date:20180826

[tor-commits] [tor-browser-build/master] Changelog update to add AltSvc ticket

2018-08-26 Thread gk

commit a8e628fec8bb6e33e0b7e6ba04a5d793240cf99a
Author: Georg Koppen 
Date:   Mon Aug 27 05:44:52 2018 +

Changelog update to add AltSvc ticket
---
 projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt 
b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
index e9b394a..f4d8dec 100644
--- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
+++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
@@ -23,7 +23,7 @@ Tor Browser 8.0a10 -- August 20 2018
  * Bug 26477: Make meek extension compatible with ESR 60
* Bug 27082: Enable a limited UITour for user onboarding
* Bug 26961: New user onboarding
-   * Bug 14952: Enable HTTP2 and AltSvc
+   * Bug 14952+24553: Enable HTTP2 and AltSvc
  * Bug 25735: Tor Browser stalls while loading Facebook login page
* Bug 17252: Enable TLS session identifiers with first-party isolation
* Bug 26353: Prevent speculative connects that violate first-party isolation

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit 6e27d59bca4360731b7cf5fcecea9fbe6d5169df
Author: Translation commit bot 
Date:   Mon Aug 27 05:18:56 2018 +

Update translations for support-portal
---
 contents+el.po | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/contents+el.po b/contents+el.po
index 7da75bb10..e35283284 100644
--- a/contents+el.po
+++ b/contents+el.po
@@ -288,7 +288,7 @@ msgstr ""
 #: http//localhost/operators/operators-4/
 #: (content/operators/operators-4/contents+en.lrquestion.description)
 msgid "$ sudo apt-get install tor deb.torproject.org-keyring"
-msgstr ""
+msgstr "$ sudo apt-get install tor deb.torproject.org-keyring"
 
 #: http//localhost/misc/misc-3/
 #: (content/misc/misc-3/contents+en.lrquestion.description)
@@ -345,7 +345,7 @@ msgstr ""
 #: http//localhost/operators/operators-3/
 #: (content/operators/operators-3/contents+en.lrquestion.description)
 msgid "RunAsDaemon 1"
-msgstr ""
+msgstr "RunAsDaemon 1"
 
 #: http//localhost/operators/operators-4/
 #: (content/operators/operators-4/contents+en.lrquestion.seo_slug)
@@ -410,7 +410,7 @@ msgstr ""
 #: http//localhost/tbb/tbb-37/
 #: (content/tbb/tbb-37/contents+en.lrquestion.description)
 msgid "* Polish (pl)"
-msgstr ""
+msgstr "* Polish (pl)"
 
 #: http//localhost/tbb/tbb-31/
 #: (content/tbb/tbb-31/contents+en.lrquestion.description)
@@ -569,6 +569,8 @@ msgid ""
 ""
 msgstr ""
+""
 
 #: http//localhost/censorship/censorship-7/
 #: (content/censorship/censorship-7/contents+en.lrquestion.description)
@@ -870,7 +872,7 @@ msgstr "ÎÏÎ¿ÏÏ Î½Î± ÏÏÎÎ¾Ï ÏÎ¿ Tor ÏÎµ Î¼Î¹Î± ÏÏ
ÏÎºÎµÏÎ® Android;"
 #: http//localhost/operators/operators-6/
 #: (content/operators/operators-6/contents+en.lrquestion.description)
 msgid "#RelayBandwidthBurst 100 MBytes"
-msgstr ""
+msgstr "#RelayBandwidthBurst 100 MBytes"
 
 #: http//localhost/operators/operators-2/
 #: (content/operators/operators-2/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit 3e3def8f55c2ac59085d1080cf248fdb18484d4e
Author: Translation commit bot 
Date:   Mon Aug 27 04:48:57 2018 +

Update translations for support-portal
---
 contents+el.po | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/contents+el.po b/contents+el.po
index 9e7181d81..7da75bb10 100644
--- a/contents+el.po
+++ b/contents+el.po
@@ -7,13 +7,14 @@
 # Kostas Papadopoulos , 2018
 # Sofia K., 2018
 # A Papac , 2018
+# Emma Peel, 2018
 msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-08-26 08:16+CET\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-"Last-Translator: A Papac , 2018\n"
+"Last-Translator: Emma Peel, 2018\n"
 "Language-Team: Greek (https://www.transifex.com/otf/teams/1519/el/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -2377,7 +2378,7 @@ msgstr ""
 #: http//localhost/tbb/tbb-7/
 #: (content/tbb/tbb-7/contents+en.lrquestion.description)
 msgid "Thank you.\""
-msgstr ""
+msgstr "ÎÏÏÎ±ÏÎ¹ÏÏÏ.\""
 
 #: http//localhost/tbb/tbb-37/
 #: (content/tbb/tbb-37/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-08-26 Thread translation

commit 01a2734320e82f8c0ba2fcb8229e1f7f93fd798f
Author: Translation commit bot 
Date:   Mon Aug 27 04:19:06 2018 +

Update translations for support-portal_completed
---
 contents+tr.po | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/contents+tr.po b/contents+tr.po
index 5d99fb846..41f301423 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -2006,6 +2006,8 @@ msgid ""
 "href=\"https://www.torproject.org/projects/torbrowser.html.en\;>Tor "
 "Browser in the following languages:"
 msgstr ""
+"https://www.torproject.org/projects/torbrowser.html.en\;>Tor"
+" Browser Åu dillerde sunulmaktadÄ±r:"
 
 #: http//localhost/tbb/tbb-39/
 #: (content/tbb/tbb-39/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit 7ae64122e4912bc88cba6da1ed80d983ddc4204c
Author: Translation commit bot 
Date:   Mon Aug 27 04:19:01 2018 +

Update translations for support-portal
---
 contents+tr.po | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/contents+tr.po b/contents+tr.po
index 5d99fb846..41f301423 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -2006,6 +2006,8 @@ msgid ""
 "href=\"https://www.torproject.org/projects/torbrowser.html.en\;>Tor "
 "Browser in the following languages:"
 msgstr ""
+"https://www.torproject.org/projects/torbrowser.html.en\;>Tor"
+" Browser Åu dillerde sunulmaktadÄ±r:"
 
 #: http//localhost/tbb/tbb-39/
 #: (content/tbb/tbb-39/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd_completed] Update translations for torbutton-abouttbupdatedtd_completed

2018-08-26 Thread translation

commit a810ce420a1ca54d1b09da499d1959f87c7b
Author: Translation commit bot 
Date:   Mon Aug 27 04:18:16 2018 +

Update translations for torbutton-abouttbupdatedtd_completed
---
 tr/abouttbupdate.dtd | 4 
 1 file changed, 4 insertions(+)

diff --git a/tr/abouttbupdate.dtd b/tr/abouttbupdate.dtd
index 5aac624f5..a00580432 100644
--- a/tr/abouttbupdate.dtd
+++ b/tr/abouttbupdate.dtd
@@ -4,3 +4,7 @@
 
 
 
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd] Update translations for torbutton-abouttbupdatedtd

2018-08-26 Thread translation

commit 2b17107435a5b88d363212fc0331f4720f3f883c
Author: Translation commit bot 
Date:   Mon Aug 27 04:18:10 2018 +

Update translations for torbutton-abouttbupdatedtd
---
 tr/abouttbupdate.dtd | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tr/abouttbupdate.dtd b/tr/abouttbupdate.dtd
index 4146bd31b..a00580432 100644
--- a/tr/abouttbupdate.dtd
+++ b/tr/abouttbupdate.dtd
@@ -5,6 +5,6 @@
 
 
 
-
-
+
+
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd_completed] Update translations for torbutton-abouttbupdatedtd_completed

2018-08-26 Thread translation

commit e6eec4f074f338a9df0ac40aa71d398185ddef69
Author: Translation commit bot 
Date:   Mon Aug 27 00:49:24 2018 +

Update translations for torbutton-abouttbupdatedtd_completed
---
 en/abouttbupdate.dtd | 4 
 1 file changed, 4 insertions(+)

diff --git a/en/abouttbupdate.dtd b/en/abouttbupdate.dtd
index 37567bd7e..f7b3f2ed8 100644
--- a/en/abouttbupdate.dtd
+++ b/en/abouttbupdate.dtd
@@ -4,3 +4,7 @@
 
 
 
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-abouttbupdatedtd] Update translations for torbutton-abouttbupdatedtd

2018-08-26 Thread translation

commit ec98045bb1d716db645840f6ace1ff5bb1ebfbe2
Author: Translation commit bot 
Date:   Mon Aug 27 00:49:17 2018 +

Update translations for torbutton-abouttbupdatedtd
---
 ach/abouttbupdate.dtd | 4 
 af/abouttbupdate.dtd  | 4 
 ak/abouttbupdate.dtd  | 4 
 am/abouttbupdate.dtd  | 4 
 ar/abouttbupdate.dtd  | 4 
 arn/abouttbupdate.dtd | 4 
 ast/abouttbupdate.dtd | 4 
 az/abouttbupdate.dtd  | 4 
 be/abouttbupdate.dtd  | 4 
 bg/abouttbupdate.dtd  | 4 
 bn_BD/abouttbupdate.dtd   | 4 
 bo/abouttbupdate.dtd  | 4 
 br/abouttbupdate.dtd  | 4 
 brx/abouttbupdate.dtd | 4 
 bs/abouttbupdate.dtd  | 4 
 ca/abouttbupdate.dtd  | 4 
 cs/abouttbupdate.dtd  | 4 
 csb/abouttbupdate.dtd | 4 
 cv/abouttbupdate.dtd  | 4 
 cy/abouttbupdate.dtd  | 4 
 da/abouttbupdate.dtd  | 4 
 de/abouttbupdate.dtd  | 4 
 dz/abouttbupdate.dtd  | 4 
 el/abouttbupdate.dtd  | 4 
 en/abouttbupdate.dtd  | 4 
 en_GB/abouttbupdate.dtd   | 4 
 eo/abouttbupdate.dtd  | 4 
 es/abouttbupdate.dtd  | 4 
 es_AR/abouttbupdate.dtd   | 4 
 es_CL/abouttbupdate.dtd   | 4 
 es_CO/abouttbupdate.dtd   | 4 
 es_MX/abouttbupdate.dtd   | 4 
 et/abouttbupdate.dtd  | 4 
 eu/abouttbupdate.dtd  | 4 
 fa/abouttbupdate.dtd  | 4 
 fi/abouttbupdate.dtd  | 4 
 fil/abouttbupdate.dtd | 4 
 fo/abouttbupdate.dtd  | 4 
 fr/abouttbupdate.dtd  | 4 
 fur/abouttbupdate.dtd | 4 
 fy/abouttbupdate.dtd  | 4 
 ga/abouttbupdate.dtd  | 4 
 gd/abouttbupdate.dtd  | 4 
 gl/abouttbupdate.dtd  | 4 
 gu/abouttbupdate.dtd  | 4 
 gu_IN/abouttbupdate.dtd   | 4 
 gun/abouttbupdate.dtd | 4 
 ha/abouttbupdate.dtd  | 4 
 he/abouttbupdate.dtd  | 8 ++--
 hi/abouttbupdate.dtd  | 4 
 hr/abouttbupdate.dtd  | 4 
 hr_HR/abouttbupdate.dtd   | 4 
 ht/abouttbupdate.dtd  | 4 
 hu/abouttbupdate.dtd  | 4 
 hy/abouttbupdate.dtd  | 4 
 ia/abouttbupdate.dtd  | 4 
 id/abouttbupdate.dtd  | 4 
 is/abouttbupdate.dtd  | 4 
 it/abouttbupdate.dtd  | 4 
 ja/abouttbupdate.dtd  | 4 
 jv/abouttbupdate.dtd  | 4 
 ka/abouttbupdate.dtd  | 4 
 kk/abouttbupdate.dtd  | 4 
 km/abouttbupdate.dtd  | 4 
 kn/abouttbupdate.dtd  | 4 
 ko/abouttbupdate.dtd  | 4 
 ko_KR/abouttbupdate.dtd   | 4 
 ku/abouttbupdate.dtd  | 4 
 ku_IQ/abouttbupdate.dtd   | 4 
 kw/abouttbupdate.dtd  | 4 
 ky/abouttbupdate.dtd  | 4 
 la/abouttbupdate.dtd  | 4 
 lb/abouttbupdate.dtd  | 4 
 lg/abouttbupdate.dtd  | 4 
 ln/abouttbupdate.dtd  | 4 
 lo/abouttbupdate.dtd  | 4 
 lt/abouttbupdate.dtd  | 4 
 lv/abouttbupdate.dtd  | 4 
 mg/abouttbupdate.dtd  | 4 
 mi/abouttbupdate.dtd  | 4 
 mk/abouttbupdate.dtd  | 4 
 ml/abouttbupdate.dtd  | 4 
 mn/abouttbupdate.dtd  | 4 
 mr/abouttbupdate.dtd  | 4 
 ms_MY/abouttbupdate.dtd   | 4 
 mt/abouttbupdate.dtd  | 4 
 my/abouttbupdate.dtd  | 4 
 nah/abouttbupdate.dtd | 4 
 nap/abouttbupdate.dtd | 4 
 nb/abouttbupdate.dtd  | 4 
 ne/abouttbupdate.dtd  | 4 
 nl/abouttbupdate.dtd  | 4 
 nl_BE/abouttbupdate.dtd   | 4 
 nn/abouttbupdate.dtd  | 4 
 nso/abouttbupdate.dtd | 4 
 oc/abouttbupdate.dtd  | 4 
 om/abouttbupdate.dtd  | 4 
 or/abouttbupdate.dtd  | 4 
 pa/abouttbupdate.dtd  | 4 
 pap/abouttbupdate.dtd | 4 
 pl/abouttbupdate.dtd  | 4 
 pms/abouttbupdate.dtd | 4 
 ps/abouttbupdate.dtd  | 4 
 pt/abouttbupdate.dtd  | 4 
 pt_BR/abouttbupdate.dtd   | 4 
 pt_PT/abouttbupdate.dtd   | 4 
 ro/abouttbupdate.dtd  | 4 
 ru/abouttbupdate.dtd  | 4 
 ru@petr1708/abouttbupdate.dtd | 4 
 sco/abouttbupdate.dtd | 4 
 si_LK/abouttbupdate.dtd   | 4 
 sk/abouttbupdate.dtd  | 4 
 sk_SK/abouttbupdate.dtd   | 4 
 sl/abouttbupdate.dtd  | 4 
 sl_SI/abouttbupdate.dtd   | 4 
 sn/abouttbupdate.dtd  | 4 
 so/abouttbupdate.dtd  | 4 
 son/abouttbupdate.dtd | 4 
 sq/abouttbupdate.dtd  | 4 
 sr/abouttbupdate.dtd  | 4

[tor-commits] [stem/master] New RelayCell decrypt method

2018-08-26 Thread atagar

commit 7d8f1f151d8e2c815e68e0197513f0449a12edd0
Author: Damian Johnson 
Date:   Sun Aug 26 12:23:57 2018 -0700

New RelayCell decrypt method

Again, a simple decryption method based on our Circuit's prior send() 
method.

This branch made a valient attempt to implement our decryption digest. But
honestly the code is twisty enough that I really don't understand how it's
attempting to achieve this (sorry!).

Unless I'm missing something decryption digests only play a role when we're 
a
middle hop relay, which we're not even close to implementing. This is why
our prior Circuit send() method left it unimplmented.

Maybe I'm mistaken? I'd be delighted to support decryption digests if it 
serves
a purpose, and is done in a simpler fashion.
---
 stem/client/cell.py | 55 +
 1 file changed, 55 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 29aa18ab..d4540203 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -576,6 +576,61 @@ class RelayCell(CircuitCell):
 
 return RelayCell._pack(link_protocol, bytes(payload), self.unused, 
self.circ_id)
 
+  @classmethod
+  def decrypt(link_protocol, content, key, digest):
+"""
+Decrypts content as a relay cell addressed to us. This provides back a
+tuple of the form...
+
+::
+
+  (cell (RelayCell), new_key (CipherContext), new_digest (HASH))
+
+:param int link_protocol: link protocol version
+:param bytes content: cell content to be decrypted
+:param cryptography.hazmat.primitives.ciphers.CipherContext key:
+  key established with the relay we received this cell from
+:param HASH digest: running digest held with the relay
+
+:returns: **tuple** with our decrypted cell and updated key/digest
+
+:raises: :class:`stem.ProtocolError` if content doesn't belong to a relay
+  cell
+"""
+
+new_key = copy.copy(key)
+new_digest = digest.copy()
+
+if len(content) != link_protocol.fixed_cell_length:
+  raise stem.ProtocolError('RELAY cells should be %i bytes, but received 
%i' % (link_protocol.fixed_cell_length, len(content)))
+
+circ_id, content = link_protocol.circ_id_size.pop(content)
+command, encrypted_payload = Size.CHAR.pop(content)
+
+if command != RelayCell.VALUE:
+  raise stem.ProtocolError('Cannot decrypt as a RELAY cell. This had 
command %i instead.' % command)
+
+payload = new_key.update(encrypted_payload)
+
+cell = RelayCell._unpack(payload, circ_id, link_protocol)
+
+# TODO: Implement our decryption digest. It is used to support relaying
+# within multi-hop circuits. On first glance this should go something
+# like...
+#
+#   # Our updated digest is calculated based on this cell with a blanked
+#   # digest field.
+#
+#   digest_cell = RelayCell(self.id, self.command, self.data, 0, 
self.stream_id, self.recognized, self.unused)
+#   new_digest.update(digest_cell.pack(link_protocol))
+#
+#   is_encrypted == cell.recognized != 0 or self.digest == new_digest
+#
+# ... or something like that. Until we attempt to support relaying this is
+# both moot and difficult to exercise in order to ensure we get it right.
+
+return cell, new_key, new_digest
+
   def encrypt(self, link_protocol, key, digest):
 """
 Encrypts our cell content to be sent with the given key. This provides back



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] New RelayCell encrypt method

2018-08-26 Thread atagar

commit 8e83553e578aa0f8819eead434ca7ca26d57d5d9
Author: Damian Johnson 
Date:   Sun Aug 26 11:35:37 2018 -0700

New RelayCell encrypt method

"Premature optimization is the root of all evil."

While I love the idea of moving our encrypt() and decrypt() methods into the
RelayCell class I gotta admit I'm not a fan of the verbosity and large 
number
of helpers. This branche's new RelayCell is far, far more complicated 
without
adding any new capabilities to the Circuit class.

As such basing this encrypt() method on our previous Circuit send() code.
Hopefully this gets us the best of both worlds: Circuit is simpler because
it no longer does encryption/decryption itself, and our RelayCell remains
an elegantly simple class too.

I suspect Dave might be factoring things this way in anticipation of future
additions but I'd rather not complicate our code until it comes hand-in-hand
with a practical benefit in doing so.
---
 stem/client/__init__.py |  2 +-
 stem/client/cell.py | 35 +++
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 19528d67..486ff0a6 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -237,7 +237,7 @@ class Circuit(object):
   # successfully sent.
 
   cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-  payload, forward_digest, forward_key = 
cell.encrypt(self.relay.link_protocol, self.forward_digest, self.forward_key)
+  payload, forward_digest, forward_key = 
cell.encrypt(self.relay.link_protocol, self.forward_key, self.forward_digest)
   self.relay._orport.send(payload)
 
   self.forward_digest = forward_digest
diff --git a/stem/client/cell.py b/stem/client/cell.py
index b40a30e1..29aa18ab 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -576,6 +576,41 @@ class RelayCell(CircuitCell):
 
 return RelayCell._pack(link_protocol, bytes(payload), self.unused, 
self.circ_id)
 
+  def encrypt(self, link_protocol, key, digest):
+"""
+Encrypts our cell content to be sent with the given key. This provides back
+a tuple of the form...
+
+::
+
+  (payload (bytes), new_key (CipherContext), new_digest (HASH))
+
+:param int link_protocol: link protocol version
+:param cryptography.hazmat.primitives.ciphers.CipherContext key:
+  key established with the relay we're sending this cell to
+:param HASH digest: running digest held with the relay
+
+:returns: **tuple** with our encrypted payload and updated key/digest
+"""
+
+new_key = copy.copy(key)
+new_digest = digest.copy()
+
+# Digests are computed from our payload, not including our header's circuit
+# id (2 or 4 bytes) and command (1 byte).
+
+header_size = link_protocol.circ_id_size.size + 1
+payload_without_digest = self.pack(link_protocol)[header_size:]
+new_digest.update(payload_without_digest)
+
+# Pack a copy of ourselves with our newly calculated digest, and encrypt
+# the payload. Header remains plaintext.
+
+cell = RelayCell(self.id, self.command, self.data, new_digest, 
self.stream_id, self.recognized, self.unused)
+header, payload = split(cell.pack(link_protocol), header_size)
+
+return header + new_key.update(payload), new_key, new_digest
+
   @classmethod
   def _unpack(cls, content, circ_id, link_protocol):
 command, content = Size.CHAR.pop(content)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Fix refactoring regressions

2018-08-26 Thread atagar

commit cea4f76279f79a65198743e90e300d7b0e1f6a97
Author: Damian Johnson 
Date:   Sun Aug 26 13:12:25 2018 -0700

Fix refactoring regressions

Ok, unsurprisingly I buggered this up in a few spots. Mostly regressions 
from
when I tweaked method argument orderings.

Unfortunatley our Circuit class doesn't have much in terms of test coverage
(... we should really fix that), so exercised these changes by fetching
moria1's descriptor...

