[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit 8fae582c90e3045b2f296e0872b89488b94d5fb4 Author: Translation commit bot Date: Fri Aug 28 04:47:48 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index 0eafda1839..d4d07a59e6 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8858,6 +8858,10 @@ msgid "" " resolving that hostname. Often people have old entries in their /etc/hosts " "file that point to old IP addresses." msgstr "" +"Tor adivina su dirección IP preguntándole a la computadora por su nombre de " +"equipo, y después resolviendo ese nombre de equipo. A menudo, la gente tiene" +" viejas entradas en su archivo /etc/hosts que apuntan a viejas direcciones " +"IP." #: https//support.torproject.org/operators/wrong-ip/ #: (content/operators/wrong-ip/contents+en.lrquestion.description) @@ -8867,6 +8871,10 @@ msgid "" "only has an internal IP address, see the following Support entry on dynamic " "IP addresses." msgstr "" +"Si eso no lo arregla, debieras usar la opción de configuración \"Address\" " +"para especificar el IP que querés que elija. Si tu computadora está detrás " +"de un NAT y solamente tiene una dirección IP interna, mirá la siguiente " +"entrada de Soporte sobre direcciones IP dinámicas." #: https//support.torproject.org/operators/wrong-ip/ #: (content/operators/wrong-ip/contents+en.lrquestion.description) @@ -8875,11 +8883,14 @@ msgid "" "\"OutboundBindAddress\" so external connections come from the IP you intend " "to present to the world." msgstr "" +"También, si tenés muchas direcciones, podrÃas querer establecer " +"\"OutboundBindAddress\", para que las conexiones externas vengan desde el IP" +" que intentás presentar al mundo." #: https//support.torproject.org/metrics/2011-archive/ #: (content/metrics/2011-archive/contents+en.lrquestion.title) msgid "Why are no numbers available before September 2011?" -msgstr "" +msgstr "¿Por qué no hay números disponibles antes de septiembre de 2011?" #: https//support.torproject.org/metrics/2011-archive/ #: (content/metrics/2011-archive/contents+en.lrquestion.description) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit 69110a3e8385baf25f9d0d3744042061b8be5f2d Author: Translation commit bot Date: Fri Aug 28 04:17:44 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 41 + 1 file changed, 37 insertions(+), 4 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index 4cdba76e17..0eafda1839 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8732,6 +8732,9 @@ msgid "" "highest legal exposure and risk (and **you should NOT run them from your " "home**)." msgstr "" +"* El repetidor de salida es el tipo más necesitado, pero también viene con " +"la exposición legal y el riesgo más altos (y **NO debieras correrlos desde " +"tu hogar**)." #: https//support.torproject.org/operators/what-type-of-relays-are-most-needed/ #: (content/operators/what-type-of-relays-are-most-needed/contents+en.lrquestion.description) @@ -8739,16 +8742,20 @@ msgid "" "* If you are looking to run a relay with minimal effort, fast guard relays " "are also very useful" msgstr "" +"* Si estás buscando correr un repetidor con mÃnimo esfuerzo, los repetidores" +" guardianes rápidos también son muy útiles" #: https//support.torproject.org/operators/what-type-of-relays-are-most-needed/ #: (content/operators/what-type-of-relays-are-most-needed/contents+en.lrquestion.description) msgid "* Followed by bridges." -msgstr "" +msgstr "* Seguidos por los puentes." #: https//support.torproject.org/operators/why-i-get-portscanned-more-often/ #: (content/operators/why-i-get-portscanned-more-often/contents+en.lrquestion.title) msgid "Why do I get portscanned more often when I run a Tor relay?" msgstr "" +"¿Por qué mis puertos son escaneados más a menudo cuando corro un repetidor " +"Tor?" #: https//support.torproject.org/operators/why-i-get-portscanned-more-often/ #: (content/operators/why-i-get-portscanned-more-often/contents+en.lrquestion.description) @@ -8761,6 +8768,15 @@ msgid "" "from you might attract the attention of other users on the IRC server, " "website, etc. who want to know more about the host they're relaying through." msgstr "" +"Si permitÃs conexiones de salida, algunos servicios a los que la gente se " +"conecta desde tu repetidor se conectarán a su vez para recolectar más " +"información acerca tuyo. Por ejemplo, algunos servidores IRC lo hacen a tu " +"puerto identd para registrar qué usuario hizo la conexión. (Esto realmente " +"no funciona para ellos, porque Tor no conoce esta información, pero lo " +"intentan de cualquier manera). También, los usuarios saliendo de tu " +"repetidor podrÃan atraer la atención de otros usuarios en el servidor IRC, " +"sitio web, etc., que quieren saber más acerca del equipo a través del cual " +"están retransmitiendo." #: https//support.torproject.org/operators/why-i-get-portscanned-more-often/ #: (content/operators/why-i-get-portscanned-more-often/contents+en.lrquestion.description) @@ -8769,6 +8785,9 @@ msgid "" " learned that sometimes Tor relays expose their socks port to the world. We " "recommend that you bind your socksport to local networks only." msgstr "" +"Otra razón es que los grupos que escanean Internet por proxies abiertos han " +"aprendido que a veces los repetidores Tor exponen sus puertos socks al " +"mundo. Recomendamos que enlaces tu socksport solamente a redes locales." #: https//support.torproject.org/operators/why-i-get-portscanned-more-often/ #: (content/operators/why-i-get-portscanned-more-often/contents+en.lrquestion.description) @@ -8778,16 +8797,20 @@ msgid "" "relays](https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/Security)" " for more suggestions." msgstr "" +"En cualquier caso, necesitás mantenerte al dÃa con tu securidad. Mirá este " +"artÃculo sobre [securidad para repetidores " +"Tor](https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/Security) " +"por más sugerencias." #: https//support.torproject.org/operators/why-isnt-my-relay-being-used-more/ #: (content/operators/why-isnt-my-relay-being-used-more/contents+en.lrquestion.title) msgid "Why isn't my relay being used more?" -msgstr "" +msgstr "¿Por qué no está siendo más usado mi repetidor?" #: https//support.torproject.org/operators/why-isnt-my-relay-being-used-more/ #: (content/operators/why-isnt-my-relay-being-used-more/contents+en.lrquestion.description) msgid "If your relay is relatively new then give it time." -msgstr "" +msgstr "Si tu repetidor es relativemente nuevo, entonces dale tiempo." #: https//support.torproject.org/operators/why-isnt-my-relay-being-used-more/ #: (content/operators/why-isnt-my-relay-being-used-more/contents+en.lrquestion.description) @@ -8797,6 +8820,10 @@ msgid "" "capacity and, over time, directs more traffic there until it reaches an " "optimal load." msgstr "" +"Tor decide heurÃsticamente qué repetidores usa, basándose en reportes de "
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit f931b870093a3b06f9aa207ccef93b4669495691 Author: Translation commit bot Date: Fri Aug 28 03:47:48 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 35 +-- 1 file changed, 33 insertions(+), 2 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index 6f60914d9e..4cdba76e17 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8613,6 +8613,10 @@ msgid "" "\"keys/ed25519_master_id_secret_key\" and \"keys/secret_id_key\" in your " "DataDirectory)." msgstr "" +"Al actualizar tu repetidor Tor, o moverlo a una computadora diferente, la " +"parte importante es mantener las mismas claves de identidad (almacenadas en " +"\"keys/ed25519_master_id_secret_key\" y \"keys/secret_id_key\" en tu " +"DataDirectory)." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8621,6 +8625,9 @@ msgid "" "future is the recommended way to ensure the reputation of the relay won't be" " wasted." msgstr "" +"Mantener copias de seguridad de la claves de identidad de manera que puedas " +"restaurar un repetidor en el futuro es la forma recomendada de asegurar que " +"la reputación del repetidor no será desperdiciada." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8629,6 +8636,9 @@ msgid "" "torrc and the same DataDirectory, then the upgrade should just work and your" " relay will keep using the same key." msgstr "" +"Esto significa que si estás actualizando tu repetidor Tor y mantenés los " +"mismos torrc y DataDirectory, entonces la actualización simplemente deberÃa " +"funcionar, y tu repetidor seguirá usando la misma clave." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8636,6 +8646,8 @@ msgid "" "If you need to pick a new DataDirectory, be sure to copy your old " "keys/ed25519_master_id_secret_key and keys/secret_id_key over." msgstr "" +"Si necesitás elegir un nuevo DataDirectory, asegurate de copiar tus viejos " +"keys/ed25519_master_id_secret_key y keys/secret_id_key en esa ubicación." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8643,6 +8655,8 @@ msgid "" "Note: As of Tor 0.2.7 we are using new generation identities for relays " "based on ed25519 elliptic curve cryptography." msgstr "" +"Nota: Desde Tor 0.2.7 estamos usando identidades de nueva generación para " +"los repetidores, basadas en la criptografÃa de curva elÃptica ed25519." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8650,6 +8664,8 @@ msgid "" "Eventually they will replace the old RSA identities, but that will happen in" " time, to ensure compatibility with older versions." msgstr "" +"Eventualmente, reemplazarán a las viejas identidades RSA, pero eso ocurrirá " +"con el tiempo, para asegurar la compatibilidad con versiones más viejas." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8658,6 +8674,9 @@ msgid "" "file: keys/ed25519_master_id_secret_key) and a RSA identity (identity key " "file: keys/secret_id_key)." msgstr "" +"Hasta entonces, cada repetidor tendrá tanto una identidad ed25519 (archivo " +"de clave de identidad: keys/ed25519_master_id_secret_key) como una identidad" +" RSA (archivo de clave de identidad: keys/secret_id_key)." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description) @@ -8665,11 +8684,14 @@ msgid "" "You need to copy / backup both of them in order to restore your relay, " "change your DataDirectory or migrate the relay on a new computer." msgstr "" +"Necesitás hacer copia de seguridad de ambos, con el fin de restaurar tu " +"repetidor, cambiar tu DataDirectory o migrar el repetidor a una nueva " +"computadora." #: https//support.torproject.org/operators/what-is-the-bad-exit-flag/ #: (content/operators/what-is-the-bad-exit-flag/contents+en.lrquestion.title) msgid "What is the BadExit flag?" -msgstr "" +msgstr "¿Qué es la marca BadExit?" #: https//support.torproject.org/operators/what-is-the-bad-exit-flag/ #: (content/operators/what-is-the-bad-exit-flag/contents+en.lrquestion.description) @@ -8678,6 +8700,10 @@ msgid "" "This tells Tor to avoid exiting through that relay. In effect, relays with " "this flag become non-exits." msgstr "" +"Cuando un repetidor de salida está mal configurado o es malicioso, le es " +"asignado la marca BadExit. Esto le dice a Tor que evite salir a través de " +"ese repetidor. En efecto,
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit c5068f4658d0a9b4485e0156fa7a7520c6abcec2 Author: Translation commit bot Date: Fri Aug 28 03:17:49 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 26 +++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index bfe2c637e3..6f60914d9e 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8518,7 +8518,7 @@ msgstr "" #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.title) msgid "Why does my relay write more bytes onto the network than it reads?" -msgstr "" +msgstr "¿Por qué mi repetidor escribe más bytes hacia la red de los que lee?" #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.description) @@ -8526,6 +8526,8 @@ msgid "" "You're right, for the most part a byte into your Tor relay means a byte out," " and vice versa. But there are a few exceptions:" msgstr "" +"Tenés razón, la mayorÃa de las veces, un byte dentro de tu repetidor Tor " +"significa un byte afuera, y vice versa. Pero hay unas pocas excepciones:" #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.description) @@ -8533,6 +8535,8 @@ msgid "" "If you open your DirPort, then Tor clients will ask you for a copy of the " "directory." msgstr "" +"Si abrÃs tu DirPort, entonces los clientes Tor te solicitarán una copia del " +"directorio." #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.description) @@ -8540,6 +8544,8 @@ msgid "" "The request they make (an HTTP GET) is quite small, and the response is " "sometimes quite large." msgstr "" +"La solicitud que hacen (un HTTP GET) es bastante chica, y la respuesta a " +"veces es bastante grande." #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.description) @@ -8547,6 +8553,8 @@ msgid "" "This probably accounts for most of the difference between your \"write\" " "byte count and your \"read\" byte count." msgstr "" +"Probablemente, esto explica la mayor parte de la diferencia entre tus " +"conteos de bytes de \"escritura\" y \"lectura\"." #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.description) @@ -8556,11 +8564,15 @@ msgid "" "or ssh connection) and wrap it up into an entire 512 byte cell for transport" " through the Tor network." msgstr "" +"Otra excepción menor aparece cuando operás como nodo de salida, y leés unos " +"pocos bytes desde una conexión de salida (por ejemplo, una conexión de " +"mensajerÃa instantánea o por ssh) y la envolvés dentro de una celda entera " +"de 512 bytes, para transportarla a través de la red Tor." #: https//support.torproject.org/operators/should-i-run-a-relay/ #: (content/operators/should-i-run-a-relay/contents+en.lrquestion.title) msgid "How do I decide if I should run a relay?" -msgstr "" +msgstr "¿Cómo decido si debiera correr un repetidor?" #: https//support.torproject.org/operators/should-i-run-a-relay/ #: (content/operators/should-i-run-a-relay/contents+en.lrquestion.description) @@ -8570,6 +8582,10 @@ msgid "" " please consider [running a Tor " "relay](https://community.torproject.org/relay/)." msgstr "" +"Estamos buscando gente con conexiones razonablemente confiables a Internet, " +"que tengan al menos 10 Mbit/s (Mbps) disponibles de ancho de banda para cada" +" lado. Si ese sos vos, por favor considerá [correr un repetidor " +"Tor](https://community.torproject.org/relay/)." #: https//support.torproject.org/operators/should-i-run-a-relay/ #: (content/operators/should-i-run-a-relay/contents+en.lrquestion.description) @@ -8579,11 +8595,15 @@ msgid "" "support](https://community.torproject.org/relay/setup/bridge). In that case " "you should have at least 1 MBit/s of available bandwidth." msgstr "" +"Aún si no tenés al menos 10 Mbit/s de ancho de banda disponible, todavÃa " +"podés ayudar a la red Tor corriendo un [puente Tor con soporte " +"obfs4](https://community.torproject.org/relay/setup/bridge). En ese caso, " +"debieras tener al menos 1 MBit/s de ancho de banda disponible." #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.title) msgid "I want to upgrade/move my relay. How do I keep the same key?" -msgstr "" +msgstr "Quiero actualizar/mover mi repetidor. ¿Cómo mantengo la misma clave?" #: https//support.torproject.org/operators/upgrade-or-move/ #: (content/operators/upgrade-or-move/contents+en.lrquestion.description)
