFAJ43e1k3+bkCP5s4A+QydMke +S4IttIhGBBARAgAGBQI/Q8cAAAoJECBMYRUOYGaZOh8AoKWmnRbi81Gm3imklbns0xRwA9fV +AKC38DAQaTi18IKqo3K3+Zk0N9wCPIhGBBARAgAGBQI/zZgkAAoJEOCrKu1X7xk9KmgAn0US +cMfSezpXdnxMUtolUoW6/D2sAJ4/UGghc9zlAuwgLPlCzpu5oHkFMYhGBBARAgAGBQJAS7xL +AAoJEMsocoKAckl78VAAoJr2aLa+nlHpvung4S4lSY1y2YTvAJ91pZcQ93pyQcW2Kcw1rQJH +38tsFIhGBBARAgAGBQJBCWSvAAoJEFK/Wka8mOY96AsAoIdvyxRieIf3ax/XuZzsbC9Aszev +AJ0Zg8BHqKjO1e9Q6waNMTczjnH9yIhGBBARAgAGBQJBCWTHAAoJELE3nVmTg94GJ3sAn0Au +rEfQyEpfU8Eah40aL21mJzI5AJwJjoxEzvU2kpUW5jD0PCpKjT8txIhGBBARAgAGBQJBEmeq +AAoJEAhhSI+BVeTz8u0AoI7CuU4j3HQrtnezVUFSWRm3ubW0AKCHQHOO04XLbAiVz+TKcurg +T5z6n4hGBBARAgAGBQJBFBaCAAoJEFawMV8BZ8o4TyYAnjjMq/oCo2P8MrVKbfKYMTRqAig3 +AJ9+Whyun3+MFSNd6VnqzFwb6R/0O4hGBBARAgAGBQJBFYThAAoJEMuFlu8JRpsDvYoAnjGv +7jyK/KsiiB5vx/cmgdbN1rfMAKCPK86Nh+v2+Q9Z8fxtiQxvu1AJUYhGBBARAgAGBQJBIB/S +AAoJENfKOrov6HXMpSIAn1zCorc4KeQjvDirrAPW/6iAhCl2AJ0XdfXHduEfvLE+e43pGn1u +D5Vf6IhGBBARAgAGBQJBzAyMAAoJEDN+IZvssYq6jXQAn2DOxFlkTaNirl4hM6mim6EkF2zp +AKCBXdFYf6Dj9s4u2UnpxIcZH6ERaohGBBARAgAGBQJClS6BAAoJEDf2HVyMgMNfIkgAoOP4 +r8Ag5PEALCk0mGfpPhmFXcszAJ0SVdZqMvnlDtLZ3mapD0/JEao8e4hGBBARAgAGBQJC9oW5 +AAoJEInNSyFgdVnmzO0AoKrnE836t4iGWPe8liBm6RLNxPHJAJ48WdXVEz/xZLzMvFiK6Vef +vUJybYhGBBARAgAGBQJC9oy7AAoJENVOrkvJmHCxgZQAnjfh3I9rhGS38ejY3896OfTeijq9 +AJwKS7lSmDFh2Roa4suJCU0jR5PAkIhGBBARAgAGBQJC/DgEAAoJEMBBXtEVcjZbYa0AnRrB +j0kaACcI5XLNEuwOaNrhFCGzAKDZ4aJNuWTubjaAjNjECqzdwyNsyohGBBARAgAGBQJDEbMA +AAoJELHEcxc+e0tzmcYAn2P6ZoEUcZSBPl8IoH1Aka5AUJE4AJ43wgJs4CAvjly3Kl70sIaJ +hU27oohGBBARAgAGBQJDGiQLAAoJEFBy0DasWDUg/q8AnRU3D464VjOnMHsdCFpAWpZ0rI/D +AKCJ5rQ0HoyeWzQ1TX/GCF75euLG7IhGBBARAgAGBQJD+gCwAAoJENqWTWeXwbcbJIcAoNES +WOQQiCLPBcCBeRjvZxBl7OnlAJ4xECBE4xA8gUmCZEu6x4vqMb9XfohGBBARAgAGBQJE41zj +AAoJEN4RAYMSEkW1WyQAn2oErtZ6+wHbEm9eLFbCEdBEz6CeAJsGhtP3/qbj7Wo2ye2Ey10/
[tor-commits] [webwml/master] Twitter link for Roger
commit 218105d7704f95abcc7a859651d662ac843b64d8 Author: Damian JohnsonDate: Thu Jul 13 10:28:16 2017 -0700 Twitter link for Roger --- about/en/corepeople_alternate.wml | 1 + 1 file changed, 1 insertion(+) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index b703187..7522089 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -550,6 +550,7 @@ table.people tr td:first-child { + https://twitter.com/RogerDingledine;> Roger Dingledine IRC: arma ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Add Brad
commit 3a3a704e7f96ace91c3ad436c5ce2e750c67d842 Author: Damian JohnsonDate: Thu Jul 13 10:20:43 2017 -0700 Add Brad --- about/en/corepeople_alternate.wml | 115 +- images/people/bparker.png | Bin 0 -> 21887 bytes keys/bparker.txt | 63 + 3 files changed, 126 insertions(+), 52 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index cb98427..b703187 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -130,15 +130,24 @@ table.people tr td:first-child { + + + + Brad Parker + IRC: bparker + Chief ginancial grants officer at the Tor Project. + + + + + https://www.eff.org/files/key_cindy.txt;> Cindy Cohn Tor Board member and https://www.eff.org/about/staff/cindy-cohn;>Executive Director of the EFF. Lawyer by training, https://blog.torproject.org/blog/tor-heart-notes-board-member;>my focus is on making sure Tor stays available and that Tor users stay safe. - - @@ -148,7 +157,9 @@ table.people tr td:first-child { IRC: Phoul Support and translation coordinator, GSoC administrator, member of the community team and a director of https://www.coldhak.ca;>Coldhak. + + @@ -157,9 +168,7 @@ table.people tr td:first-child { IRC: atagar Author of the https://stem.torproject.org/;>Stem python controller library and https://www.atagar.com/arm/;>Nyx relay monitor. - - @@ -168,7 +177,9 @@ table.people tr td:first-child { IRC: dgoulet Tor development team focusing on onion services and our torsocks maintainer. + + @@ -178,9 +189,7 @@ table.people tr td:first-child { IRC: dawuud https://github.com/david415/;>Author of roflcoptor and honeybadger. Researches mixnets and contributes to txtorcon. - - @@ -190,7 +199,9 @@ table.people tr td:first-child { IRC: DonnchaC Onion services developer, OnionBalance developer, hunter of bad relays. + + @@ -199,9 +210,7 @@ table.people tr td:first-child { IRC: ewyatt Non-technical switchboard for people-related things: recruiting, onboarding, benefits, contracts, TPI policy questions, and baked goods. - - @@ -211,7 +220,9 @@ table.people tr td:first-child { IRC: biella http://gabriellacoleman.org/;>Anthropologist and Wolfe Chair in Scientific and Technological Literacy at McGill University. + + @@ -220,9 +231,7 @@ table.people tr td:first-child { IRC: GeKo Currently lead of the Tor Browser team. - - @@ -231,7 +240,9 @@ table.people tr td:first-child { IRC: asn Onion services. Security analysis. Used to obfsproxy. Follower of the onion. + + @@ -241,9 +252,7 @@ table.people tr td:first-child { IRC: saint Tamper-resistant software distribution, censorship detection, https://github.com/glamrock/cupcake;>Cupcake, and security training of activists and domestic violence survivors. - - @@ -251,7 +260,9 @@ table.people tr td:first-child { Ian Goldberg https://cs.uwaterloo.ca/~iang/;>Professor of CS at the https://uwaterloo.ca/;>University of Waterloo, developing https://otr.cypherpunks.ca/;>Off-the-Record Messaging among other things. + + @@ -259,9 +270,7 @@ table.people tr td:first-child { intrigeri Our main interface with the https://tails.boum.org/;>Tails project. - - @@ -271,7 +280,9 @@ table.people tr td:first-child { IRC: isabela Coordinates Tor's development teams and roadmaps. Keeps track of priorities, and ensures Tor always thinks of the user first. + + @@ -281,16 +292,16 @@ table.people tr td:first-child { IRC: isis Tor developer working on censorship circumvention, https://gitweb.torproject.org/bridgedb.git;>BridgeDB, and cryptographic research, design, and implementations. - - iwakeh Speaks Java and other languages, streamlines build processes, and scrutinizes mathematical concepts behind aggregating tons of Tor network data. + + @@ -300,9 +311,7 @@ table.people tr td:first-child { IRC: qbi Volunteer that helped translate the website, is part of TorServers.net, and Tor's sysadmin team. - - @@ -311,7 +320,9 @@ table.people tr td:first-child { IRC: jselon Event Coordination,