  >>> import stem.descriptor.remote
  >>> print(stem.descriptor.remote.their_server_descriptor(endpoints = 
(stem.ORPort('128.31.0.34', 9101),)).run()[0])
---
 stem/client/__init__.py | 4 ++--
 stem/client/cell.py | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 486ff0a6..aaa62f5b 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -237,7 +237,7 @@ class Circuit(object):
   # successfully sent.
 
   cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-  payload, forward_digest, forward_key = 
cell.encrypt(self.relay.link_protocol, self.forward_key, self.forward_digest)
+  payload, forward_key, forward_digest = 
cell.encrypt(self.relay.link_protocol, self.forward_key, self.forward_digest)
   self.relay._orport.send(payload)
 
   self.forward_digest = forward_digest
@@ -254,7 +254,7 @@ class Circuit(object):
 
   while reply:
 encrypted_cell, reply = split(reply, 
self.relay.link_protocol.fixed_cell_length)
-decrypted_cell, backward_key, backward_digest = 
stem.client.cell.RelayCell.decrypt(encrypted_cell, self.backward_key, 
self.backward_digest)
+decrypted_cell, backward_key, backward_digest = 
stem.client.cell.RelayCell.decrypt(self.relay.link_protocol, encrypted_cell, 
self.backward_key, self.backward_digest)
 
 if self.id != decrypted_cell.circ_id:
   raise stem.ProtocolError('Response should be for circuit id %i, not 
%i' % (self.id, decrypted_cell.circ_id))
diff --git a/stem/client/cell.py b/stem/client/cell.py
index d7053eaf..91dec143 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -383,7 +383,7 @@ class RelayCell(CircuitCell):
 
 return RelayCell._pack(link_protocol, bytes(payload), self.unused, 
self.circ_id)
 
-  @classmethod
+  @staticmethod
   def decrypt(link_protocol, content, key, digest):
 """
 Decrypts content as a relay cell addressed to us. This provides back a
@@ -428,7 +428,7 @@ class RelayCell(CircuitCell):
 #   # Our updated digest is calculated based on this cell with a blanked
 #   # digest field.
 #
-#   digest_cell = RelayCell(self.id, self.command, self.data, 0, 
self.stream_id, self.recognized, self.unused)
+#   digest_cell = RelayCell(self.circ_id, self.command, self.data, 0, 
self.stream_id, self.recognized, self.unused)
 #   new_digest.update(digest_cell.pack(link_protocol))
 #
 #   is_encrypted == cell.recognized != 0 or self.digest == new_digest
@@ -468,7 +468,7 @@ class RelayCell(CircuitCell):
 # Pack a copy of ourselves with our newly calculated digest, and encrypt
 # the payload. Header remains plaintext.
 
-cell = RelayCell(self.id, self.command, self.data, new_digest, 
self.stream_id, self.recognized, self.unused)
+cell = RelayCell(self.circ_id, self.command, self.data, new_digest, 
self.stream_id, self.recognized, self.unused)
 header, payload = split(cell.pack(link_protocol), header_size)
 
 return header + new_key.update(payload), new_key, new_digest



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Move cell encryption/decription into the RelayCell class

2018-08-26 Thread atagar

commit 8a1239ea8e63af3797771b6be12ebcb14e437671
Merge: ded18921 cea4f762
Author: Damian Johnson 
Date:   Sun Aug 26 13:47:51 2018 -0700

Move cell encryption/decription into the RelayCell class

"Less is more."

Dave's pull request for ticket #27112 refactored our RelayCell into a
BaseRelayCell and RawRelayCell class. Think I see what he's going for,
and this was a step forward in some respects. But honestly added a lot
of code and complexity without functionally doing anything new.

Going with a hybrid of our approaches that integrates the part I think
we agree on. Namely, simplifying our Circuit's send() method by moving
cell encryption/decription down into the RelayCell class.

This is a much, *MUCH* smaller diff than what Dave proposed. Happy to
discuss integrating more of the pull request, but lets start with
the part I think we agree on to give us a common point to work from.

 stem/client/__init__.py |  65 +--
 stem/client/cell.py | 111 +---
 stem/client/datatype.py |  18 +--
 stem/util/log.py|   2 +-
 stem/util/term.py   |   2 +-
 test/unit/client/cell.py|   1 +
 test/unit/client/size.py|   1 +
 test/unit/control/controller.py |   1 -
 8 files changed, 145 insertions(+), 56 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Drop alternate relay cell classes

2018-08-26 Thread atagar

commit 6938036f28ee8e74b409014919b438da7a12fe10
Author: Damian Johnson 
Date:   Sun Aug 26 12:30:46 2018 -0700

Drop alternate relay cell classes

Now that our RelayCell implements encryption/decryption we can drop these.

These new methods have *not* been exercised yet. No doubt when rubber meets 
the
road I'll discover some issues, but they're close enough to the Circuit's 
prior
send() method that they should be simple to sort out.
---
 stem/client/cell.py  | 455 +--
 test/unit/client/cell.py |  67 ++-
 test/unit/client/size.py |   1 -
 3 files changed, 12 insertions(+), 511 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index d4540203..d7053eaf 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -108,7 +108,7 @@ class Cell(object):
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
-  if name == getattr(cls, 'NAME', UNDEFINED) and not getattr(cls, 
'CANNOT_DIRECTLY_UNPACK', False):
+  if name == getattr(cls, 'NAME', UNDEFINED):
 return cls
 
 raise ValueError("'%s' isn't a valid cell type" % name)
@@ -124,7 +124,7 @@ class Cell(object):
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
-  if value == getattr(cls, 'VALUE', UNDEFINED) and not getattr(cls, 
'CANNOT_DIRECTLY_UNPACK', False):
+  if value == getattr(cls, 'VALUE', UNDEFINED):
 return cls
 
 raise ValueError("'%s' isn't a valid cell value" % value)
@@ -321,199 +321,6 @@ class CreatedCell(CircuitCell):
 super(CreatedCell, self).__init__()  # TODO: implement
 
 
-class BaseRelayCell(CircuitCell):
-  """
-  Cell whose subclasses are relayed over circuits.
-
-  :var bytes payload: raw payload, quite possibly encrypted
-  """
-
-  NAME = 'INTERNAL_BASE_RELAY'  # defined for error/other strings
-  IS_FIXED_SIZE = True  # all relay cells are fixed-size
-
-  # other attributes are deferred to subclasses, since this class cannot be 
directly unpacked
-
-  def __init__(self, circ_id, payload):
-if not payload:
-  raise ValueError('Relay cells require a payload')
-if len(payload) != FIXED_PAYLOAD_LEN:
-  raise ValueError('Payload should be %i bytes, but was %i' % 
(FIXED_PAYLOAD_LEN, len(payload)))
-
-super(BaseRelayCell, self).__init__(circ_id, unused = b'')
-self.payload = payload
-
-  def pack(self, link_protocol):
-# unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
-return type(self)._pack(link_protocol, self.payload, circ_id = 
self.circ_id)
-
-  @classmethod
-  def _unpack(cls, content, circ_id, link_protocol):
-# unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
-return cls(circ_id, content)
-
-  def check_recognized_field(self):
-"""
-Checks the 'recognized' field of the cell payload, which indicates whether
-it is **probably** fully decrypted.
-
-:returns: **bool** indicating whether the 'recognized' field indicates
-  likely decryption. Per the spec:
-* **False** guarantees the cell *not* to be fully decrypted.
-* **True** does *not* guarantee the cell to be fully decrypted, and it
-  must be checked further. See also
-  :func:`~stem.client.cell.BaseRelayCell.check_digest`
-"""
-
-_, recognized_from_cell, _, _, _, _, _ = 
AlternateRelayCell._unpack_payload(self.payload)
-return recognized_from_cell == 0
-
-  def check_digest(self, digest):
-"""
-Calculates the running digest of the cell payload per the spec, returning
-whether the cell's unpacked digest matched, along with the updated digest
-if so.
-
-:param HASH digest: running digest held with the relay
-
-:returns: (digest_matches, digest) tuple of object copies updated as 
follows:
-  * digest_matches: **bool** indicating whether the digest matches
-  * digest: updated via digest.update(payload), if the digest matches;
-otherwise a copy of the original
-
-:raises: **ValueError** if payload is the wrong size
-"""
-
-command, recognized, stream_id, digest_from_cell, data_len, data, unused = 
AlternateRelayCell._unpack_payload(self.payload)
-
-# running digest is calculated using a zero'd digest field in the payload
-prepared_payload = AlternateRelayCell._pack_payload(command, recognized, 
stream_id, 0, data_len, data, unused, pad_remainder = False)
-
-if len(prepared_payload) != FIXED_PAYLOAD_LEN:
-  # this should never fail
-  # if it did, it indicates a programming error either within 
stem.client.cell or a consumer
-  raise ValueError('Payload should be %i bytes, but was %i' % 
(FIXED_PAYLOAD_LEN, len(prepared_payload)))
-
-new_digest = digest.copy()
-new_digest.update(prepared_payload)
-
-digest_matches = (AlternateRelayCell._coerce_digest(new_digest) == 
digest_from_cell)
-
-# only return the new_digest if the digest check

[tor-commits] [stem/master] Rearrange the digest/key copies to be a bit more spec-compliant

2018-08-26 Thread atagar

commit 13cc211070c2cf1d0d571461eed688ac1e69a735
Author: Dave Rolek 
Date:   Sat Aug 18 04:26:42 2018 +

Rearrange the digest/key copies to be a bit more spec-compliant

This arrangement is better, as it better keeps track of the digest/key
on a cell-by-cell basis, but it's still not spec-compliant in a number
of ways, such as its potential to drop cells or get corrupted backward
digest/key state in the case of an exception.

That's ok - this is just an interim implementation, and this change is
just to make things a bit better for illustrative purposes.
---
 stem/client/__init__.py | 33 +++--
 1 file changed, 19 insertions(+), 14 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 91e8c4ca..8c96b8c2 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -236,20 +236,27 @@ class Circuit(object):
 with self.relay._orport_lock:
   orig_forward_digest = self.forward_digest.copy()
   orig_forward_key = copy.copy(self.forward_key)
-  orig_backward_digest = self.backward_digest.copy()
-  orig_backward_key = copy.copy(self.backward_key)
 
   try:
 cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
 encrypted_cell, self.forward_digest, self.forward_key = 
cell.encrypt(self.forward_digest, self.forward_key)
 
-reply_cells = []
 self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
-reply = self.relay._orport.recv()
+  except:
+self.forward_digest = orig_forward_digest
+self.forward_key = orig_forward_key
+raise
+
+  reply = self.relay._orport.recv()
+  reply_cells = []
 
-relay_cell_cmd = stem.client.cell.RelayCell.VALUE
+  relay_cell_cmd = stem.client.cell.RelayCell.VALUE
 
-while reply:
+  while reply:
+orig_backward_digest = self.backward_digest.copy()
+orig_backward_key = copy.copy(self.backward_key)
+
+try:
   raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
 
   if raw_cell.VALUE != relay_cell_cmd:
@@ -260,16 +267,14 @@ class Circuit(object):
   decrypted_cell, fully_decrypted, self.backward_digest, 
self.backward_key = raw_cell.decrypt(self.backward_digest, self.backward_key, 
interpret = True)
   if not fully_decrypted:
 raise stem.ProtocolError('Response for circuit id %i was not fully 
decrypted, when expected to be' % self.id)
+except:
+  self.backward_digest = orig_backward_digest
+  self.backward_key = orig_backward_key
+  raise
 
-  reply_cells.append(decrypted_cell)
+reply_cells.append(decrypted_cell)
 
-return reply_cells
-  except:
-self.forward_digest = orig_forward_digest
-self.forward_key = orig_forward_key
-self.backward_digest = orig_backward_digest
-self.backward_key = orig_backward_key
-raise
+  return reply_cells
 
   def close(self):
 with self.relay._orport_lock:



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Resume size check for circuit responses

2018-08-26 Thread atagar

commit 2e51a01c1fa96f24f44b744d37915ef2ffd7762d
Author: Damian Johnson 
Date:   Sat Aug 25 12:39:44 2018 -0700

Resume size check for circuit responses

Maybe this check is redundant with the cell module additions? Not sure.
Regardless, unlike the hamhanded 'relay_cell_size' calculation I did prior
to Dave's branch our LinkProtocol's 'fixed_cell_length' now makes this
check trivial to do upfront.
---
 stem/client/__init__.py | 10 +++---
 stem/client/datatype.py |  5 -
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 46a82428..a216696a 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -243,16 +243,20 @@ class Circuit(object):
   self.forward_digest = forward_digest
   self.forward_key = forward_key
 
+  # Decrypt relay cells received in response. Again, our digest/key only
+  # updates when handled successfully.
+
   reply = self.relay._orport.recv()
   reply_cells = []
 
-  relay_cell_cmd = stem.client.cell.RelayCell.VALUE
+  if len(reply) % self.relay.link_protocol.fixed_cell_length != 0:
+raise stem.ProtocolError('Circuit response should be a series of RELAY 
cells, but received an unexpected size for a response: %i' % len(reply))
 
   while reply:
 raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
 
-if raw_cell.VALUE != relay_cell_cmd:
-  raise stem.ProtocolError('RELAY cell responses should be %i but was 
%i' % (relay_cell_cmd, raw_cell.VALUE))
+if raw_cell.VALUE != stem.client.cell.RelayCell.VALUE:
+  raise stem.ProtocolError('RELAY cell responses should be %i but was 
%i' % (stem.client.cell.RelayCell.VALUE, raw_cell.VALUE))
 elif raw_cell.circ_id != self.id:
   raise stem.ProtocolError('Response should be for circuit id %i, not 
%i' % (self.id, raw_cell.circ_id))
 
diff --git a/stem/client/datatype.py b/stem/client/datatype.py
index 43bdfe9d..644d4993 100644
--- a/stem/client/datatype.py
+++ b/stem/client/datatype.py
@@ -116,6 +116,7 @@ import collections
 import hashlib
 import struct
 
+import stem.client.cell
 import stem.prereq
 import stem.util
 import stem.util.connection
@@ -246,9 +247,11 @@ class LinkProtocol(int):
 protocol = int.__new__(cls, version)
 protocol.version = version
 protocol.circ_id_size = Size.LONG if version > 3 else Size.SHORT
-protocol.fixed_cell_length = 514 if version > 3 else 512
 protocol.first_circ_id = 0x8000 if version > 3 else 0x01
 
+cell_header_size = protocol.circ_id_size.size + 1  # circuit id (2 or 4 
bytes) + command (1 byte)
+protocol.fixed_cell_length = cell_header_size + 
stem.client.cell.FIXED_PAYLOAD_LEN
+
 return protocol
 
   def __hash__(self):



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add convenience method for packing payload of a RELAY cell

2018-08-26 Thread atagar

commit aa3b674ef3c7d22c16c6480937531f38b208a0c1
Author: Dave Rolek 
Date:   Fri Aug 10 19:55:22 2018 +

Add convenience method for packing payload of a RELAY cell

There may be a bit too much going on here - i.e. these methods may not
be anything but a bit redundant - but things will get trimmed down later
when the API is better worked out.
---
 stem/client/cell.py | 13 -
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 381a7387..39a729f1 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -424,7 +424,7 @@ class RelayCell(CircuitCell):
 return digest
 
   def pack(self, link_protocol):
-payload = RelayCell._pack_payload(self.command_int, self.recognized, 
self.stream_id, self.digest, len(self.data), self.data, self.unused)
+payload = self.pack_payload()
 
 return RelayCell._pack(link_protocol, payload, unused = b'', circ_id = 
self.circ_id)
 
@@ -456,6 +456,17 @@ class RelayCell(CircuitCell):
 
 return command, recognized, stream_id, digest, data_len, data, unused
 
+  def pack_payload(self, **kwargs):
+"""
+Convenience method for running _pack_payload on self.
+
+:param bool pad_remaining: (optional, defaults to **True**) pads up to 
payload size if **True**
+
+:returns: **bytes** with the packed payload
+"""
+
+return RelayCell._pack_payload(self.command_int, self.recognized, 
self.stream_id, self.digest, len(self.data), self.data, self.unused, **kwargs)
+
   @staticmethod
   def _pack_payload(command_int, recognized, stream_id, digest, data_len, 
data, unused = b'', pad_remainder = True):
 """



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add check_digest instance method to BaseRelayCell

2018-08-26 Thread atagar

commit 69f293222f550978e603906a4b3e34cb371447b0
Author: Dave Rolek 
Date:   Sat Aug 18 02:40:01 2018 +

Add check_digest instance method to BaseRelayCell

Similar to how apply_digest() is used by a RELAY cell sender, this
collects the logic needed for a receiver to confirm that a cell is fully
decrypted and that the cell's integrity is intact.

This is new functionality. Prior to this change, stem.client had no
facility to check the digest of a RELAY cell according to the spec.

Not yet used.
---
 stem/client/cell.py | 38 ++
 1 file changed, 38 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 43dc076c..5235331e 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -354,6 +354,44 @@ class BaseRelayCell(CircuitCell):
 # unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
 return cls(circ_id, content)
 
+  def check_digest(self, digest):
+"""
+Calculates the running digest of the cell payload per the spec, returning
+whether the cell's unpacked digest matched, along with the updated digest
+if so.
+
+:param HASH digest: running digest held with the relay
+
+:returns: (digest_matches, digest) tuple of object copies updated as 
follows:
+  * digest_matches: **bool** indicating whether the digest matches
+  * digest: updated via digest.update(payload), if the digest matches;
+otherwise a copy of the original
+
+:raises: **ValueError** if payload is the wrong size
+"""
+
+command, recognized, stream_id, digest_from_cell, data_len, data, unused = 
RelayCell._unpack_payload(self.payload)
+
+# running digest is calculated using a zero'd digest field in the payload
+prepared_payload = RelayCell._pack_payload(command, recognized, stream_id, 
0, data_len, data, unused, pad_remainder = False)
+
+if len(prepared_payload) != FIXED_PAYLOAD_LEN:
+  # this should never fail
+  # if it did, it indicates a programming error either within 
stem.client.cell or a consumer
+  raise ValueError('Payload should be %i bytes, but was %i' % 
(FIXED_PAYLOAD_LEN, len(prepared_payload)))
+
+new_digest = digest.copy()
+new_digest.update(prepared_payload)
+
+digest_matches = (RelayCell._coerce_digest(new_digest) == digest_from_cell)
+
+# only return the new_digest if the digest check passed
+# even if not, return a copy of the original
+# this allows a consumer to always assume the returned digest is a 
different object
+digest_to_return = new_digest if digest_matches else digest.copy()
+
+return digest_matches, digest_to_return
+
   def __hash__(self):
 return stem.util._hash_attr(self, 'circ_id', 'payload', cache = True)
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Simplify rollback of key/digest during errors

2018-08-26 Thread atagar

commit 56f41833173aca0c5e78ca2095935f8a474c6430
Author: Damian Johnson 
Date:   Fri Aug 24 03:49:17 2018 -0700

Simplify rollback of key/digest during errors

The reason I asked for our functions to return a new copy of our key/digest 
is
because it lets us simplify this calling code a bit.

Rather than explicitly reverting the key/digest we can simply wait to record
the new values until cells are successfully sent and received.
---
 stem/client/__init__.py | 53 ++---
 1 file changed, 24 insertions(+), 29 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 8c96b8c2..0ee8cbf0 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -25,7 +25,6 @@ a wrapper for :class:`~stem.socket.RelaySocket`, much the 
same way as
 +- close - closes this circuit
 """
 
-import copy
 import hashlib
 import threading
 
@@ -234,18 +233,16 @@ class Circuit(object):
 """
 
 with self.relay._orport_lock:
-  orig_forward_digest = self.forward_digest.copy()
-  orig_forward_key = copy.copy(self.forward_key)
+  cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
+  encrypted_cell, new_forward_digest, new_forward_key = 
cell.encrypt(self.forward_digest, self.forward_key)
 
-  try:
-cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-encrypted_cell, self.forward_digest, self.forward_key = 
cell.encrypt(self.forward_digest, self.forward_key)
+  self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
 
-self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
-  except:
-self.forward_digest = orig_forward_digest
-self.forward_key = orig_forward_key
-raise
+  # Only recoding our new digest/key if the cell's successfully sent. If
+  # the above raises we should leave them alone.
+
+  self.forward_digest = new_forward_digest
+  self.forward_key = new_forward_key
 
   reply = self.relay._orport.recv()
   reply_cells = []
@@ -253,24 +250,22 @@ class Circuit(object):
   relay_cell_cmd = stem.client.cell.RelayCell.VALUE
 
   while reply:
-orig_backward_digest = self.backward_digest.copy()
-orig_backward_key = copy.copy(self.backward_key)
-
-try:
-  raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
-
-  if raw_cell.VALUE != relay_cell_cmd:
-raise stem.ProtocolError('RELAY cell responses should be %i but 
was %i' % (relay_cell_cmd, raw_cell.VALUE))
-  elif raw_cell.circ_id != self.id:
-raise stem.ProtocolError('Response should be for circuit id %i, 
not %i' % (self.id, raw_cell.circ_id))
-
-  decrypted_cell, fully_decrypted, self.backward_digest, 
self.backward_key = raw_cell.decrypt(self.backward_digest, self.backward_key, 
interpret = True)
-  if not fully_decrypted:
-raise stem.ProtocolError('Response for circuit id %i was not fully 
decrypted, when expected to be' % self.id)
-except:
-  self.backward_digest = orig_backward_digest
-  self.backward_key = orig_backward_key
-  raise
+raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
+
+if raw_cell.VALUE != relay_cell_cmd:
+  raise stem.ProtocolError('RELAY cell responses should be %i but was 
%i' % (relay_cell_cmd, raw_cell.VALUE))
+elif raw_cell.circ_id != self.id:
+  raise stem.ProtocolError('Response should be for circuit id %i, not 
%i' % (self.id, raw_cell.circ_id))
+
+decrypted_cell, fully_decrypted, new_backward_digest, new_backward_key 
= raw_cell.decrypt(self.backward_digest, self.backward_key, interpret = True)
+
+if not fully_decrypted:
+  raise stem.ProtocolError('Response for circuit id %i was not fully 
decrypted, when expected to be' % self.id)
+
+# Again, if the above raises the digest/key should remain unchanged.
+
+self.backward_digest = new_backward_digest
+self.backward_key = new_backward_key
 
 reply_cells.append(decrypted_cell)
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Revert cell module hierarchy docs

2018-08-26 Thread atagar

commit 347120a44614437f8e1642dc81676760f877c8be
Author: Damian Johnson 
Date:   Sat Aug 25 13:45:47 2018 -0700

Revert cell module hierarchy docs

Dropping BaseRelayCell and RawRelayCell from the hierarchy (reintegrating 
'em
into the RelayCell). Due to the whitespace changes this occupies a sizable
chunk of the merge diff.
---
 stem/client/cell.py | 39 ++-
 1 file changed, 18 insertions(+), 21 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 3de1c731..aec868c4 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -12,27 +12,25 @@ Messages communicated over a Tor relay's ORPort.
 