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 8743f98dc87ed3b54d62dd9e93c6d6ebdbfc4874 Author: Translation commit bot Date: Thu Aug 27 21:45:09 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 24 ++-- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/contents+ar.po b/contents+ar.po index 1e63650d23..92e10e8702 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -2034,6 +2034,8 @@ msgid "" "5. **The training venue.** Running a Tor training in some spaces could " "expose your participants' identities." msgstr "" +"5. ** Ù Ùا٠اÙتدرÙب. ** Ùد Ùؤد٠إجراء تدرÙب Tor Ù٠بعض اÙأ٠اÙ٠إÙÙ ÙØ´Ù ÙÙÙات " +"اÙ٠شارÙÙÙ." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -2041,6 +2043,8 @@ msgid "" "Ideally, you should use a private space where you control the participants' " "entrance." msgstr "" +"٠٠اÙÙاØÙØ© اÙ٠ثاÙÙØ© Ø Ùجب أ٠تستخد٠٠ساØØ© خاصة ØÙØ« ÙÙ ÙÙ٠اÙتØÙÙ Ù٠٠دخ٠" +"اÙ٠شارÙÙÙ." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -2048,11 +2052,13 @@ msgid "" "If the space isn't private, check before the training to find out if " "participants are comfortable revealing their identity to a third party." msgstr "" +"إذا Ù٠تÙ٠اÙ٠ساØØ© خاصة Ø ÙتØÙÙ Ùب٠اÙتدرÙب Ù٠عرÙØ© ٠ا إذا Ùا٠اÙ٠شارÙÙÙ " +"٠رتاØÙÙ ÙÙÙش٠ع٠ÙÙÙتÙÙ Ùطر٠ثاÙØ«." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "## Evaluating risks" -msgstr "" +msgstr "## تÙÙÙ٠اÙ٠خاطر" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -2060,6 +2066,8 @@ msgid "" "Some questions you may want to answer before running a digital security " "training include:" msgstr "" +"تتض٠٠بعض اÙأسئÙØ© اÙت٠Ùد ترغب Ù٠اÙإجابة عÙÙÙا Ùب٠إجراء تدرÙب عÙ٠اÙأ٠ا٠" +"اÙرÙ٠٠٠ا ÙÙÙ:" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -2068,6 +2076,8 @@ msgid "" "activity? (This does not necessarily need to be specific to digital security" " training or use of Tor.)" msgstr "" +"* Ù٠ت٠تجرÙ٠أ٠شخص Ù٠بÙد٠عÙ٠أساس Ùشاط٠عÙ٠اÙØ¥ÙترÙØªØ (Ùا ÙØتاج Ùذا " +"باÙضرÙرة Ø¥Ù٠أ٠ÙÙÙÙ Ù ØددÙا ÙÙتدرÙب عÙ٠اÙأ٠٠اÙرÙ٠٠أ٠استخدا٠Tor.)" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -2075,31 +2085,33 @@ msgid "" "* Are there laws in my country that require Internet Service Providers " "(ISPs) to track my online activity?" msgstr "" +"* Ù٠تÙجد ÙÙاÙÙÙ Ù٠بÙد٠تتطÙب ٠زÙد٠خد٠ة اÙØ¥ÙترÙت (ISP) Ùتتبع Ùشاط٠عبر " +"اÙØ¥ÙترÙتØ" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "* Is it illegal for me to access certain websites?" -msgstr "" +msgstr "* Ù٠اÙدخÙ٠إÙ٠بعض اÙÙ ÙاÙع اÙØ¥ÙÙترÙÙÙØ© غÙر ÙاÙÙÙÙØ" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "* Does my country prohibit me from using:" -msgstr "" +msgstr "* Ù٠ت٠ÙعÙ٠بÙد٠٠٠استخدا٠:" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "* Cryptography?" -msgstr "" +msgstr "* اÙتشÙÙرØ" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "* Anonymity software?" -msgstr "" +msgstr "* برÙا٠ج إخÙاء اÙÙÙÙØ©Ø" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "Note, this is not an exhaustive list of questions." -msgstr "" +msgstr "Ù ÙاØظة Ø ÙØ°Ù ÙÙست Ùائ٠ة شا٠ÙØ© ٠٠اÙأسئÙØ©." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [snowflake/master] Move snowflake ConnectLoop inside SOCKS Handler
commit 1364d7d45bbec9de605a266a84ea60cdfa6676db Author: Cecylia Bocovich Date: Tue Aug 11 13:22:16 2020 -0400 Move snowflake ConnectLoop inside SOCKS Handler Bug #21314: maintains a separate snowflake connect loop per SOCKS connection. This way, if Tor decides to stop using Snowflake, Snowflake will stop using the client's network. --- client/lib/lib_test.go | 6 +++--- client/lib/snowflake.go | 34 +- client/snowflake.go | 38 +- 3 files changed, 41 insertions(+), 37 deletions(-) diff --git a/client/lib/lib_test.go b/client/lib/lib_test.go index ebcf284..a93943f 100644 --- a/client/lib/lib_test.go +++ b/client/lib/lib_test.go @@ -157,11 +157,11 @@ func TestSnowflakeClient(t *testing.T) { SkipConvey("Handler Grants correctly", func() { socks := {} - snowflakes := {} + broker := {Host: "test"} + d := NewWebRTCDialer(broker, nil) So(socks.rejected, ShouldEqual, false) - snowflakes.toRelease = nil - Handler(socks, snowflakes) + Handler(socks, d) So(socks.rejected, ShouldEqual, true) }) }) diff --git a/client/lib/snowflake.go b/client/lib/snowflake.go index b355c3e..d08a7bc 100644 --- a/client/lib/snowflake.go +++ b/client/lib/snowflake.go @@ -142,7 +142,17 @@ var sessionManager = sessionManager_{} // Given an accepted SOCKS connection, establish a WebRTC connection to the // remote peer and exchange traffic. -func Handler(socks net.Conn, snowflakes SnowflakeCollector) error { +func Handler(socks net.Conn, tongue Tongue) error { + // Prepare to collect remote WebRTC peers. + snowflakes := NewPeers(1) + snowflakes.Tongue = tongue + + // Use a real logger to periodically output how much traffic is happening. + snowflakes.BytesLogger = NewBytesSyncLogger() + + log.Printf(" Handler: begin collecting snowflakes ---") + go connectLoop(snowflakes) + // Return the global smux.Session. sess, err := sessionManager.Get(snowflakes) if err != nil { @@ -160,9 +170,31 @@ func Handler(socks net.Conn, snowflakes SnowflakeCollector) error { log.Printf(" Handler: begin stream %v ---", stream.ID()) copyLoop(socks, stream) log.Printf(" Handler: closed stream %v ---", stream.ID()) + snowflakes.End() + log.Printf(" Handler: end collecting snowflakes ---") return nil } +// Maintain |SnowflakeCapacity| number of available WebRTC connections, to +// transfer to the Tor SOCKS handler when needed. +func connectLoop(snowflakes SnowflakeCollector) { + for { + // Check if ending is necessary. + _, err := snowflakes.Collect() + if err != nil { + log.Printf("WebRTC: %v Retrying in %v...", + err, ReconnectTimeout) + } + select { + case <-time.After(ReconnectTimeout): + continue + case <-snowflakes.Melted(): + log.Println("ConnectLoop: stopped.") + return + } + } +} + // Exchanges bytes between two ReadWriters. // (In this case, between a SOCKS connection and smux stream.) func copyLoop(socks, stream io.ReadWriter) { diff --git a/client/snowflake.go b/client/snowflake.go index 55bc48e..a7f5208 100644 --- a/client/snowflake.go +++ b/client/snowflake.go @@ -26,28 +26,8 @@ const ( DefaultSnowflakeCapacity = 1 ) -// Maintain |SnowflakeCapacity| number of available WebRTC connections, to -// transfer to the Tor SOCKS handler when needed. -func ConnectLoop(snowflakes sf.SnowflakeCollector) { - for { - // Check if ending is necessary. - _, err := snowflakes.Collect() - if err != nil { - log.Printf("WebRTC: %v Retrying in %v...", - err, sf.ReconnectTimeout) - } - select { - case <-time.After(sf.ReconnectTimeout): - continue - case <-snowflakes.Melted(): - log.Println("ConnectLoop: stopped.") - return - } - } -} - // Accept local SOCKS connections and pass them to the handler. -func socksAcceptLoop(ln *pt.SocksListener, snowflakes sf.SnowflakeCollector) { +func socksAcceptLoop(ln *pt.SocksListener, tongue sf.Tongue) { defer ln.Close() for { conn, err := ln.AcceptSocks() @@ -68,7 +48,7 @@ func socksAcceptLoop(ln *pt.SocksListener, snowflakes sf.SnowflakeCollector) { return } -
[tor-commits] [snowflake/master] Set max number of snowflakes in the Tongue
commit cc55481faf7bb886ef3cae99110800189abb0992 Author: Cecylia Bocovich Date: Tue Aug 11 13:57:51 2020 -0400 Set max number of snowflakes in the Tongue --- client/lib/interfaces.go | 3 +++ client/lib/lib_test.go | 37 - client/lib/peers.go | 26 +++--- client/lib/rendezvous.go | 10 +- client/lib/snowflake.go | 6 -- client/snowflake.go | 2 +- 6 files changed, 52 insertions(+), 32 deletions(-) diff --git a/client/lib/interfaces.go b/client/lib/interfaces.go index 71426d6..5378f4a 100644 --- a/client/lib/interfaces.go +++ b/client/lib/interfaces.go @@ -7,6 +7,9 @@ import ( // Interface for catching Snowflakes. (aka the remote dialer) type Tongue interface { Catch() (*WebRTCPeer, error) + + // Get the maximum number of snowflakes + GetMax() int } // Interface for collecting some number of Snowflakes, for passing along diff --git a/client/lib/lib_test.go b/client/lib/lib_test.go index a93943f..5537a52 100644 --- a/client/lib/lib_test.go +++ b/client/lib/lib_test.go @@ -27,13 +27,19 @@ func (m *MockTransport) RoundTrip(req *http.Request) (*http.Response, error) { return r, nil } -type FakeDialer struct{} +type FakeDialer struct { + max int +} func (w FakeDialer) Catch() (*WebRTCPeer, error) { fmt.Println("Caught a dummy snowflake.") return {}, nil } +func (w FakeDialer) GetMax() int { + return w.max +} + type FakeSocksConn struct { net.Conn rejected bool @@ -55,19 +61,19 @@ func TestSnowflakeClient(t *testing.T) { Convey("Peers", t, func() { Convey("Can construct", func() { - p := NewPeers(1) - So(p.capacity, ShouldEqual, 1) + d := {max: 1} + p, _ := NewPeers(d) + So(p.Tongue.GetMax(), ShouldEqual, 1) So(p.snowflakeChan, ShouldNotBeNil) So(cap(p.snowflakeChan), ShouldEqual, 1) }) Convey("Collecting a Snowflake requires a Tongue.", func() { - p := NewPeers(1) - _, err := p.Collect() + p, err := NewPeers(nil) So(err, ShouldNotBeNil) - So(p.Count(), ShouldEqual, 0) // Set the dialer so that collection is possible. - p.Tongue = FakeDialer{} + d := {max: 1} + p, err = NewPeers(d) _, err = p.Collect() So(err, ShouldBeNil) So(p.Count(), ShouldEqual, 1) @@ -77,8 +83,7 @@ func TestSnowflakeClient(t *testing.T) { Convey("Collection continues until capacity.", func() { c := 5 - p := NewPeers(c) - p.Tongue = FakeDialer{} + p, _ := NewPeers(FakeDialer{max: c}) // Fill up to capacity. for i := 0; i < c; i++ { fmt.Println("Adding snowflake ", i) @@ -104,8 +109,7 @@ func TestSnowflakeClient(t *testing.T) { }) Convey("Count correctly purges peers marked for deletion.", func() { - p := NewPeers(4) - p.Tongue = FakeDialer{} + p, _ := NewPeers(FakeDialer{max: 5}) p.Collect() p.Collect() p.Collect() @@ -121,7 +125,7 @@ func TestSnowflakeClient(t *testing.T) { Convey("End Closes all peers.", func() { cnt := 5 - p := NewPeers(cnt) + p, _ := NewPeers(FakeDialer{max: cnt}) for i := 0; i < cnt; i++ { p.activePeers.PushBack({}) } @@ -132,8 +136,7 @@ func TestSnowflakeClient(t *testing.T) { }) Convey("Pop skips over closed peers.", func() { - p := NewPeers(4) - p.Tongue = FakeDialer{} + p, _ := NewPeers(FakeDialer{max: 4}) wc1, _ := p.Collect() wc2, _ := p.Collect() wc3, _ := p.Collect() @@ -158,7 +161,7 @@ func TestSnowflakeClient(t *testing.T) { SkipConvey("Handler Grants correctly", func() { socks := {} broker := {Host: "test"} - d := NewWebRTCDialer(broker, nil) + d := NewWebRTCDialer(broker, nil, 1) So(socks.rejected, ShouldEqual, false) Handler(socks, d) @@ -169,14 +172,14 @@ func TestSnowflakeClient(t *testing.T) {
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit d6de3d9f1d274cb6a00ef20c7add7359209cd7b5 Author: Translation commit bot Date: Thu Aug 27 20:45:12 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contents+ar.po b/contents+ar.po index 8939e64dff..1e63650d23 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -2024,6 +2024,9 @@ msgid "" "leaked documents about government corruption, you might need to be extra " "careful on how to reach out them in a private way." msgstr "" +"4. ** اÙج٠ÙÙر. ** Ùد Ùا Ùجذب تج٠ع Ø·Ùاب اÙجا٠عات اÙاÙØªØ¨Ø§Ù Ø ÙÙÙ٠إذا ÙÙت تج٠ع" +" ٠ج٠Ùعة ٠٠اÙصØÙÙÙÙ Ùع٠ÙÙ٠بÙثائ٠٠سربة ØÙ٠اÙÙساد اÙØÙÙÙ Ù Ø ÙÙد تØتاج Ø¥ÙÙ " +"تÙخ٠اÙ٠زÙد ٠٠اÙØذر بشأ٠ÙÙÙÙØ© اÙÙصÙ٠إÙÙÙÙ Ù٠طرÙ٠خاص." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 8cf5a21a094b1701780fd304a78cf3b5be6b5397 Author: Translation commit bot Date: Thu Aug 27 20:15:10 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contents+ar.po b/contents+ar.po index 704647674e..8939e64dff 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -2013,6 +2013,8 @@ msgid "" "but teaching how to circumvent government censorship could be a serious " "felony." msgstr "" +"عÙ٠سبÙ٠اÙÙ Ø«Ø§Ù Ø Ùد ÙÙÙ٠اÙØدÙØ« ع٠اÙخصÙصÙØ© Ù٠اÙعصر اÙرÙ٠٠أ٠رÙا Ù ÙÙ ÙسÙا Ø" +" ÙÙ٠تعÙÙÙ ÙÙÙÙØ© اÙتØاÙ٠عÙ٠اÙرÙابة اÙØÙÙÙ ÙØ© Ùد ÙÙÙ٠جرÙÙ Ø© خطÙرة." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit c83b55ba7e5a0628f11f93da39c57c71501e955c Author: Translation commit bot Date: Thu Aug 27 19:45:10 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 24 ++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/contents+ar.po b/contents+ar.po index 7c8e44a72e..704647674e 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -1916,13 +1916,14 @@ msgstr "" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.title) msgid "Risks" -msgstr "" +msgstr "اÙ٠خاطر" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.subtitle) msgid "" "Things you should be aware of before running a digital security training." msgstr "" +"اÙأشÙاء اÙت٠Ùجب أ٠تÙÙ٠عÙ٠دراÙØ© بÙا Ùب٠إجراء تدرÙب عÙ٠اÙأ٠٠اÙرÙÙ Ù." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1930,6 +1931,8 @@ msgid "" "To our knowledge, no Tor trainer has ever faced consequences as a result of " "training others or speaking about Tor." msgstr "" +"عÙÙ Øد عÙÙ Ùا Ø ÙÙ ÙÙاج٠أ٠٠درب ÙÙ Tor عÙاÙب ÙتÙجة تدرÙب اÙآخرÙ٠أ٠اÙتØدث " +"ع٠Tor." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1940,6 +1943,10 @@ msgid "" "threats, placement on government watch lists, and targeting for " "surveillance." msgstr "" +"Ù٠ع Ø°ÙÙ Ø Ù٠بعض اÙبÙدا٠ÙÙ٠ظرÙ٠٠عÙÙØ© Ø Ù Ù Ø§ÙÙ Ù Ù٠أ٠ÙÙÙ٠٠جرد تج٠ع " +"ÙÙ٠داÙعÙ٠ع٠ØÙÙ٠اÙØ¥Ùسا٠٠ØÙÙÙÙا باÙ٠خاطر أ٠غÙر ÙاÙÙÙ٠أ٠Øت٠Ùعرض شخصÙا " +"ÙÙسج٠ÙاÙاعتداءات اÙجسدÙØ© ÙاÙغرا٠ات اÙÙبÙرة ÙاÙتÙدÙدات ÙÙضع٠عÙÙ ÙÙائ٠" +"اÙ٠راÙبة اÙØÙÙÙ ÙØ© ÙاÙاستÙدا٠٠راÙبة." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1949,6 +1956,9 @@ msgid "" "read this document and, in case of doubt, to reach out to the Tor Community " "Team privately." msgstr "" +"إذا ÙÙت ترغب Ù٠إجراء تدرÙب عÙÙ Tor ÙØ£Ù٠٠رة ÙÙا تعر٠ÙÙÙÙØ© تÙÙÙ٠اÙبÙئة " +"اÙسÙاسÙØ© ÙاÙاجت٠اعÙØ© Ø ÙÙØÙ Ùشجع٠بشدة عÙÙ Ùراءة Ùذا اÙ٠ستÙد Ø ÙÙÙ ØاÙØ© اÙØ´Ù" +" Ø ÙÙتÙاص٠٠ع ÙرÙ٠٠جت٠ع Tor بشÙ٠خاص ." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1956,11 +1966,13 @@ msgid "" "Some potential risks of running a digital security training are only valid " "in specific contexts." msgstr "" +"بعض اÙ٠خاطر اÙÙ Øت٠ÙØ© Ùإجراء تدرÙب عÙ٠اÙأ٠٠اÙرÙ٠٠صاÙØØ© ÙÙØ· Ù٠سÙاÙات " +"Ù Øددة." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) msgid "The potential risks associated with running a Tor training depend on:" -msgstr "" +msgstr "تعت٠د اÙ٠خاطر اÙÙ Øت٠ÙØ© اÙ٠رتبطة بتشغÙ٠تدرÙب Tor عÙÙ:" #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1969,6 +1981,9 @@ msgid "" "surveillance, for example, might attract more attention when reaching out " "other activists to run a digital security training." msgstr "" +"1. ** ÙÙ Ùذج اÙتÙدÙد اÙخاص بÙ. ** Ùد Ùجذب Ùاشط بارز Ùخضع باÙÙع٠ÙÙØ«Ùر Ù Ù " +"اÙ٠راÙبة Ø Ø¹Ù٠سبÙ٠اÙÙ Ø«Ø§Ù Ø Ù Ø²ÙدÙا ٠٠اÙاÙت٠ا٠عÙد اÙتÙاص٠٠ع Ùشطاء آخرÙÙ " +"Ùإجراء تدرÙب عÙ٠اÙأ٠٠اÙرÙÙ Ù." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1978,6 +1993,9 @@ msgid "" " has a record in prosecuting individuals engaging in similar types of " "activities." msgstr "" +"2. ** اÙÙÙاÙÙÙ ÙاÙÙÙØ§Ø¦Ø Ù٠اÙدÙÙØ©. ** استشر اÙÙ Øا٠Ù٠اÙÙ ØÙÙÙÙ ÙاÙÙ Ùظ٠ات " +"اÙÙ ØÙÙØ© اÙ٠عÙÙØ© بØرÙØ© اÙتعبÙر ÙتعرÙ٠عÙ٠٠ا إذا Ùا٠ÙبÙد٠سج٠ÙÙ Ù Ùاضاة " +"اÙØ£Ùراد اÙØ°ÙÙ ÙشارÙÙÙ Ù٠أÙÙاع ٠٠اثÙØ© ٠٠اÙØ£Ùشطة." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -1985,6 +2003,8 @@ msgid "" "3. **The types of training.** Not all trainings carry the same weight in " "terms of potential risk." msgstr "" +"3. ** Ø£ÙÙاع اÙتدرÙب. ** ÙÙست Ù٠اÙتدرÙبات تØÙ Ù ÙÙس اÙÙز٠٠٠ØÙØ« اÙ٠خاطر "