[tor-commits] [webwml/master] Note Linus is on the board
commit faf04cb889be3e0b6dfca16cfe51320844f00bef Author: Damian JohnsonDate: Thu Jul 13 09:52:39 2017 -0700 Note Linus is on the board --- about/en/corepeople_alternate.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 2e6bed1..cb98427 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -370,7 +370,7 @@ table.people tr td:first-child { Linus Nordberg IRC: ln5 - Swedish Tor advocate. Works on implementing IPv6 in Tor, build automation, and runs a directory authority. + Swedish advocate and Tor Board member. Works on implementing IPv6 in Tor, build automation, and runs a directory authority. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Add Pepijn
commit eb8e1aa22ccd9adedf334ce8b8a4b4781de506b6 Author: Damian JohnsonDate: Thu Jul 13 09:49:50 2017 -0700 Add Pepijn --- about/en/corepeople_alternate.wml | 41 +++--- images/people/orig/pepijn.jpg | Bin 0 -> 1025994 bytes images/people/pepijn.png | Bin 0 -> 31866 bytes keys/pepijn.txt | 285 ++ 4 files changed, 310 insertions(+), 16 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index e3ed4a4..2e6bed1 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -496,6 +496,17 @@ table.people tr td:first-child { + + + https://twitter.com/lehoax;> + + Pepijn Le Heux + Lawyer based in The Netherlands and co-founder of Hart voor Internetvrijheid. + + + + + https://twitter.com/__phw;> @@ -504,9 +515,7 @@ table.people tr td:first-child { IRC: phw Maintains https://gitweb.torproject.org/user/phw/exitmap.git/;>exitmap and https://gitweb.torproject.org/user/phw/sybilhunter.git/;>sybilhunter, works on https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays;>bad relay detection, and does https://nymity.ch/papers.html;>security and privacy research. - - @@ -514,7 +523,9 @@ table.people tr td:first-child { Rabbi Rob Thomas CEO of Team Cymru, which supports Tor through hosting, research, and infosec assistance. + + @@ -524,9 +535,7 @@ table.people tr td:first-child { IRC: robgjansen https://www.nrl.navy.mil;>NRL research scientist, http://www.robgjansen.com/;>leading expert in Tor network performance, and author of https://shadow.github.io/;>Shadow. - - @@ -535,16 +544,16 @@ table.people tr td:first-child { IRC: arma Original developer of Tor along with Nick and Paul. Leading researcher in anonymous communication, coordinating developers and researchers. + + Sebastian Hahn Helps people around the world use and understand Tor better. Generally helps everything run smoothly. Runs one of the directory authorities. - - @@ -553,7 +562,9 @@ table.people tr td:first-child { Serene Snowflake and Pluggable Transports developer. + + @@ -563,9 +574,7 @@ table.people tr td:first-child { IRC: ssteele Executive Director of the Tor Project, Inc. - - @@ -575,7 +584,9 @@ table.people tr td:first-child { IRC: hiro Hiro builds and runs Tor Project's web applications and services. + + @@ -585,9 +596,7 @@ table.people tr td:first-child { IRC: stephw Directs communications to consistently articulate and promote the Tor Project's mission. - - @@ -597,7 +606,9 @@ table.people tr td:first-child { IRC: sjmurdoch http://www.cs.ucl.ac.uk/staff/s.murdoch/;>Principal Research Fellow at University College London and original creator of the https://www.torproject.org/projects/torbrowser.html.en;>Tor Browser. + + @@ -606,9 +617,7 @@ table.people tr td:first-child { IRC: sukhe https://trac.torproject.org/projects/tor/wiki/torbirdy;>TorBirdy and https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger;>Tor Messenger developer. Volunteer on the https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam;>Community Team. - - @@ -617,7 +626,9 @@ table.people tr td:first-child { IRC: teor Onion services developer, and core member of Tor dev team. Researches Tor network measurement and onion service scalability. + + @@ -627,9 +638,7 @@ table.people tr td:first-child { IRC: tjr Maintains https://consensus-health.torproject.org/;>Consensus Health , runs one of the bandwidth authorities, and contributes to Tor Browser. - - @@ -638,7 +647,9 @@ table.people tr td:first-child { IRC: t0mmy Writes and edits grant proposals, one-pagers, blogposts, etc. + + @@ -648,9 +659,7 @@ table.people tr td:first-child { IRC: wseltzer https://wendy.seltzer.org/;>Techie lawyer and former Tor board member. She works on legal and policy support for private and secure communications. - - diff --git a/images/people/orig/pepijn.jpg b/images/people/orig/pepijn.jpg new file mode 100644 index 000..dc2c0c5 Binary files /dev/null and b/images/people/orig/pepijn.jpg differ diff --git a/images/people/pepijn.png b/images/people/pepijn.png new file mode 100644 index
[tor-commits] [tor-browser/tor-browser-52.2.0esr-7.5-1] fixup! TB4: Tor Browser's Firefox preference overrides.