   Cell - Base class for ORPort messages.
 |- CircuitCell - Circuit management.
-|  |- CreateCell - Create a circuit.   
   (section 5.1)
-|  |- CreatedCell - Acknowledge create.
   (section 5.1)
-|  |- BaseRelayCell - End-to-end data; abstract.   
   (section 6.1)
-|  |  +- RawRelayCell - End-to-end data. Payload not unpacked. 
   (section 5.5.2.1, 5.5.3)
-|  |- RelayCell - End-to-end data. 
   (section 6.1)
-|  |- DestroyCell - Stop using a circuit.  
   (section 5.4)
-|  |- CreateFastCell - Create a circuit, no PK.
   (section 5.1)
-|  |- CreatedFastCell - Circuit created, no PK.
   (section 5.1)
-|  |- RelayEarlyCell - End-to-end data; limited.   
   (section 5.6)
-|  |- Create2Cell - Extended CREATE cell.  
   (section 5.1)
-|  +- Created2Cell - Extended CREATED cell.
   (section 5.1)
+|  |- CreateCell - Create a circuit.  (section 5.1)
+|  |- CreatedCell - Acknowledge create.   (section 5.1)
+|  |- RelayCell - End-to-end data.(section 6.1)
+|  |- DestroyCell - Stop using a circuit. (section 5.4)
+|  |- CreateFastCell - Create a circuit, no PK.   (section 5.1)
+|  |- CreatedFastCell - Circuit created, no PK.   (section 5.1)
+|  |- RelayEarlyCell - End-to-end data; limited.  (section 5.6)
+|  |- Create2Cell - Extended CREATE cell. (section 5.1)
+|  +- Created2Cell - Extended CREATED cell.   (section 5.1)
 |
-|- PaddingCell - Padding negotiation.  
   (section 7.2)
-|- VersionsCell - Negotiate proto version. 
   (section 4)
-|- NetinfoCell - Time and address info.
   (section 4.5)
-|- PaddingNegotiateCell - Padding negotiation. 
   (section 7.2)
-|- VPaddingCell - Variable-length padding. 
   (section 7.2)
-|- CertsCell - Relay certificates. 
   (section 4.2)
-|- AuthChallengeCell - Challenge value.
   (section 4.3)
-|- AuthenticateCell - Client authentication.   
   (section 4.5)
-|- AuthorizeCell - Client authorization.   
   (not yet used)
+|- PaddingCell - Padding negotiation. (section 7.2)
+|- VersionsCell - Negotiate proto version.(section 4)
+|- NetinfoCell - Time and address info.   (section 4.5)
+|- PaddingNegotiateCell - Padding negotiation.(section 7.2)
+|- VPaddingCell - Variable-length padding.(section 7.2)
+|- CertsCell - Relay certificates.(section 4.2)
+|- AuthChallengeCell - Challenge value.   (section 4.3)
+|- AuthenticateCell - Client authentication.  (section 4.5)
+|- AuthorizeCell - Client authorization.  (not yet used)
 |
 |- pack - encodes cell into bytes
 |- unpack - decodes series of cells
@@ -86,7 +84,6 @@ class Cell(object):
   The following cell types explicitly don't have *unused* content:
 * PaddingCell (we consider all content part of payload)
 * VersionsCell (all content is unpacked and treated as a version 
specification)
-* BaseRelayCell (we don't parse cell beyond header/body)
 * VPaddingCell (we consider all content part of payload)
 
   :var bytes unused: unused filler that padded the cell to the expected size



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Stub minimal cell decryption function

2018-08-26 Thread atagar

commit 52edd22ca10d559270ee240409447351bd8639f8
Author: Damian Johnson 
Date:   Sat Aug 25 13:32:07 2018 -0700

Stub minimal cell decryption function

Ok, now into the meat of this sucker. Dave's branch introduces nice 
additions
such as validating our backward digest and a flag to indicate if we've fully
decrypted the cell or not.

For the moment moving to a minimal decryption function that only supports 
what
we did previously. Next gonna try to integrate his new features to make a
hybrid approach that hopefully takes the best of both.
---
 stem/client/__init__.py | 22 +++---
 stem/client/cell.py | 30 ++
 2 files changed, 37 insertions(+), 15 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index a216696a..19528d67 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -33,7 +33,7 @@ import stem.client.cell
 import stem.socket
 import stem.util.connection
 
-from stem.client.datatype import ZERO, LinkProtocol, Address, KDF
+from stem.client.datatype import ZERO, LinkProtocol, Address, KDF, split
 
 __all__ = [
   'cell',
@@ -253,22 +253,14 @@ class Circuit(object):
 raise stem.ProtocolError('Circuit response should be a series of RELAY 
cells, but received an unexpected size for a response: %i' % len(reply))
 
   while reply:
-raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
+encrypted_cell, reply = split(reply, 
self.relay.link_protocol.fixed_cell_length)
+decrypted_cell, backward_key, backward_digest = 
stem.client.cell.RelayCell.decrypt(encrypted_cell, self.backward_key, 
self.backward_digest)
 
-if raw_cell.VALUE != stem.client.cell.RelayCell.VALUE:
-  raise stem.ProtocolError('RELAY cell responses should be %i but was 
%i' % (stem.client.cell.RelayCell.VALUE, raw_cell.VALUE))
-elif raw_cell.circ_id != self.id:
-  raise stem.ProtocolError('Response should be for circuit id %i, not 
%i' % (self.id, raw_cell.circ_id))
+if self.id != decrypted_cell.circ_id:
+  raise stem.ProtocolError('Response should be for circuit id %i, not 
%i' % (self.id, decrypted_cell.circ_id))
 
-decrypted_cell, fully_decrypted, new_backward_digest, new_backward_key 
= raw_cell.decrypt(self.backward_digest, self.backward_key, interpret = True)
-
-if not fully_decrypted:
-  raise stem.ProtocolError('Response for circuit id %i was not fully 
decrypted, when expected to be' % self.id)
-
-# Again, if the above raises the digest/key should remain unchanged.
-
-self.backward_digest = new_backward_digest
-self.backward_key = new_backward_key
+self.backward_digest = backward_digest
+self.backward_key = backward_key
 
 reply_cells.append(decrypted_cell)
 
diff --git a/stem/client/cell.py b/stem/client/cell.py
index 6587ebb5..3de1c731 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -551,6 +551,36 @@ class RelayCell(CircuitCell):
   elif stream_id and self.command in STREAM_ID_DISALLOWED:
 raise ValueError('%s relay cells concern the circuit itself and cannot 
have a stream id' % self.command)
 
+  @classmethod
+  def decrypt(link_protocol, content, digest, key):
+"""
+Parse the given content as an encrypted RELAY cell.
+"""
+
+# TODO: Fill in the above pydocs, deduplicate with the other decrypt
+# method, yadda yadda. Starting with a minimal stub to see if this makes
+# the Circuit class better. I'll circle back to clean up this module if it
+# works.
+
+if len(content) != link_protocol.fixed_cell_length:
+  raise stem.ProtocolError('RELAY cells should be %i bytes, but received 
%i' % (link_protocol.fixed_cell_length, len(content)))
+
+circ_id, content = link_protocol.circ_id_size.pop(content)
+command, payload = Size.CHAR.pop(content)
+
+if command != RelayCell.VALUE:
+  raise stem.ProtocolError('Cannot decrypt as a RELAY cell. This had 
command %i instead.' % command)
+
+key = copy.copy(key)
+decrypted = key.update(payload)
+
+# TODO: Integrate with check_digest() and flag for integrating if we're
+# fully decrypted. For the moment we only handle direct responses (ie. all
+# the cells we receive can be fully decrypted) but if we attempt to support
+# relaying we'll need to pass along cells we can only partially decrypt.
+
+return RelayCell._unpack(decrypted, circ_id, link_protocol), key, digest
+
   @staticmethod
   def _coerce_digest(digest):
 """



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Now use the decrypt method in our Circuit class

2018-08-26 Thread atagar

commit eaa871fa08b3920baa9d24b3338c7c4b6973ee40
Author: Dave Rolek 
Date:   Sat Aug 18 04:12:35 2018 +

Now use the decrypt method in our Circuit class

This also now actually checks the 'recognized' field and digest, unlike
before.

Keep in mind that this implementation is really meant for illustrative
purposes, in the interim. (There are some limitations to it.)
---
 stem/client/__init__.py | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index a228bebc..33ac0d8d 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -255,8 +255,11 @@ class Circuit(object):
   elif raw_cell.circ_id != self.id:
 raise stem.ProtocolError('Response should be for circuit id %i, 
not %i' % (self.id, raw_cell.circ_id))
 
-  decrypted_payload = self.backward_key.update(raw_cell.payload)
-  
reply_cells.append(stem.client.cell.RelayCell._unpack(decrypted_payload, 
self.id, self.relay.link_protocol))
+  decrypted_cell, fully_decrypted, self.backward_digest, 
self.backward_key = raw_cell.decrypt(self.backward_digest, self.backward_key, 
interpret = True)
+  if not fully_decrypted:
+raise stem.ProtocolError('Response for circuit id %i was not fully 
decrypted, when expected to be' % self.id)
+
+  reply_cells.append(decrypted_cell)
 
 return reply_cells
   except:



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add decrypt instance method to BaseRelayCell

2018-08-26 Thread atagar

commit 5baa2e37728ab50a5132d81225070e097e6bd058
Author: Dave Rolek 
Date:   Sat Aug 18 03:58:13 2018 +

Add decrypt instance method to BaseRelayCell

Akin to encrypt(), this takes care of decryption and all the ancillary
functionality related to it.

It composes the functionality of the building blocks added in previous
changes, namely:
  * check_recognized_field()
  * check_digest()
  * interpret_cell() - but not automatically done by default

A consumer of this, especially in a multi-hop circuit, will only need to
manage the digest/decryptor state (in the case of a cell that cannot be
decrypted+recognized... fallback) and pay attention to the
'fully_decrypted' result.

This should make a consumer's implementation pretty readable, something
like:

  # relay_1 := nearest relay in circuit
  decryption_states = [
(relay_1, digest_1, decryptor_1),
(relay_2, digest_2, decryptor_2),
(relay_3, digest_3, decryptor_3),
  ]

  new_decryption_states = copy.deepcopy(decryption_states)

  from_relay = None
  for i in range(len(new_decryption_states)):
relay, digest, decryptor = new_decryption_states[i]

cell, fully_decrypted, digest, decryptor = cell.decrypt(digest, 
decryptor)
new_decryption_states[i] = (relay, digest, decryptor)

if fully_decrypted:
  from_relay = relay
  break

  if from_relay:
decryption_states = new_decryption_states
  else:
# handle this, since the cell couldn't be decrypted
# probably raise Something()
pass

  cell_and_hop = (cell, from_relay)  # naming things is hard

  # do something with the decrypted cell
  # ^ probably feeding it into the queue/handler for the (circuit_id, 
relay, stream_id)
---
 stem/client/cell.py | 65 +
 1 file changed, 65 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index a96b2f7b..48dbcf36 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -443,6 +443,71 @@ class BaseRelayCell(CircuitCell):
 
 return new_cell
 
+  def decrypt(self, digest, decryptor, interpret = False):
+"""
+Decrypts a cell and checks whether it is fully decrypted,
+returning a new (Cell, fully_decrypted, digest, decryptor) tuple.
+Optionally also interprets the cell (not generally recommended).
+
+The method name is technically a misnomer, as it also checks whether the
+cell has been fully decrypted (after decrypting), updating the digest if 
so.
+However, these operations are defined per the spec as required for RELAY
+cells, and ...
+  (1) it is a natural mental extension to include them here;
+  (2) it would be a bit pointless to require method consumers to manually
+  do all of that, for pedantry.
+
+:param HASH digest: running digest held with the relay
+:param cryptography.hazmat.primitives.ciphers.CipherContext decryptor:
+  running stream cipher decryptor held with the relay
+
+:param bool interpret: (optional, defaults to **False**) Use **True** with
+  caution. The spec indicates that a fully decrypted cell should be
+  accounted for in digest and decryptor, independent of cell validity. 
Using
+  **True**, while convenient, may cause an exception for a NYI relay
+  command, a malformed cell, or some other reason. This option should only
+  be used when the consumer will consider the circuit to have a fatal error
+  in such cases, and catches/handles the exception accordingly (e.g. 
sending
+  a DestroyCell).
+
+:returns: (:class:`~stem.client.cell.Cell`, bool, HASH, CipherContext) 
tuple
+  of object copies updated as follows:
+* Cell: either :class:`~stem.client.cell.RawRelayCell` with a decrypted
+  payload or :class:`~stem.client.cell.RelayCell` class or subclass, if
+  **interpret** is **True** and the cell was fully decrypted
+* fully_decrypted: **bool** indicating whether the cell is fully
+  decrypted
+* digest: updated via digest.update(payload), if the cell was fully
+  decrypted; otherwise a copy of the original
+* decryptor: updated via decryptor.update(payload)
+"""
+
+new_decryptor = copy.copy(decryptor)
+
+# actually decrypt
+decrypted_payload = new_decryptor.update(self.payload)
+new_cell = self.__class__(self.circ_id, decrypted_payload)
+
+# do post-decryption checks to ascertain whether cell is fully decrypted
+if new_cell.check_recognized_field():
+  digest_matches, new_digest = new_cell.check_digest(digest)
+  fully_decrypted = digest_matches
+else:
+  new_digest = None
+  fully_decrypted = False
+
+# only return the new_digest if the digest check meant that the cell has 
been fully decrypted
+#
+#

[tor-commits] [stem/master] Fork new and old RelayCell implementations

2018-08-26 Thread atagar

commit 04c2c9f0e33055dd40c9117314287077c9c22aee
Author: Damian Johnson 
Date:   Sat Aug 25 14:16:35 2018 -0700

Fork new and old RelayCell implementations

Dave's branch makes quite a few RelayCell modifications in support of its 
new
BaseRelayCell class. That class is no longer used by the new Circuit send
method, but there's quite a few things we want to integrate from it.

Making a total mess, but for the moment placing side-by-side copies of both 
our
new and old RelayCell class in this module. AlternateRelayCell is Dave's
version, and RelayCell is what we had previously (plus the decrypt stub from
earlier).

This does *not* presently work, as the old RelayCell class lack the 
encrypt()
and decrypt() methods the Circuit class now excepts. Doing this so we have
a clean starting point to see how we integrate.
---
 stem/client/cell.py  | 84 +---
 test/unit/client/cell.py |  3 +-
 2 files changed, 82 insertions(+), 5 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index aec868c4..3f247af4 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -364,7 +364,7 @@ class BaseRelayCell(CircuitCell):
   :func:`~stem.client.cell.BaseRelayCell.check_digest`
 """
 
-_, recognized_from_cell, _, _, _, _, _ = 
RelayCell._unpack_payload(self.payload)
+_, recognized_from_cell, _, _, _, _, _ = 
AlternateRelayCell._unpack_payload(self.payload)
 return recognized_from_cell == 0
 
   def check_digest(self, digest):
@@ -383,10 +383,10 @@ class BaseRelayCell(CircuitCell):
 :raises: **ValueError** if payload is the wrong size
 """
 
-command, recognized, stream_id, digest_from_cell, data_len, data, unused = 
RelayCell._unpack_payload(self.payload)
+command, recognized, stream_id, digest_from_cell, data_len, data, unused = 
AlternateRelayCell._unpack_payload(self.payload)
 
 # running digest is calculated using a zero'd digest field in the payload
-prepared_payload = RelayCell._pack_payload(command, recognized, stream_id, 
0, data_len, data, unused, pad_remainder = False)
+prepared_payload = AlternateRelayCell._pack_payload(command, recognized, 
stream_id, 0, data_len, data, unused, pad_remainder = False)
 
 if len(prepared_payload) != FIXED_PAYLOAD_LEN:
   # this should never fail
@@ -396,7 +396,7 @@ class BaseRelayCell(CircuitCell):
 new_digest = digest.copy()
 new_digest.update(prepared_payload)
 
-digest_matches = (RelayCell._coerce_digest(new_digest) == digest_from_cell)
+digest_matches = (AlternateRelayCell._coerce_digest(new_digest) == 
digest_from_cell)
 
 # only return the new_digest if the digest check passed
 # even if not, return a copy of the original
@@ -518,6 +518,82 @@ class RelayCell(CircuitCell):
   """
   Command concerning a relay circuit.
 
+  :var stem.client.RelayCommand command: command to be issued
+  :var int command_int: integer value of our command
+  :var bytes data: payload of the cell
+  :var int recognized: zero if cell is decrypted, non-zero otherwise
+  :var int digest: running digest held with the relay
+  :var int stream_id: specific stream this concerns
+  """
+
+  NAME = 'RELAY'
+  VALUE = 3
+  IS_FIXED_SIZE = True
+
+  def __init__(self, circ_id, command, data, digest = 0, stream_id = 0, 
recognized = 0, unused = b''):
+if 'HASH' in str(type(digest)):
+  # Unfortunately hashlib generates from a dynamic private class so
+  # isinstance() isn't such a great option. With python2/python3 the
+  # name is 'hashlib.HASH' whereas PyPy calls it just 'HASH'.
+
+  digest_packed = digest.digest()[:RELAY_DIGEST_SIZE.size]
+  digest = RELAY_DIGEST_SIZE.unpack(digest_packed)
+elif stem.util._is_str(digest):
+  digest_packed = digest[:RELAY_DIGEST_SIZE.size]
+  digest = RELAY_DIGEST_SIZE.unpack(digest_packed)
+elif stem.util._is_int(digest):
+  pass
+else:
+  raise ValueError('RELAY cell digest must be a hash, string, or int but 
was a %s' % type(digest).__name__)
+
+super(RelayCell, self).__init__(circ_id, unused)
+self.command, self.command_int = RelayCommand.get(command)
+self.recognized = recognized
+self.stream_id = stream_id
+self.digest = digest
+self.data = str_tools._to_bytes(data)
+
+if digest == 0:
+  if not stream_id and self.command in STREAM_ID_REQUIRED:
+raise ValueError('%s relay cells require a stream id' % self.command)
+  elif stream_id and self.command in STREAM_ID_DISALLOWED:
+raise ValueError('%s relay cells concern the circuit itself and cannot 
have a stream id' % self.command)
+
+  def pack(self, link_protocol):
+payload = bytearray()
+payload += Size.CHAR.pack(self.command_int)
+payload += Size.SHORT.pack(self.recognized)
+payload += Size.SHORT.pack(self.stream_id)
+payload += Size.LONG.pack(self.digest)
+payload +=

[tor-commits] [stem/master] Combine relay cell encrypting and packing

2018-08-26 Thread atagar

commit 486a8d2e5c4724146d6647b7f69ffbd10adbfc1d
Author: Damian Johnson 
Date:   Sat Aug 25 11:38:41 2018 -0700

Combine relay cell encrypting and packing

Cells are only ever encrypted to be sent. I'm not seeing a purpose in having
an intermediate step here. Our Circuit's send() method is simpler if the
encrypt() method provides us the payload to be sent rather than an 
intermediate
class.

Are there any use cases where we want an 'encrypted cell' object? We can't 
do
anything with it besides send it (if we made it) or decrypt it (if sent to 
us).
Possible though I'm missing something.

Presently I'm only looking at our Circuit's send() method. Our RelayCell's
usage informs the API it should have, so I'm not worrying about the cell 
module
until that's settled.
---
 stem/client/__init__.py | 15 +++
 stem/client/cell.py | 10 +-
 2 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 0ee8cbf0..46a82428 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -233,16 +233,15 @@ class Circuit(object):
 """
 
 with self.relay._orport_lock:
-  cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-  encrypted_cell, new_forward_digest, new_forward_key = 
cell.encrypt(self.forward_digest, self.forward_key)
-
-  self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
+  # Encrypt and send the cell. Our digest/key only updates if the cell is
+  # successfully sent.
 
-  # Only recoding our new digest/key if the cell's successfully sent. If
-  # the above raises we should leave them alone.
+  cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
+  payload, forward_digest, forward_key = 
cell.encrypt(self.relay.link_protocol, self.forward_digest, self.forward_key)
+  self.relay._orport.send(payload)
 
-  self.forward_digest = new_forward_digest
-  self.forward_key = new_forward_key
+  self.forward_digest = forward_digest
+  self.forward_key = forward_key
 
   reply = self.relay._orport.recv()
   reply_cells = []
diff --git a/stem/client/cell.py b/stem/client/cell.py
index 48dbcf36..6587ebb5 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -654,7 +654,7 @@ class RelayCell(CircuitCell):
 
 return new_cell, new_digest
 
-  def encrypt(self, digest, encryptor, **kwargs):
+  def encrypt(self, link_protocol, digest, encryptor, **kwargs):
 """
 Preps a cell payload, including calculating digest, and encrypts it,
 returning a new (RawRelayCell, digest, encryptor) tuple.
@@ -666,6 +666,7 @@ class RelayCell(CircuitCell):
   (2) it would be a bit pointless to require method consumers to manually
   call both, for pedantry.
 
+:param int link_protocol: link protocol version
 :param HASH digest: running digest held with the relay
 :param cryptography.hazmat.primitives.ciphers.CipherContext encryptor:
   running stream cipher encryptor held with the relay
@@ -673,10 +674,9 @@ class RelayCell(CircuitCell):
 :param bool prep_cell: (optional, defaults to **True**) refer to
   :func:`~stem.client.cell.RelayCell.apply_digest`
 
-:returns: (:class:`~stem.client.cell.RawRelayCell`, HASH, CipherContext)
+:returns: (bytes, HASH, CipherContext)
   tuple of object copies updated as follows:
-* RawRelayCell: updated as specified in
-  :func:`~stem.client.cell.RelayCell.apply_digest`, then encrypted
+* bytes: encrypted cell payload
 * digest: updated via digest.update(payload)
 * encryptor: updated via encryptor.update(payload_with_digest)
 """
@@ -686,7 +686,7 @@ class RelayCell(CircuitCell):
 encrypted_payload = new_encryptor.update(unencrypted_cell.pack_payload())
 encrypted_cell = RawRelayCell(unencrypted_cell.circ_id, encrypted_payload)
 
-return encrypted_cell, new_digest, new_encryptor
+return encrypted_cell.pack(link_protocol), new_digest, new_encryptor
 
   def pack_payload(self, **kwargs):
 """



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Drop unsigned from Size class

2018-08-26 Thread atagar

commit 575f1b6685f6b8be3b3801ff662a4d6d89db43c4
Author: Damian Johnson 
Date:   Thu Aug 16 10:33:47 2018 -0700

Drop unsigned from Size class

Actually, it's already in our pydoc that these are all unsigned. Maybe we'll
add a flag like this in the future if that changes but presently it doesn't
provide any value.