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 40090: Disable v3 add-on blocklist for now
commit caa4b2452b987f1fee7fe387f1a5ffccc4a0b6eb Author: Georg Koppen Date: Wed Aug 19 10:38:48 2020 + Bug 40090: Disable v3 add-on blocklist for now That's desktop-only as the v3 blocklist is not enabled on mobile yet, see: https://bugzilla.mozilla.org/show_bug.cgi?id=1639050. --- browser/app/profile/firefox.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 6a4a2a0d1de9..fec95d4611e2 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -42,9 +42,9 @@ pref("extensions.getAddons.link.url", "https://addons.mozilla.org/%LOCALE%/firef pref("extensions.getAddons.langpacks.url", "https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox=language=%VERSION%;); pref("extensions.getAddons.discovery.api_url", "https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%=%DISTRIBUTION%;); -// Use bloomfilters for the addons blocklist, instead of JSON only. -pref("extensions.blocklist.useMLBF", true); -pref("extensions.blocklist.useMLBF.stashes", true); +// No bloomfilters for the addons blocklist for now, but JSON only. +pref("extensions.blocklist.useMLBF", false); +pref("extensions.blocklist.useMLBF.stashes", false); // The URL for the privacy policy related to recommended extensions. pref("extensions.recommendations.privacyPolicyUrl", "https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser_medium=firefox-browser_content=privacy-policy-link#addons;); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core
commit d0166a5018a694b0bdab795e617b8594bb9a6196 Author: Georg Koppen Date: Thu Aug 27 19:17:37 2020 + fixup! Bug 10760: Integrate TorButton to TorBrowser core --- toolkit/torproject/torbutton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton index 3dc1c58d6c49..72cbb6d501aa 16 --- a/toolkit/torproject/torbutton +++ b/toolkit/torproject/torbutton @@ -1 +1 @@ -Subproject commit 3dc1c58d6c494eeb5514ad84831b76661667ba2c +Subproject commit 72cbb6d501aa798a676da9331e686581ee4038cf ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 40025: Remove Mozilla add-on install permissions
commit e3773b1bedfedce502afedbadeed07fe4e02ac38 Author: Alex Catarineu Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 5 - 1 file changed, 5 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index 4938bd1e22e5..5c4c302f5ba5 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -11,11 +11,6 @@ origin uitour 1 https://3g2upl4pq6kufc4m.onion origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://fpn.firefox.com ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
commit 0f10c4086a4e90d431c5d8aad7049ab573a3d263 Author: Kathy Brade Date: Tue Jul 14 11:15:07 2020 -0400 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. --- browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++ browser/components/aboutlogins/content/aboutLogins.css | 8 +++- browser/components/aboutlogins/content/aboutLogins.js | 6 ++ .../aboutlogins/content/components/fxaccounts-button.css | 5 + .../components/aboutlogins/content/components/menu-button.css | 10 ++ 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm index d52981936597..bb0b9aeff1bd 100644 --- a/browser/components/aboutlogins/AboutLoginsParent.jsm +++ b/browser/components/aboutlogins/AboutLoginsParent.jsm @@ -63,6 +63,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync"; const HIDE_MOBILE_FOOTER_PREF = "signon.management.page.hideMobileFooter"; const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF = "signon.management.page.showPasswordSyncNotification"; +const NOCERTDB_PREF = "security.nocertdb"; // about:logins will always use the privileged content process, // even if it is disabled for other consumers such as about:newtab. @@ -432,6 +433,7 @@ class AboutLoginsParent extends JSWindowActorParent { importVisible: Services.policies.isAllowed("profileImport") && AppConstants.platform != "linux", +canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false), }); await AboutLogins._sendAllLoginRelatedObjects( diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css index 7ed29bda8297..dca63da2e649 100644 --- a/browser/components/aboutlogins/content/aboutLogins.css +++ b/browser/components/aboutlogins/content/aboutLogins.css @@ -69,6 +69,11 @@ login-item { grid-area: login; } +/* Do not promote Mozilla Sync in Tor Browser. */ +login-intro { + display: none !important; +} + #branding-logo { flex-basis: var(--sidebar-width); flex-shrink: 0; @@ -83,7 +88,8 @@ login-item { } } -:root:not(.official-branding) #branding-logo { +/* Hide "Firefox LockWise" branding in Tor Browser. */ +#branding-logo { visibility: hidden; } diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js index a08427b0ae09..1669fba678bd 100644 --- a/browser/components/aboutlogins/content/aboutLogins.js +++ b/browser/components/aboutlogins/content/aboutLogins.js @@ -19,6 +19,9 @@ const gElements = { get loginFooter() { return this.loginItem.shadowRoot.querySelector("login-footer"); }, + get createNewLoginButton() { +return this.loginList.shadowRoot.querySelector(".create-login-button"); + }, }; let numberOfLogins = 0; @@ -100,6 +103,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); + if (!event.detail.value.canCreateLogins) { +gElements.createNewLoginButton.disabled = true; + } break; } case "ShowLoginItemError": { diff --git a/browser/components/aboutlogins/content/components/fxaccounts-button.css b/browser/components/aboutlogins/content/components/fxaccounts-button.css index aefda548c84d..a02707980158 100644 --- a/browser/components/aboutlogins/content/components/fxaccounts-button.css +++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css @@ -8,6 +8,11 @@ align-items: center; } +/* Do not promote Mozilla Sync in Tor Browser. */ +.logged-out-view { + display: none !important; +} + .fxaccounts-extra-text { /* Only show at most 3 lines of text to limit the text from overflowing the header. */ diff --git a/browser/components/aboutlogins/content/components/menu-button.css b/browser/components/aboutlogins/content/components/menu-button.css index f500edd5ae70..9cb663dc424c 100644 --- a/browser/components/aboutlogins/content/components/menu-button.css +++ b/browser/components/aboutlogins/content/components/menu-button.css @@ -89,3 +89,13 @@ .menuitem-mobile-android { background-image: url("chrome://browser/skin/logo-android.svg"); } + +/* + * Do not promote LockWise mobile apps in Tor Browser: hide the menu items + * and the separator line that precedes them. + */ +.menuitem-mobile-android, +.menuitem-mobile-ios, +button[data-event-name="AboutLoginsGetHelp"] + hr { + display: none !important; +}
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 40073: Disable remote Public Suffix List fetching
commit ff6b89a39c0bcb2facec367c3d2125806705eb07 Author: Alex Catarineu Date: Thu Aug 13 11:05:03 2020 +0200 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. --- browser/components/BrowserGlue.jsm | 5 - 1 file changed, 5 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 7b6026c37105..4ac021546f00 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -742,7 +742,6 @@ XPCOMUtils.defineLazyModuleGetters(this, { PluralForm: "resource://gre/modules/PluralForm.jsm", PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm", ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm", - PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm", RemoteSettings: "resource://services-settings/remote-settings.js", RemoteSecuritySettings: "resource://gre/modules/psm/RemoteSecuritySettings.jsm", @@ -2647,10 +2646,6 @@ BrowserGlue.prototype = { this._addBreachesSyncHandler(); }, - () => { -PublicSuffixList.init(); - }, - () => { RemoteSecuritySettings.init(); }, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 40002: Remove about:pioneer
commit 12acc1a6a9c35f206207d39e8a5cd72d34c3e593 Author: Kathy Brade Date: Fri Aug 14 09:06:33 2020 -0400 Bug 40002: Remove about:pioneer Firefox Pioneer is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. --- browser/components/about/AboutRedirector.cpp | 2 -- browser/components/about/components.conf | 1 - 2 files changed, 3 deletions(-) diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 78cb284d3eda..0f81fab8d7f0 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, -{"pioneer", "chrome://browser/content/pioneer.html", - nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index d78de142e2e4..8e04467c05da 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -14,7 +14,6 @@ pages = [ 'logins', 'newinstall', 'newtab', -'pioneer', 'pocket-saved', 'pocket-signup', 'policies', ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 21952: Implement Onion-Location
commit 549aeab6b868ccbeec278d6abc2e25d49699c73c Author: Alex Catarineu Date: Thu Mar 5 22:16:39 2020 +0100 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. --- browser/base/content/browser.js| 12 ++ browser/base/content/browser.xhtml | 3 + browser/components/BrowserGlue.jsm | 13 ++ .../onionservices/OnionLocationChild.jsm | 39 + .../onionservices/OnionLocationParent.jsm | 168 + .../content/onionlocation-notification-icons.css | 5 + .../onionservices/content/onionlocation-urlbar.css | 27 .../content/onionlocation-urlbar.inc.xhtml | 10 ++ .../onionservices/content/onionlocation.svg| 3 + .../content/onionlocationPreferences.inc.xhtml | 11 ++ .../content/onionlocationPreferences.js| 31 browser/components/onionservices/jar.mn| 2 + browser/components/onionservices/moz.build | 2 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 17 +++ browser/themes/shared/notification-icons.inc.css | 2 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 34 - dom/base/Document.h| 2 + dom/webidl/Document.webidl | 9 ++ modules/libpref/init/StaticPrefList.yaml | 5 + xpcom/ds/StaticAtoms.py| 1 + 22 files changed, 399 insertions(+), 1 deletion(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 5d82b1ac26b9..88245c86a32b 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { NetUtil: "resource://gre/modules/NetUtil.jsm", NewTabUtils: "resource://gre/modules/NewTabUtils.jsm", OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PageActions: "resource:///modules/PageActions.jsm", PageThumbs: "resource://gre/modules/PageThumbs.jsm", PanelMultiView: "resource:///modules/PanelMultiView.jsm", @@ -5350,6 +5351,7 @@ var XULBrowserWindow = { Services.obs.notifyObservers(null, "touchbar-location-change", location); UpdateBackForwardCommands(gBrowser.webNavigation); AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser); +OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser); if (!gMultiProcessBrowser) { // Bug 1108553 - Cannot rotate images with e10s @@ -5886,6 +5888,16 @@ const AccessibilityRefreshBlocker = { var TabsProgressListener = { onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { +// Clear OnionLocation UI +if ( + aStateFlags & Ci.nsIWebProgressListener.STATE_START && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK && + aRequest && + aWebProgress.isTopLevel +) { + OnionLocationParent.onStateChange(aBrowser); +} + // Collect telemetry data about tab load times. if ( aWebProgress.isTopLevel && diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 25e8a645a4b8..74d48cefab80 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1930,6 +1930,9 @@ onclick="FullZoom.reset();" tooltip="dynamic-shortcut-tooltip" hidden="true"/> + +#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml + {}, +}; + +const options = { + autofocus: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { +if (aTopic === "removed") { + delete browser._onionLocationPrompt; + delete browser.onionpopupnotificationanchor; +} + }, + learnMoreURL: NOTIFICATION_LEARN_MORE_URL, + displayURI: { +hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have a title without extra markup/css. + }, + hideClose: true, + popupIconClass: "onionlocation-notification-icon", +}; + +// A hacky way of setting the popup anchor outside the usual url bar icon box +// onionlocationpopupnotificationanchor comes from `${ANCHOR_ID}popupnotificationanchor` +// From https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c44301a/browser/components/newtab/lib/CFRPageActions.jsm#488 +browser.onionlocationpopupnotificationanchor =
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 33342: Avoid disconnect search addon error after removal.