commit b3989f16138112084c008f89d54ecbe9cd4804d7 Author: Georg KoppenDate: Thu Jul 13 08:48:59 2017 + fixup! TB4: Tor Browser's Firefox preference overrides. We disable the GetAddons item on the about:addons page as we don't know which extensions Mozilla is advertising to our users and we don't want to have some random Google Analytics script running either on about:addons. Fixes bug 22073. --- browser/app/profile/000-tor-browser.js | 4 1 file changed, 4 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index d2fb5e5..aaeba63 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -294,6 +294,10 @@ pref("extensions.enabledScopes", 1); pref("extensions.pendingOperations", false); pref("xpinstall.whitelist.add", ""); pref("xpinstall.whitelist.add.36", ""); +// We don't know what extensions Mozilla is advertising to our users and we +// don't want to have some random Google Analytics script running either on the +// about:addons page, see bug 22073 and 22900. +pref("extensions.getAddons.showPane", false); // Toolbar layout pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\",\"https-everywhere-button\",\"downloads-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"noscript-tbb\",\"torbutton-button\",\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"loop-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\",\"addon-bar\"],\"currentVersion\":4,\"newElementCount\":0}"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit ff366cd53c2fc0526ae3fbb7f6b6c31906b6ee11 Author: Translation commit botDate: Thu Jul 13 10:48:27 2017 + Update translations for tor-browser-manual --- uk/uk.po | 6 ++ 1 file changed, 6 insertions(+) diff --git a/uk/uk.po b/uk/uk.po index 982b668..13bb751 100644 --- a/uk/uk.po +++ b/uk/uk.po @@ -931,6 +931,12 @@ msgid "" "connections. Tor Browser will warn you that all activity and downloads will " "be stopped, so take this into account before clicking âNew Identityâ." msgstr "" +"Ð¦Ñ Ð¾Ð¿ÑÑÑ ÐºÐ¾ÑиÑна, ÑкÑо ви не Ñ Ð¾ÑеÑе, Ñоб ваÑа подалÑÑа дÑÑлÑнÑÑÑÑ Ñ Ð±ÑаÑзеÑÑ" +" пов'ÑзÑвалаÑÑ Ð· Ñим, Ñо вони Ñобили ÑанÑÑе. ЯкÑо ÑÑ Ð²Ð¸Ð±ÑаÑи, бÑде закÑиÑо " +"ÑÑÑ Ð²ÑдкÑиÑÑ Ð²ÐºÐ»Ð°Ð´ÐºÐ¸ Ñ Ð²Ñкна, оÑиÑено ÑÑÑ Ð¿ÑиваÑÐ½Ñ ÑнÑоÑмаÑÑÑ (Ñк-Ñо кÑки Ñа" +" ÑÑÑоÑÑÑ) Ñ Ð²ÑÑановлено Ð½Ð¾Ð²Ñ ÑÑ ÐµÐ¼Ð¸ Tor Ð´Ð»Ñ ÑÑÑÑ Ð·'ÑднанÑ. ÐÑаÑÐ·ÐµÑ Tor " +"попеÑедиÑÑ Ð²Ð°Ñ, Ñо вÑÑ Ð´ÑÑлÑнÑÑÑÑ Ñа заванÑÐ°Ð¶ÐµÐ½Ð½Ñ Ð±Ñде пÑипинено, ÑÐ¾Ð¼Ñ Ð¼Ð°Ð¹Ñе" +" Ñе на ÑвазÑ, наÑиÑкаÑÑи на ÐºÐ½Ð¾Ð¿ÐºÑ Â«Ðова ÑденÑиÑнÑÑÑÑ»." #: managing-identities.page:123 msgid "New Tor Circuit for this Site" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 508640e01fb6f6d14f963c50472e375652be8f12 Author: Translation commit botDate: Thu Jul 13 09:49:53 2017 + Update translations for tor-browser-manual --- uk/uk.po | 47 --- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/uk/uk.po b/uk/uk.po index 2e6d905..982b668 100644 --- a/uk/uk.po +++ b/uk/uk.po @@ -774,10 +774,15 @@ msgid "" " Browser includes some additional features that help you control what " "information can be tied to your identity." msgstr "" +"ÐикоÑиÑÑÐ°Ð½Ð½Ñ Ð¼ÐµÑÐµÐ¶Ñ Tor ÑнеможливлÑÑ ÑозкÑиÑÑÑ Ð²Ð°Ñого мÑÑÑÑ ÑозÑаÑÑÐ²Ð°Ð½Ð½Ñ Ñа " +"IP-адÑеÑи ÑпоÑÑеÑÑгаÑами, але й без ÑÑÑÑ ÑнÑоÑмаÑÑÑ Ð²Ð¾Ð½Ð¸ можÑÑÑ Ð¿Ð¾ÑднаÑи " +"ÑÑÐ·Ð½Ñ Ð¿Ð¾Ð»Ñ Ð²Ð°ÑÐ¾Ñ Ð´ÑÑлÑноÑÑÑ Ð² одне ÑÑле. Ð ÑÑÑÑ Ð¿ÑиÑини Tor-бÑаÑÐ·ÐµÑ Ð¼ÑÑÑиÑÑ " +"деÑÐºÑ Ð´Ð¾Ð´Ð°ÑÐºÐ¾Ð²Ñ ÑÑнкÑÑÑ, ÑÐºÑ Ð´Ð¾Ð¿Ð¾Ð¼Ð°Ð³Ð°ÑÑÑ Ð²Ð°Ð¼ коÑÑолÑваÑи, Ñка ÑнÑоÑмаÑÑÑ " +"пÑив'ÑзÑÑÑÑÑÑ Ð´Ð¾ ваÑÐ¾Ñ ÑденÑиÑноÑÑÑ." #: managing-identities.page:29 msgid "The URL bar" -msgstr "" +msgstr "ÐдÑеÑний ÑÑдок" #: managing-identities.page:30 msgid "" @@ -787,6 +792,11 @@ msgid "" " be served over two different Tor circuits, so the tracker will not know " "that both connections originate from your browser." msgstr "" +"Tor Browser заÑеÑеджÑÑ Ð²Ð°ÑÑ Ð´ÑÑлÑнÑÑÑÑ Ð½Ð° вÑдноÑÐ¸Ð½Ð°Ñ Ð· веб-ÑайÑом, введеним " +"в адÑеÑÐ½Ð¾Ð¼Ñ ÑÑдкÑ. ÐавÑÑÑ ÑкÑо ви зайдеÑе на два ÑÑÐ·Ð½Ñ ÑайÑи, ÑÐºÑ " +"викоÑиÑÑовÑÑÑÑ Ñой же ÑеÑвÑÑ ÑÑекÑÐ½Ð³Ñ Ð²Ñд ÑÑеÑÑÐ¾Ñ ÑÑоÑони, бÑаÑÐ·ÐµÑ Tor " +"пÑопÑÑÑиÑÑ ÐºÐ¾Ð½ÑÐµÐ½Ñ ÑеÑез Ð´Ð²Ñ ÑÑÐ·Ð½Ñ ÑÑ ÐµÐ¼Ð¸ Tor, ÑÐ¾Ð¼Ñ ÑÑÐµÐºÐµÑ Ð½Ðµ знаÑиме, Ñо " +"обидва вÑдвÑдÑÐ²Ð°Ð½Ð½Ñ Ð±Ñли з ваÑого бÑаÑзеÑа." #: managing-identities.page:38 msgid "" @@ -795,6 +805,9 @@ msgid "" "single website in separate tabs or windows, without any loss of " "functionality." msgstr "" +"Ð ÑнÑого бокÑ, ÑÑÑ Ð²ÑдвÑдÑÐ²Ð°Ð½Ð½Ñ Ð¾Ð´Ð½Ð¾Ñ Ð°Ð´ÑеÑи веб-ÑайÑÑ ÑобиÑимÑÑÑÑÑ ÑеÑез " +"Ð¾Ð´Ð½Ñ ÑÑ ÐµÐ¼Ñ Tor, ÑобÑо ви можеÑе вÑдвÑдÑваÑи ÑÑÐ·Ð½Ñ Ð²ÐºÐ»Ð°Ð´ÐºÐ¸ Ñого ж веб-ÑайÑÑ Ñ" +" ÑÑÐ·Ð½Ð¸Ñ Ð²ÐºÐ»Ð°Ð´ÐºÐ°Ñ Ñи вÑÐºÐ½Ð°Ñ Ð±ÐµÐ· вÑÑаÑи ÑÑнкÑÑоналÑ." #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -806,16 +819,20 @@ msgid "" "external ref='media/managing-identities/circuit_full.png' " "md5='bd46d22de952fee42643be46d3f95928'" msgstr "" +"external ref='media/managing-identities/circuit_full.png' " +"md5='bd46d22de952fee42643be46d3f95928'" #: managing-identities.page:48 msgid "" "You can see a diagram of the circuit that Tor Browser is using for the " "current tab in the onion menu." msgstr "" +"Ðи можеÑе побаÑиÑи дÑагÑÐ°Ð¼Ñ ÑÑ ÐµÐ¼Ð¸, ÑÐºÑ Tor-бÑаÑÐ·ÐµÑ Ð²Ð¸ÐºÐ¾ÑиÑÑовÑÑ Ð´Ð»Ñ Ð¿Ð¾ÑоÑноÑ" +" вкладки Ñ Ð¼ÐµÐ½Ñ ÑибÑлини." #: managing-identities.page:55 msgid "Logging in over Tor" -msgstr "" +msgstr "ÐÑ Ñд в ÑиÑÑÐµÐ¼Ñ ÑеÑез Tor" #: managing-identities.page:56 msgid "" @@ -823,6 +840,9 @@ msgid "" "there may be situations in which it makes sense to use Tor with websites " "that require usernames, passwords, or other identifying information." msgstr "" +"ХоÑа бÑаÑÐ·ÐµÑ Tor пÑизнаÑений Ð´Ð»Ñ Ð·Ð°Ð±ÐµÐ·Ð¿ÐµÑÐµÐ½Ð½Ñ ÑоÑалÑÐ½Ð¾Ñ Ð°Ð½Ð¾Ð½ÑмноÑÑÑ Ñ Ð²ÐµÐ±Ñ, " +"можÑÑÑ Ð±ÑÑи ÑиÑÑаÑÑÑ, коли доÑÑлÑно викоÑиÑÑовÑваÑи Tor Ð´Ð»Ñ Ð²ÐµÐ±-ÑайÑÑв, Ñо " +"вимагаÑÑÑ Ñм'Ñ ÐºÐ¾ÑиÑÑÑваÑа, паÑÐ¾Ð»Ñ Ñи ÑнÑÑ ÑнÑоÑмаÑÑÑ ÑденÑиÑÑкаÑÑÑ." #: managing-identities.page:62 msgid "" @@ -833,18 +853,29 @@ msgid "" "you reveal to the websites you browse. Logging in using Tor Browser is also " "useful if the website you are trying to reach is censored on your network." msgstr "" +"ЯкÑо ви Ð²Ñ Ð¾Ð´Ð¸Ñе на веб-ÑÐ°Ð¹Ñ ÑеÑез звиÑайний бÑаÑзеÑ, Ñо в пÑоÑеÑÑ Ñакож " +"ÑозкÑиваÑÑе ÑÐ²Ð¾Ñ IP-адÑеÑÑ Ñа геогÑаÑÑÑне ÑозÑаÑÑваннÑ. Те Ñаме ÑаÑÑо " +"ÑпÑаведливо Ñ Ð´Ð»Ñ Ð½Ð°Ð´ÑÐ¸Ð»Ð°Ð½Ð½Ñ ÐµÐ». поÑÑи. ÐÑ Ñд Ñ ÑоÑÑалÑÐ½Ñ Ð¼ÐµÑÐµÐ¶Ñ Ñи поÑÑовик " +"з викоÑиÑÑаннÑм бÑаÑзеÑа Tor дозволÑÑ Ð²Ð¸Ð±ÑаÑи, ÑÐºÑ Ñаме ÑнÑоÑмаÑÑÑ "
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 5c156cbffb447e60a3669d7d68a633eeedeaee87 Author: Translation commit botDate: Thu Jul 13 09:18:28 2017 + Update translations for tor-browser-manual --- uk/uk.po | 104 ++- 1 file changed, 89 insertions(+), 15 deletions(-) diff --git a/uk/uk.po b/uk/uk.po index 30f41ca..2e6d905 100644 --- a/uk/uk.po +++ b/uk/uk.po @@ -429,10 +429,15 @@ msgid "" "â32-bitâ or â64-bitâ software: this depends on the model of the computer you" " are using." msgstr "" +"GetTor вÑдповÑÑÑÑ Ð»Ð¸ÑÑом, Ñо мÑÑÑиÑиме поÑÐ¸Ð»Ð°Ð½Ð½Ñ Ð½Ð° заванÑÐ°Ð¶ÐµÐ½Ð½Ñ Ð¿Ð°ÐºÐµÑÑ Tor " +"Browser, кÑипÑогÑаÑÑÑного пÑдпиÑÑ (Ñо поÑÑÑбний Ð´Ð»Ñ Ð¿ÐµÑевÑÑки заванÑаженнÑ)," +" вÑдбиÑÐºÑ ÐºÐ»ÑÑа, викоÑиÑÑаного Ð´Ð»Ñ Ð¿ÑдпиÑÑ, Ñа конÑÑолÑÐ½Ð¾Ñ ÑÑми пакеÑа. Ðи " +"можеÑе оÑÑимаÑи на вибÑÑ 32-бÑÑÐ½Ñ Ñи 64-бÑÑÐ½Ñ Ð²ÐµÑÑÑ Ð¿ÑогÑамного " +"забезпеÑеннÑ, залежно