That said, I *do* like the idea of providing a better error message. Keeping
that, and improving our performance a bit by only performing these checks if
packing fails (this class is heavily used in IO so making this a tad extra
performant is useful).
---
 stem/client/datatype.py | 16 +---
 test/unit/client/size.py|  9 +
 test/unit/control/controller.py |  1 -
 3 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/stem/client/datatype.py b/stem/client/datatype.py
index 1c7aec77..43bdfe9d 100644
--- a/stem/client/datatype.py
+++ b/stem/client/datatype.py
@@ -349,19 +349,21 @@ class Size(Field):
 self.name = name
 self.size = size
 self.format = pack_format
-self.unsigned = pack_format.isupper()
 
   @staticmethod
   def pop(packed):
 raise NotImplementedError("Use our constant's unpack() and pop() instead")
 
   def pack(self, content):
-if not stem.util._is_int(content):
-  raise ValueError('Size.pack encodes an integer, but was a %s' % 
type(content).__name__)
-if content < 0 and self.unsigned:
-  raise ValueError('A %s field cannot pack negative values, but %i was 
tried' % (self.name, content))
-
-packed = struct.pack(self.format, content)
+try:
+  packed = struct.pack(self.format, content)
+except struct.error:
+  if not stem.util._is_int(content):
+raise ValueError('Size.pack encodes an integer, but was a %s' % 
type(content).__name__)
+  elif content < 0:
+raise ValueError('Packed values must be positive (attempted to pack %i 
as a %s)' % (content, self.name))
+  else:
+raise  # some other struct exception
 
 if self.size != len(packed):
   raise ValueError('%s is the wrong size for a %s field' % (repr(packed), 
self.name))
diff --git a/test/unit/client/size.py b/test/unit/client/size.py
index 3d7d796f..733db0f4 100644
--- a/test/unit/client/size.py
+++ b/test/unit/client/size.py
@@ -7,22 +7,17 @@ import unittest
 
 from stem.client.datatype import Size
 
-SIGNED_CHAR = Size('SIGNED_CHAR', 1, '!b')
-
 
 class TestSize(unittest.TestCase):
   def test_attributes(self):
 self.assertEqual('CHAR', Size.CHAR.name)
 self.assertEqual('!B', Size.CHAR.format)
-self.assertEqual(True, Size.CHAR.unsigned)
 
 self.assertEqual(1, Size.CHAR.size)
 self.assertEqual(2, Size.SHORT.size)
 self.assertEqual(4, Size.LONG.size)
 self.assertEqual(8, Size.LONG_LONG.size)
 
-self.assertEqual(False, SIGNED_CHAR.unsigned)
-
   def test_pack(self):
 self.assertEqual(b'\x12', Size.CHAR.pack(18))
 self.assertEqual(b'\x00\x12', Size.SHORT.pack(18))
@@ -31,13 +26,11 @@ class TestSize(unittest.TestCase):
 
 self.assertRaisesWith(ValueError, 'Size.pack encodes an integer, but was a 
str', Size.CHAR.pack, 'hi')
 
-self.assertRaisesWith(ValueError, 'A CHAR field cannot pack negative 
values, but -1 was tried', Size.CHAR.pack, -1)
+self.assertRaisesWith(ValueError, 'Packed values must be positive 
(attempted to pack -1 as a CHAR)', Size.CHAR.pack, -1)
 
 bad_size = Size('BAD_SIZE', 1, '!H')
 self.assertRaisesRegexp(ValueError, re.escape("'\\x00\\x12' is the wrong 
size for a BAD_SIZE field"), bad_size.pack, 18)
 
-self.assertEqual(b'\xFF', SIGNED_CHAR.pack(-1))
-
   def test_unpack(self):
 self.assertEqual(18, Size.CHAR.unpack(b'\x12'))
 self.assertEqual(18, Size.SHORT.unpack(b'\x00\x12'))
diff --git a/test/unit/control/controller.py b/test/unit/control/controller.py
index 7ee2ab70..ba55208a 100644
--- a/test/unit/control/controller.py
+++ b/test/unit/control/controller.py
@@ -5,7 +5,6 @@ integ tests, but a few bits lend themselves to unit testing.
 
 import datetime
 import io
-import time
 import unittest
 
 import stem.descriptor.router_status_entry



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Actually make copies of the backward digest/key, too

2018-08-26 Thread atagar

commit 03c115dba10de3aca5374ea61893189e5c8b46a1
Author: Dave Rolek 
Date:   Sat Aug 18 04:14:43 2018 +

Actually make copies of the backward digest/key, too

And rename the other 'orig_' vars to 'orig_forward_' vars, for clarity.
---
 stem/client/__init__.py | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 33ac0d8d..91e8c4ca 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -234,8 +234,10 @@ class Circuit(object):
 """
 
 with self.relay._orport_lock:
-  orig_digest = self.forward_digest.copy()
-  orig_key = copy.copy(self.forward_key)
+  orig_forward_digest = self.forward_digest.copy()
+  orig_forward_key = copy.copy(self.forward_key)
+  orig_backward_digest = self.backward_digest.copy()
+  orig_backward_key = copy.copy(self.backward_key)
 
   try:
 cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
@@ -263,8 +265,10 @@ class Circuit(object):
 
 return reply_cells
   except:
-self.forward_digest = orig_digest
-self.forward_key = orig_key
+self.forward_digest = orig_forward_digest
+self.forward_key = orig_forward_key
+self.backward_digest = orig_backward_digest
+self.backward_key = orig_backward_key
 raise
 
   def close(self):



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Further explain our RelayCell's 'recognized' field

2018-08-26 Thread atagar

commit 1adde73d6cd05c253346abdaad199b9337cefc68
Author: Damian Johnson 
Date:   Sat Aug 25 14:28:54 2018 -0700

Further explain our RelayCell's 'recognized' field

Few months back this field throughly confused me so I asked Roger about it.
Passing on the helpful explanation I got from him.
---
 stem/client/cell.py | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 3f247af4..b40a30e1 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -518,10 +518,16 @@ class RelayCell(CircuitCell):
   """
   Command concerning a relay circuit.
 
+  Our 'recognized' attribute provides a cheap (but incomplete) check for if our
+  cell payload is encrypted. If non-zero our payload *IS* encrypted, but if
+  zero we're *PROBABLY* fully decrypted. This uncertainty is because encrypted
+  cells have a small chance of coincidently producing zero for this value as
+  well.
+
   :var stem.client.RelayCommand command: command to be issued
   :var int command_int: integer value of our command
   :var bytes data: payload of the cell
-  :var int recognized: zero if cell is decrypted, non-zero otherwise
+  :var int recognized: non-zero if payload is encrypted
   :var int digest: running digest held with the relay
   :var int stream_id: specific stream this concerns
   """



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add check_recognized_field instance method to BaseRelayCell

2018-08-26 Thread atagar

commit f82d839704788a063135a2b32f7657b2f9167fda
Author: Dave Rolek 
Date:   Sun Aug 19 03:48:05 2018 +

Add check_recognized_field instance method to BaseRelayCell

This is new functionality. (Nothing in stem.client currently attempts to
check the 'recognized' field.)

Not yet used.

This is arguably a very inefficient method, and it might even obscure
its purpose by existing (it's extremely simple), but it seemed better to
break it out and deal with the foreseeable performance hit than to trend
towards premature optimization.

(It also is a bit counterintuitive for a value of 0 to mean True, so
breaking this out makes that clearer.)

There are many ways this could be optimized, and - especially since so
much of this unit is still in flux - it doesn't make sense yet to do so.
---
 stem/client/cell.py | 16 
 1 file changed, 16 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 5235331e..250d400a 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -354,6 +354,22 @@ class BaseRelayCell(CircuitCell):
 # unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
 return cls(circ_id, content)
 
+  def check_recognized_field(self):
+"""
+Checks the 'recognized' field of the cell payload, which indicates whether
+it is **probably** fully decrypted.
+
+:returns: **bool** indicating whether the 'recognized' field indicates
+  likely decryption. Per the spec:
+* **False** guarantees the cell *not* to be fully decrypted.
+* **True** does *not* guarantee the cell to be fully decrypted, and it
+  must be checked further. See also
+  :func:`~stem.client.cell.BaseRelayCell.check_digest`
+"""
+
+_, recognized_from_cell, _, _, _, _, _ = 
RelayCell._unpack_payload(self.payload)
+return recognized_from_cell == 0
+
   def check_digest(self, digest):
 """
 Calculates the running digest of the cell payload per the spec, returning



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor apply_digest to remove side effects

2018-08-26 Thread atagar

commit 1a151d445832df3fdecdb99aa1ecbbe0fee14563
Author: Dave Rolek 
Date:   Wed Aug 15 03:28:03 2018 +

Refactor apply_digest to remove side effects

Per discussion with Damian over IRC, instances of our Cell classes are
intended to be immutable objects. So instead of modifying the RelayCell
and having an additional side effect on the digest, this provides a
modified copy of each, in a tuple.

That makes apply_digest() a pure function, currently with referential
transparency (i.e. also deterministic). In the future, it may utilize
randomness for cell padding, which would make it non-deterministic.

Overall this now more generally follows a functional-programming
paradigm.
---
 stem/client/__init__.py |  4 ++--
 stem/client/cell.py | 33 +
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 74b6d2bf..b64956ff 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -239,8 +239,8 @@ class Circuit(object):
 
   try:
 cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-cell.apply_digest(self.forward_digest)
-payload_with_digest = cell.pack_payload()
+cell_with_digest, self.forward_digest = 
cell.apply_digest(self.forward_digest)
+payload_with_digest = cell_with_digest.pack_payload()
 
 encrypted_payload = self.forward_key.update(payload_with_digest)
 encrypted_cell = stem.client.cell.RawRelayCell(self.id, 
encrypted_payload)
diff --git a/stem/client/cell.py b/stem/client/cell.py
index c1751ed6..fec8bb1b 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -458,7 +458,7 @@ class RelayCell(CircuitCell):
 
   def apply_digest(self, digest, prep_cell = True):
 """
-Calculates, updates, and applies the digest to the cell payload.
+Calculates, updates, and applies the digest to the cell payload, returning 
a new (cell, digest) tuple.
 
 :param HASH digest: running digest held with the relay
 :param bool prep_cell: preps the cell payload according to the spec, if 
**True** (default)
@@ -468,22 +468,31 @@ class RelayCell(CircuitCell):
 and any 'unused' padding will be taken as-is.
   Use with caution.
 
-:sideeffect digest: this object will be updated via digest.update(payload)
-:sideeffect self.recognized: this will be set to 0, if prep_cell is 
**True**
-:sideeffect self.digest: this will be updated with the calculated digest
-:sideeffect self.unused: this will be treated as padding and overwritten, 
if prep_cell is **True**
+:returns: (:class:`~stem.client.cell.RelayCell`, HASH) tuple updated as 
follows:
+  digest: updated via digest.update(payload)
+  RelayCell: a copy of self, with the following updates:
+  RelayCell.recognized: set to 0, if prep_cell is **True**
+  RelayCell.digest: updated with the calculated digest
+  RelayCell.unused: treated as padding and overwritten, if prep_cell is 
**True**
 """
 
 if prep_cell:
-  self.recognized = 0
-  self.digest = 0
-  self.unused = b''
+  new_cell_recognized = 0
+  new_cell_digest = 0
+  new_cell_unused = b''
+else:
+  new_cell_recognized = self.recognized
+  new_cell_digest = self.digest
+  new_cell_unused = self.unused
+
+new_digest = digest.copy()
+new_cell = RelayCell(self.circ_id, self.command, self.data, digest = 
new_cell_digest, stream_id = self.stream_id, recognized = new_cell_recognized, 
unused = new_cell_unused)
 
-payload_without_updated_digest = self.pack_payload()
-digest.update(payload_without_updated_digest)
-self.digest = RelayCell._coerce_digest(digest)
+payload_without_updated_digest = new_cell.pack_payload()
+new_digest.update(payload_without_updated_digest)
+new_cell.digest = RelayCell._coerce_digest(new_digest)
 
-return
+return new_cell, new_digest
 
   def pack_payload(self, **kwargs):
 """



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Update stem.client.cell docstrings for style, consistency, and clarity

2018-08-26 Thread atagar

commit 1163efbefe66b10315197d375e3bdf392e8b18fb
Author: Dave Rolek 
Date:   Fri Aug 17 20:51:00 2018 +

Update stem.client.cell docstrings for style, consistency, and clarity

Much of the updates here is to reduce the line length.
---
 stem/client/cell.py | 42 +-
 1 file changed, 25 insertions(+), 17 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index fec8bb1b..d1265c10 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -369,7 +369,8 @@ class RelayCell(CircuitCell):
   :var stem.client.datatype.RelayCommand command: command to be issued
   :var int command_int: integer value of our command
   :var bytes data: payload of the cell
-  :var int recognized: zero if cell is decrypted, otherwise mostly non-zero 
(can rarely be zero)
+  :var int recognized: zero if cell is decrypted, otherwise mostly non-zero
+(can rarely be zero)
   :var int digest: running digest held with the relay
   :var int stream_id: specific stream this concerns
   """
@@ -458,22 +459,26 @@ class RelayCell(CircuitCell):
 
   def apply_digest(self, digest, prep_cell = True):
 """
-Calculates, updates, and applies the digest to the cell payload, returning 
a new (cell, digest) tuple.
+Calculates, updates, and applies the digest to the cell payload,
+returning a new (cell, digest) tuple.
 
 :param HASH digest: running digest held with the relay
-:param bool prep_cell: preps the cell payload according to the spec, if 
**True** (default)
+:param bool prep_cell: preps the cell payload according to the spec, if
+  **True** (default)
   if **False**, the digest will be calculated as-is, namely:
-the 'recognized' field will not be set to 0,
-the digest field will not be set to 0,
-and any 'unused' padding will be taken as-is.
-  Use with caution.
-
-:returns: (:class:`~stem.client.cell.RelayCell`, HASH) tuple updated as 
follows:
-  digest: updated via digest.update(payload)
-  RelayCell: a copy of self, with the following updates:
-  RelayCell.recognized: set to 0, if prep_cell is **True**
-  RelayCell.digest: updated with the calculated digest
-  RelayCell.unused: treated as padding and overwritten, if prep_cell is 
**True**
+* the 'recognized' field will not be set to 0,
+* the digest field will not be set to 0,
+* and any 'unused' padding will be taken as-is.
+  Use **False** with caution.
+
+:returns: (:class:`~stem.client.cell.RelayCell`, HASH) tuple of object
+  copies updated as follows:
+* digest: updated via digest.update(payload)
+* RelayCell: a copy of self, with the following updates:
+  * RelayCell.recognized: set to 0, if prep_cell is **True**
+  * RelayCell.digest: updated with the calculated digest
+  * RelayCell.unused: treated as padding and overwritten, if prep_cell
+is **True**
 """
 
 if prep_cell:
@@ -496,9 +501,11 @@ class RelayCell(CircuitCell):
 
   def pack_payload(self, **kwargs):
 """
-Convenience method for running _pack_payload on self.
+Convenience method for running
+:func:`~stem.client.cell.RelayCell._pack_payload` on self.
 
-:param bool pad_remaining: (optional, defaults to **True**) pads up to 
payload size if **True**
+:param bool pad_remaining: (optional, defaults to **True**) pads up to
+  payload size if **True**
 
 :returns: **bytes** with the packed payload
 """
@@ -511,7 +518,8 @@ class RelayCell(CircuitCell):
 Directly pack the payload without any validation beyond Size constraints.
 
 :param int command_int: integer value of our command
-:param int recognized: zero if cell is decrypted, otherwise mostly 
non-zero (can rarely be zero)
+:param int recognized: zero if cell is decrypted, otherwise mostly non-zero
+  (can rarely be zero)
 :param int stream_id: specific stream this concerns
 :param HASH,str,int digest: running digest held with the relay
 :param int data_len: length of body data



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Further simplify digest calculation for encryption

2018-08-26 Thread atagar

commit 2a76a0acfcf6aa9def2d6585ec8e53eae19b4c3c
Author: Dave Rolek 
Date:   Thu Aug 9 21:12:27 2018 +

Further simplify digest calculation for encryption

This is a continuation of proof-of-concept changes. Again, this is not
the final form that encryption will take on.
---
 stem/client/__init__.py | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 71f6d390..83c20365 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -32,6 +32,7 @@ import threading
 import stem
 import stem.client.cell
 import stem.socket
+from stem.util import str_tools
 import stem.util.connection
 
 from stem.client.datatype import ZERO, LinkProtocol, Address, KDF
@@ -239,12 +240,15 @@ class Circuit(object):
 
   try:
 # Digests and such are computed using the RELAY cell payload.
-cell = stem.client.cell.RelayCell(self.id, command, data, 0, stream_id)
-payload_without_digest = 
cell.pack(self.relay.link_protocol)[-stem.client.cell.FIXED_PAYLOAD_LEN:]
+
+_, command_int = stem.client.datatype.RelayCommand.get(command)
+# coerce to bytes, just in case
+data = str_tools._to_bytes(data)
+
+payload_without_digest = 
stem.client.cell.RelayCell._pack_payload(command_int, 0, stream_id, 0, 
len(data), data)
 self.forward_digest.update(payload_without_digest)
+payload_with_digest = 
stem.client.cell.RelayCell._pack_payload(command_int, 0, stream_id, 
self.forward_digest, len(data), data)
 
-cell = stem.client.cell.RelayCell(self.id, command, data, 
self.forward_digest, stream_id)
-payload_with_digest = 
cell.pack(self.relay.link_protocol)[-stem.client.cell.FIXED_PAYLOAD_LEN:]
 encrypted_payload = self.forward_key.update(payload_with_digest)
 encrypted_cell = stem.client.cell.RawRelayCell(self.id, 
encrypted_payload)
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add apply_digest instance method to RelayCell

2018-08-26 Thread atagar

commit 8023618ea74b4fb7b2cb1fca1694f6bff412b45a
Author: Dave Rolek 
Date:   Fri Aug 10 20:59:04 2018 +

Add apply_digest instance method to RelayCell

This method - currently unused - allows moving some of the
digest-application logic into the Cell abstraction layer.

It is a bit weird for it to have side-effects on a parameter (digest),
but it's documented and works fairly logically.
---
 stem/client/cell.py | 29 +
 1 file changed, 29 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 39a729f1..c1751ed6 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -456,6 +456,35 @@ class RelayCell(CircuitCell):
 
 return command, recognized, stream_id, digest, data_len, data, unused
 
+  def apply_digest(self, digest, prep_cell = True):
+"""
+Calculates, updates, and applies the digest to the cell payload.
+
+:param HASH digest: running digest held with the relay
+:param bool prep_cell: preps the cell payload according to the spec, if 
**True** (default)
+  if **False**, the digest will be calculated as-is, namely:
+the 'recognized' field will not be set to 0,
+the digest field will not be set to 0,
+and any 'unused' padding will be taken as-is.
+  Use with caution.
+
+:sideeffect digest: this object will be updated via digest.update(payload)
+:sideeffect self.recognized: this will be set to 0, if prep_cell is 
**True**
+:sideeffect self.digest: this will be updated with the calculated digest
+:sideeffect self.unused: this will be treated as padding and overwritten, 
if prep_cell is **True**
+"""
+
+if prep_cell:
+  self.recognized = 0
+  self.digest = 0
+  self.unused = b''
+
+payload_without_updated_digest = self.pack_payload()
+digest.update(payload_without_updated_digest)
+self.digest = RelayCell._coerce_digest(digest)
+
+return
+
   def pack_payload(self, **kwargs):
 """
 Convenience method for running _pack_payload on self.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor digest coercion into separate method

2018-08-26 Thread atagar

commit 853d7336580dae6f080b61a3991fe0a73e498b7f
Author: Dave Rolek 
Date:   Fri Aug 10 21:40:59 2018 +

Refactor digest coercion into separate method

This allows the logic to be reused. It may ultimately be better
represented as a @property, but for now this should do fine.
---
 stem/client/cell.py | 39 +++
 1 file changed, 27 insertions(+), 12 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 5ad57788..a7b57326 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -380,6 +380,32 @@ class RelayCell(CircuitCell):
   CANNOT_DIRECTLY_UNPACK = True
 
   def __init__(self, circ_id, command, data, digest = 0, stream_id = 0, 
recognized = 0, unused = b''):
+digest = RelayCell._coerce_digest(digest)
+
+super(RelayCell, self).__init__(circ_id, unused)
+self.command, self.command_int = RelayCommand.get(command)
+self.recognized = recognized
+self.stream_id = stream_id
+self.digest = digest
+self.data = str_tools._to_bytes(data)
+
+if digest == 0:
+  if not stream_id and self.command in STREAM_ID_REQUIRED:
+raise ValueError('%s relay cells require a stream id' % self.command)
+  elif stream_id and self.command in STREAM_ID_DISALLOWED:
+raise ValueError('%s relay cells concern the circuit itself and cannot 
have a stream id' % self.command)
+
+  @staticmethod
+  def _coerce_digest(digest):
+"""
+Coerce any of HASH, str, int into the proper digest type for packing
+
+:param HASH,str,int digest: digest to be coerced
+:returns: digest in type appropriate for packing
+
+:raises: **ValueError** if input digest type is unsupported
+"""
+
 if 'HASH' in str(type(digest)):
   # Unfortunately hashlib generates from a dynamic private class so
   # isinstance() isn't such a great option. With python2/python3 the
@@ -395,18 +421,7 @@ class RelayCell(CircuitCell):
 else:
   raise ValueError('RELAY cell digest must be a hash, string, or int but 
was a %s' % type(digest).__name__)
 
-super(RelayCell, self).__init__(circ_id, unused)
-self.command, self.command_int = RelayCommand.get(command)
-self.recognized = recognized
-self.stream_id = stream_id
-self.digest = digest
-self.data = str_tools._to_bytes(data)
-
-if digest == 0:
-  if not stream_id and self.command in STREAM_ID_REQUIRED:
-raise ValueError('%s relay cells require a stream id' % self.command)
-  elif stream_id and self.command in STREAM_ID_DISALLOWED:
-raise ValueError('%s relay cells concern the circuit itself and cannot 
have a stream id' % self.command)
+return digest
 
   def pack(self, link_protocol):
 payload = bytearray()



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add interpret_cell instance method to BaseRelayCell

2018-08-26 Thread atagar

commit 40ca0ca23f2f3fc3cab5ece39370ddb565029501
Author: Dave Rolek 
Date:   Sun Aug 19 04:32:52 2018 +

Add interpret_cell instance method to BaseRelayCell

This method facilitates separating decryption / recognition of a cell
from the interpretation of a cell. Many places in the spec indicate that
cells should be dropped (ignored) under certain conditions, but that
such cells should still be accounted for within the running decryption /
digest.

Furthermore, it may be useful in some cases to convert between raw cells
and interpreted cells, without including the other steps of encryption /
decryption.

This additionally allows removing one of the interim TODOs in the RELAY
cell unit tests. Arguably the tests need some rework with all these
changes, but that can come a bit later.