commit 26b5467fa7f01c7874b927496b6bdc3b50b320e7 Author: Alex Catarineu Date: Fri Mar 13 18:19:30 2020 +0100 Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. --- toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++ 1 file changed, 6 insertions(+) diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 78c0b0f7c702..ad8922dadebf 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -970,6 +970,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends XPIStateLocation { get enumerable() { return false; } + + restore(saved) { +super.restore(saved); +// Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4. +this.removeAddon("disconn...@search.mozilla.org"); + } })(); /** ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 31575: Replace Firefox Home (newtab) with about:tor
commit 9c4ad38de1f14c9f2a2084bbb291fc0e83e6d48c Author: Alex Catarineu Date: Mon Sep 9 13:04:34 2019 +0200 Bug 31575: Replace Firefox Home (newtab) with about:tor Avoid loading AboutNewTab in BrowserGlue.jsm in order to avoid several network requests that we do not need. Besides, about:newtab will now point to about:blank or about:tor (depending on browser.newtabpage.enabled) and about:home will point to about:tor. --- browser/components/BrowserGlue.jsm | 29 ++-- browser/components/newtab/AboutNewTabService.jsm | 15 +--- browser/components/preferences/home.inc.xhtml| 4 ++-- browser/components/preferences/preferences.xhtml | 5 +++- browser/modules/HomePage.jsm | 2 +- 5 files changed, 10 insertions(+), 45 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 4525dcc39cac..1bde9c472ace 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -23,12 +23,6 @@ ChromeUtils.defineModuleGetter( "resource://gre/modules/ActorManagerParent.jsm" ); -ChromeUtils.defineModuleGetter( - this, - "AboutNewTab", - "resource:///modules/AboutNewTab.jsm" -); - ChromeUtils.defineModuleGetter( this, "E10SUtils", @@ -146,19 +140,6 @@ let JSWINDOWACTORS = { matches: ["about:newinstall"], }, - AboutNewTab: { -child: { - moduleURI: "resource:///actors/AboutNewTabChild.jsm", - events: { -DOMContentLoaded: {}, - }, -}, -// The wildcard on about:newtab is for the ?endpoint query parameter -// that is used for snippets debugging. -matches: ["about:home", "about:welcome", "about:newtab*"], -remoteTypes: ["privilegedabout"], - }, - AboutPlugins: { parent: { moduleURI: "resource:///actors/AboutPluginsParent.jsm", @@ -1729,8 +1710,6 @@ BrowserGlue.prototype = { // the first browser window has finished initializing _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) { -AboutNewTab.init(); - TabCrashHandler.init(); ProcessHangMonitor.init(); @@ -5146,12 +5125,8 @@ var AboutHomeStartupCache = { return { pageInputStream: null, scriptInputStream: null }; } -let state = AboutNewTab.activityStream.store.getState(); -return new Promise(resolve => { - this._cacheDeferred = resolve; - this.log.trace("Parent received cache streams."); - this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state }); -}); +this.log.error("Activity Stream is disabled in Tor Browser."); +return { pageInputStream: null, scriptInputStream: null }; }, /** diff --git a/browser/components/newtab/AboutNewTabService.jsm b/browser/components/newtab/AboutNewTabService.jsm index aa73892f4370..06cff38f1861 100644 --- a/browser/components/newtab/AboutNewTabService.jsm +++ b/browser/components/newtab/AboutNewTabService.jsm @@ -323,20 +323,7 @@ class BaseAboutNewTabService { * the newtab page has no effect on the result of this function. */ get defaultURL() { -// Generate the desired activity stream resource depending on state, e.g., -// "resource://activity-stream/prerendered/activity-stream.html" -// "resource://activity-stream/prerendered/activity-stream-debug.html" -// "resource://activity-stream/prerendered/activity-stream-noscripts.html" -return [ - "resource://activity-stream/prerendered/", - "activity-stream", - // Debug version loads dev scripts but noscripts separately loads scripts - this.activityStreamDebug && !this.privilegedAboutProcessEnabled -? "-debug" -: "", - this.privilegedAboutProcessEnabled ? "-noscripts" : "", - ".html", -].join(""); +return "about:tor"; } /* diff --git a/browser/components/preferences/home.inc.xhtml b/browser/components/preferences/home.inc.xhtml index 2e900ccd296c..2a7412944d73 100644 --- a/browser/components/preferences/home.inc.xhtml +++ b/browser/components/preferences/home.inc.xhtml @@ -37,7 +37,7 @@ class="check-home-page-controlled" data-preference-related="browser.startup.homepage"> - + @@ -97,7 +97,7 @@ flex="1" preference="browser.newtabpage.enabled"> - + diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index b44816faa9c4..f6ff20bacb56 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -14,7 +14,10 @@ - + + %aboutTorDTD; +]> http://www.w3.org/1999/xhtml; xmlns:html="http://www.w3.org/1999/xhtml; diff --git a/browser/modules/HomePage.jsm b/browser/modules/HomePage.jsm index c903787fde48..bf67b1c5d173 100644 ---
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 25741 - TBA: Disable GeckoNetworkManager
commit a4f63d8fc9fcd471dede3b8d7657e6b06cbce6b6 Author: Matthew Finkel Date: Thu Apr 26 22:22:51 2018 + Bug 25741 - TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. --- .../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java index c908d23229d1..bd26f6782276 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java @@ -121,7 +121,9 @@ public final class GeckoRuntime implements Parcelable { mPaused = false; // Monitor network status and send change notifications to Gecko // while active. - GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); +if (BuildConfig.TOR_BROWSER_VERSION == "") { + GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); +} } @OnLifecycleEvent(Lifecycle.Event.ON_PAUSE) @@ -129,7 +131,9 @@ public final class GeckoRuntime implements Parcelable { Log.d(LOGTAG, "Lifecycle: onPause"); mPaused = true; // Stop monitoring network status while inactive. -GeckoNetworkManager.getInstance().stop(); +if (BuildConfig.TOR_BROWSER_VERSION == "") { +GeckoNetworkManager.getInstance().stop(); +} GeckoThread.onPause(); } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] fixup! Bug 28005: Implement .onion alias urlbar rewrites
commit c8752bf165a2f631f39c58cdf75f76c90bccd54b Author: Alex Catarineu Date: Thu Aug 27 12:39:45 2020 +0200 fixup! Bug 28005: Implement .onion alias urlbar rewrites --- xpcom/reflect/xptinfo/xptinfo.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xpcom/reflect/xptinfo/xptinfo.h b/xpcom/reflect/xptinfo/xptinfo.h index a9a05a580432..e8a9d9d9c592 100644 --- a/xpcom/reflect/xptinfo/xptinfo.h +++ b/xpcom/reflect/xptinfo/xptinfo.h @@ -513,7 +513,7 @@ static_assert(sizeof(nsXPTMethodInfo) == 8, "wrong size"); #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE) # define PARAM_BUFFER_COUNT 18 #else -// Thex max is currently updateForLocationChange in nsIBrowser.idl +// The max is currently updateForLocationChange in nsIBrowser.idl # define PARAM_BUFFER_COUNT 15 #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
commit 3b0688d5133e4ea55b926e065c90be0d353683b4 Author: Kathy Brade Date: Thu Apr 16 17:07:09 2020 -0400 Bug 32418: Allow updates to be disabled via an enterprise policy. Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } } On Linux, avoid reading policies from /etc/firefox/policies/policies.json --- .../enterprisepolicies/EnterprisePoliciesParent.jsm | 14 -- toolkit/components/enterprisepolicies/moz.build | 3 +++ toolkit/mozapps/update/UpdateService.jsm | 20 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm index 8b0a5170cbdd..38e2c2b36a24 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm +++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm @@ -4,6 +4,10 @@ var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"]; +// To ensure that policies intended for Firefox or another browser will not +// be used, Tor Browser only looks for policies in ${InstallDir}/distribution +#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION + const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); @@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import( ); XPCOMUtils.defineLazyModuleGetters(this, { +#ifndef AVOID_SYSTEM_POLICIES WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm", macOSPoliciesParser: "resource://gre/modules/policies/macOSPoliciesParser.jsm", +#endif Policies: "resource:///modules/policies/Policies.jsm", JsonSchemaValidator: "resource://gre/modules/components-utils/JsonSchemaValidator.jsm", @@ -137,6 +143,7 @@ EnterprisePoliciesManager.prototype = { _chooseProvider() { let provider = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "win") { provider = new WindowsGPOPoliciesProvider(); } else if (AppConstants.platform == "macosx") { @@ -145,6 +152,7 @@ EnterprisePoliciesManager.prototype = { if (provider && provider.hasPolicies) { return provider; } +#endif provider = new JSONPoliciesProvider(); if (provider.hasPolicies) { @@ -495,7 +503,7 @@ class JSONPoliciesProvider { _getConfigurationFile() { let configFile = null; - +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "linux") { let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance( Ci.nsIFile @@ -508,7 +516,7 @@ class JSONPoliciesProvider { return systemConfigFile; } } - +#endif try { let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false); if (perUserPath) { @@ -589,6 +597,7 @@ class JSONPoliciesProvider { } } +#ifndef AVOID_SYSTEM_POLICIES class WindowsGPOPoliciesProvider { constructor() { this._policies = null; @@ -654,3 +663,4 @@ class macOSPoliciesProvider { return this._failed; } } +#endif diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build index 284089594b2f..b0485aade0e8 100644 --- a/toolkit/components/enterprisepolicies/moz.build +++ b/toolkit/components/enterprisepolicies/moz.build @@ -21,6 +21,9 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] != "android": EXTRA_JS_MODULES += [ 'EnterprisePolicies.jsm', 'EnterprisePoliciesContent.jsm', +] + +EXTRA_PP_JS_MODULES += [ 'EnterprisePoliciesParent.jsm', ] diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 3338f7f94d72..35f3b6bb3a26 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -2811,6 +2811,10 @@ UpdateService.prototype = { _checkForBackgroundUpdates: function AUS__checkForBackgroundUpdates( isNotify ) { +if (this.disabledByPolicy) { + return; +} + this._isNotify = isNotify; // Histogram IDs: @@ -3311,6 +3315,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get canApplyUpdates() { +if (this.disabledByPolicy) { + LOG( +"UpdateService.canApplyUpdates - unable to apply updates, " + + "the option has been disabled by the administrator." + ); + return false; +} + return getCanApplyUpdates() && hasUpdateMutex(); }, @@ -3318,6 +3330,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
commit 8d0b5a0a7c80cb58cc4b7d59737898cc04d02ab0 Author: Amogh Pradeep Date: Fri Jun 12 02:07:45 2015 -0400 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review --- .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++--- .../java/org/mozilla/gecko/util/BitmapUtils.java | 7 --- .../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++- 3 files changed, 59 insertions(+), 41 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java index 995b23316c32..b9ca73bee2eb 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java @@ -1764,39 +1764,41 @@ public class GeckoAppShell { @WrapForJNI private static URLConnection getConnection(final String url) { -try { -String spec; -if (url.startsWith("android://")) { -spec = url.substring(10); -} else { -spec = url.substring(8); -} - -// Check if we are loading a package icon. -try { -if (spec.startsWith("icon/")) { -String[] splits = spec.split("/"); -if (splits.length != 2) { -return null; -} -final String pkg = splits[1]; -final PackageManager pm = getApplicationContext().getPackageManager(); -final Drawable d = pm.getApplicationIcon(pkg); -final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); -return new BitmapConnection(bitmap); -} -} catch (Exception ex) { -Log.e(LOGTAG, "error", ex); -} - -// if the colon got stripped, put it back -int colon = spec.indexOf(':'); -if (colon == -1 || colon > spec.indexOf('/')) { -spec = spec.replaceFirst("/", ":/"); -} -} catch (Exception ex) { -return null; -} +// Bug 31144 - Prevent potential proxy-bypass + +//try { +//String spec; +//if (url.startsWith("android://")) { +//spec = url.substring(10); +//} else { +//spec = url.substring(8); +//} + +//// Check if we are loading a package icon. +//try { +//if (spec.startsWith("icon/")) { +//String[] splits = spec.split("/"); +//if (splits.length != 2) { +//return null; +//} +//final String pkg = splits[1]; +//final PackageManager pm = getApplicationContext().getPackageManager(); +//final Drawable d = pm.getApplicationIcon(pkg); +//final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); +//return new BitmapConnection(bitmap); +//} +//} catch (Exception ex) { +//Log.e(LOGTAG, "error", ex); +//} + +//// if the colon got stripped, put it back +//int colon = spec.indexOf(':'); +//if (colon == -1 || colon > spec.indexOf('/')) { +//spec = spec.replaceFirst("/", ":/"); +//} +//} catch (Exception ex) { +//return null; +//} return null; } diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java index 73a69a3abd66..f795dacffb47 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java @@ -101,13 +101,6 @@ public final class BitmapUtils { public static Bitmap decodeUrl(final URL url) { InputStream stream = null; -try { -stream = url.openStream(); -} catch (IOException e) { -Log.w(LOGTAG, "decodeUrl: IOException downloading " + url); -return null; -} - if (stream == null) { Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url); return null; diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java index 3940d3c84249..9515975f680a 100644 ---
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 24796 - Comment out excess permissions from GeckoView
commit 95a32ff56749fe0daf70a4dca761127b36106326 Author: Matthew Finkel Date: Wed Apr 11 17:52:59 2018 + Bug 24796 - Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. --- .../android/geckoview/src/main/AndroidManifest.xml | 20 +--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml b/mobile/android/geckoview/src/main/AndroidManifest.xml index 87ad6dc28047..4c8ab2a9d996 100644 --- a/mobile/android/geckoview/src/main/AndroidManifest.xml +++ b/mobile/android/geckoview/src/main/AndroidManifest.xml @@ -6,20 +6,32 @@ http://schemas.android.com/apk/res/android; package="org.mozilla.geckoview"> + + + + + + + + + + https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 32220: Improve the letterboxing experience