вÑд Ð¼Ð¾Ð´ÐµÐ»Ñ Ð²Ð°Ñого комп'ÑÑеÑа." #: downloading.page:57 msgid "To use GetTor via Twitter:" -msgstr "" +msgstr "Щоб ÑкоÑиÑÑаÑиÑÑ GetTor ÑеÑез Twitter:" #: downloading.page:62 msgid "" @@ -440,38 +445,47 @@ msgid "" "Message to @get_tor with the words \"osx en\" in it (you don't need to " "follow the account)." msgstr "" +"Щоб оÑÑимаÑи поÑÐ¸Ð»Ð°Ð½Ð½Ñ Ð½Ð° заванÑÐ°Ð¶ÐµÐ½Ð½Ñ Ð±ÑаÑзеÑа Tor англÑйÑÑÐºÐ¾Ñ Ð¼Ð¾Ð²Ð¾Ñ Ð´Ð»Ñ OS" +" X, надÑÑлÑÑÑ Ð¿ÑиваÑне повÑÐ´Ð¾Ð¼Ð»ÐµÐ½Ð½Ñ ÐºÐ¾ÑиÑÑÑваÑÑ @get_tor Ð·Ñ Ñловами «osx en»" +" (Ð´Ð»Ñ ÑÑого не поÑÑÑбно ÑÑежиÑи за коÑиÑÑÑваÑем)." #: downloading.page:70 msgid "To use GetTor via Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" msgstr "" +"Щоб ÑкоÑиÑÑаÑиÑÑ GetTor ÑеÑез Jabber/XMPP (Tor Messenger, Jitsi, CoyIM):" #: downloading.page:75 msgid "" "To get links for downloading Tor Browser in Chinese for Linux, send a " "message to get...@torproject.org with the words \"linux zh\" in it." msgstr "" +"Щоб оÑÑимаÑи поÑÐ¸Ð»Ð°Ð½Ð½Ñ Ð½Ð° заванÑÐ°Ð¶ÐµÐ½Ð½Ñ Ð±ÑаÑзеÑа Tor Browser киÑайÑÑÐºÐ¾Ñ Ð¼Ð¾Ð²Ð¾Ñ" +" Ð´Ð»Ñ Linux, надÑÑлÑÑÑ Ð¿Ð¾Ð²ÑÐ´Ð¼Ð»ÐµÐ½Ð½Ñ get...@torproject.org Ð·Ñ Ñловами «linux " +"zh»." #: downloading.page:84 msgid "Satori" -msgstr "" +msgstr "Satori" #: downloading.page:85 msgid "" "Satori is an add-on for the Chrome or Chromium browsers that allows you to " "download several security and privacy programs from different sources." msgstr "" +"Satori â Ñе додаÑок до бÑаÑзеÑÑв Chrome Ñи Chromium, Ñкий дозволÑÑ " +"заванÑажиÑи кÑлÑка пÑогÑам безпеки Ñа пÑиваÑноÑÑÑ Ð· ÑÑÐ·Ð½Ð¸Ñ Ð´Ð¶ÐµÑел." #: downloading.page:90 msgid "To download Tor Browser using Satori:" -msgstr "" +msgstr "Щоб заванÑажиÑи Tor Browser ÑеÑез Satori:" #: downloading.page:95 msgid "Install Satori from the Chrome App Store." -msgstr "" +msgstr "ÐÑÑановÑÑÑ Satori з Chrome App Store." #: downloading.page:100 msgid "Select Satori from your browserâs Apps menu." -msgstr "" +msgstr "ÐбеÑÑÑÑ Satori Ñ Ð¼ÐµÐ½Ñ Ð´Ð¾Ð´Ð°ÑкÑв Ñвого бÑаÑзеÑа." #: downloading.page:105 msgid "" @@ -481,12 +495,19 @@ msgid "" "after the name of the program â each one represents a different source from " "which to get the software. Your download will then begin." msgstr "" +"Ðоли Satori вÑдкÑиÑÑÑÑÑ, вибеÑÑÑÑ Ð·ÑÑÑÐ½Ñ Ð´Ð»Ñ Ð²Ð°Ñ Ð¼Ð¾Ð²Ñ. ÐÑдкÑиÑÑÑÑÑ Ð¼ÐµÐ½Ñ Ð·Ñ " +"ÑпиÑком доÑÑÑÐ¿Ð½Ð¸Ñ Ð·Ð°Ð²Ð°Ð½ÑÐ°Ð¶ÐµÐ½Ñ ÑÑÑÑ Ð¼Ð¾Ð²Ð¾Ñ. ÐнайдÑÑÑ Tor Browser пÑд Ð½Ð°Ð·Ð²Ð¾Ñ " +"ваÑÐ¾Ñ Ð¾Ð¿ÐµÑаÑÑÐ¹Ð½Ð¾Ñ ÑиÑÑеми. ÐбеÑÑÑÑ Â«A» або «B» пÑÑÐ»Ñ Ð½Ð°Ð·Ð²Ð¸ пÑогÑами â Ñе " +"ÑÑÐ·Ð½Ñ Ð´Ð¶ÐµÑела, з ÑÐºÐ¸Ñ Ð¼Ð¾Ð¶Ð½Ð° оÑÑимаÑи пÑогÑамÑ. Ð¢Ð¾Ð´Ñ ÑозпоÑнеÑÑÑÑ " +"заванÑаженнÑ." #: downloading.page:115 msgid "" "Wait for your download to finish, then find the âGenerate Hashâ section in " "Satoriâs menu and click âSelect Filesâ." msgstr "" +"ÐаÑекайÑе, поки заванÑÐ°Ð¶ÐµÐ½Ð½Ñ Ð·Ð°Ð²ÐµÑиÑÑÑÑ, ÑÐ¾Ð´Ñ Ð·Ð½Ð°Ð¹Ð´ÑÑÑ ÑоздÑл «ÐенеÑваÑи " +"Ñ ÐµÑ» Ñ Ð¼ÐµÐ½Ñ Satori Ñ Ð½Ð°ÑиÑнÑÑÑ Â«ÐбÑаÑи Ñайли»." #: downloading.page:121 msgid "" @@ -498,14 +519,21 @@ msgid "" "Browser. If they do not match, you may need to try downloading again," " or from a different source." msgstr "" +"ÐбеÑÑÑÑ Ð·Ð°Ð²Ð°Ð½Ñажений Ñайл Tor Browser. Satori
[tor-commits] [metrics-web/master] Remove unused image files.