Not yet used, beyond the aforementioned unit tests.

This method will probably evolve a decent amount, since the unit is
still in a state of high flux.
---
 stem/client/cell.py  | 35 +++
 test/unit/client/cell.py |  4 ++--
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 250d400a..a96b2f7b 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -408,6 +408,41 @@ class BaseRelayCell(CircuitCell):
 
 return digest_matches, digest_to_return
 
+  def interpret_cell(self):
+"""
+Interprets the cell payload, returning a new
+:class:`~stem.client.cell.RelayCell` class or subclass according to its
+contents.
+
+This method should only be used on fully decrypted cells, but that
+responsibility is relegated to the caller.
+
+Furthermore, this interpretation may cause an exception for a NYI relay
+command, a malformed cell, or some other reason.
+
+:returns: :class:`~stem.client.cell.RelayCell` class or subclass
+"""
+
+# TODO: this mapping is quite hardcoded right now, but probably needs to be
+# completely reworked once the Cell class hierarchy is better fleshed out.
+#
+# (It doesn't really make sense to have anything beyond this hack in the
+# interim.)
+#
+# At that time, it would probably be modeled after Cell.by_value(), albeit
+# specialized for the multiple types of RELAY / RELAY_EARLY cells.
+
+relay_cells_by_value = {
+  RawRelayCell.VALUE: RelayCell,
+  RelayEarlyCell.VALUE: RelayEarlyCell,
+}
+new_cls = relay_cells_by_value[self.VALUE]
+
+dummy_link_protocol = None
+new_cell = new_cls._unpack(self.payload, self.circ_id, dummy_link_protocol)
+
+return new_cell
+
   def __hash__(self):
 return stem.util._hash_attr(self, 'circ_id', 'payload', cache = True)
 
diff --git a/test/unit/client/cell.py b/test/unit/client/cell.py
index 3e091ee5..b4c0bd94 100644
--- a/test/unit/client/cell.py
+++ b/test/unit/client/cell.py
@@ -235,12 +235,12 @@ class TestCell(unittest.TestCase):
 self.assertEqual(cell_bytes, RelayCell(circ_id, command, data, digest, 
stream_id, unused = unused).pack(link_protocol))
 self.assertEqual(cell_bytes, RelayCell(circ_id, command_int, data, 
digest, stream_id, unused = unused).pack(link_protocol))
 
-  # TODO - temporarily, we hack the interim tests by unpacking info via 
RawRelayCell
+  # first unpack via RawRelayCell, then interpret into RelayCell
   raw_cell = Cell.pop(cell_bytes, link_protocol)[0]
   self.assertEqual(circ_id, raw_cell.circ_id)
   self.assertEqual(cell_bytes[-FIXED_PAYLOAD_LEN:], raw_cell.payload)
 
-  cell = RelayCell._unpack(raw_cell.payload, raw_cell.circ_id, 
link_protocol)
+  cell = raw_cell.interpret_cell()
   self.assertEqual(circ_id, cell.circ_id)
   self.assertEqual(command, cell.command)
   self.assertEqual(command_int, cell.command_int)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor RELAY cell encryption into new encrypt instance method

2018-08-26 Thread atagar

commit 116eb4b3efd01a91093a81d9411582cd43c98584
Author: Dave Rolek 
Date:   Fri Aug 17 19:30:56 2018 +

Refactor RELAY cell encryption into new encrypt instance method

This further tunes the abstraction layers such that consumers don't need
to care at all what part of the Cell is encrypted. They are still
responsible for managing the digest/encryption key states, but don't
need to know the finer details of the encryption.
---
 stem/client/__init__.py |  6 +-
 stem/client/cell.py | 35 +++
 2 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index b64956ff..a228bebc 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -239,11 +239,7 @@ class Circuit(object):
 
   try:
 cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
-cell_with_digest, self.forward_digest = 
cell.apply_digest(self.forward_digest)
-payload_with_digest = cell_with_digest.pack_payload()
-
-encrypted_payload = self.forward_key.update(payload_with_digest)
-encrypted_cell = stem.client.cell.RawRelayCell(self.id, 
encrypted_payload)
+encrypted_cell, self.forward_digest, self.forward_key = 
cell.encrypt(self.forward_digest, self.forward_key)
 
 reply_cells = []
 self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
diff --git a/stem/client/cell.py b/stem/client/cell.py
index d1265c10..43dc076c 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -39,6 +39,7 @@ Messages communicated over a Tor relay's ORPort.
 +- pop - decodes cell with remainder
 """
 
+import copy
 import datetime
 import inspect
 import os
@@ -499,6 +500,40 @@ class RelayCell(CircuitCell):
 
 return new_cell, new_digest
 
+  def encrypt(self, digest, encryptor, **kwargs):
+"""
+Preps a cell payload, including calculating digest, and encrypts it,
+returning a new (RawRelayCell, digest, encryptor) tuple.
+
+The method name is technically a misnomer, as it also preps cell payload
+and applies the digest, prior to encrypting. However, these operations
+are defined per the spec as required for RELAY cells, and ...
+  (1) it is a natural mental extension to include them here;
+  (2) it would be a bit pointless to require method consumers to manually
+  call both, for pedantry.
+
+:param HASH digest: running digest held with the relay
+:param cryptography.hazmat.primitives.ciphers.CipherContext encryptor:
+  running stream cipher encryptor held with the relay
+
+:param bool prep_cell: (optional, defaults to **True**) refer to
+  :func:`~stem.client.cell.RelayCell.apply_digest`
+
+:returns: (:class:`~stem.client.cell.RawRelayCell`, HASH, CipherContext)
+  tuple of object copies updated as follows:
+* RawRelayCell: updated as specified in
+  :func:`~stem.client.cell.RelayCell.apply_digest`, then encrypted
+* digest: updated via digest.update(payload)
+* encryptor: updated via encryptor.update(payload_with_digest)
+"""
+
+unencrypted_cell, new_digest = self.apply_digest(digest, **kwargs)
+new_encryptor = copy.copy(encryptor)
+encrypted_payload = new_encryptor.update(unencrypted_cell.pack_payload())
+encrypted_cell = RawRelayCell(unencrypted_cell.circ_id, encrypted_payload)
+
+return encrypted_cell, new_digest, new_encryptor
+
   def pack_payload(self, **kwargs):
 """
 Convenience method for running



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Fix docstring 'import path' for RelayCommand

2018-08-26 Thread atagar

commit 36f341f7c882d846b1305beb1a29906a2b97d590
Author: Dave Rolek 
Date:   Sat Aug 11 19:18:09 2018 +

Fix docstring 'import path' for RelayCommand
---
 stem/client/__init__.py | 2 +-
 stem/client/cell.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 83c20365..b0500c4a 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -227,7 +227,7 @@ class Circuit(object):
 """
 Sends a message over the circuit.
 
-:param stem.client.RelayCommand command: command to be issued
+:param stem.client.datatype.RelayCommand command: command to be issued
 :param bytes data: message payload
 :param int stream_id: specific stream this concerns
 
diff --git a/stem/client/cell.py b/stem/client/cell.py
index 42b95571..381a7387 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -366,7 +366,7 @@ class RelayCell(CircuitCell):
   """
   Command concerning a relay circuit.
 
-  :var stem.client.RelayCommand command: command to be issued
+  :var stem.client.datatype.RelayCommand command: command to be issued
   :var int command_int: integer value of our command
   :var bytes data: payload of the cell
   :var int recognized: zero if cell is decrypted, otherwise mostly non-zero 
(can rarely be zero)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Further simplify digest application

2018-08-26 Thread atagar

commit 22e18791388009cb2fafebdb47605b047a288250
Author: Dave Rolek 
Date:   Fri Aug 10 21:22:35 2018 +

Further simplify digest application

The abstraction layers are starting to look better separated.
---
 stem/client/__init__.py | 13 +++--
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index b0500c4a..74b6d2bf 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -32,7 +32,6 @@ import threading
 import stem
 import stem.client.cell
 import stem.socket
-from stem.util import str_tools
 import stem.util.connection
 
 from stem.client.datatype import ZERO, LinkProtocol, Address, KDF
@@ -239,15 +238,9 @@ class Circuit(object):
   orig_key = copy.copy(self.forward_key)
 
   try:
-# Digests and such are computed using the RELAY cell payload.
-
-_, command_int = stem.client.datatype.RelayCommand.get(command)
-# coerce to bytes, just in case
-data = str_tools._to_bytes(data)
-
-payload_without_digest = 
stem.client.cell.RelayCell._pack_payload(command_int, 0, stream_id, 0, 
len(data), data)
-self.forward_digest.update(payload_without_digest)
-payload_with_digest = 
stem.client.cell.RelayCell._pack_payload(command_int, 0, stream_id, 
self.forward_digest, len(data), data)
+cell = stem.client.cell.RelayCell(self.id, command, data, stream_id = 
stream_id)
+cell.apply_digest(self.forward_digest)
+payload_with_digest = cell.pack_payload()
 
 encrypted_payload = self.forward_key.update(payload_with_digest)
 encrypted_cell = stem.client.cell.RawRelayCell(self.id, 
encrypted_payload)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor 'unused' and padding packing into the RELAY cell payload

2018-08-26 Thread atagar

commit 09c171d60c2b1414aae791d2347b6385caca03de
Author: Dave Rolek 
Date:   Thu Aug 9 20:28:15 2018 +

Refactor 'unused' and padding packing into the RELAY cell payload

This is more appropriate since the spec allows for (and recommends!)
different behavior for these bytes than other padding bytes.

However, presently the handling is identical.

It is also important that the _pack_payload() method be able to produce
a full-size payload, for simplifying encryption.
---
 stem/client/cell.py | 18 +++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 7c09d0e0..42b95571 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -424,9 +424,9 @@ class RelayCell(CircuitCell):
 return digest
 
   def pack(self, link_protocol):
-payload = RelayCell._pack_payload(self.command_int, self.recognized, 
self.stream_id, self.digest, len(self.data), self.data)
+payload = RelayCell._pack_payload(self.command_int, self.recognized, 
self.stream_id, self.digest, len(self.data), self.data, self.unused)
 
-return RelayCell._pack(link_protocol, payload, self.unused, self.circ_id)
+return RelayCell._pack(link_protocol, payload, unused = b'', circ_id = 
self.circ_id)
 
   @classmethod
   def _unpack(cls, content, circ_id, link_protocol):
@@ -457,7 +457,7 @@ class RelayCell(CircuitCell):
 return command, recognized, stream_id, digest, data_len, data, unused
 
   @staticmethod
-  def _pack_payload(command_int, recognized, stream_id, digest, data_len, 
data):
+  def _pack_payload(command_int, recognized, stream_id, digest, data_len, 
data, unused = b'', pad_remainder = True):
 """
 Directly pack the payload without any validation beyond Size constraints.
 
@@ -467,6 +467,8 @@ class RelayCell(CircuitCell):
 :param HASH,str,int digest: running digest held with the relay
 :param int data_len: length of body data
 :param bytes data: body data of the cell
+:param bytes unused: padding bytes to include after data
+:param bool pad_remaining: pads up to payload size if **True**
 
 :returns: **bytes** with the packed payload
 """
@@ -478,6 +480,16 @@ class RelayCell(CircuitCell):
 payload += Size.LONG.pack(RelayCell._coerce_digest(digest))
 payload += Size.SHORT.pack(data_len)
 payload += data
+payload += unused
+
+if len(payload) > FIXED_PAYLOAD_LEN:
+  raise ValueError('Payload is too large (%i bytes), must not be more than 
%i.' % (len(payload), FIXED_PAYLOAD_LEN))
+
+if pad_remainder:
+  # right now, it is acceptable to pad the remaining portion with ZEROs 
instead of random
+  # this is done due to threat model and simplifying some implementation
+  # however: in the future (TODO), this may become against the spec; see 
prop 289
+  payload += ZERO * (FIXED_PAYLOAD_LEN - len(payload))
 
 return bytes(payload)
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor payload parsing (unpacking) into separate method

2018-08-26 Thread atagar

commit 0d18570de51486ffa63ad0fe2f8b71be44b34f55
Author: Dave Rolek 
Date:   Wed Aug 8 17:31:29 2018 +

Refactor payload parsing (unpacking) into separate method

Eventually, having this separated out will help during decryption of
cells in multi-hop circuits - each layer of decryption must attempt to
interpret the payload in order to ascertain whether it has been fully
decrypted.
---
 stem/client/cell.py | 22 ++
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index a7b57326..9194c29c 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -436,6 +436,23 @@ class RelayCell(CircuitCell):
 
   @classmethod
   def _unpack(cls, content, circ_id, link_protocol):
+command, recognized, stream_id, digest, data_len, data, unused = 
RelayCell._unpack_payload(content)
+
+if len(data) != data_len:
+  raise ValueError('%s cell said it had %i bytes of data, but only had %i' 
% (cls.NAME, data_len, len(data)))
+
+return RelayCell(circ_id, command, data, digest, stream_id, recognized, 
unused)
+
+  @staticmethod
+  def _unpack_payload(content):
+"""
+Directly interpret the payload without any validation.
+
+:param bytes content: cell payload
+
+:returns: (command, recognized, stream_id, digest, data_len, data, unused) 
tuple
+"""
+
 command, content = Size.CHAR.pop(content)
 recognized, content = Size.SHORT.pop(content)  # 'recognized' field
 stream_id, content = Size.SHORT.pop(content)
@@ -443,10 +460,7 @@ class RelayCell(CircuitCell):
 data_len, content = Size.SHORT.pop(content)
 data, unused = split(content, data_len)
 
-if len(data) != data_len:
-  raise ValueError('%s cell said it had %i bytes of data, but only had %i' 
% (cls.NAME, data_len, len(data)))
-
-return RelayCell(circ_id, command, data, digest, stream_id, recognized, 
unused)
+return command, recognized, stream_id, digest, data_len, data, unused
 
   def __hash__(self):
 return stem.util._hash_attr(self, 'command_int', 'stream_id', 'digest', 
'data', cache = True)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Refactor payload packing into separate method

2018-08-26 Thread atagar

commit 71c8464c24e4b2af350cfdd9217c0712c538447a
Author: Dave Rolek 
Date:   Wed Aug 8 19:04:52 2018 +

Refactor payload packing into separate method

It's important to decouple packing the payload from packing the whole
cell.

This is probably not the final form this method will take, but in the
interim, it should help reduce the magnitude of violating the Cell
abstraction layer, for any payload encryption/decryption.
---
 stem/client/cell.py | 35 +++
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 9194c29c..7c09d0e0 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -424,15 +424,9 @@ class RelayCell(CircuitCell):
 return digest
 
   def pack(self, link_protocol):
-payload = bytearray()
-payload += Size.CHAR.pack(self.command_int)
-payload += Size.SHORT.pack(self.recognized)
-payload += Size.SHORT.pack(self.stream_id)
-payload += Size.LONG.pack(self.digest)
-payload += Size.SHORT.pack(len(self.data))
-payload += self.data
+payload = RelayCell._pack_payload(self.command_int, self.recognized, 
self.stream_id, self.digest, len(self.data), self.data)
 
-return RelayCell._pack(link_protocol, bytes(payload), self.unused, 
self.circ_id)
+return RelayCell._pack(link_protocol, payload, self.unused, self.circ_id)
 
   @classmethod
   def _unpack(cls, content, circ_id, link_protocol):
@@ -462,6 +456,31 @@ class RelayCell(CircuitCell):
 
 return command, recognized, stream_id, digest, data_len, data, unused
 
+  @staticmethod
+  def _pack_payload(command_int, recognized, stream_id, digest, data_len, 
data):
+"""
+Directly pack the payload without any validation beyond Size constraints.
+
+:param int command_int: integer value of our command
+:param int recognized: zero if cell is decrypted, otherwise mostly 
non-zero (can rarely be zero)
+:param int stream_id: specific stream this concerns
+:param HASH,str,int digest: running digest held with the relay
+:param int data_len: length of body data
+:param bytes data: body data of the cell
+
+:returns: **bytes** with the packed payload
+"""
+
+payload = bytearray()
+payload += Size.CHAR.pack(command_int)
+payload += Size.SHORT.pack(recognized)
+payload += Size.SHORT.pack(stream_id)
+payload += Size.LONG.pack(RelayCell._coerce_digest(digest))
+payload += Size.SHORT.pack(data_len)
+payload += data
+
+return bytes(payload)
+
   def __hash__(self):
 return stem.util._hash_attr(self, 'command_int', 'stream_id', 'digest', 
'data', cache = True)
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Simplify encryption/decryption implementation in Circuit

2018-08-26 Thread atagar

commit d355d01a7a4709ffc6941722248c9861e2acd306
Author: Dave Rolek 
Date:   Wed Aug 8 03:06:38 2018 +

Simplify encryption/decryption implementation in Circuit

This is a proof-of-concept change to show the benefits of migrating
finer details into the Cell abstraction.

It still arguably violates the Cell abstraction by using
RelayCell._unpack(), but that can be addressed in a later change.
---
 stem/client/__init__.py | 40 ++--
 1 file changed, 14 insertions(+), 26 deletions(-)

diff --git a/stem/client/__init__.py b/stem/client/__init__.py
index 24b6de38..71f6d390 100644
--- a/stem/client/__init__.py
+++ b/stem/client/__init__.py
@@ -34,7 +34,7 @@ import stem.client.cell
 import stem.socket
 import stem.util.connection
 
-from stem.client.datatype import ZERO, LinkProtocol, Address, Size, KDF, split
+from stem.client.datatype import ZERO, LinkProtocol, Address, KDF
 
 __all__ = [
   'cell',
@@ -237,45 +237,33 @@ class Circuit(object):
   orig_digest = self.forward_digest.copy()
   orig_key = copy.copy(self.forward_key)
 
-  # Digests and such are computed using the RELAY cell payload. This
-  # doesn't include the initial circuit id and cell type fields.
-  # Circuit ids vary in length depending on the protocol version.
-
-  header_size = self.relay.link_protocol.circ_id_size.size + 1
-
   try:
+# Digests and such are computed using the RELAY cell payload.
 cell = stem.client.cell.RelayCell(self.id, command, data, 0, stream_id)
-payload_without_digest = 
cell.pack(self.relay.link_protocol)[header_size:]
+payload_without_digest = 
cell.pack(self.relay.link_protocol)[-stem.client.cell.FIXED_PAYLOAD_LEN:]
 self.forward_digest.update(payload_without_digest)
 
 cell = stem.client.cell.RelayCell(self.id, command, data, 
self.forward_digest, stream_id)
-header, payload = split(cell.pack(self.relay.link_protocol), 
header_size)
-encrypted_payload = header + self.forward_key.update(payload)
+payload_with_digest = 
cell.pack(self.relay.link_protocol)[-stem.client.cell.FIXED_PAYLOAD_LEN:]
+encrypted_payload = self.forward_key.update(payload_with_digest)
+encrypted_cell = stem.client.cell.RawRelayCell(self.id, 
encrypted_payload)
 
 reply_cells = []
-self.relay._orport.send(encrypted_payload)
+self.relay._orport.send(encrypted_cell.pack(self.relay.link_protocol))
 reply = self.relay._orport.recv()
 
-# Check that we got the correct number of bytes for a series of RELAY 
cells
-
-relay_cell_size = header_size + stem.client.cell.FIXED_PAYLOAD_LEN
 relay_cell_cmd = stem.client.cell.RelayCell.VALUE
 
-if len(reply) % relay_cell_size != 0:
-  raise stem.ProtocolError('Circuit response should be a series of 
RELAY cells, but received an unexpected size for a response: %i' % len(reply))
-
 while reply:
-  circ_id, reply = self.relay.link_protocol.circ_id_size.pop(reply)
-  command, reply = Size.CHAR.pop(reply)
-  payload, reply = split(reply, stem.client.cell.FIXED_PAYLOAD_LEN)
+  raw_cell, reply = stem.client.cell.Cell.pop(reply, 
self.relay.link_protocol)
 
-  if command != relay_cell_cmd:
-raise stem.ProtocolError('RELAY cell responses should be %i but 
was %i' % (relay_cell_cmd, command))
-  elif circ_id != self.id:
-raise stem.ProtocolError('Response should be for circuit id %i, 
not %i' % (self.id, circ_id))
+  if raw_cell.VALUE != relay_cell_cmd:
+raise stem.ProtocolError('RELAY cell responses should be %i but 
was %i' % (relay_cell_cmd, raw_cell.VALUE))
+  elif raw_cell.circ_id != self.id:
+raise stem.ProtocolError('Response should be for circuit id %i, 
not %i' % (self.id, raw_cell.circ_id))
 
-  decrypted = self.backward_key.update(payload)
-  reply_cells.append(stem.client.cell.RelayCell._unpack(decrypted, 
self.id, self.relay.link_protocol))
+  decrypted_payload = self.backward_key.update(raw_cell.payload)
+  
reply_cells.append(stem.client.cell.RelayCell._unpack(decrypted_payload, 
self.id, self.relay.link_protocol))
 
 return reply_cells
   except:



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Document RawRelayCell in the module overview

2018-08-26 Thread atagar

commit 98398f6dbce3bca2f146d40abf3894ea2755e054
Author: Dave Rolek 
Date:   Thu Aug 9 19:18:13 2018 +

Document RawRelayCell in the module overview

The line is long, so this change also extends the vertically aligned
table format for other Cell classes, in a forward-looking manner.

Arguably this could've been part of the previous change, but it made
sense to break it out for readability purposes.
---
 stem/client/cell.py | 39 ---
 1 file changed, 20 insertions(+), 19 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 4f7aec79..f18318da 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -12,26 +12,27 @@ Messages communicated over a Tor relay's ORPort.
 