commit b5d0ccb0cf4ea8a35e5841fb88e9b5320eb82457 Author: Richard Pospesel Date: Mon Oct 28 17:42:17 2019 -0700 Bug 32220: Improve the letterboxing experience CSS and JS changes to alter the UX surrounding letterboxing. The browser element containing page content is now anchored to the bottom of the toolbar, and the remaining letterbox margin is the same color as the firefox chrome. The letterbox margin and border are tied to the currently selected theme. Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race condition present when using the 'isEmpty' property. Using 'isEmpty' as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary letterboxing of about:blank tabs. --- browser/base/content/browser.css | 8 ++ browser/base/content/tabbrowser-tab.js | 9 +++ browser/themes/shared/tabs.inc.css | 6 ++ .../components/resistfingerprinting/RFPHelper.jsm | 94 +++--- 4 files changed, 105 insertions(+), 12 deletions(-) diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css index 751bb2d85ccb..c0d1895e0f81 100644 --- a/browser/base/content/browser.css +++ b/browser/base/content/browser.css @@ -85,6 +85,14 @@ body { display: none; } + +.browserStack > browser.letterboxing { + border-color: var(--chrome-content-separator-color); + border-style: solid; + border-width : 1px; + border-top: none; +} + %ifdef MENUBAR_CAN_AUTOHIDE #toolbar-menubar[autohide="true"] { overflow: hidden; diff --git a/browser/base/content/tabbrowser-tab.js b/browser/base/content/tabbrowser-tab.js index 183eff1bab86..7f376ab1d122 100644 --- a/browser/base/content/tabbrowser-tab.js +++ b/browser/base/content/tabbrowser-tab.js @@ -225,6 +225,15 @@ return true; } +get needsLetterbox() { + let browser = this.linkedBrowser; + if (isBlankPageURL(browser.currentURI.spec)) { +return false; + } + + return true; +} + get lastAccessed() { return this._lastAccessed == Infinity ? Date.now() : this._lastAccessed; } diff --git a/browser/themes/shared/tabs.inc.css b/browser/themes/shared/tabs.inc.css index b8a117532049..cf8f444b262d 100644 --- a/browser/themes/shared/tabs.inc.css +++ b/browser/themes/shared/tabs.inc.css @@ -33,6 +33,12 @@ background-color: #f9f9fa; } +/* extend down the toolbar's colors when letterboxing is enabled*/ +#tabbrowser-tabpanels.letterboxing { + background-color: var(--toolbar-bgcolor); + background-image: var(--toolbar-bgimage); +} + :root[privatebrowsingmode=temporary] #tabbrowser-tabpanels { /* Value for --in-content-page-background in aboutPrivateBrowsing.css */ background-color: #25003e; diff --git a/toolkit/components/resistfingerprinting/RFPHelper.jsm b/toolkit/components/resistfingerprinting/RFPHelper.jsm index 166ad21e9013..9520d8720631 100644 --- a/toolkit/components/resistfingerprinting/RFPHelper.jsm +++ b/toolkit/components/resistfingerprinting/RFPHelper.jsm @@ -40,6 +40,7 @@ class _RFPHelper { // constructor() { this._initialized = false; +this._borderDimensions = null; } init() { @@ -361,6 +362,24 @@ class _RFPHelper { }); } + getBorderDimensions(aBrowser) { +if (this._borderDimensions) { + return this._borderDimensions; +} + +const win = aBrowser.ownerGlobal; +const browserStyle = win.getComputedStyle(aBrowser); + +this._borderDimensions = { + top : parseInt(browserStyle.borderTopWidth), + right: parseInt(browserStyle.borderRightWidth), + bottom : parseInt(browserStyle.borderBottomWidth), + left : parseInt(browserStyle.borderLeftWidth), +}; + +return this._borderDimensions; + } + _addOrClearContentMargin(aBrowser) { let tab = aBrowser.getTabBrowser().getTabForBrowser(aBrowser); @@ -369,9 +388,13 @@ class _RFPHelper { return; } +// we add the letterboxing class even if the content does not need letterboxing +// in which case margins are set such that the borders are hidden +aBrowser.classList.add("letterboxing"); + // We should apply no margin around an empty tab or a tab with system // principal. -if (tab.isEmpty || aBrowser.contentPrincipal.isSystemPrincipal) { +if (!tab.needsLetterbox || aBrowser.contentPrincipal.isSystemPrincipal) { this._clearContentViewMargin(aBrowser); } else { this._roundContentView(aBrowser); @@ -539,10 +562,29 @@ class _RFPHelper { // Calculating the margins around the browser element in order to round the // content viewport. We will use a 200x100 stepping if the dimension set // is not given. -let margins = calcMargins(containerWidth, containerHeight); + +const borderDimensions = this.getBorderDimensions(aBrowser); +const marginDims =
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 28005: Implement .onion alias urlbar rewrites
commit 60b30eea676d8a3a9e5efd0dbd50a921fac15cbb Author: Alex Catarineu Date: Thu Feb 13 13:24:33 2020 +0100 Bug 28005: Implement .onion alias urlbar rewrites A custom HTTPS Everywhere update channel is installed, which provides rules for locally redirecting some memorable .tor.onion URLs to non-memorable .onion URLs. When these redirects occur, we also rewrite the URL in the urlbar to display the human-memorable hostname instead of the actual .onion. Bug 34196: Update site info URL with the onion name --- browser/actors/ClickHandlerChild.jsm | 20 ++ browser/actors/ClickHandlerParent.jsm | 1 + browser/actors/ContextMenuChild.jsm| 4 + browser/base/content/browser-places.js | 12 +- browser/base/content/browser-siteIdentity.js | 12 +- browser/base/content/browser.js| 43 - browser/base/content/nsContextMenu.js | 18 ++ browser/base/content/pageinfo/pageInfo.js | 2 +- browser/base/content/pageinfo/pageInfo.xhtml | 10 + browser/base/content/pageinfo/security.js | 17 +- browser/base/content/tabbrowser.js | 7 + browser/base/content/utilityOverlay.js | 12 ++ browser/components/BrowserGlue.jsm | 8 + .../onionservices/ExtensionMessaging.jsm | 77 .../onionservices/HttpsEverywhereControl.jsm | 119 .../components/onionservices/OnionAliasStore.jsm | 201 + browser/components/onionservices/moz.build | 6 + browser/components/urlbar/UrlbarInput.jsm | 13 +- docshell/base/nsDocShell.cpp | 52 ++ docshell/base/nsDocShell.h | 6 + docshell/base/nsDocShellLoadState.cpp | 4 + docshell/base/nsIDocShell.idl | 5 + docshell/base/nsIWebNavigation.idl | 5 + docshell/shistory/SessionHistoryEntry.cpp | 14 ++ docshell/shistory/SessionHistoryEntry.h| 1 + docshell/shistory/nsISHEntry.idl | 5 + docshell/shistory/nsSHEntry.cpp| 22 ++- docshell/shistory/nsSHEntry.h | 1 + dom/interfaces/base/nsIBrowser.idl | 3 +- dom/ipc/BrowserChild.cpp | 2 + dom/ipc/BrowserParent.cpp | 3 +- dom/ipc/PBrowser.ipdl | 1 + modules/libpref/init/StaticPrefList.yaml | 6 + netwerk/dns/effective_tld_names.dat| 2 + netwerk/ipc/DocumentLoadListener.cpp | 10 + toolkit/content/widgets/browser-custom-element.js | 13 +- toolkit/modules/sessionstore/SessionHistory.jsm| 5 + xpcom/reflect/xptinfo/xptinfo.h| 3 +- 38 files changed, 722 insertions(+), 23 deletions(-) diff --git a/browser/actors/ClickHandlerChild.jsm b/browser/actors/ClickHandlerChild.jsm index d5f7f31f3280..1d147bb274f2 100644 --- a/browser/actors/ClickHandlerChild.jsm +++ b/browser/actors/ClickHandlerChild.jsm @@ -136,6 +136,26 @@ class ClickHandlerChild extends JSWindowActorChild { json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal; json.triggeringPrincipal = ownerDoc.nodePrincipal; + // Check if the link needs to be opened with .tor.onion urlbar rewrites + // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true + // and the same origin we should allow this. + json.onionUrlbarRewritesAllowed = false; + if (this.docShell.onionUrlbarRewritesAllowed) { +const sm = Services.scriptSecurityManager; +try { + let targetURI = Services.io.newURI(href); + let isPrivateWin = +ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0; + sm.checkSameOriginURI( +docshell.currentDocumentChannel.URI, +targetURI, +false, +isPrivateWin + ); + json.onionUrlbarRewritesAllowed = true; +} catch (e) {} + } + // If a link element is clicked with middle button, user wants to open // the link somewhere rather than pasting clipboard content. Therefore, // when it's clicked with middle button, we should prevent multiple diff --git a/browser/actors/ClickHandlerParent.jsm b/browser/actors/ClickHandlerParent.jsm index 75509b95ce7f..06d56624e316 100644 --- a/browser/actors/ClickHandlerParent.jsm +++ b/browser/actors/ClickHandlerParent.jsm @@ -99,6 +99,7 @@ class ClickHandlerParent extends JSWindowActorParent { charset: browser.characterSet, referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo), allowMixedContent: data.allowMixedContent, + onionUrlbarRewritesAllowed: data.onionUrlbarRewritesAllowed, isContentWindowPrivate: data.isContentWindowPrivate,
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 30237: Add v3 onion services client authentication prompt
commit 8948e7c42ace42a4acba0accb104bb04517c6e59 Author: Kathy Brade Date: Tue Nov 12 16:11:05 2019 -0500 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. --- browser/actors/NetErrorChild.jsm | 7 + browser/base/content/aboutNetError.js | 10 +- browser/base/content/aboutNetError.xhtml | 1 + browser/base/content/browser.js| 10 + browser/base/content/browser.xhtml | 3 + browser/base/content/tab-content.js| 5 + browser/components/moz.build | 1 + .../content/authNotificationIcon.inc.xhtml | 6 + .../onionservices/content/authPopup.inc.xhtml | 16 ++ .../onionservices/content/authPreferences.css | 20 ++ .../content/authPreferences.inc.xhtml | 19 ++ .../onionservices/content/authPreferences.js | 66 + .../components/onionservices/content/authPrompt.js | 316 + .../components/onionservices/content/authUtil.jsm | 47 +++ .../onionservices/content/netError/browser.svg | 3 + .../onionservices/content/netError/network.svg | 3 + .../content/netError/onionNetError.css | 65 + .../content/netError/onionNetError.js | 244 .../onionservices/content/netError/onionsite.svg | 7 + .../onionservices/content/onionservices.css| 69 + .../onionservices/content/savedKeysDialog.js | 259 + .../onionservices/content/savedKeysDialog.xhtml| 42 +++ browser/components/onionservices/jar.mn| 9 + browser/components/onionservices/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 7 + browser/themes/shared/notification-icons.inc.css | 3 + docshell/base/nsDocShell.cpp | 81 +- dom/ipc/BrowserParent.cpp | 21 ++ dom/ipc/BrowserParent.h| 3 + dom/ipc/PBrowser.ipdl | 9 + js/xpconnect/src/xpc.msg | 10 + netwerk/base/nsSocketTransport2.cpp| 6 + netwerk/socket/nsSOCKSIOLayer.cpp | 49 toolkit/modules/PopupNotifications.jsm | 6 + toolkit/modules/RemotePageAccessManager.jsm| 1 + .../lib/environments/frame-script.js | 1 + xpcom/base/ErrorList.py| 22 ++ 39 files changed, 1449 insertions(+), 2 deletions(-) diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm index eea7ddd0cf97..58bab60c36f7 100644 --- a/browser/actors/NetErrorChild.jsm +++ b/browser/actors/NetErrorChild.jsm @@ -13,6 +13,8 @@ const { RemotePageChild } = ChromeUtils.import( "resource://gre/actors/RemotePageChild.jsm" ); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); + XPCOMUtils.defineLazyServiceGetter( this, "gSerializationHelper", @@ -30,6 +32,7 @@ class NetErrorChild extends RemotePageChild { "RPMAddToHistogram", "RPMRecordTelemetryEvent", "RPMGetHttpResponseHeader", + "RPMGetTorStrings", ]; this.exportFunctions(exportableFunctions); } @@
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 27604: Fix addon issues when moving TB directory
commit 22106fbbd4cc9817beba7e5fd4700fb8be433936 Author: Alex Catarineu Date: Wed Oct 30 10:44:48 2019 +0100 Bug 27604: Fix addon issues when moving TB directory --- toolkit/mozapps/extensions/internal/XPIProvider.jsm | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index a27888278f77..78c0b0f7c702 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -485,7 +485,7 @@ class XPIState { // Builds prior to be 1512436 did not include the rootURI property. // If we're updating from such a build, add that property now. -if (!("rootURI" in this) && this.file) { +if (this.file) { this.rootURI = getURIForResourceInFile(this.file, "").spec; } @@ -498,7 +498,10 @@ class XPIState { saved.currentModifiedTime != this.lastModifiedTime ) { this.lastModifiedTime = saved.currentModifiedTime; -} else if (saved.currentModifiedTime === null) { +} else if ( + saved.currentModifiedTime === null && + (!this.file || !this.file.exists()) +) { this.missing = true; } } @@ -1439,6 +1442,7 @@ var XPIStates = { if (oldState[loc.name]) { loc.restore(oldState[loc.name]); +changed = changed || loc.path != oldState[loc.name].path; } changed = changed || loc.changed; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 28125 - Prevent non-Necko network connections
commit b9c2f5d417334530773557b6dba7deedcd9c99e6 Author: Matthew Finkel Date: Thu Oct 25 19:17:09 2018 + Bug 28125 - Prevent non-Necko network connections --- .../gecko/media/GeckoMediaDrmBridgeV21.java| 49 +- .../exoplayer2/upstream/DefaultHttpDataSource.java | 47 ++--- 2 files changed, 4 insertions(+), 92 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java index 3ba59bfd6776..eb57b1013642 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java @@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm { @Override protected Void doInBackground(final Void... params) { -HttpURLConnection urlConnection = null; -BufferedReader in = null; -try { -URI finalURI = new URI(mURL + "=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8")); -urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI); -urlConnection.setRequestMethod("POST"); -if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString()); - -// Add data -urlConnection.setRequestProperty("Accept", "*/*"); -urlConnection.setRequestProperty("User-Agent", getCDMUserAgent()); -urlConnection.setRequestProperty("Content-Type", "application/json"); - -// Execute HTTP Post Request -urlConnection.connect(); - -int responseCode = urlConnection.getResponseCode(); -if (responseCode == HttpURLConnection.HTTP_OK) { -in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8)); -String inputLine; -StringBuffer response = new StringBuffer(); - -while ((inputLine = in.readLine()) != null) { -response.append(inputLine); -} -in.close(); -mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8); -if (DEBUG) Log.d(LOGTAG, "Provisioning, response received."); -if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length); -} else { -Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode); -} -} catch (IOException e) { -Log.e(LOGTAG, "Got exception during posting provisioning request ...", e); -} catch (URISyntaxException e) { -Log.e(LOGTAG, "Got exception during creating uri ...", e); -} finally { -if (urlConnection != null) { -urlConnection.disconnect(); -} -try { -if (in != null) { -in.close(); -} -} catch (IOException e) { -Log.e(LOGTAG, "Exception during closing in ...", e); -} -} +Log.i(LOGTAG, "This is Tor Browser. Skipping."); return null; } diff --git a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java index 6e5095b0a4c9..a585e283ed4e 100644 --- a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java +++ b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java @@ -46,6 +46,7 @@ import java.util.regex.Pattern; import java.util.zip.GZIPInputStream; import org.mozilla.gecko.util.ProxySelector; + /** * An {@link HttpDataSource} that uses Android's {@link HttpURLConnection}. * @@ -516,50 +517,8 @@ public class DefaultHttpDataSource extends BaseDataSource implements HttpDataSou boolean followRedirects, Map requestParameters) throws IOException, URISyntaxException { -/** - * Tor Project modified the way the connection object was created. For the sake of - * simplicity, instead of duplicating the whole file we changed the connection object - * to use the ProxySelector. - */ -HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); - -
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 32658: Create a new MAR signing key