commit dbe669bfb519cdd9dbcd7cd016e9c2d31ea1411c Author: Karsten LoesingDate: Thu Jul 13 10:41:27 2017 +0200 Remove unused image files. --- website/src/main/resources/web/images/default-logo.png | Bin 96441 -> 0 bytes .../main/resources/web/images/metrics-logo-large.png | Bin 119786 -> 0 bytes .../resources/web/images/metrics-wordmark-small.png| Bin 4473 -> 0 bytes .../src/main/resources/web/images/metrics-wordmark.png | Bin 17612 -> 0 bytes website/src/main/resources/web/images/ooni-logo.png| Bin 5573 -> 0 bytes 5 files changed, 0 insertions(+), 0 deletions(-) diff --git a/website/src/main/resources/web/images/default-logo.png b/website/src/main/resources/web/images/default-logo.png deleted file mode 100644 index ef0cd90..000 Binary files a/website/src/main/resources/web/images/default-logo.png and /dev/null differ diff --git a/website/src/main/resources/web/images/metrics-logo-large.png b/website/src/main/resources/web/images/metrics-logo-large.png deleted file mode 100644 index 24001c6..000 Binary files a/website/src/main/resources/web/images/metrics-logo-large.png and /dev/null differ diff --git a/website/src/main/resources/web/images/metrics-wordmark-small.png b/website/src/main/resources/web/images/metrics-wordmark-small.png deleted file mode 100644 index d2132d1..000 Binary files a/website/src/main/resources/web/images/metrics-wordmark-small.png and /dev/null differ diff --git a/website/src/main/resources/web/images/metrics-wordmark.png b/website/src/main/resources/web/images/metrics-wordmark.png deleted file mode 100644 index c6977a0..000 Binary files a/website/src/main/resources/web/images/metrics-wordmark.png and /dev/null differ diff --git a/website/src/main/resources/web/images/ooni-logo.png b/website/src/main/resources/web/images/ooni-logo.png deleted file mode 100644 index 777481b..000 Binary files a/website/src/main/resources/web/images/ooni-logo.png and /dev/null differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [metrics-web/master] Remove unused submodule, update the one we use.
commit c93d9ccc5a2719142c625ad11ad75b6eea93b4a9 Author: Karsten LoesingDate: Thu Jul 13 10:35:03 2017 +0200 Remove unused submodule, update the one we use. --- .gitmodules | 6 -- submods/collector | 1 - submods/metrics-lib | 2 +- submods/onionoo | 1 - website/src/main/resources/web-prepare.sh | 2 +- 5 files changed, 2 insertions(+), 10 deletions(-) diff --git a/.gitmodules b/.gitmodules index 4d4d0bb..7e4601a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,9 +1,3 @@ -[submodule "submods/onionoo"] - path = submods/onionoo - url = https://git.torproject.org/onionoo.git [submodule "submods/metrics-lib"] path = submods/metrics-lib url = https://git.torproject.org/metrics-lib.git -[submodule "submods/collector"] - path = submods/collector - url = https://git.torproject.org/collector.git diff --git a/submods/collector b/submods/collector deleted file mode 16 index 788e72e..000 --- a/submods/collector +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 788e72e4e9a1fed321c307fe99e61c2d09cfd936 diff --git a/submods/metrics-lib b/submods/metrics-lib index a57b1f7..8678345 16 --- a/submods/metrics-lib +++ b/submods/metrics-lib @@ -1 +1 @@ -Subproject commit a57b1f7698bb03abe023ce2aa95cb9d0c8144a1d +Subproject commit 8678345af9922ca4431b084d75419961dac562fa diff --git a/submods/onionoo b/submods/onionoo deleted file mode 16 index 445f303..000 --- a/submods/onionoo +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 445f3030c9c7455cdb1583e3e0254334f05ca6b8 diff --git a/website/src/main/resources/web-prepare.sh b/website/src/main/resources/web-prepare.sh index 2da4c4e..02b604b 100755 --- a/website/src/main/resources/web-prepare.sh +++ b/website/src/main/resources/web-prepare.sh @@ -5,7 +5,7 @@ cd $1 -for x in metrics-lib collector onionoo ; do +for x in metrics-lib ; do cd $1/$x src/main/resources/bootstrap-development.sh if ! [ -d lib ] ; then ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [metrics-web/master] Fix typo.