   Cell - Base class for ORPort messages.
 |- CircuitCell - Circuit management.
-|  |- CreateCell - Create a circuit.  (section 5.1)
-|  |- CreatedCell - Acknowledge create.   (section 5.1)
-|  |- BaseRelayCell - End-to-end data; abstract.  (section 6.1)
-|  |- RelayCell - End-to-end data.(section 6.1)
-|  |- DestroyCell - Stop using a circuit. (section 5.4)
-|  |- CreateFastCell - Create a circuit, no PK.   (section 5.1)
-|  |- CreatedFastCell - Circuit created, no PK.   (section 5.1)
-|  |- RelayEarlyCell - End-to-end data; limited.  (section 5.6)
-|  |- Create2Cell - Extended CREATE cell. (section 5.1)
-|  +- Created2Cell - Extended CREATED cell.   (section 5.1)
+|  |- CreateCell - Create a circuit.   
   (section 5.1)
+|  |- CreatedCell - Acknowledge create.
   (section 5.1)
+|  |- BaseRelayCell - End-to-end data; abstract.   
   (section 6.1)
+|  |  +- RawRelayCell - End-to-end data. Payload not unpacked. 
   (section 5.5.2.1, 5.5.3)
+|  |- RelayCell - End-to-end data. 
   (section 6.1)
+|  |- DestroyCell - Stop using a circuit.  
   (section 5.4)
+|  |- CreateFastCell - Create a circuit, no PK.
   (section 5.1)
+|  |- CreatedFastCell - Circuit created, no PK.
   (section 5.1)
+|  |- RelayEarlyCell - End-to-end data; limited.   
   (section 5.6)
+|  |- Create2Cell - Extended CREATE cell.  
   (section 5.1)
+|  +- Created2Cell - Extended CREATED cell.
   (section 5.1)
 |
-|- PaddingCell - Padding negotiation. (section 7.2)
-|- VersionsCell - Negotiate proto version.(section 4)
-|- NetinfoCell - Time and address info.   (section 4.5)
-|- PaddingNegotiateCell - Padding negotiation.(section 7.2)
-|- VPaddingCell - Variable-length padding.(section 7.2)
-|- CertsCell - Relay certificates.(section 4.2)
-|- AuthChallengeCell - Challenge value.   (section 4.3)
-|- AuthenticateCell - Client authentication.  (section 4.5)
-|- AuthorizeCell - Client authorization.  (not yet used)
+|- PaddingCell - Padding negotiation.  
   (section 7.2)
+|- VersionsCell - Negotiate proto version. 
   (section 4)
+|- NetinfoCell - Time and address info.
   (section 4.5)
+|- PaddingNegotiateCell - Padding negotiation. 
   (section 7.2)
+|- VPaddingCell - Variable-length padding. 
   (section 7.2)
+|- CertsCell - Relay certificates. 
   (section 4.2)
+|- AuthChallengeCell - Challenge value.
   (section 4.3)
+|- AuthenticateCell - Client authentication.   
   (section 4.5)
+|- AuthorizeCell - Client authorization.   
   (not yet used)
 |
 |- pack - encodes cell into bytes
 |- unpack - decodes series of cells



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add RawRelayCell and temp-fix RelayCell tests (interim)

2018-08-26 Thread atagar

commit 5d86cbde132d7912c411d9134eee6cc05b745d94
Author: Dave Rolek 
Date:   Wed Aug 8 01:14:27 2018 +

Add RawRelayCell and temp-fix RelayCell tests (interim)

Notably, this along with CANNOT_DIRECTLY_UNPACK for RelayCell (prior
change) allows Cell.pop() and Cell.unpack() to be executed directly on
received bytes from a connection, and still process encrypted cells
correctly into RELAY cells, to be decrypted later.

RelayCell tests marked with TODO where temp-fix was applied.

RelayCell implementation will gradually be improved/refactored into
better supporting subclasses per command.
---
 stem/client/cell.py  |  5 +
 test/unit/client/cell.py | 34 --
 2 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index dcebc544..4f7aec79 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -356,6 +356,11 @@ class BaseRelayCell(CircuitCell):
 return stem.util._hash_attr(self, 'circ_id', 'payload', cache = True)
 
 
+class RawRelayCell(BaseRelayCell):
+  NAME = 'RELAY'
+  VALUE = 3
+
+
 class RelayCell(CircuitCell):
   """
   Command concerning a relay circuit.
diff --git a/test/unit/client/cell.py b/test/unit/client/cell.py
index b8fe58df..3e091ee5 100644
--- a/test/unit/client/cell.py
+++ b/test/unit/client/cell.py
@@ -15,6 +15,7 @@ from stem.client.cell import (
   Cell,
   PaddingCell,
   BaseRelayCell,
+  RawRelayCell,
   RelayCell,
   DestroyCell,
   CreateFastCell,
@@ -93,20 +94,24 @@ AUTH_CHALLENGE_CELLS = {
 
 class TestCell(unittest.TestCase):
   def test_by_name(self):
-cls = Cell.by_name('NETINFO')
-self.assertEqual('NETINFO', cls.NAME)
-self.assertEqual(8, cls.VALUE)
-self.assertEqual(True, cls.IS_FIXED_SIZE)
+for (expected_class, name, value, is_fixed_size) in ((NetinfoCell, 
'NETINFO', 8, True), (RawRelayCell, 'RELAY', 3, True)):
+  cls = Cell.by_name(name)
+  self.assertEqual(expected_class, cls)
+  self.assertEqual(name, cls.NAME)
+  self.assertEqual(value, cls.VALUE)
+  self.assertEqual(is_fixed_size, cls.IS_FIXED_SIZE)
 
 self.assertRaises(ValueError, Cell.by_name, 'NOPE')
 self.assertRaises(ValueError, Cell.by_name, 85)
 self.assertRaises(ValueError, Cell.by_name, None)
 
   def test_by_value(self):
-cls = Cell.by_value(8)
-self.assertEqual('NETINFO', cls.NAME)
-self.assertEqual(8, cls.VALUE)
-self.assertEqual(True, cls.IS_FIXED_SIZE)
+for (expected_class, name, value, is_fixed_size) in ((NetinfoCell, 
'NETINFO', 8, True), (RawRelayCell, 'RELAY', 3, True)):
+  cls = Cell.by_value(value)
+  self.assertEqual(expected_class, cls)
+  self.assertEqual(name, cls.NAME)
+  self.assertEqual(value, cls.VALUE)
+  self.assertEqual(is_fixed_size, cls.IS_FIXED_SIZE)
 
 self.assertRaises(ValueError, Cell.by_value, 'NOPE')
 self.assertRaises(ValueError, Cell.by_value, 85)
@@ -230,7 +235,12 @@ class TestCell(unittest.TestCase):
 self.assertEqual(cell_bytes, RelayCell(circ_id, command, data, digest, 
stream_id, unused = unused).pack(link_protocol))
 self.assertEqual(cell_bytes, RelayCell(circ_id, command_int, data, 
digest, stream_id, unused = unused).pack(link_protocol))
 
-  cell = Cell.pop(cell_bytes, link_protocol)[0]
+  # TODO - temporarily, we hack the interim tests by unpacking info via 
RawRelayCell
+  raw_cell = Cell.pop(cell_bytes, link_protocol)[0]
+  self.assertEqual(circ_id, raw_cell.circ_id)
+  self.assertEqual(cell_bytes[-FIXED_PAYLOAD_LEN:], raw_cell.payload)
+
+  cell = RelayCell._unpack(raw_cell.payload, raw_cell.circ_id, 
link_protocol)
   self.assertEqual(circ_id, cell.circ_id)
   self.assertEqual(command, cell.command)
   self.assertEqual(command_int, cell.command_int)
@@ -238,7 +248,9 @@ class TestCell(unittest.TestCase):
   self.assertEqual(digest, cell.digest)
   self.assertEqual(stream_id, cell.stream_id)
   self.assertEqual(unused, cell.unused)
+
   self.assertEqual(cell_bytes, cell.pack(link_protocol))
+  self.assertEqual(cell_bytes, raw_cell.pack(link_protocol))
 
 digest = hashlib.sha1(b'hi')
 self.assertEqual(3257622417, RelayCell(5, 'RELAY_BEGIN_DIR', '', digest, 
564346860).digest)
@@ -258,7 +270,9 @@ class TestCell(unittest.TestCase):
   ZERO * 498,  # data
 ))
 
-self.assertRaisesWith(ValueError, 'RELAY cell said it had 65535 bytes of 
data, but only had 498', Cell.pop, mismatched_data_length_bytes, 2)
+# TODO - temporarily, we hack the interim tests by unpacking info via 
RawRelayCell
+raw_cell = Cell.pop(mismatched_data_length_bytes, 2)[0]
+self.assertRaisesWith(ValueError, 'RELAY cell said it had 65535 bytes of 
data, but only had 498', RelayCell._unpack, raw_cell.payload, raw_cell.circ_id, 
2)
 
   def test_destroy_cell(self):
 for cell_bytes, (circ_id, reason, reason_int, unused, link_protocol) in 
DESTROY_CELLS.items():

[tor-commits] [stem/master] Standardize some docstring keywords

2018-08-26 Thread atagar

commit a737624f08aa2a46ff6a91c5459c7644b1e26e3b
Author: Dave Rolek 
Date:   Wed Aug 8 19:13:15 2018 +

Standardize some docstring keywords

s/:parm /:param /
s/:raise:/:raises:/
s/:return:/:returns:/
---
 stem/client/cell.py | 14 +++---
 stem/util/log.py|  2 +-
 stem/util/term.py   |  2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index f18318da..5ad57788 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -104,9 +104,9 @@ class Cell(object):
 """
 Provides cell attributes by its name.
 
-:parm str name: cell command to fetch
+:param str name: cell command to fetch
 
-:raise: **ValueError** if cell type is invalid
+:raises: **ValueError** if cell type is invalid
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
@@ -120,9 +120,9 @@ class Cell(object):
 """
 Provides cell attributes by its value.
 
-:parm int value: cell value to fetch
+:param int value: cell value to fetch
 
-:raise: **ValueError** if cell type is invalid
+:raises: **ValueError** if cell type is invalid
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
@@ -202,9 +202,9 @@ class Cell(object):
 :param bytes payload: cell payload
 :param int circ_id: circuit id, if a CircuitCell
 
-:return: **bytes** with the encoded payload
+:returns: **bytes** with the encoded payload
 
-:raise: **ValueError** if cell type invalid or payload makes cell too large
+:raises: **ValueError** if cell type invalid or payload makes cell too 
large
 """
 
 if issubclass(cls, CircuitCell):
@@ -369,7 +369,7 @@ class RelayCell(CircuitCell):
   :var stem.client.RelayCommand command: command to be issued
   :var int command_int: integer value of our command
   :var bytes data: payload of the cell
-  :var int recognized: zero if cell is decrypted, non-zero otherwise
+  :var int recognized: zero if cell is decrypted, otherwise mostly non-zero 
(can rarely be zero)
   :var int digest: running digest held with the relay
   :var int stream_id: specific stream this concerns
   """
diff --git a/stem/util/log.py b/stem/util/log.py
index 81fc88a6..0b2de90a 100644
--- a/stem/util/log.py
+++ b/stem/util/log.py
@@ -103,7 +103,7 @@ def get_logger():
   """
   Provides the stem logger.
 
-  :return: **logging.Logger** for stem
+  :returns: **logging.Logger** for stem
   """
 
   return LOGGER
diff --git a/stem/util/term.py b/stem/util/term.py
index 3c6fe73a..b4acd61f 100644
--- a/stem/util/term.py
+++ b/stem/util/term.py
@@ -80,7 +80,7 @@ def encoding(*attrs):
 :data:`~stem.util.terminal.BgColor`, or :data:`~stem.util.terminal.Attr` to
 provide an ecoding for
 
-  :return: **str** of the ANSI escape sequence, **None** no attributes are
+  :returns: **str** of the ANSI escape sequence, **None** no attributes are
 recognized
   """
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add abstract BaseRelayCell class

2018-08-26 Thread atagar

commit 240b125b01bc7ab2e517852d2e7f5947a799d345
Author: Dave Rolek 
Date:   Fri Aug 3 14:56:31 2018 +

Add abstract BaseRelayCell class

It's intended to defined common Relay cell functionality, for encrypted
and decrypted cells.

By unpacking content no further than the payload, this abstraction
should allow a lot of flexibility in handling Relay cells prior to
decryption.

Note that unpacking is not yet possible - subclasses must be defined
with a VALUE. (Namely: RELAY and RELAY_EARLY)
---
 stem/client/cell.py  | 36 
 test/unit/client/cell.py | 31 +++
 2 files changed, 67 insertions(+)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index 12fa994c..a4fb1a67 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -14,6 +14,7 @@ Messages communicated over a Tor relay's ORPort.
 |- CircuitCell - Circuit management.
 |  |- CreateCell - Create a circuit.  (section 5.1)
 |  |- CreatedCell - Acknowledge create.   (section 5.1)
+|  |- BaseRelayCell - End-to-end data; abstract.  (section 6.1)
 |  |- RelayCell - End-to-end data.(section 6.1)
 |  |- DestroyCell - Stop using a circuit. (section 5.4)
 |  |- CreateFastCell - Create a circuit, no PK.   (section 5.1)
@@ -83,6 +84,7 @@ class Cell(object):
   The following cell types explicitly don't have *unused* content:
 * PaddingCell (we consider all content part of payload)
 * VersionsCell (all content is unpacked and treated as a version 
specification)
+* BaseRelayCell (we don't parse cell beyond header/body)
 * VPaddingCell (we consider all content part of payload)
 
   :var bytes unused: unused filler that padded the cell to the expected size
@@ -320,6 +322,40 @@ class CreatedCell(CircuitCell):
 super(CreatedCell, self).__init__()  # TODO: implement
 
 
+class BaseRelayCell(CircuitCell):
+  """
+  Cell whose subclasses are relayed over circuits.
+
+  :var bytes payload: raw payload, quite possibly encrypted
+  """
+
+  NAME = 'INTERNAL_BASE_RELAY'  # defined for error/other strings
+  IS_FIXED_SIZE = True  # all relay cells are fixed-size
+
+  # other attributes are deferred to subclasses, since this class cannot be 
directly unpacked
+
+  def __init__(self, circ_id, payload):
+if not payload:
+  raise ValueError('Relay cells require a payload')
+if len(payload) != FIXED_PAYLOAD_LEN:
+  raise ValueError('Payload should be %i bytes, but was %i' % 
(FIXED_PAYLOAD_LEN, len(payload)))
+
+super(BaseRelayCell, self).__init__(circ_id, unused = b'')
+self.payload = payload
+
+  def pack(self, link_protocol):
+# unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
+return type(self)._pack(link_protocol, self.payload, circ_id = 
self.circ_id)
+
+  @classmethod
+  def _unpack(cls, content, circ_id, link_protocol):
+# unlike everywhere else, we actually want to use the subclass type, NOT 
*this* class
+return cls(circ_id, content)
+
+  def __hash__(self):
+return stem.util._hash_attr(self, 'circ_id', 'payload', cache = True)
+
+
 class RelayCell(CircuitCell):
   """
   Command concerning a relay circuit.
diff --git a/test/unit/client/cell.py b/test/unit/client/cell.py
index ce492638..278e0b4c 100644
--- a/test/unit/client/cell.py
+++ b/test/unit/client/cell.py
@@ -5,6 +5,7 @@ Unit tests for the stem.client.cell.
 import datetime
 import hashlib
 import os
+import struct
 import unittest
 
 from stem.client.datatype import ZERO, CertType, CloseReason, Address, 
Certificate
@@ -14,6 +15,7 @@ from stem.client.cell import (
   FIXED_PAYLOAD_LEN,
   Cell,
   PaddingCell,
+  BaseRelayCell,
   RelayCell,
   DestroyCell,
   CreateFastCell,
@@ -188,6 +190,35 @@ class TestCell(unittest.TestCase):
   self.assertEqual(b'', cell.unused)  # always empty
   self.assertEqual(cell_bytes, cell.pack(link_protocol))
 
+  def test_base_relay_cell(self):
+arbitrary_circ_id = 123
+even_more_arbitrary_link_protocol = 1234
+
+cell = BaseRelayCell(arbitrary_circ_id, RANDOM_PAYLOAD)
+self.assertEqual(RANDOM_PAYLOAD, cell.payload)
+self.assertEqual(arbitrary_circ_id, cell.circ_id)
+self.assertEqual(True, cell.IS_FIXED_SIZE)
+
+# Cell.unpack not reachable - won't be tested
+# but we can at least directly test _unpack, although it's a pretty simple 
method
+cell_2 = BaseRelayCell._unpack(RANDOM_PAYLOAD, arbitrary_circ_id, 
even_more_arbitrary_link_protocol)
+self.assertEqual(cell, cell_2)
+
+# pack not possible, but easily callable
+self.assertRaises(struct.error, cell.pack, 
even_more_arbitrary_link_protocol)
+
+# check other values and inequality
+for (circ_id, payload) in ((arbitrary_circ_id, ZERO * FIXED_PAYLOAD_LEN), 
(arbitrary_circ_id + 1, RANDOM_PAYLOAD)):
+  unequal_cell = BaseRelayCell(circ_id, payload)
+

[tor-commits] [stem/master] Optimize error check for non-negative inputs

2018-08-26 Thread atagar

commit 71bb7d5e42125f2d89c8dddc56fa16c71989c5cd
Author: Dave Rolek 
Date:   Tue Aug 7 18:32:31 2018 +

Optimize error check for non-negative inputs

stem.client presently makes typical use of non-negative inputs with
unsigned types.
---
 stem/client/datatype.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stem/client/datatype.py b/stem/client/datatype.py
index e19adfb1..1c7aec77 100644
--- a/stem/client/datatype.py
+++ b/stem/client/datatype.py
@@ -358,7 +358,7 @@ class Size(Field):
   def pack(self, content):
 if not stem.util._is_int(content):
   raise ValueError('Size.pack encodes an integer, but was a %s' % 
type(content).__name__)
-if self.unsigned and content < 0:
+if content < 0 and self.unsigned:
   raise ValueError('A %s field cannot pack negative values, but %i was 
tried' % (self.name, content))
 
 packed = struct.pack(self.format, content)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Adjust test expectation for the different exception rising from Size

2018-08-26 Thread atagar

commit cb9ff0b16dcac642daa8664a84326d802bead157
Author: Dave Rolek 
Date:   Tue Aug 7 18:56:24 2018 +

Adjust test expectation for the different exception rising from Size
---
 test/unit/client/cell.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/unit/client/cell.py b/test/unit/client/cell.py
index 278e0b4c..a6ddf3ea 100644
--- a/test/unit/client/cell.py
+++ b/test/unit/client/cell.py
@@ -5,7 +5,6 @@ Unit tests for the stem.client.cell.
 import datetime
 import hashlib
 import os
-import struct
 import unittest
 
 from stem.client.datatype import ZERO, CertType, CloseReason, Address, 
Certificate
@@ -205,7 +204,8 @@ class TestCell(unittest.TestCase):
 self.assertEqual(cell, cell_2)
 
 # pack not possible, but easily callable
-self.assertRaises(struct.error, cell.pack, 
even_more_arbitrary_link_protocol)
+# lots of things cause a ValueError, so this check isn't very specific, 
but the wording comes from Size and so isn't under the purview of this unit
+self.assertRaises(ValueError, cell.pack, even_more_arbitrary_link_protocol)
 
 # check other values and inequality
 for (circ_id, payload) in ((arbitrary_circ_id, ZERO * FIXED_PAYLOAD_LEN), 
(arbitrary_circ_id + 1, RANDOM_PAYLOAD)):



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add CANNOT_DIRECTLY_UNPACK facility; set True for existing RelayCell

2018-08-26 Thread atagar

commit 77310c9cb96c0367412afbc6535ea54fe25fc442
Author: Dave Rolek 
Date:   Tue Aug 7 21:45:26 2018 +

Add CANNOT_DIRECTLY_UNPACK facility; set True for existing RelayCell

Since RELAY cells come across the wire encrypted, they cannot be
directly unpacked - their payload must first be decrypted.