commit 98ce5a9eea38d3021f240187075690812b93abf1 Author: Georg Koppen Date: Fri Jan 17 12:54:31 2020 + Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. --- toolkit/mozapps/update/updater/release_primary.der | Bin 1225 -> 1229 bytes toolkit/mozapps/update/updater/release_secondary.der | Bin 1225 -> 1229 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/toolkit/mozapps/update/updater/release_primary.der b/toolkit/mozapps/update/updater/release_primary.der index 1d94f88ad73b..0103a171de88 100644 Binary files a/toolkit/mozapps/update/updater/release_primary.der and b/toolkit/mozapps/update/updater/release_primary.der differ diff --git a/toolkit/mozapps/update/updater/release_secondary.der b/toolkit/mozapps/update/updater/release_secondary.der index 474706c4b73c..fcee3944e9b7 100644 Binary files a/toolkit/mozapps/update/updater/release_secondary.der and b/toolkit/mozapps/update/updater/release_secondary.der differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 31607: App menu items stop working on macOS
commit e7567a00ce638ceb68cdfd033b77d13381b371b4 Author: Kathy Brade Date: Thu Oct 3 10:53:43 2019 -0400 Bug 31607: App menu items stop working on macOS Avoid re-creating the hidden window, since this causes the nsMenuBarX object that is associated with the app menu to be freed (which in turn causes all of the app menu items to stop working). More detail: There should only be one hidden window. XREMain::XRE_mainRun() contains an explicit call to create the hidden window and that is the normal path by which it is created. However, when Tor Launcher's wizard/progress window is opened during startup, a hidden window is created earlier as a side effect of calls to nsAppShellService::GetHiddenWindow(). Then, when XREMain::XRE_mainRun() creates its hidden window, the original one is freed which also causes the app menu's nsMenuBarX object which is associated with that window to be destroyed. When that happens, the menuGroupOwner property within each Cocoa menu items's MenuItemInfo object is cleared. This breaks the link that is necessary for NativeMenuItemTarget's menuItemHit method to dispatch a menu item event. --- xpfe/appshell/nsAppShellService.cpp | 4 1 file changed, 4 insertions(+) diff --git a/xpfe/appshell/nsAppShellService.cpp b/xpfe/appshell/nsAppShellService.cpp index d70fe4e6b239..9c6a09c10a0f 100644 --- a/xpfe/appshell/nsAppShellService.cpp +++ b/xpfe/appshell/nsAppShellService.cpp @@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() { NS_IMETHODIMP nsAppShellService::CreateHiddenWindow() { + if (mHiddenWindow) { +return NS_OK; + } + if (!XRE_IsParentProcess()) { return NS_ERROR_NOT_IMPLEMENTED; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 13543: Spoof smooth and powerEfficient for Media Capabilities
commit ec66da0c55234514d9b8cb763efa9a575da6c84e Author: Alex Catarineu Date: Thu Oct 10 15:08:12 2019 +0200 Bug 13543: Spoof smooth and powerEfficient for Media Capabilities --- dom/media/mediacapabilities/MediaCapabilities.cpp | 5 + 1 file changed, 5 insertions(+) diff --git a/dom/media/mediacapabilities/MediaCapabilities.cpp b/dom/media/mediacapabilities/MediaCapabilities.cpp index 9f2b0d8463ff..1cc5f0a8ff0f 100644 --- a/dom/media/mediacapabilities/MediaCapabilities.cpp +++ b/dom/media/mediacapabilities/MediaCapabilities.cpp @@ -288,6 +288,11 @@ already_AddRefed MediaCapabilities::DecodingInfo( if (aValue.IsReject()) { p = CapabilitiesPromise::CreateAndReject( std::move(aValue.RejectValue()), __func__); + } else if (nsContentUtils:: + ShouldResistFingerprinting()) { +p = CapabilitiesPromise::CreateAndResolve( +MediaCapabilitiesInfo(true, true, false), +__func__); } else { MOZ_ASSERT(config->IsVideo()); if (StaticPrefs::media_mediacapabilities_from_database()) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 32092: Fix Tor Browser Support link in preferences
commit 014c2fc762100eeb7d94963cb37075069ee056c3 Author: Alex Catarineu Date: Tue Oct 15 22:54:10 2019 +0200 Bug 32092: Fix Tor Browser Support link in preferences --- browser/components/preferences/preferences.js | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/browser/components/preferences/preferences.js b/browser/components/preferences/preferences.js index fcb722eea0b2..9e97ca2a2180 100644 --- a/browser/components/preferences/preferences.js +++ b/browser/components/preferences/preferences.js @@ -166,10 +166,7 @@ function init_all() { gotoPref().then(() => { let helpButton = document.getElementById("helpButton"); -let helpUrl = - Services.urlFormatter.formatURLPref("app.support.baseURL") + - "preferences"; -helpButton.setAttribute("href", helpUrl); +helpButton.setAttribute("href", "https://support.torproject.org/tbb;); document.getElementById("addonsButton").addEventListener("click", e => { if (e.button >= 2) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor
commit ecf40136ba19a54f3fdd0c7b280f394edf3c4c53 Author: Richard Pospesel Date: Mon Sep 16 15:25:39 2019 -0700 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor This patch adds a new about:preferences#tor page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed --- browser/components/moz.build | 1 + browser/components/preferences/main.inc.xhtml | 55 -- browser/components/preferences/main.js | 14 - browser/components/preferences/preferences.js | 9 + browser/components/preferences/preferences.xhtml | 5 + browser/components/preferences/privacy.js | 1 + .../torpreferences/content/parseFunctions.jsm | 89 +++ .../torpreferences/content/requestBridgeDialog.jsm | 202 + .../content/requestBridgeDialog.xhtml | 35 + .../torpreferences/content/torBridgeSettings.jsm | 325 .../torpreferences/content/torCategory.inc.xhtml | 9 + .../torpreferences/content/torFirewallSettings.jsm | 72 ++ .../torpreferences/content/torLogDialog.jsm| 66 ++ .../torpreferences/content/torLogDialog.xhtml | 23 + .../components/torpreferences/content/torPane.js | 857 + .../torpreferences/content/torPane.xhtml | 123 +++ .../torpreferences/content/torPreferences.css | 77 ++ .../torpreferences/content/torPreferencesIcon.svg | 5 + .../torpreferences/content/torProxySettings.jsm| 245 ++ browser/components/torpreferences/jar.mn | 14 + browser/components/torpreferences/moz.build| 1 + browser/modules/BridgeDB.jsm | 110 +++ browser/modules/TorProtocolService.jsm | 212 + browser/modules/moz.build | 2 + 24 files changed, 2483 insertions(+), 69 deletions(-) diff --git a/browser/components/moz.build b/browser/components/moz.build index cb6eeb9164ef..09e209dc9c3b 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -58,6 +58,7 @@ DIRS += [ 'syncedtabs', 'uitour', 'urlbar', +'torpreferences', 'translation', ] diff --git a/browser/components/preferences/main.inc.xhtml b/browser/components/preferences/main.inc.xhtml index f7239b4d7342..5789464dcede 100644 --- a/browser/components/preferences/main.inc.xhtml +++ b/browser/components/preferences/main.inc.xhtml @@ -658,59 +658,4 @@ - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js index 8afc3e0d5140..54556f474e59 100644 --- a/browser/components/preferences/main.js +++ b/browser/components/preferences/main.js @@ -370,15 +370,6 @@ var gMainPane = { }); this.updatePerformanceSettingsBox({ duringChangeEvent: false }); this.displayUseSystemLocale(); -let connectionSettingsLink = document.getElementById( - "connectionSettingsLearnMore" -); -let connectionSettingsUrl = - Services.urlFormatter.formatURLPref("app.support.baseURL") + - "prefs-connection-settings"; -connectionSettingsLink.setAttribute("href", connectionSettingsUrl); -this.updateProxySettingsUI(); -initializeProxyUI(gMainPane); if (Services.prefs.getBoolPref("intl.multilingual.enabled")) { gMainPane.initBrowserLocale(); @@ -512,11 +503,6 @@ var gMainPane = { "change", gMainPane.updateHardwareAcceleration.bind(gMainPane) ); -setEventListener( - "connectionSettings", - "command", - gMainPane.showConnections -); setEventListener( "browserContainersCheckbox", "command", diff --git a/browser/components/preferences/preferences.js b/browser/components/preferences/preferences.js index 7179fe7ec8b7..fcb722eea0b2 100644 --- a/browser/components/preferences/preferences.js +++ b/browser/components/preferences/preferences.js @@ -13,6 +13,7 @@ /* import-globals-from findInPage.js */ /* import-globals-from ../../base/content/utilityOverlay.js */ /* import-globals-from ../../../toolkit/content/preferencesBindings.js */ +/* import-globals-from ../torpreferences/content/torPane.js */ "use strict"; @@ -136,6 +137,14 @@ function init_all() { register_module("paneSync", gSyncPane); } register_module("paneSearchResults", gSearchResultsPane); + if (gTorPane.enabled) { +document.getElementById("category-tor").hidden = false; +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 4234: Use the Firefox Update Process for Tor Browser.
commit 49cc594f2e53552984c6946d06d8e46cbec04681 Author: Kathy Brade Date: Fri Jan 13 11:40:24 2017 -0500 Bug 4234: Use the Firefox Update Process for Tor Browser. The following files are never updated: TorBrowser/Data/Browser/profiles.ini TorBrowser/Data/Browser/profile.default/bookmarks.html TorBrowser/Data/Tor/torrc Mac OS: Store update metadata under TorBrowser/UpdateInfo. Removed the %OS_VERSION% component from the update URL (13047) and added support for minSupportedOSVersion, an attribute of the element that may be used to trigger Firefox's "unsupported platform" behavior. Hide the "What's new" links (set app.releaseNotesURL value to about:blank). Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix Bug 26049: reduce the delay before the update prompt is displayed. Instead of Firefox's 2 days, we use 1 hour (after which time the update doorhanger will be displayed). Also fix bug 27221: purge the startup cache if the Tor Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Tor Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Tor Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. --- browser/app/Makefile.in| 2 + browser/app/profile/000-tor-browser.js | 16 +- browser/app/profile/firefox.js | 10 +- .../base/content/aboutDialog-appUpdater-legacy.js | 2 +- browser/base/content/aboutDialog-appUpdater.js | 2 +- browser/base/content/aboutDialog.js| 12 +- browser/components/BrowserContentHandler.jsm | 39 ++- .../customizableui/content/panelUI.inc.xhtml | 5 +- browser/confvars.sh| 35 +-- browser/installer/package-manifest.in | 2 + build/application.ini.in | 2 +- build/moz.configure/init.configure | 3 +- config/createprecomplete.py| 17 +- .../client/aboutdebugging/src/actions/runtimes.js | 5 + toolkit/modules/UpdateUtils.jsm| 34 +-- toolkit/mozapps/extensions/AddonManager.jsm| 24 ++ toolkit/mozapps/extensions/test/browser/head.js| 1 + .../extensions/test/xpcshell/head_addons.js| 1 + toolkit/mozapps/update/UpdateService.jsm | 127 +++- toolkit/mozapps/update/UpdateServiceStub.jsm | 4 + toolkit/mozapps/update/common/updatehelper.cpp | 8 + toolkit/mozapps/update/moz.build | 5 +- toolkit/mozapps/update/updater/launchchild_osx.mm | 2 + toolkit/mozapps/update/updater/moz.build | 2 +- toolkit/mozapps/update/updater/updater.cpp | 339 ++--- toolkit/xre/MacLaunchHelper.h | 2 + toolkit/xre/MacLaunchHelper.mm | 2 + toolkit/xre/nsAppRunner.cpp| 22 +- toolkit/xre/nsUpdateDriver.cpp | 109 ++- toolkit/xre/nsXREDirProvider.cpp | 42 ++- tools/update-packaging/common.sh | 64 ++-- tools/update-packaging/make_full_update.sh | 38 +++ tools/update-packaging/make_incremental_update.sh | 141 - 33 files changed, 963 insertions(+), 156 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 6cd9c9cb6ae8..41f30cc1ac49 100644 --- a/browser/app/Makefile.in +++
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 27511: Add new identity button to toolbar
commit 4aa51ba33f30728440ca3b0f8d68962406bee25e Author: Alex Catarineu Date: Fri Oct 4 19:08:33 2019 +0200 Bug 27511: Add new identity button to toolbar Also added 'New circuit for this site' button to CustomizableUI, but not visible by default. --- browser/base/content/browser.xhtml | 10 ++ .../components/customizableui/CustomizableUI.jsm| 21 + browser/themes/shared/icons/new_circuit.svg | 8 browser/themes/shared/icons/new_identity.svg| 9 + browser/themes/shared/jar.inc.mn| 3 +++ browser/themes/shared/menupanel.inc.css | 8 browser/themes/shared/toolbarbutton-icons.inc.css | 8 7 files changed, 67 insertions(+) diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index afba8c3436df..1447a3beeec2 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -2147,6 +2147,16 @@ ondragenter="newWindowButtonObserver.onDragOver(event)" ondragexit="newWindowButtonObserver.onDragExit(event)"/> + + + + +http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;> +Icon / New Circuit@1.5x + + + + + diff --git a/browser/themes/shared/icons/new_identity.svg b/browser/themes/shared/icons/new_identity.svg new file mode 100644 index ..91d5b35f7e80 --- /dev/null +++ b/browser/themes/shared/icons/new_identity.svg @@ -0,0 +1,9 @@ + +http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;> +New Identity Icon + + + + + + \ No newline at end of file diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 8d775deff01a..d982ab9499f0 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -305,3 +305,6 @@ skin/classic/browser/privatebrowsing/private-browsing.svg (../shared/privatebrowsing/private-browsing.svg) skin/classic/browser/install-ssb.svg (../shared/install-ssb.svg) skin/classic/browser/critical.svg (../shared/icons/critical.svg) + + skin/classic/browser/new_circuit.svg (../shared/icons/new_circuit.svg) + skin/classic/browser/new_identity.svg (../shared/icons/new_identity.svg) diff --git a/browser/themes/shared/menupanel.inc.css b/browser/themes/shared/menupanel.inc.css index c919f32a1454..eae453ec5004 100644 --- a/browser/themes/shared/menupanel.inc.css +++ b/browser/themes/shared/menupanel.inc.css @@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] > #bookmarks-menu-button, -moz-context-properties: fill, fill-opacity; fill-opacity: 0; } + +#appMenuNewIdentity { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#appMenuNewCircuit { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css b/browser/themes/shared/toolbarbutton-icons.inc.css index ba44da325882..4b4773f0d3a9 100644 --- a/browser/themes/shared/toolbarbutton-icons.inc.css +++ b/browser/themes/shared/toolbarbutton-icons.inc.css @@ -233,6 +233,14 @@ toolbar[brighttext] { list-style-image: url("chrome://browser/skin/new-tab.svg"); } +#new-identity-button { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#new-circuit-button { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} + #privatebrowsing-button { list-style-image: url("chrome://browser/skin/privateBrowsing.svg"); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 31563: force reloading search extensions if extensions.enabledScopes has changed