commit e7315204a81a456610598a578aaf1377db47c212 Author: Karsten LoesingDate: Thu Jul 13 10:38:28 2017 +0200 Fix typo. --- website/src/main/resources/web/WEB-INF/sources.jsp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/main/resources/web/WEB-INF/sources.jsp b/website/src/main/resources/web/WEB-INF/sources.jsp index 301a2ea..43a926b 100644 --- a/website/src/main/resources/web/WEB-INF/sources.jsp +++ b/website/src/main/resources/web/WEB-INF/sources.jsp @@ -36,7 +36,7 @@ https://gitweb.torproject.org/torperf.git; target="_blank">Torperf measures Tor performance with a set of utilities and Python scripts. https://github.com/robgjansen/onionperf; target="_blank">OnionPerf measures the performance of onion services. https://ooni.torproject.org/; target="_blank">OONI detects censorship, surveillance, and traffic manipulation on the internet. -https://gitweb.torproject.org/user/phw/sybilhunter.git/; target="_blank">Sybilhunter attempts to detect Sybil attacks onthe Tor network. +https://gitweb.torproject.org/user/phw/sybilhunter.git/; target="_blank">Sybilhunter attempts to detect Sybil attacks on the Tor network. https://webstats.torproject.org/; target="_blank">Webstats collects logs from torproject.org web servers and provides them as a stripped-down version of Apache's "combined" log format without IP addresses, log times, HTTP parameters, referers, and user agent strings. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [metrics-web/master] Update news.
commit 23ab4d36d7881599a655e28f569347e2038fa1be Author: Karsten LoesingDate: Thu Jul 13 10:24:30 2017 +0200 Update news. --- website/src/main/resources/etc/news.json | 50 1 file changed, 50 insertions(+) diff --git a/website/src/main/resources/etc/news.json b/website/src/main/resources/etc/news.json index fbb8a97..e62a8cc 100644 --- a/website/src/main/resources/etc/news.json +++ b/website/src/main/resources/etc/news.json @@ -584,6 +584,56 @@ ] }, { +"start": "2017-07-02", +"description": "deb.torproject.org upgrades from tor 0.2.9 to tor 0.3.0", +"links": [ + "https://metrics.torproject.org/versions.html?start=2017-05-01=2017-07-15\;>relay versions graph", + "https://twitter.com/nusenu_/status/884128686764687361\;>tweet" +] + }, + { +"start": "2017-06-26", +"end": "2017-07-03", +"protocols": [ + "obfs4" +], +"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/854173307E33686BBBAC36A3A093BEF320B719D4\;>frosty", +"links": [ + "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing list post" +] + }, + { +"start": "2017-06-26", +"end": "2017-07-02", +"protocols": [ + "obfs4" +], +"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/D9E712E593400635462172121B7DB90B07669F71\;>dragon", +"links": [ + "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing list post" +] + }, + { +"start": "2017-07-04", +"protocols": [ + "obfs4" +], +"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/D9E712E593400635462172121B7DB90B07669F71\;>dragon", +"links": [ + "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing list post" +] + }, + { +"start": "2017-07-04", +"protocols": [ + "obfs4" +], +"description": "Outage of default obfs4 bridge https://atlas.torproject.org/#details/854173307E33686BBBAC36A3A093BEF320B719D4\;>frosty.", +"links": [ + "https://lists.torproject.org/pipermail/tor-project/2017-July/001280.html\;>mailing list post" +] + }, + { "start": "2016-02-24", "place": "tm", "protocols": [ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-browser-manual] Update translations for tor-browser-manual