Note that this breaks unpacking RelayCell in the interim.
---
 stem/client/cell.py  | 5 +++--
 test/unit/client/cell.py | 2 ++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/stem/client/cell.py b/stem/client/cell.py
index a4fb1a67..dcebc544 100644
--- a/stem/client/cell.py
+++ b/stem/client/cell.py
@@ -109,7 +109,7 @@ class Cell(object):
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
-  if name == getattr(cls, 'NAME', UNDEFINED):
+  if name == getattr(cls, 'NAME', UNDEFINED) and not getattr(cls, 
'CANNOT_DIRECTLY_UNPACK', False):
 return cls
 
 raise ValueError("'%s' isn't a valid cell type" % name)
@@ -125,7 +125,7 @@ class Cell(object):
 """
 
 for _, cls in inspect.getmembers(sys.modules[__name__]):
-  if value == getattr(cls, 'VALUE', UNDEFINED):
+  if value == getattr(cls, 'VALUE', UNDEFINED) and not getattr(cls, 
'CANNOT_DIRECTLY_UNPACK', False):
 return cls
 
 raise ValueError("'%s' isn't a valid cell value" % value)
@@ -371,6 +371,7 @@ class RelayCell(CircuitCell):
   NAME = 'RELAY'
   VALUE = 3
   IS_FIXED_SIZE = True
+  CANNOT_DIRECTLY_UNPACK = True
 
   def __init__(self, circ_id, command, data, digest = 0, stream_id = 0, 
recognized = 0, unused = b''):
 if 'HASH' in str(type(digest)):
diff --git a/test/unit/client/cell.py b/test/unit/client/cell.py
index a6ddf3ea..b8fe58df 100644
--- a/test/unit/client/cell.py
+++ b/test/unit/client/cell.py
@@ -220,6 +220,8 @@ class TestCell(unittest.TestCase):
   self.assertRaisesWith(ValueError, expected_message_format % payload_len, 
BaseRelayCell, arbitrary_circ_id, ZERO * payload_len)
 
   def test_relay_cell(self):
+self.assertEquals(True, RelayCell.CANNOT_DIRECTLY_UNPACK)
+
 for cell_bytes, (command, command_int, circ_id, stream_id, data, digest, 
unused, link_protocol) in RELAY_CELLS.items():
   if not unused.strip(ZERO):
 self.assertEqual(cell_bytes, RelayCell(circ_id, command, data, digest, 
stream_id).pack(link_protocol))



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Provide a nicer error message for packing negative numbers with unsigned types

2018-08-26 Thread atagar

commit 2fa32642d4b734821746d2488334ef68c38ad634
Author: Dave Rolek 
Date:   Mon Aug 6 21:45:26 2018 +

Provide a nicer error message for packing negative numbers with unsigned 
types
---
 stem/client/datatype.py  | 3 +++
 test/unit/client/size.py | 9 +
 2 files changed, 12 insertions(+)

diff --git a/stem/client/datatype.py b/stem/client/datatype.py
index 5ca4e820..e19adfb1 100644
--- a/stem/client/datatype.py
+++ b/stem/client/datatype.py
@@ -349,6 +349,7 @@ class Size(Field):
 self.name = name
 self.size = size
 self.format = pack_format
+self.unsigned = pack_format.isupper()
 
   @staticmethod
   def pop(packed):
@@ -357,6 +358,8 @@ class Size(Field):
   def pack(self, content):
 if not stem.util._is_int(content):
   raise ValueError('Size.pack encodes an integer, but was a %s' % 
type(content).__name__)
+if self.unsigned and content < 0:
+  raise ValueError('A %s field cannot pack negative values, but %i was 
tried' % (self.name, content))
 
 packed = struct.pack(self.format, content)
 
diff --git a/test/unit/client/size.py b/test/unit/client/size.py
index eebe3619..3d7d796f 100644
--- a/test/unit/client/size.py
+++ b/test/unit/client/size.py
@@ -7,17 +7,22 @@ import unittest
 
 from stem.client.datatype import Size
 
+SIGNED_CHAR = Size('SIGNED_CHAR', 1, '!b')
+
 
 class TestSize(unittest.TestCase):
   def test_attributes(self):
 self.assertEqual('CHAR', Size.CHAR.name)
 self.assertEqual('!B', Size.CHAR.format)
+self.assertEqual(True, Size.CHAR.unsigned)
 
 self.assertEqual(1, Size.CHAR.size)
 self.assertEqual(2, Size.SHORT.size)
 self.assertEqual(4, Size.LONG.size)
 self.assertEqual(8, Size.LONG_LONG.size)
 
+self.assertEqual(False, SIGNED_CHAR.unsigned)
+
   def test_pack(self):
 self.assertEqual(b'\x12', Size.CHAR.pack(18))
 self.assertEqual(b'\x00\x12', Size.SHORT.pack(18))
@@ -26,9 +31,13 @@ class TestSize(unittest.TestCase):
 
 self.assertRaisesWith(ValueError, 'Size.pack encodes an integer, but was a 
str', Size.CHAR.pack, 'hi')
 
+self.assertRaisesWith(ValueError, 'A CHAR field cannot pack negative 
values, but -1 was tried', Size.CHAR.pack, -1)
+
 bad_size = Size('BAD_SIZE', 1, '!H')
 self.assertRaisesRegexp(ValueError, re.escape("'\\x00\\x12' is the wrong 
size for a BAD_SIZE field"), bad_size.pack, 18)
 
+self.assertEqual(b'\xFF', SIGNED_CHAR.pack(-1))
+
   def test_unpack(self):
 self.assertEqual(18, Size.CHAR.unpack(b'\x12'))
 self.assertEqual(18, Size.SHORT.unpack(b'\x00\x12'))



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! Bug 21569: Add first-party domain to Permissions key

2018-08-26 Thread gk

commit d55b7bb578cf644e780d27efa2355c2046bcf689
Author: Kathy Brade 
Date:   Thu Aug 23 09:32:36 2018 -0400

fixup! Bug 21569: Add first-party domain to Permissions key
---
 browser/components/uitour/content-UITour.js |  3 ++-
 extensions/cookie/nsPermissionManager.cpp   | 28 ++--
 2 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/browser/components/uitour/content-UITour.js 
b/browser/components/uitour/content-UITour.js
index be51b8383d6b..88d300c91419 100644
--- a/browser/components/uitour/content-UITour.js
+++ b/browser/components/uitour/content-UITour.js
@@ -48,7 +48,8 @@ var UITourListener = {
 if (!this.isSafeScheme(uri))
   return false;
 
-let permission = Services.perms.testPermission(uri, UITOUR_PERMISSION);
+let permission = Services.perms.testPermissionFromPrincipal(
+  content.document.nodePrincipal, UITOUR_PERMISSION);
 if (permission == Services.perms.ALLOW_ACTION)
   return true;
 
diff --git a/extensions/cookie/nsPermissionManager.cpp 
b/extensions/cookie/nsPermissionManager.cpp
index 29958695f851..62c7277c7d84 100644
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@@ -207,7 +207,8 @@ GetOriginFromPrincipal(nsIPrincipal* aPrincipal, 
nsACString& aOrigin)
 }
 
 nsresult
-GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal)
+GetPrincipalFromOrigin(const nsACString& aOrigin, bool aAddFirstParty,
+   nsIPrincipal** aPrincipal)
 {
   nsAutoCString originNoSuffix;
   mozilla::OriginAttributes attrs;
@@ -223,6 +224,13 @@ GetPrincipalFromOrigin(const nsACString& aOrigin, 
nsIPrincipal** aPrincipal)
   nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
   NS_ENSURE_SUCCESS(rv, rv);
 
+  // aAddFirstParty is true when adding the default permissions from
+  // browser/app/permissions because those permissions refer to the
+  // first party domain.
+  if (aAddFirstParty) {
+attrs.SetFirstPartyDomain(true, uri);
+  }
+
   nsCOMPtr principal = 
mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs);
   principal.forget(aPrincipal);
   return NS_OK;
@@ -419,7 +427,7 @@ public:
  int64_t aModificationTime) final
   {
 nsCOMPtr principal;
-nsresult rv = GetPrincipalFromOrigin(aOrigin, getter_AddRefs(principal));
+nsresult rv = GetPrincipalFromOrigin(aOrigin, false, 
getter_AddRefs(principal));
 NS_ENSURE_SUCCESS(rv, rv);
 
 return mPm->AddInternal(principal, aType, aPermission, mID,
@@ -2250,7 +2258,7 @@ nsPermissionManager::GetPermissionObject(nsIPrincipal* 
aPrincipal,
   }
 
   nsCOMPtr principal;
-  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin, 
getter_AddRefs(principal));
+  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin, false, 
getter_AddRefs(principal));
   NS_ENSURE_SUCCESS(rv, rv);
 
   PermissionEntry& perm = entry->GetPermissions()[idx];
@@ -2498,7 +2506,7 @@ NS_IMETHODIMP 
nsPermissionManager::GetEnumerator(nsISimpleEnumerator **aEnum)
   }
 
   nsCOMPtr principal;
-  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin,
+  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin, false,
getter_AddRefs(principal));
   if (NS_FAILED(rv)) {
 continue;
@@ -2593,7 +2601,7 @@ nsPermissionManager::RemoveAllModifiedSince(int64_t 
aModificationTime)
   }
 
   nsCOMPtr principal;
-  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin,
+  nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin, false,
getter_AddRefs(principal));
   if (NS_FAILED(rv)) {
 continue;
@@ -2664,7 +2672,7 @@ 
nsPermissionManager::RemovePermissionsWithAttributes(mozilla::OriginAttributesPa
 PermissionHashKey* entry = iter.Get();
 
 nsCOMPtr principal;
-nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin,
+nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin, false,
  getter_AddRefs(principal));
 if (NS_FAILED(rv)) {
   continue;
@@ -2851,7 +2859,7 @@ nsPermissionManager::Read()
 modificationTime = stmt->AsInt64(6);
 
 nsCOMPtr principal;
-nsresult rv = GetPrincipalFromOrigin(origin, getter_AddRefs(principal));
+nsresult rv = GetPrincipalFromOrigin(origin, false, 
getter_AddRefs(principal));
 if (NS_FAILED(rv)) {
   readError = true;
   continue;
@@ -3010,7 +3018,7 @@ nsPermissionManager::_DoImport(nsIInputStream 
*inputStream, mozIStorageConnectio
 continue;
 
   nsCOMPtr principal;
-  error = GetPrincipalFromOrigin(lineArray[3], getter_AddRefs(principal));
+  error = GetPrincipalFromOrigin(lineArray[3], true, 
getter_AddRefs(principal));
   if (NS_FAILED(error)) {
 NS_WARNING("Couldn't import an origin permission - malformed origin");
 continue;
@@

[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 26962 - implement new features onboarding (part 1).

2018-08-26 Thread gk

commit 69b8d3553d21796db96c0913c5747f8724b9b662
Author: Kathy Brade 
Date:   Fri Aug 24 14:47:31 2018 -0400

Bug 26962 - implement new features onboarding (part 1).

Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.

Allow a few additional UITour actions while limiting as much as possible
how it can be used.

Tweak the UITour styles to match the Tor Browser branding.

All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
---
 browser/app/permissions|   2 +
 browser/components/uitour/UITour.jsm   |  51 +++-
 browser/components/uitour/content-UITour.js|   2 +-
 browser/extensions/onboarding/bootstrap.js |  16 ++
 .../content/onboarding-tor-circuit-display.js  | 283 +
 .../onboarding/content/onboarding-tour-agent.js|   3 -
 .../extensions/onboarding/content/onboarding.js|   6 +-
 browser/extensions/onboarding/jar.mn   |   1 +
 browser/themes/shared/UITour.inc.css   |  30 +--
 9 files changed, 366 insertions(+), 28 deletions(-)

diff --git a/browser/app/permissions b/browser/app/permissions
index b4b166c755ae..ac3464afd41c 100644
--- a/browser/app/permissions
+++ b/browser/app/permissions
@@ -7,6 +7,8 @@
 # See nsPermissionManager.cpp for more...
 
 # UITour
+# DuckDuckGo .onion (used for circuit display onboarding).
+origin uitour  1   https://3g2upl4pq6kufc4m.onion
 origin uitour  1   about:home
 origin uitour  1   about:newtab
 origin uitour  1   about:tor
diff --git a/browser/components/uitour/UITour.jsm 
b/browser/components/uitour/UITour.jsm
index b282d5c2d885..ce3e20fda662 100644
--- a/browser/components/uitour/UITour.jsm
+++ b/browser/components/uitour/UITour.jsm
@@ -42,9 +42,23 @@ const PREF_LOG_LEVEL  = "browser.uitour.loglevel";
 const PREF_SEENPAGEIDS= "browser.uitour.seenPageIDs";
 
 const TOR_BROWSER_PAGE_ACTIONS_ALLOWED = new Set([
+  "showInfo",  // restricted to TOR_BROWSER_TARGETS_ALLOWED
+  "showMenu",  // restricted to TOR_BROWSER_MENUS_ALLOWED
+  "hideMenu",  // restricted to TOR_BROWSER_MENUS_ALLOWED
+  "closeTab",
   "torBrowserOpenSecuritySettings",
 ]);
 
+const TOR_BROWSER_TARGETS_ALLOWED = new Set([
+  "torBrowser-circuitDisplay",
+  "torBrowser-circuitDisplay-diagram",
+  "torBrowser-circuitDisplay-newCircuitButton",
+]);
+
+const TOR_BROWSER_MENUS_ALLOWED = new Set([
+  "controlCenter",
+]);
+
 const BACKGROUND_PAGE_ACTIONS_ALLOWED = new Set([
   "forceShowReaderIcon",
   "getConfiguration",
@@ -103,6 +117,14 @@ var UITour = {
 
   highlightEffects: ["random", "wobble", "zoom", "color"],
   targets: new Map([
+["torBrowser-circuitDisplay", {
+  query: "#connection-icon",
+}],
+["torBrowser-circuitDisplay-diagram",
+  torBrowserCircuitDisplayTarget("circuit-display-nodes")],
+["torBrowser-circuitDisplay-newCircuitButton",
+  torBrowserCircuitDisplayTarget("circuit-reload-button")],
+
 ["accountStatus", {
   query: (aDocument) => {
 // If the user is logged in, use the avatar element.
@@ -945,7 +967,7 @@ var UITour = {
 
   // This function is copied to UITourListener.
   isSafeScheme(aURI) {
-let allowedSchemes = new Set(["about"]);
+let allowedSchemes = new Set(["about", "https"]);
 
 if (!allowedSchemes.has(aURI.scheme)) {
   log.error("Unsafe scheme:", aURI.scheme);
@@ -988,7 +1010,10 @@ var UITour = {
   return Promise.reject("Invalid target name specified");
 }
 
-let targetObject = this.targets.get(aTargetName);
+let targetObject;
+if (TOR_BROWSER_TARGETS_ALLOWED.has(aTargetName)) {
+  targetObject = this.targets.get(aTargetName);
+}
 if (!targetObject) {
   log.warn("getTarget: The specified target name is not in the allowed 
set");
   return Promise.reject("The specified target name is not in the allowed 
set");
@@ -1389,6 +1414,10 @@ var UITour = {
   },
 
   showMenu(aWindow, aMenuName, aOpenCallback = null) {
+if (!TOR_BROWSER_MENUS_ALLOWED.has(aMenuName)) {
+  return;
+}
+
 log.debug("showMenu:", aMenuName);
 function openMenuButton(aMenuBtn) {
   if (!aMenuBtn || !aMenuBtn.boxObject || aMenuBtn.open) {
@@ -1485,6 +1514,10 @@ var UITour = {
   },
 
   hideMenu(aWindow, aMenuName) {
+if (!TOR_BROWSER_MENUS_ALLOWED.has(aMenuName)) {
+  return;
+}
+
 log.debug("hideMenu:", aMenuName);
 function closeMenuButton(aMenuBtn) {
   if (aMenuBtn && aMenuBtn.boxObject)
@@ -1872,6 +1905,20 @@ function controlCenterTrackingToggleTarget(aUnblock) {
   };
 }
 
+function torBrowserCircuitDisplayTarget(aElemID) {
+  return {
+infoPanelPosition: "rightcenter topleft",
+query(aDocument) {
+  let popup = aDocument.defaultView.gIdentityHandler._identityPopup;
+  if (popup.state !=

[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 26962 - implement new features onboarding (part 2).

2018-08-26 Thread gk

commit d5f82c2a5747108cc60607b3b7608e9c34640848
Author: Kathy Brade 
Date:   Fri Aug 24 14:52:52 2018 -0400

Bug 26962 - implement new features onboarding (part 2).

Add a "New Circuit Display" promotional banner to the about:tbupdate page.
---
 .../base/content/abouttbupdate/aboutTBUpdate.css   | 25 ++
 .../base/content/abouttbupdate/aboutTBUpdate.js|  9 +++-
 .../base/content/abouttbupdate/aboutTBUpdate.xhtml |  5 +
 browser/base/content/tab-content.js| 10 +
 .../locales/en-US/chrome/browser/aboutTBUpdate.dtd |  4 
 5 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css 
b/browser/base/content/abouttbupdate/aboutTBUpdate.css
index 2b73552729fc..7ec1950e1474 100644
--- a/browser/base/content/abouttbupdate/aboutTBUpdate.css
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css
@@ -53,6 +53,31 @@ a {
   margin-bottom: 20px;
 }
 
+#new-features {
+  margin-bottom: 15px;
+  padding: 10px;
+  text-align: center;
+  /* swap text and background colors in this section */
+  color: var(--abouttor-bg-toron-color);
+  background-color: var(--abouttor-text-color);
+}
+
+#new-features-description {
+  margin: 15px auto;
+  max-width: 500px;
+  font-size: 85%;
+}
+
+#new-features button {
+  padding: 8px 20px;
+  border: none;
+  border-radius: 3px;
+  font-size: 90%;
+  color: var(--abouttor-text-color);
+  background-color: var(--abouttor-bg-toron-color);
+  cursor: pointer;
+}
+
 #changelog-container {
   margin: 0px 20px 20px 20px;
 }
diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.js 
b/browser/base/content/abouttbupdate/aboutTBUpdate.js
index 8243647c5708..fa8bd3241a28 100644
--- a/browser/base/content/abouttbupdate/aboutTBUpdate.js
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.js
@@ -1,4 +1,4 @@
-// Copyright (c) 2015, The Tor Project, Inc.
+// Copyright (c) 2018, The Tor Project, Inc.
 // See LICENSE for licensing information.
 //
 // vim: set sw=2 sts=2 ts=8 et syntax=javascript:
@@ -8,3 +8,10 @@ function init()
   let event = new CustomEvent("AboutTBUpdateLoad", { bubbles: true });
   document.dispatchEvent(event);
 }
+
+function showNewFeaturesOnboarding()
+{
+  let event = new CustomEvent("AboutTBUpdateNewFeaturesOnboarding",
+  { bubbles: true });
+  document.dispatchEvent(event);
+}
diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml 
b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
index fe8ed69b537f..a046f2658a5a 100644
--- a/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
@@ -28,6 +28,11 @@
 
 
 
+
+  
+  
+  
+
 
 
 
diff --git a/browser/base/content/tab-content.js 
b/browser/base/content/tab-content.js
index e0cf6747aaa4..c0987dbc05c7 100644
--- a/browser/base/content/tab-content.js
+++ b/browser/base/content/tab-content.js
@@ -359,6 +359,8 @@ AboutReaderListener.init();
 let AboutTBUpdateListener = {
   init: function(chromeGlobal) {
 chromeGlobal.addEventListener('AboutTBUpdateLoad', this, false, true);
+chromeGlobal.addEventListener("AboutTBUpdateNewFeaturesOnboarding",
+  this, false, true);
   },
 
   get isAboutTBUpdate() {
@@ -373,6 +375,9 @@ let AboutTBUpdateListener = {
   case "AboutTBUpdateLoad":
 this.onPageLoad();
 break;
+  case "AboutTBUpdateNewFeaturesOnboarding":
+this.onNewFeaturesOnboarding();
+break;
   case "pagehide":
 this.onPageHide(aEvent);
 break;
@@ -406,6 +411,11 @@ let AboutTBUpdateListener = {
 removeEventListener("pagehide", this, true);
   },
 
+  onNewFeaturesOnboarding: function() {
+// Tell the onboarding extension to open the circuit display onboarding.
+sendAsyncMessage("Onboarding:OnContentMessage",
+ {action: "tor-open-circuit-display-page"});
+  },
 };
 AboutTBUpdateListener.init(this);
 #endif
diff --git a/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd 
b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd
index 37567bd7e38c..f7b3f2ed8fcd 100644
--- a/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd
+++ b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd
@@ -4,3 +4,7 @@
 
 
 
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 27213 - Update about:tbupdate to new (about:tor) layout

2018-08-26 Thread gk

commit 61d599ed4c5bb5ace0fc958faaf302dc968cc542
Author: Kathy Brade 
Date:   Fri Aug 24 14:51:11 2018 -0400

Bug 27213 - Update about:tbupdate to new (about:tor) layout

Adjust colors, fonts, and the page background to match the new
about:tor.
---
 .../base/content/abouttbupdate/aboutTBUpdate.css   | 27 --
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css 
b/browser/base/content/abouttbupdate/aboutTBUpdate.css
index c171c58624ec..2b73552729fc 100644
--- a/browser/base/content/abouttbupdate/aboutTBUpdate.css
+++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css
@@ -1,7 +1,20 @@
+/*
+ * Copyright (c) 2018, The Tor Project, Inc.
+ * See LICENSE for licensing information.
+ *
+ * vim: set sw=2 sts=2 ts=8 et syntax=css:
+ */
+
+:root {
+  --abouttor-text-color: white;
+  --abouttor-bg-toron-color: #420C5D;
+}
+
 body {
-  font-family: sans-serif;
+  font-family: Helvetica, Arial, sans-serif;
   font-size: 110%;
-  background-image: -moz-linear-gradient(top, #ff, #ff 10%, #d5ffd5 
50%, #d5ffd5);
+  color: var(--abouttor-text-color);
+  background-color: var(--abouttor-bg-toron-color);
   background-attachment: fixed;
   background-size: 100% 100%;
 }
@@ -13,11 +26,13 @@ body {
   right: 6px;
   height: 30px;
   width: 200px;
+  font-size: 15px;
   white-space: pre-wrap;
   text-align: right;
-  color: #4d4d4d;
-  font-family: "Liberation Sans", Arial, Helvetica, sans-serif;
-  font-size: 14px;
+}
+
+a {
+  color: var(--abouttor-text-color);
 }
 
 #logo {
@@ -35,7 +50,6 @@ body {
 
 #msg-updated {
   font-size: 120%;
-  font-weight: bold;
   margin-bottom: 20px;
 }
 
@@ -44,7 +58,6 @@ body {
 }
 
 #changelog-heading {
-  font-weight: bold;
   margin-bottom: 4px;
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torbutton/master] Bug 26962: Circuit display onboarding (part 2).

2018-08-26 Thread gk

commit c93f06417e0bdbd6d709ec5109938347d1d38123
Author: Kathy Brade 
Date:   Thu Aug 23 16:44:06 2018 -0400

Bug 26962: Circuit display onboarding (part 2).