commit 0e83abd359402147c1d563756bb33169623a561b Author: Alex Catarineu Date: Sat Aug 31 16:23:20 2019 +0200 Bug 31563: force reloading search extensions if extensions.enabledScopes has changed --- toolkit/components/search/SearchCache.jsm | 8 toolkit/components/search/SearchService.jsm | 4 +++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/toolkit/components/search/SearchCache.jsm b/toolkit/components/search/SearchCache.jsm index 017c29ee390e..511863bc76e0 100644 --- a/toolkit/components/search/SearchCache.jsm +++ b/toolkit/components/search/SearchCache.jsm @@ -208,6 +208,10 @@ class SearchCache { let locale = Services.locale.requestedLocale; let buildID = Services.appinfo.platformBuildID; let appVersion = Services.appinfo.version; +let enabledScopes = Services.prefs.getIntPref( + "extensions.enabledScopes", + -1 +); // Allows us to force a cache refresh should the cache format change. cache.version = SearchUtils.CACHE_VERSION; @@ -221,6 +225,10 @@ class SearchCache { cache.appVersion = appVersion; cache.locale = locale; +// Bug 31563: we want to force reloading engines if extensions.enabledScopes +// pref changes +cache.enabledScopes = enabledScopes; + if (gModernConfig) { cache.builtInEngineList = this._searchService._searchOrder; } else { diff --git a/toolkit/components/search/SearchService.jsm b/toolkit/components/search/SearchService.jsm index 9c66b513ac8d..86fd01c3b10a 100644 --- a/toolkit/components/search/SearchService.jsm +++ b/toolkit/components/search/SearchService.jsm @@ -1017,7 +1017,9 @@ SearchService.prototype = { !cache.engines || cache.version != SearchUtils.CACHE_VERSION || cache.locale != Services.locale.requestedLocale || - cache.buildID != buildID; + cache.buildID != buildID || + cache.enabledScopes != +Services.prefs.getIntPref("extensions.enabledScopes", -1); let enginesCorrupted = false; if (!rebuildCache) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 31740: Remove some unnecessary RemoteSettings instances
commit 7a8ab4546d9ac37a02548a76c980f601264ad1ff Author: Alex Catarineu Date: Wed Oct 16 23:01:12 2019 +0200 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. --- .../url-classifier/UrlClassifierFeatureBase.cpp| 2 +- netwerk/url-classifier/components.conf | 6 -- security/manager/ssl/RemoteSecuritySettings.jsm| 22 ++ services/settings/IDBHelpers.jsm | 4 services/settings/dumps/blocklists/moz.build | 8 +--- services/settings/dumps/main/moz.build | 6 -- services/settings/dumps/security-state/moz.build | 1 - .../components/antitracking/antitracking.manifest | 2 +- toolkit/components/antitracking/components.conf| 7 --- toolkit/components/search/SearchService.jsm| 2 -- 10 files changed, 29 insertions(+), 31 deletions(-) diff --git a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp index 07da1fd07374..48bcc7d10af9 100644 --- a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp +++ b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp @@ -78,7 +78,7 @@ void UrlClassifierFeatureBase::InitializePreferences() { nsCOMPtr exceptionListService = do_GetService("@mozilla.org/url-classifier/exception-list-service;1"); - if (NS_WARN_IF(!exceptionListService)) { + if (!exceptionListService) { return; } diff --git a/netwerk/url-classifier/components.conf b/netwerk/url-classifier/components.conf index 03a02f0ebeab..b2e667247317 100644 --- a/netwerk/url-classifier/components.conf +++ b/netwerk/url-classifier/components.conf @@ -13,10 +13,4 @@ Classes = [ 'constructor': 'mozilla::net::ChannelClassifierService::GetSingleton', 'headers': ['mozilla/net/ChannelClassifierService.h'], }, -{ -'cid': '{b9f4fd03-9d87-4bfd-9958-85a821750ddc}', -'contract_ids': ['@mozilla.org/url-classifier/exception-list-service;1'], -'jsm': 'resource://gre/modules/UrlClassifierExceptionListService.jsm', -'constructor': 'UrlClassifierExceptionListService', -}, ] diff --git a/security/manager/ssl/RemoteSecuritySettings.jsm b/security/manager/ssl/RemoteSecuritySettings.jsm index 3fedd43ed9be..fd2b69bc6a4f 100644 --- a/security/manager/ssl/RemoteSecuritySettings.jsm +++ b/security/manager/ssl/RemoteSecuritySettings.jsm @@ -350,6 +350,16 @@ var RemoteSecuritySettings = { class IntermediatePreloads { constructor() { +this.maybeInit(); + } + + maybeInit() { +if ( + this.client || + !Services.prefs.getBoolPref(INTERMEDIATES_ENABLED_PREF, true) +) { + return; +} this.client = RemoteSettings( Services.prefs.getCharPref(INTERMEDIATES_COLLECTION_PREF), { @@ -379,6 +389,7 @@ class IntermediatePreloads { ); return; } +this.maybeInit(); // Download attachments that are awaiting download, up to a max. const maxDownloadsPerRun = Services.prefs.getIntPref( @@ -709,6 +720,16 @@ function compareFilters(filterA, filterB) { class CRLiteFilters { constructor() { +this.maybeInit(); + } + + maybeInit() { +if ( + this.client || + !Services.prefs.getBoolPref(CRLITE_FILTERS_ENABLED_PREF, true) +) { + return; +} this.client = RemoteSettings( Services.prefs.getCharPref(CRLITE_FILTERS_COLLECTION_PREF), { @@ -734,6 +755,7 @@ class CRLiteFilters { ); return; } +this.maybeInit(); let current = await this.client.db.list(); let fullFilters = current.filter(filter => !filter.incremental); if (fullFilters.length < 1) { diff --git a/services/settings/IDBHelpers.jsm b/services/settings/IDBHelpers.jsm index 5dc59c3687ef..010a5ea82987 100644 --- a/services/settings/IDBHelpers.jsm +++ b/services/settings/IDBHelpers.jsm @@ -188,6 +188,10 @@ async function openIDB(allowUpgrades = true) { }); } if (event.oldVersion < 3) { +// Clear existing stores for a fresh start +transaction.objectStore("records").clear(); +transaction.objectStore("timestamps").clear(); +transaction.objectStore("collections").clear(); // Attachment store
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 16940: After update, load local change notes.
commit e8c0e4ccac41c849a50ebb458ce843fbf3b5844d Author: Kathy Brade Date: Wed Nov 25 11:36:20 2015 -0500 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. --- browser/actors/AboutTBUpdateChild.jsm | 12 +++ browser/actors/AboutTBUpdateParent.jsm | 120 + browser/actors/moz.build | 6 ++ .../base/content/abouttbupdate/aboutTBUpdate.css | 74 + .../base/content/abouttbupdate/aboutTBUpdate.js| 27 + .../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 +++ browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js| 4 + browser/base/jar.mn| 5 + browser/components/BrowserContentHandler.jsm | 55 +++--- browser/components/BrowserGlue.jsm | 15 +++ browser/components/about/AboutRedirector.cpp | 6 ++ browser/components/about/components.conf | 3 + browser/components/moz.build | 5 +- .../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++ browser/locales/jar.mn | 3 + toolkit/modules/RemotePageAccessManager.jsm| 5 + 17 files changed, 373 insertions(+), 16 deletions(-) diff --git a/browser/actors/AboutTBUpdateChild.jsm b/browser/actors/AboutTBUpdateChild.jsm new file mode 100644 index ..4670da19b3db --- /dev/null +++ b/browser/actors/AboutTBUpdateChild.jsm @@ -0,0 +1,12 @@ +// Copyright (c) 2020, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"]; + +const { RemotePageChild } = ChromeUtils.import( + "resource://gre/actors/RemotePageChild.jsm" +); + +class AboutTBUpdateChild extends RemotePageChild {} diff --git a/browser/actors/AboutTBUpdateParent.jsm b/browser/actors/AboutTBUpdateParent.jsm new file mode 100644 index ..56a10394565a --- /dev/null +++ b/browser/actors/AboutTBUpdateParent.jsm @@ -0,0 +1,120 @@ +// Copyright (c) 2020, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +"use strict"; + +this.EXPORTED_SYMBOLS = ["AboutTBUpdateParent"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm"); +const { AppConstants } = ChromeUtils.import( + "resource://gre/modules/AppConstants.jsm" +); + +const kRequestUpdateMessageName = "FetchUpdateData"; + +/** + * This code provides services to the about:tbupdate page. Whenever + * about:tbupdate needs to do something chrome-privileged, it sends a + * message that's handled here. It is modeled after Mozilla's about:home + * implementation. + */ +class AboutTBUpdateParent extends JSWindowActorParent { + receiveMessage(aMessage) { +if (aMessage.name == kRequestUpdateMessageName) { + return this.releaseNoteInfo; +} +return undefined; + } + + get moreInfoURL() { +try { + return Services.prefs.getCharPref("torbrowser.post_update.url"); +} catch (e) {} + +// Use the default URL as a fallback. +return Services.urlFormatter.formatURLPref("startup.homepage_override_url"); + } + + // Read the text from the beginning of the changelog file that is located + // at TorBrowser/Docs/ChangeLog.txt and return an object that contains + // the following properties: + // versione.g., Tor Browser 8.5 + // releaseDatee.g., March 31 2019 + // releaseNotes details of changes (lines 2 - end of ChangeLog.txt) + // We attempt to parse the first line of ChangeLog.txt to extract the + // version and releaseDate. If parsing fails, we return the entire first + // line in version and omit releaseDate. + // + // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir + // to support Gatekeeper signing, the ChangeLog.txt file is located in + // TorBrowser.app/Contents/Resources/TorBrowser/Docs/. + get releaseNoteInfo() { +let info = { moreInfoURL: this.moreInfoURL }; + +try { + let f; + if (AppConstants.TOR_BROWSER_DATA_OUTSIDE_APP_DIR) { +// "XREExeF".parent is the directory that contains firefox, i.e., +// Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/. +f =
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 25658: Replace security slider with security level UI
commit 8d4599eb6e53be540a3af66be35c178edfa3e9af Author: Richard Pospesel Date: Mon Mar 4 16:09:51 2019 -0800 Bug 25658: Replace security slider with security level UI This patch adds a new 'securitylevel' component to Tor Browser intended to replace the torbutton 'Security Slider'. This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Strings used by this patch are pulled from the torbutton extension, but en-US defaults are provided if there is an error loading from the extension. With this patch applied, the usual work-flow of "./mach build && ./mach run" work as expected, even if the torbutton extension is disabled. --- browser/base/content/browser.js| 10 + browser/base/content/browser.xhtml | 5 + browser/components/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 19 + .../securitylevel/content/securityLevel.js | 501 + .../securitylevel/content/securityLevelButton.css | 9 + .../content/securityLevelButton.inc.xhtml | 7 + .../securitylevel/content/securityLevelButton.svg | 21 + .../securitylevel/content/securityLevelPanel.css | 82 .../content/securityLevelPanel.inc.xhtml | 37 ++ .../content/securityLevelPreferences.css | 26 ++ .../content/securityLevelPreferences.inc.xhtml | 62 +++ browser/components/securitylevel/jar.mn| 6 + browser/components/securitylevel/moz.build | 1 + 16 files changed, 790 insertions(+) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index c71e8517b573..ee2024e39009 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -221,6 +221,11 @@ XPCOMUtils.defineLazyScriptGetter( ["DownloadsButton", "DownloadsIndicatorView"], "chrome://browser/content/downloads/indicator.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelButton"], + "chrome://browser/content/securitylevel/securityLevel.js" +); XPCOMUtils.defineLazyScriptGetter( this, "gEditItemOverlay", @@ -1857,6 +1862,9 @@ var gBrowserInit = { // doesn't flicker as the window is being shown. DownloadsButton.init(); +// Init the SecuritySettingsButton +SecurityLevelButton.init(); + // Certain kinds of automigration rely on this notification to complete // their tasks BEFORE the browser window is shown. SessionStore uses it to // restore tabs into windows AFTER important parts like gMultiProcessBrowser @@ -2460,6 +2468,8 @@ var gBrowserInit = { DownloadsButton.uninit(); +SecurityLevelButton.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 998c20f037ba..62a82dd7894e 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -20,6 +20,8 @@ + + @@ -652,6 +654,7 @@ #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml #include ../../components/downloads/content/downloadsPanel.inc.xhtml #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml +#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml #include browser-allTabsMenu.inc.xhtml @@ -1989,6 +1992,8 @@ +#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml + + diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 5db207e9ca9e..d2a1eeba830e 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -926,6 +926,8 @@ +#include ../securitylevel/content/securityLevelPreferences.inc.xhtml + diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 31290cab1195..3115975ba685 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -80,6 +80,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", function() { } });
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 21830: Copying large text from web console leaks to /tmp
commit 6e61bec3cc2e8bfbdfea078314d65e1d794633a0 Author: Georg Koppen Date: Fri Aug 4 05:55:49 2017 + Bug 21830: Copying large text from web console leaks to /tmp Patch written by Neill Miller --- widget/nsTransferable.cpp | 6 ++ 1 file changed, 6 insertions(+) diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp index 9ccfc8639350..135135ab23a8 100644 --- a/widget/nsTransferable.cpp +++ b/widget/nsTransferable.cpp @@ -33,6 +33,7 @@ Notes to self: #include "nsILoadContext.h" #include "nsXULAppAPI.h" #include "mozilla/UniquePtr.h" +#include "mozilla/Preferences.h" using namespace mozilla; @@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) { if (aContext) { mPrivateData = aContext->UsePrivateBrowsing(); + } else { +// without aContext here to provide PrivateBrowsing information, +// we defer to the active configured setting +mPrivateData = +mozilla::Preferences::GetBool("browser.privatebrowsing.autostart"); } #ifdef DEBUG mInitialized = true; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 28369: Stop shipping pingsender executable
commit 1b3560e6c19014d55d61afa8053cd9f4e71546e4 Author: Alex Catarineu Date: Wed Apr 10 17:52:51 2019 +0200 Bug 28369: Stop shipping pingsender executable --- browser/app/macbuild/Contents/MacOS-files.in | 1 - browser/installer/package-manifest.in | 4 browser/installer/windows/nsis/shared.nsh | 1 - python/mozbuild/mozbuild/artifacts.py | 2 -- toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +-- toolkit/components/telemetry/moz.build | 4 6 files changed, 1 insertion(+), 30 deletions(-) diff --git a/browser/app/macbuild/Contents/MacOS-files.in b/browser/app/macbuild/Contents/MacOS-files.in index 3c6a1db5d6ea..bebc656a0a05 100644 --- a/browser/app/macbuild/Contents/MacOS-files.in +++ b/browser/app/macbuild/Contents/MacOS-files.in @@ -16,7 +16,6 @@ #if defined(MOZ_CRASHREPORTER) /minidump-analyzer #endif -/pingsender /pk12util /ssltunnel /xpcshell diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 937afa28fd71..6c314a352c3b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -448,10 +448,6 @@ bin/libfreebl_64int_3.so @BINPATH@/minidump-analyzer@BIN_SUFFIX@ #endif -; [ Ping Sender ] -; -@BINPATH@/pingsender@BIN_SUFFIX@ - ; Shutdown Terminator @RESPATH@/components/terminator.manifest diff --git a/browser/installer/windows/nsis/shared.nsh b/browser/installer/windows/nsis/shared.nsh index 0529ac4529db..c556fe016af0 100755 --- a/browser/installer/windows/nsis/shared.nsh +++ b/browser/installer/windows/nsis/shared.nsh @@ -1472,7 +1472,6 @@ ${EndIf} Push "crashreporter.exe" Push "default-browser-agent.exe" Push "minidump-analyzer.exe" - Push "pingsender.exe" Push "updater.exe" Push "updateagent.exe" Push "${FileMainEXE}" diff --git a/python/mozbuild/mozbuild/artifacts.py b/python/mozbuild/mozbuild/artifacts.py index 419c997b20bc..325459434022 100644 --- a/python/mozbuild/mozbuild/artifacts.py +++ b/python/mozbuild/mozbuild/artifacts.py @@ -421,7 +421,6 @@ class LinuxArtifactJob(ArtifactJob): '{product}/{product}', '{product}/{product}-bin', '{product}/minidump-analyzer', -'{product}/pingsender', '{product}/plugin-container', '{product}/updater', '{product}/**/*.so', @@ -483,7 +482,6 @@ class MacArtifactJob(ArtifactJob): 'libosclientcerts.dylib', 'libsoftokn3.dylib', 'minidump-analyzer', -'pingsender', 'plugin-container.app/Contents/MacOS/plugin-container', 'updater.app/Contents/MacOS/org.mozilla.updater', # 'xpcshell', diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm b/toolkit/components/telemetry/app/TelemetrySend.jsm index caf11f440681..ce27382be7e0 100644 --- a/toolkit/components/telemetry/app/TelemetrySend.jsm +++ b/toolkit/components/telemetry/app/TelemetrySend.jsm @@ -1578,23 +1578,6 @@ var TelemetrySendImpl = { }, runPingSender(pings, observer) { -if (AppConstants.platform === "android") { - throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); -} - -const exeName = - AppConstants.platform === "win" ? "pingsender.exe" : "pingsender"; - -let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile); -exe.append(exeName); - -let params = pings.flatMap(ping => [ping.url, ping.path]); -let process = Cc["@mozilla.org/process/util;1"].createInstance( - Ci.nsIProcess -); -process.init(exe); -process.startHidden = true; -process.noShell = true; -process.runAsync(params, params.length, observer); +throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); }, }; diff --git a/toolkit/components/telemetry/moz.build b/toolkit/components/telemetry/moz.build index d5100808c9fa..1aef4019d35a 100644 --- a/toolkit/components/telemetry/moz.build +++ b/toolkit/components/telemetry/moz.build @@ -8,10 +8,6 @@ include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' -DIRS = [ -'pingsender', -] - DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] LOCAL_INCLUDES += [ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 23247: Communicating security expectations for .onion