commit 30b8d2abc1c3616fcd41c25c594e6159239e7c8e Author: Translation commit botDate: Thu Jul 13 08:48:27 2017 + Update translations for tor-browser-manual --- uk/uk.po | 103 --- 1 file changed, 79 insertions(+), 24 deletions(-) diff --git a/uk/uk.po b/uk/uk.po index cd32fdd..30f41ca 100644 --- a/uk/uk.po +++ b/uk/uk.po @@ -140,12 +140,12 @@ msgid "" " in combination with pluggable transports helps to disguise the fact that " "you are using Tor." msgstr "" -"ÐÑлÑÑÑÑÑÑ Ð²ÑÑÐ°Ð²Ð½Ð¸Ñ ÑÑаÑпоÑÑеÑÑв (Pluggable " +"ÐÑлÑÑÑÑÑÑ Ð²ÑÑÐ°Ð²Ð½Ð¸Ñ ÑÑаÑпоÑÑÑв (Pluggable " "Transports), Ñк obfs3 Ñа obfs4, залежаÑÑ Ð²Ñд викоÑиÑÑÐ°Ð½Ð½Ñ Â«Ð¼Ð¾ÑÑÐ¾Ð²Ð¸Ñ Â» " "Ñеле. ÐодÑбно до звиÑÐ°Ð¹Ð½Ð¸Ñ Ñеле Tor'Ñ, моÑÑи пÑдÑÑимÑÑÑÑ Ð²Ð¾Ð»Ð¾Ð½ÑеÑи, але на " "вÑдмÑÐ½Ñ Ð²Ñд звиÑÐ°Ð¹Ð½Ð¸Ñ Ñеле, вони не згадÑÑÑÑÑÑ Ð¿ÑблÑÑно, ÑÐ¾Ð¼Ñ Ð¿ÑоÑивник не " "зможе легко ÑÑ ÑденÑиÑÑкÑваÑи. ÐикоÑиÑÑÐ°Ð½Ð½Ñ Ð¼Ð¾ÑÑÑв Ñ Ð¿Ð¾ÑÐ´Ð½Ð°Ð½Ð½Ñ Ð·Ñ Ð²ÑÑавними " -"ÑÑанÑпоÑÑеÑами Ð´Ð¾Ð¿Ð¾Ð¼Ð°Ð³Ð°Ñ Ð¿ÑÐ¸Ñ Ð¾Ð²Ð°Ñи Ñой ÑакÑ, Ñо ви викоÑиÑÑовÑÑÑе Tor." +"ÑÑанÑпоÑÑами Ð´Ð¾Ð¿Ð¾Ð¼Ð°Ð³Ð°Ñ Ð¿ÑÐ¸Ñ Ð¾Ð²Ð°Ñи Ñой ÑакÑ, Ñо ви викоÑиÑÑовÑÑÑе Tor." #: bridges.page:21 msgid "" @@ -153,19 +153,21 @@ msgid "" "techniques that do not rely on bridges. You do not need to obtain bridge " "addresses in order to use these transports." msgstr "" -"ÐнÑÑ Ð²ÑÑÐ°Ð²Ð½Ñ ÑÑанÑпоÑÑеÑи, Ñк meek, викоÑиÑÑовÑÑÑÑ ÑÑÐ·Ð½Ñ Ð¿ÑоÑиÑензÑÑÐ½Ñ " -"меÑоди, Ñо не базÑÑÑÑÑÑ Ð½Ð° моÑÑÐ°Ñ . Ðам не ÑÑеба маÑи адÑеÑи моÑÑÑв, Ñоб " -"коÑиÑÑÑваÑиÑÑ Ñими ÑÑанÑпоÑÑеÑами. " +"ÐнÑÑ Ð²ÑÑÐ°Ð²Ð½Ñ ÑÑанÑпоÑÑи, Ñк meek, викоÑиÑÑовÑÑÑÑ ÑÑÐ·Ð½Ñ Ð¿ÑоÑиÑензÑÑÐ½Ñ Ð¼ÐµÑоди," +" Ñо не базÑÑÑÑÑÑ Ð½Ð° моÑÑÐ°Ñ . Ðам не ÑÑеба маÑи адÑеÑи моÑÑÑв, Ñоб " +"коÑиÑÑÑваÑиÑÑ Ñими ÑÑанÑпоÑÑами. " #: bridges.page:28 msgid "Getting bridge addresses" -msgstr "" +msgstr "ÐÑÑÐ¸Ð¼Ð°Ð½Ð½Ñ Ð°Ð´ÑÐµÑ Ð¼Ð¾ÑÑÑв" #: bridges.page:29 msgid "" "Because bridge addresses are not public, you will need to request them " "yourself. You have two options:" msgstr "" +"ÐÑкÑлÑки адÑеÑи моÑÑÑв не пÑблÑÑнÑ, вам ÑÑеба подаÑи на Ð½Ð¸Ñ Ð·Ð°Ð¿Ð¸Ñ. Рдва " +"ÑпоÑоби:" #: bridges.page:36 msgid "" @@ -173,22 +175,29 @@ msgid "" "href=\"https://bridges.torproject.org/\;>https://bridges.torproject.org/" " and follow the instructions, or" msgstr "" +"ÐеÑейдÑÑÑ Ð½Ð° https://bridges.torproject.org/\;>https://bridges.torproject.org/" +" Ñа виконайÑе ÑнÑÑÑÑкÑÑÑ, або " #: bridges.page:42 msgid "" "Email brid...@torproject.org from a Gmail, Yahoo, or Riseup email address, " "or" msgstr "" +"ÐапиÑÑÑÑ Ð½Ð° brid...@torproject.org з елекÑÑÐ¾Ð½Ð½Ð¾Ñ Ð¿Ð¾ÑÑи Gmail, Yahoo Ñи " +"Riseup, або" #: bridges.page:51 msgid "Entering bridge addresses" -msgstr "" +msgstr "ÐÐ²ÐµÐ´ÐµÐ½Ð½Ñ Ð°Ð´ÑÐµÑ Ð¼Ð¾ÑÑÑв" #: bridges.page:52 msgid "" "Once you have obtained some bridge addresses, you will need to enter them " "into Tor Launcher." msgstr "" +"Ðоли ви оÑÑимали ÑкÑÑÑ Ð°Ð´ÑеÑи моÑÑÑв, вам ÑÑеба ввеÑÑи ÑÑ Ñ ÑвоÑÐ¼Ñ Tor " +"Launcher.." #: bridges.page:57 msgid "" @@ -196,6 +205,9 @@ msgid "" " to the Tor network. Select âUse custom bridgesâ and enter each bridge " "address on a separate line." msgstr "" +"ÐбеÑÑÑÑ Â«Ñак» Ñ Ð²ÑдповÑÐ´Ñ Ð½Ð° запиÑаннÑ, Ñи Ð²Ð°Ñ ÑнÑеÑнеÑ-пÑÐ¾Ð²Ð°Ð¹Ð´ÐµÑ Ð±Ð»Ð¾ÐºÑÑ " +"з'ÑÐ´Ð½Ð°Ð½Ð½Ñ Ð· меÑÐµÐ¶ÐµÑ Tor. ÐбеÑÑÑÑ Â«ÐикоÑиÑÑовÑваÑи влаÑÐ½Ñ Ð¼Ð¾ÑÑи» Ñ Ð²Ð²ÐµÐ´ÑÑÑ " +"ÐºÐ¾Ð¶Ð½Ñ Ð°Ð´ÑеÑÑ Ð¼Ð¾ÑÑа окÑемим ÑÑдком." #. This is a reference to an external file such as an image or video. When #. the file changes, the md5 hash will change to let you know you need to @@ -207,6 +219,8 @@ msgid "" "external ref='media/tor-launcher-custom-bridges_en-US.png' " "md5='93365c2aa3fb4d627497e83f28a39b7e'" msgstr "" +"external ref='media/tor-launcher-custom-bridges_en-US.png' " +"md5='93365c2aa3fb4d627497e83f28a39b7e'" #: bridges.page:65 msgid "" @@ -215,14 +229,19 @@ msgid "" " may be down. Please use one of the above methods to obtain more bridge " "addresses, and try again." msgstr "" +"ÐаÑиÑнÑÑÑ Â«Ð'ÑднаÑиÑÑ». ÐикоÑиÑÑÐ°Ð½Ð½Ñ Ð¼Ð¾ÑÑÑв може