Add strings for a "New Circuit Display" promotional banner which is
shown on the about:tbupdate page.
---
 src/chrome/locale/en/aboutTBUpdate.dtd | 4 
 1 file changed, 4 insertions(+)

diff --git a/src/chrome/locale/en/aboutTBUpdate.dtd 
b/src/chrome/locale/en/aboutTBUpdate.dtd
index 37567bd7..f7b3f2ed 100644
--- a/src/chrome/locale/en/aboutTBUpdate.dtd
+++ b/src/chrome/locale/en/aboutTBUpdate.dtd
@@ -4,3 +4,7 @@
 
 
 
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tba-android_stringsdtd] Update translations for tba-android_stringsdtd

2018-08-26 Thread translation

commit 52cb6a59961bb1f73a1d1fd580b2b37b33c7d161
Author: Translation commit bot 
Date:   Sun Aug 26 12:16:55 2018 +

Update translations for tba-android_stringsdtd
---
 ast/android_strings.dtd | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ast/android_strings.dtd b/ast/android_strings.dtd
index 5ae33eb82..b1359ff8c 100644
--- a/ast/android_strings.dtd
+++ b/ast/android_strings.dtd
@@ -515,7 +515,7 @@
 
 
 
-
+
 
 
 
@@ -560,7 +560,7 @@
 
 
 
-
+
 
 
 
@@ -721,7 +721,7 @@ just addresses the organization to follow, e.g. "This site 
is run by " -->
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-openpgp-applet] Update translations for tails-openpgp-applet

2018-08-26 Thread translation

commit 42fca819024babc5f59c6c7d82a92b1474aadcf9
Author: Translation commit bot 
Date:   Sun Aug 26 12:16:29 2018 +

Update translations for tails-openpgp-applet
---
 ar/openpgp-applet.pot | 29 +++--
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/ar/openpgp-applet.pot b/ar/openpgp-applet.pot
index 848800151..ada40a975 100644
--- a/ar/openpgp-applet.pot
+++ b/ar/openpgp-applet.pot
@@ -4,6 +4,7 @@
 # 
 # Translators:
 # ButterflyOfFire, 2018
+# Emma Peel, 2018
 # ouss , 2016
 # Singapore Goldindor, 2016
 msgid ""
@@ -11,8 +12,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: ta...@boum.org\n"
 "POT-Creation-Date: 2017-08-05 15:07-0400\n"
-"PO-Revision-Date: 2018-07-03 13:30+\n"
-"Last-Translator: Khaled Hosny \n"
+"PO-Revision-Date: 2018-08-26 12:14+\n"
+"Last-Translator: Emma Peel\n"
 "Language-Team: Arabic 
(http://www.transifex.com/otf/torproject/language/ar/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -95,12 +96,12 @@ msgstr "Ø¨ØµÙØ§Øª"
 #: bin/openpgp-applet:436
 msgid "User ID:"
 msgid_plural "User IDs:"
-msgstr[0] ""
-msgstr[1] ""
-msgstr[2] ""
-msgstr[3] ""
-msgstr[4] ""
-msgstr[5] ""
+msgstr[0] "ÙÙØ¹Ø±ÙÙÙ Ø§ÙÙØ³ØªØ®Ø¯Ù :"
+msgstr[1] "ÙÙØ¹Ø±ÙÙÙ Ø§ÙÙØ³ØªØ®Ø¯Ù :"
+msgstr[2] "ÙÙÙØ§Øª Ø§ÙÙØ³ØªØ®Ø¯ÙÙÙ:"
+msgstr[3] "ÙÙÙØ§Øª Ø§ÙÙØ³ØªØ®Ø¯ÙÙÙ:"
+msgstr[4] "ÙÙÙØ§Øª Ø§ÙÙØ³ØªØ®Ø¯ÙÙÙ:"
+msgstr[5] "ÙÙÙØ§Øª Ø§ÙÙØ³ØªØ®Ø¯ÙÙÙ:"
 
 #: bin/openpgp-applet:465
 msgid "None (Don't sign)"
@@ -135,12 +136,12 @@ msgstr "ÙÙ ØªØ«Ù Ø¨ÙØ°Ù Ø§ÙÙÙØ§ØªÙØØ"
 #: bin/openpgp-applet:592
 msgid "The following selected key is not fully trusted:"
 msgid_plural "The following selected keys are not fully trusted:"
-msgstr[0] ""
-msgstr[1] ""
-msgstr[2] ""
-msgstr[3] ""
-msgstr[4] ""
-msgstr[5] ""
+msgstr[0] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
+msgstr[1] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
+msgstr[2] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
+msgstr[3] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
+msgstr[4] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
+msgstr[5] "Ø§ÙÙÙØ§ØªÙØ Ø§ÙØªØ§ÙÙØ© ØºÙØ± ÙÙØ«ÙÙØ© Ø¨Ø§ÙÙØ§ÙÙ:"
 
 #: bin/openpgp-applet:610
 msgid "Do you trust this key enough to use it anyway?"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-misc] Update translations for tails-misc

2018-08-26 Thread translation

commit 5507d99d0b00c19d0adef6311bc1fff0ffaa8854
Author: Translation commit bot 
Date:   Sun Aug 26 12:15:56 2018 +

Update translations for tails-misc
---
 ar.po  | 4 ++--
 ast.po | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ar.po b/ar.po
index 1b8c3d4c3..c270ed762 100644
--- a/ar.po
+++ b/ar.po
@@ -29,7 +29,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-08-16 07:57+0200\n"
-"PO-Revision-Date: 2018-08-26 09:57+\n"
+"PO-Revision-Date: 2018-08-26 12:12+\n"
 "Last-Translator: Emma Peel\n"
 "Language-Team: Arabic 
(http://www.transifex.com/otf/torproject/language/ar/)\n"
 "MIME-Version: 1.0\n"
@@ -175,7 +175,7 @@ msgstr ""
 msgid ""
 "Please check your list of additional software or read the system log to "
 "understand the problem."
-msgstr ""
+msgstr "ÙØ´Ù Ø§ÙØªÙØµÙØ¨. Ø±Ø¬Ø§Ø¡ Ø±Ø§Ø¬Ø¹ Ø¶Ø¨Ø· Ø§ÙØ¨Ø±ÙØ¬ÙØ§Øª 
Ø§ÙØ¥Ø¶Ø§ÙÙØ©Ø Ø£Ù Ø·Ø§ÙØ¹ Ø³Ø¬Ù Ø§ÙÙØ¸Ø§Ù ÙÙØ¹Ø±ÙØ© Ø§ÙÙ
Ø´ÙÙØ© Ø£ÙØ¶Ù."
 
 #: config/chroot_local-includes/usr/local/sbin/tails-additional-software:151
 msgid "Show Log"
diff --git a/ast.po b/ast.po
index e70780f4e..2d95b9a13 100644
--- a/ast.po
+++ b/ast.po
@@ -8,8 +8,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-08-16 07:57+0200\n"
-"PO-Revision-Date: 2018-08-16 14:42+\n"
-"Last-Translator: carolyn \n"
+"PO-Revision-Date: 2018-08-26 12:02+\n"
+"Last-Translator: Xuacu Saturio \n"
 "Language-Team: Asturian 
(http://www.transifex.com/otf/torproject/language/ast/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -364,7 +364,7 @@ msgstr ""
 
 #: config/chroot_local-includes/usr/local/bin/tails-screen-locker:135
 msgid "Password"
-msgstr ""
+msgstr "ContraseÃ±a"
 
 #: config/chroot_local-includes/usr/local/bin/tails-screen-locker:141
 msgid "Confirm"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage

2018-08-26 Thread translation

commit e7e28a55e5d97ae25cbe9d4a4f245fdb984506cb
Author: Translation commit bot 
Date:   Sun Aug 26 10:45:03 2018 +

Update translations for abouttor-homepage
---
 ko/aboutTor.dtd | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ko/aboutTor.dtd b/ko/aboutTor.dtd
index 83ea0c93d..a3ae1827b 100644
--- a/ko/aboutTor.dtd
+++ b/ko/aboutTor.dtd
@@ -6,20 +6,20 @@
 
 
 
-
-
+
+
 
 
 
-
+
 https://duckduckgo.com;>
 
 
-
+
 
 
-
+
 
 
-
+
 https://www.torproject.org/getinvolved/volunteer.html.en;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit c278debc981e9295cc85d8b7eaa6384eaa81137e
Author: Translation commit bot 
Date:   Sun Aug 26 10:19:04 2018 +

Update translations for support-portal
---
 contents+es.po | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/contents+es.po b/contents+es.po
index 5f7890721..23cbb7fd2 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -2017,6 +2017,9 @@ msgid ""
 "href=\"https://www.torproject.org/projects/torbrowser.html.en\;>Tor "
 "Browser in the following languages:"
 msgstr ""
+"Actualmente ofrecemos el https://www.torproject.org/projects/torbrowser.html.en\;>navegador "
+"Tor en los siguientes idiomas:"
 
 #: http//localhost/tbb/tbb-39/
 #: (content/tbb/tbb-39/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-08-26 Thread translation

commit 0168242eb1e0b130df277819d83a5021aca0b6af
Author: Translation commit bot 
Date:   Sun Aug 26 10:19:10 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/contents+es.po b/contents+es.po
index 5f7890721..23cbb7fd2 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -2017,6 +2017,9 @@ msgid ""
 "href=\"https://www.torproject.org/projects/torbrowser.html.en\;>Tor "
 "Browser in the following languages:"
 msgstr ""
+"Actualmente ofrecemos el https://www.torproject.org/projects/torbrowser.html.en\;>navegador "
+"Tor en los siguientes idiomas:"
 
 #: http//localhost/tbb/tbb-39/
 #: (content/tbb/tbb-39/contents+en.lrquestion.seo_slug)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/whisperback] Update translations for whisperback

2018-08-26 Thread translation

commit 3eed1a24857f7634404ec7f5dbc3eae8190e1a86
Author: Translation commit bot 
Date:   Sun Aug 26 10:18:55 2018 +

Update translations for whisperback
---
 ar/ar.po | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/ar/ar.po b/ar/ar.po
index 4f842eb83..761d06f3e 100644
--- a/ar/ar.po
+++ b/ar/ar.po
@@ -4,6 +4,7 @@
 # 
 # Translators:
 # ButterflyOfFire, 2018
+# Emma Peel, 2018
 # mohammad ali , 2017
 # Mohammed ALDOUB , 2012
 # Mohammed ALDOUB , 2012
@@ -13,8 +14,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-06-11 17:17+0200\n"
-"PO-Revision-Date: 2018-08-07 08:48+\n"
-"Last-Translator: carolyn \n"
+"PO-Revision-Date: 2018-08-26 09:55+\n"
+"Last-Translator: Emma Peel\n"
 "Language-Team: Arabic 
(http://www.transifex.com/otf/torproject/language/ar/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -192,7 +193,7 @@ msgstr "ÙØµÙ Ø§ÙØ®Ø·Ø£"
 
 #: ../data/whisperback.ui.h:24
 msgid "Help:"
-msgstr ""
+msgstr "ÙØ³Ø§Ø¹Ø¯Ø©:"
 
 #: ../data/whisperback.ui.h:25
 msgid "Read our bug reporting guidelines."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-persistence-setup] Update translations for tails-persistence-setup

2018-08-26 Thread translation

commit a9117476b858b06881171e931764c510a8cf69da
Author: Translation commit bot 
Date:   Sun Aug 26 10:16:43 2018 +

Update translations for tails-persistence-setup
---
 ar/ar.po | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/ar/ar.po b/ar/ar.po
index e6f041849..fb467140f 100644
--- a/ar/ar.po
+++ b/ar/ar.po
@@ -6,6 +6,7 @@
 # kraim , 2013
 # Ash , 2014
 # ButterflyOfFire, 2018
+# Emma Peel, 2018
 # Fortas Abdeldjalil , 2015
 # 0xidz , 2014
 # alshara3 , 2013
@@ -20,8 +21,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: Tails developers \n"
 "POT-Creation-Date: 2018-08-16 11:14+0200\n"
-"PO-Revision-Date: 2018-08-16 14:16+\n"
-"Last-Translator: Rahma Sghaier \n"
+"PO-Revision-Date: 2018-08-26 09:53+\n"
+"Last-Translator: Emma Peel\n"
 "Language-Team: Arabic 
(http://www.transifex.com/otf/torproject/language/ar/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -120,7 +121,7 @@ msgstr "Ø§Ø¨ÙÙ Ø¹ÙÙ Ø§ÙÙÙÙØ§Øª ÙÙ Ø§ÙØ¯ÙÙÙ 
Ø§ÙØ¯Ø§Ø¦Ù"
 
 #: ../lib/Tails/Persistence/Configuration/Presets.pm:71
 msgid "Browser Bookmarks"
-msgstr ""
+msgstr "Ø§ÙÙÙØ§ÙØ¹ Ø§ÙÙØ®Ø²ÙØ© Ø¨Ø§ÙÙØªØµÙØ"
 
 #: ../lib/Tails/Persistence/Configuration/Presets.pm:73
 msgid "Bookmarks saved in the Tor Browser"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-misc] Update translations for tails-misc

2018-08-26 Thread translation

commit e8fa8bc1178c1790e471946b38977553a7238e84
Author: Translation commit bot 
Date:   Sun Aug 26 10:15:56 2018 +

Update translations for tails-misc
---
 ar.po | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/ar.po b/ar.po
index bf905d247..1b8c3d4c3 100644
--- a/ar.po
+++ b/ar.po
@@ -11,6 +11,7 @@
 # Ash , 2014
 # ASSYASS Mahmoud , 2017
 # ButterflyOfFire, 2018
+# Emma Peel, 2018
 # 0xidz , 2014
 # lamine Kacimi , 2015
 # Khaled Hosny, 2018
@@ -28,8 +29,8 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2018-08-16 07:57+0200\n"
-"PO-Revision-Date: 2018-08-16 14:42+\n"
-"Last-Translator: carolyn \n"
+"PO-Revision-Date: 2018-08-26 09:57+\n"
+"Last-Translator: Emma Peel\n"
 "Language-Team: Arabic 
(http://www.transifex.com/otf/torproject/language/ar/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -271,7 +272,7 @@ msgstr ""
 
 #: config/chroot_local-includes/usr/local/sbin/tails-additional-software:519
 msgid "This can take several minutes."
-msgstr ""
+msgstr "ÙÙÙÙ Ø£Ù ÙØ³ØªØºØ±Ù ÙØ°Ø§ Ø¨Ø¹Ø¶ Ø§ÙÙÙØª..."
 
 #: config/chroot_local-includes/usr/local/sbin/tails-additional-software:530
 msgid "The installation of your additional software failed"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage

2018-08-26 Thread translation

commit 5958dd8b897ef157b2d6c05d9b67b969e60fed95
Author: Translation commit bot 
Date:   Sun Aug 26 10:15:03 2018 +

Update translations for abouttor-homepage
---
 ar/aboutTor.dtd | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ar/aboutTor.dtd b/ar/aboutTor.dtd
index 6a71cdd96..bd0d2b38b 100644
--- a/ar/aboutTor.dtd
+++ b/ar/aboutTor.dtd
@@ -6,7 +6,7 @@
 
 
 
-
+
 
 
 
@@ -18,8 +18,8 @@
 
 
 
-
+
 
 
-
+
 https://www.torproject.org/getinvolved/volunteer.html.en;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit c6629e4b00ce0529374ed4c04905e1e725326ef9
Author: Translation commit bot 
Date:   Sun Aug 26 07:48:54 2018 +

Update translations for support-portal
---
 contents+es.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 97dd5649d..5f7890721 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -338,7 +338,7 @@ msgstr ""
 #: http//localhost/censorship/censorship-4/
 #: (content/censorship/censorship-4/contents+en.lrquestion.seo_slug)
 msgid "cant-connect-to-tor-browser"
-msgstr "no-se-puede-conectar-el-navegador-tor-en-una-red-censurada"
+msgstr "no-se-puede-conectar-el-navegador-tor"
 
 #: http//localhost/https/https-1/
 #: (content/https/https-1/contents+en.lrquestion.description)
@@ -748,8 +748,8 @@ msgid ""
 "rights activists, journalists, abuse survivors, and other people who use Tor"
 " for good things."
 msgstr ""
-"Odiamos que haya personas que usen Tor para hacer cosas terribles, pero no "
-"podemos hacer nada para librarnos de ellos sin perjudicar tambiÃ©n a los "
+"No nos gusta que haya personas que usen Tor para hacer cosas terribles, pero"
+" no podemos hacer nada para librarnos de ellos sin perjudicar tambiÃ©n a los "
 "activistas pro derechos humanos, periodistas, supervivientes de abusos, y "
 "otras personas que usan Tor para cosas buenas."
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-08-26 Thread translation

commit 05a30f91d9a27e6a07a24dbe96624385d418a867
Author: Translation commit bot 
Date:   Sun Aug 26 07:48:59 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index 97dd5649d..5f7890721 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -338,7 +338,7 @@ msgstr ""
 #: http//localhost/censorship/censorship-4/
 #: (content/censorship/censorship-4/contents+en.lrquestion.seo_slug)
 msgid "cant-connect-to-tor-browser"
-msgstr "no-se-puede-conectar-el-navegador-tor-en-una-red-censurada"
+msgstr "no-se-puede-conectar-el-navegador-tor"
 
 #: http//localhost/https/https-1/
 #: (content/https/https-1/contents+en.lrquestion.description)
@@ -748,8 +748,8 @@ msgid ""
 "rights activists, journalists, abuse survivors, and other people who use Tor"
 " for good things."
 msgstr ""
-"Odiamos que haya personas que usen Tor para hacer cosas terribles, pero no "
-"podemos hacer nada para librarnos de ellos sin perjudicar tambiÃ©n a los "
+"No nos gusta que haya personas que usen Tor para hacer cosas terribles, pero"
+" no podemos hacer nada para librarnos de ellos sin perjudicar tambiÃ©n a los "
 "activistas pro derechos humanos, periodistas, supervivientes de abusos, y "
 "otras personas que usan Tor para cosas buenas."
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

2018-08-26 Thread translation

commit 76d51441668e6f7f22d14a9aca6df1c9b2ac0100
Author: Translation commit bot 
Date:   Sun Aug 26 07:18:58 2018 +

Update translations for support-portal
---
 contents+es.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+es.po b/contents+es.po
index 12699a31e..97dd5649d 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -4566,7 +4566,7 @@ msgstr "Suscribirse a nuestra lista de correo"
 
 #: templates/footer.html:25
 msgid "Get monthly updates and opportunities from the Tor Project"
-msgstr "Obtener actualizaciones mensuales y oportunidades del Proyecto Tor"
+msgstr "Recibir noticias mensuales y oportunidades del Proyecto Tor"
 
 #: templates/footer.html:32
 msgid ""

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-08-26 Thread translation

commit 72be9a69959ce43209012404e244f13c3e80170e
Author: Translation commit bot 
Date:   Sun Aug 26 07:19:03 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+es.po b/contents+es.po
index 12699a31e..97dd5649d 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -4566,7 +4566,7 @@ msgstr "Suscribirse a nuestra lista de correo"
 
 #: templates/footer.html:25
 msgid "Get monthly updates and opportunities from the Tor Project"
-msgstr "Obtener actualizaciones mensuales y oportunidades del Proyecto Tor"
+msgstr "Recibir noticias mensuales y oportunidades del Proyecto Tor"
 
 #: templates/footer.html:32
 msgid ""

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

2018-08-26 Thread translation

commit 858f0bd16dffd4f571a5b303db6821205a06
Author: Translation commit bot 
Date:   Sun Aug 26 06:49:33 2018 +

Update translations for support-portal_completed
---
 contents+es.po | 119 +++-
 contents+tr.po | 119 +++-
 contents.pot   | 120 -
 3 files changed, 173 insertions(+), 185 deletions(-)

diff --git a/contents+es.po b/contents+es.po
index c1c100528..12699a31e 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-08-25 17:55+CET\n"
+"POT-Creation-Date: 2018-08-26 08:16+CET\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: Eduardo Carmona , 2018\n"
 "Language-Team: Spanish (https://www.transifex.com/otf/teams/1519/es/)\n"
@@ -294,11 +294,6 @@ msgstr ""
 msgid "setting-tor-browser-as-default"
 msgstr "configurando-tor-por-defecto"
 
-#: http//localhost/tbb/tbb-37/
-#: (content/tbb/tbb-37/contents+en.lrquestion.description)
-msgid "We currently offer Tor Browser in the following languages:"
-msgstr "Actualmente presentamos el navegador Tor en los siguientes idiomas:"
-
 #: http//localhost/tbb/tbb-15/
 #: (content/tbb/tbb-15/contents+en.lrquestion.description)
 msgid ""
@@ -1040,11 +1035,6 @@ msgstr "No recomendamos usar Tor con bittorrent."
 msgid "* tor.real"
 msgstr "* tor.real"
 
-#: http//localhost/operators/operators-6/
-#: (content/operators/operators-6/contents+en.lrquestion.description)
-msgid "bandwidth caps)"
-msgstr "lÃmites al ancho de banda)"
-
 #: http//localhost/connecting/connecting-2/
 #: (content/connecting/connecting-2/contents+en.lrquestion.description)
 msgid "# Common log error #4: Clock skew"
@@ -1334,14 +1324,10 @@ msgstr ""
 msgid "I'm having a problem with NoScript."
 msgstr "Tengo un problema con NoScript."
 
-#: http//localhost/tbb/tbb-39/
-#: (content/tbb/tbb-39/contents+en.lrquestion.description)
-msgid ""
-"Sometimes Javascript-heavy websites can have functional issues over Tor "
-"Browser."
-msgstr ""
-"A veces, los sitios con mucho Javascript pueden tener problemas de "
-"funcionamiento en el navegador Tor."
+#: http//localhost/tbb/tbb-34/
+#: (content/tbb/tbb-34/contents+en.lrquestion.title)
+msgid "Why does Tor Browser ship with Javascript enabled?"
+msgstr "Â¿Por quÃ© el Tor Browser viene con JavaScript habilitado?"
 
 #: http//localhost/misc/misc-3/
 #: (content/misc/misc-3/contents+en.lrquestion.seo_slug)
@@ -2024,10 +2010,13 @@ msgstr ""
 msgid "* For Windows"
 msgstr "* Para Windows"
 
-#: http//localhost/tbb/tbb-26/
-#: (content/tbb/tbb-26/contents+en.lrquestion.title)
-msgid "I'm having a problem with HTTPS Everywhere."
-msgstr "Tengo un problema con HTTPS Everywhere."
+#: http//localhost/tbb/tbb-37/
+#: (content/tbb/tbb-37/contents+en.lrquestion.description)
+msgid ""
+"We currently offer https://www.torproject.org/projects/torbrowser.html.en\;>Tor "
+"Browser in the following languages:"
+msgstr ""
 
 #: http//localhost/tbb/tbb-39/
 #: (content/tbb/tbb-39/contents+en.lrquestion.seo_slug)
@@ -3140,16 +3129,19 @@ msgstr ""
 msgid "how-to-download-tor-if-torproject-org-is-blocked"
 msgstr "como-bajarse-el-navegador-tor-si-elproyecto-tor-estÃ¡-bloqueado"
 
-#: http//localhost/misc/misc-7/
-#: (content/misc/misc-7/contents+en.lrquestion.description)
+#: http//localhost/tbb/tbb-1/
+#: (content/tbb/tbb-1/contents+en.lrquestion.description)
 msgid ""
-"A list of all of our software projects can be found on our https://www.torproject.org/projects/projects.html.en\;>projects "
-"page."
+"If you started having issues with your Tor Browser after an update, check "
+"out https://blog.torproject.org\;>blog.torproject.org for the "
+"most recent stable Tor Browser post to see if your issue is listed."
 msgstr ""
-"Puedes leer una lista de todos nuestros proyectos de software en la https://www.torproject.org/projects/projects.html.en\;>âpÃ¡gina de "
-"nuestro proyecto."
+"Si comenzaste a tener problemas con tu Tor Browser tras actualizar, revisa "
+"âhttps://blog.torproject.org\;>blog.torproject.org en busca"
+" del artÃculo del Tor Browser estable mÃ¡s reciente para ver si aparece tu "
+"problema."
 
 #: http//localhost/misc/ (content/misc/contents+en.lrtopic.title)
 msgid "Misc"
@@ -3332,6 +3324,11 @@ msgstr ""
 "href=\"https://www.torproject.org/projects/torbrowser/design/\;>Para saber "
 "mÃ¡s sobre el diseÃ±o del Tor Browser."
 
+#: http//localhost/tbb/tbb-26/
+#: (content/tbb/tbb-26/contents+en.lrquestion.title)
+msgid "I'm having a problem with HTTPS Everywhere."
+msgstr "Tengo un problema con HTTPS Everywhere."
+
 #: http//localhost/tormessenger/
 #: (content/tormessenger/contents+en.lrtopic.title)
 msgid "Tor Messenger"
@@ -3704,10 +3701,14 @@ msgstr ""
 "ser capaces de ver que estÃ¡s usando Tor, pero no sabrÃ¡n a dÃ³nde vas cuando 
"
 "lo

70 matches

Mail list logo