commit 9ca2a7b2698e8b062faebb2dc2c06b8110743460 Author: Richard Pospesel Date: Fri Jun 8 13:38:40 2018 -0700 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. --- browser/base/content/browser-siteIdentity.js | 39 - browser/base/content/pageinfo/security.js | 64 ++ .../shared/identity-block/identity-block.inc.css | 19 +++ .../themes/shared/identity-block/onion-slash.svg | 5 ++ .../themes/shared/identity-block/onion-warning.svg | 6 ++ browser/themes/shared/identity-block/onion.svg | 3 + browser/themes/shared/jar.inc.mn | 3 + dom/base/nsContentUtils.cpp| 19 +++ dom/base/nsContentUtils.h | 5 ++ dom/base/nsGlobalWindowOuter.cpp | 3 +- dom/ipc/WindowGlobalActor.cpp | 5 +- dom/ipc/WindowGlobalChild.cpp | 6 +- dom/presentation/PresentationRequest.cpp | 3 +- dom/security/nsMixedContentBlocker.cpp | 16 +- security/manager/ssl/nsSecureBrowserUI.cpp | 12 15 files changed, 176 insertions(+), 32 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index eee2c02313d6..c28ce6a7f6db 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -131,6 +131,10 @@ var gIdentityHandler = { ); }, + get _uriIsOnionHost() { +return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; + }, + get _isAboutNetErrorPage() { return ( gBrowser.selectedBrowser.documentURI && @@ -683,9 +687,9 @@ var gIdentityHandler = { get pointerlockFsWarningClassName() { // Note that the fullscreen warning does not handle _isSecureInternalUI. if (this._uriHasHost && this._isSecureConnection) { - return "verifiedDomain"; + return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; } -return "unknownIdentity"; +return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; }, /** @@ -693,6 +697,10 @@ var gIdentityHandler = { * built-in (returns false) or imported (returns true). */ _hasCustomRoot() { +if (!this._secInfo) { + return false; +} + let issuerCert = null; issuerCert = this._secInfo.succeededCertChain[ this._secInfo.succeededCertChain.length - 1 @@ -735,11 +743,13 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); -} else if (this._uriHasHost && this._isSecureConnection) { +} else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. - this._identityBox.className = "verifiedDomain"; + // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; if (this._isMixedActiveContentBlocked) { -this._identityBox.classList.add("mixedActiveBlocked"); +this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveBlocked" : "mixedActiveBlocked"); } if (!this._isCertUserOverridden) { // It's a normal cert, verifier is the CA Org. @@ -750,17 +760,17 @@ var gIdentityHandler = { } } else if (this._isBrokenConnection) { // This is a secure connection, but something is wrong. - this._identityBox.className = "unknownIdentity"; + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className =
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 26345: Hide tracking protection UI
commit 1d13e91a0528f7789b24477b23a5dc032ad95657 Author: Alex Catarineu Date: Tue Sep 10 16:29:31 2019 +0200 Bug 26345: Hide tracking protection UI --- browser/base/content/browser-siteIdentity.js | 4 ++-- browser/base/content/browser.xhtml| 4 ++-- browser/components/about/AboutRedirector.cpp | 4 browser/components/about/components.conf | 1 - browser/components/moz.build | 1 - browser/themes/shared/preferences/privacy.css | 4 6 files changed, 8 insertions(+), 10 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index c28ce6a7f6db..ad94232b2476 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -907,10 +907,10 @@ var gIdentityHandler = { this._refreshPermissionIcons(); -// Hide the shield icon if it is a chrome page. +// Bug 26345: Hide tracking protection UI. gProtectionsHandler._trackingProtectionIconContainer.classList.toggle( "chromeUI", - this._isSecureInternalUI + true ); }, diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 62a82dd7894e..afba8c3436df 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -782,7 +782,7 @@ oncommand="gSync.toggleAccountPanel('PanelUI-fxa', this, event)"/> - + @@ -793,7 +793,7 @@ - + description { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 30541: Disable WebGL readPixel() for web content
commit a448cb4f8b86c9bcd9f2feeea2b504e65488908c Author: Georg Koppen Date: Wed May 29 12:29:19 2019 + Bug 30541: Disable WebGL readPixel() for web content --- dom/canvas/ClientWebGLContext.cpp | 8 1 file changed, 8 insertions(+) diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp index b552fc5c939d..ed114069ed4a 100644 --- a/dom/canvas/ClientWebGLContext.cpp +++ b/dom/canvas/ClientWebGLContext.cpp @@ -4533,6 +4533,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck( return false; } + // Security check passed, but don't let content readPixel calls through for + // now, if Resist Fingerprinting Mode is enabled. + if (nsContentUtils::ResistFingerprinting(aCallerType)) { +JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode"); +out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); +return false; + } + return true; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 26353: Prevent speculative connect that violated FPI.
commit 8a9489ce8683569135cb4cf97a72d68ef685d7de Author: Arthur Edelstein Date: Sat Jul 14 08:50:55 2018 -0700 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. --- toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4 1 file changed, 4 insertions(+) diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm index a2867e0ed60f..ad38b9b283e1 100644 --- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm +++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm @@ -77,6 +77,9 @@ class RemoteWebNavigation { fixupFlags |= Services.uriFixup.FIXUP_FLAG_PRIVATE_CONTEXT; } uri = Services.uriFixup.createFixupURI(aURI, fixupFlags); +/*** + TOR BROWSER: Disable the following speculative connect until + we can make it properly obey first-party isolation. // We know the url is going to be loaded, let's start requesting network // connection before the content process asks. @@ -100,6 +103,7 @@ class RemoteWebNavigation { } Services.io.speculativeConnect(uri, principal, null); } +***/ } catch (ex) { // Can't setup speculative connection for this uri string for some // reason (such as failing to parse the URI), just ignore it. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 21431: Clean-up system extensions shipped in Firefox
commit c654ecc0634b6c5504bf3479c4f1e7d015011da4 Author: Kathy Brade Date: Tue May 23 17:05:29 2017 -0400 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. --- browser/components/BrowserGlue.jsm| 6 ++ browser/extensions/moz.build | 5 - browser/installer/package-manifest.in | 1 - browser/locales/Makefile.in | 8 browser/locales/jar.mn| 7 --- 5 files changed, 6 insertions(+), 21 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 2bf68b23e37c..4525dcc39cac 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2075,6 +2075,9 @@ BrowserGlue.prototype = { const ID = "screensh...@mozilla.org"; const _checkScreenshotsPref = async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { +return; + } let disabled = Services.prefs.getBoolPref(PREF, false); if (disabled) { await addon.disable({ allowSystemAddons: true }); @@ -2091,6 +2094,9 @@ BrowserGlue.prototype = { const ID = "webcompat-repor...@mozilla.org"; Services.prefs.addObserver(PREF, async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { +return; + } let enabled = Services.prefs.getBoolPref(PREF, false); if (enabled && !addon.isActive) { await addon.enable({ allowSystemAddons: true }); diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index 9787ecf81592..bdfc06cb6148 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -5,11 +5,6 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. DIRS += [ -'doh-rollout', -'formautofill', -'screenshots', -'webcompat', -'report-site-issue' ] if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 74589084d4fa..937afa28fd71 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -272,7 +272,6 @@ @RESPATH@/browser/chrome/icons/default/default64.png @RESPATH@/browser/chrome/icons/default/default128.png #endif -@RESPATH@/browser/features/* ; [DevTools Startup Files] @RESPATH@/browser/chrome/devtools-startup@JAREXT@ diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in index 496379c4306f..0946188813da 100644 --- a/browser/locales/Makefile.in +++ b/browser/locales/Makefile.in @@ -58,10 +58,6 @@ l10n-%: @$(MAKE) -C ../../toolkit/locales l10n-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$* -endif - @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) l10n AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR) @@ -75,14 +71,10 @@ chrome-%: @$(MAKE) -C ../../toolkit/locales chrome-$* @$(MAKE) -C ../../services/sync/locales chrome AB_CD=$* @$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$* -endif @$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$* @$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$* @$(MAKE) chrome AB_CD=$* @$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$* - @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$* package-win32-installer: $(SUBMAKEFILES) $(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index 7e0701deeb32..1aeb2550cb3b 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -55,10 +55,3 @@ locale/browser/newInstall.dtd (%chrome/browser/newInstall.dtd) locale/browser/brandings.dtd (%chrome/browser/brandings.dtd) locale/browser/fxmonitor.properties (%chrome/browser/fxmonitor.properties) - -#ifdef XPI_NAME -# Bug 1240628, restructure how l10n repacks work with feature addons -# This is hacky, but ensures the chrome.manifest chain is complete -[.] chrome.jar: -% manifest features/chrome.manifest -#endif ___ tor-commits mailing list tor-commits@lists.torproject.org
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 16285: Exclude ClearKey system for now
commit b4bbb8413473290ea76a22e29111c0638ff73acd Author: Georg Koppen Date: Mon May 22 12:44:40 2017 + Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. --- browser/installer/package-manifest.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 6a2f19cb040a..74589084d4fa 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -469,8 +469,8 @@ bin/libfreebl_64int_3.so #endif ; media -@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ -@RESPATH@/gmp-clearkey/0.1/manifest.json +;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ +;@RESPATH@/gmp-clearkey/0.1/manifest.json #ifdef MOZ_DMD ; DMD ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 23104: Add a default line height compensation
commit ede5b20afcb639bf26fabc80ee3d294b04609162 Author: Igor Oliveira Date: Sun Dec 10 18:16:59 2017 -0200 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height only and only if the frame is outside the chrome. --- layout/generic/ReflowInput.cpp | 19 --- layout/generic/test/mochitest.ini | 1 + layout/generic/test/test_tor_bug23104.html | 51 ++ 3 files changed, 66 insertions(+), 5 deletions(-) diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index b6d87311acad..696d9294f866 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -31,6 +31,7 @@ #include "mozilla/SVGUtils.h" #include "mozilla/dom/HTMLInputElement.h" #include "nsGridContainerFrame.h" +#include "nsContentUtils.h" using namespace mozilla; using namespace mozilla::css; @@ -2735,7 +2736,8 @@ void ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) { // For risk management, we use preference to control the behavior, and // eNoExternalLeading is the old behavior. -static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { +static nscoord GetNormalLineHeight(nsIContent* aContent, + nsFontMetrics* aFontMetrics) { MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics"); nscoord normalLineHeight; @@ -2743,6 +2745,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { nscoord externalLeading = aFontMetrics->ExternalLeading(); nscoord internalLeading = aFontMetrics->InternalLeading(); nscoord emHeight = aFontMetrics->EmHeight(); + + if (nsContentUtils::ShouldResistFingerprinting() && + !aContent->IsInChromeDocument()) { +return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR); + } + switch (GetNormalLineHeightCalcControl()) { case eIncludeExternalLeading: normalLineHeight = emHeight + internalLeading + externalLeading; @@ -2760,7 +2768,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { return normalLineHeight; } -static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, +static inline nscoord ComputeLineHeight(nsIContent* aContent, +ComputedStyle* aComputedStyle, nsPresContext* aPresContext, nscoord aBlockBSize, float aFontSizeInflation) { @@ -2789,7 +2798,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - return GetNormalLineHeight(fm); + return GetNormalLineHeight(aContent, fm); } nscoord ReflowInput::CalcLineHeight() const { @@ -2811,7 +2820,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, float aFontSizeInflation) { MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle"); - nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext, + nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle, aPresContext, aBlockBSize, aFontSizeInflation); NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up"); @@ -2824,7 +2833,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, if (!lh.IsNormal()) { RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - nscoord normal = GetNormalLineHeight(fm); + nscoord normal = GetNormalLineHeight(aContent, fm); if (lineHeight < normal) { lineHeight = normal; } diff --git a/layout/generic/test/mochitest.ini b/layout/generic/test/mochitest.ini index cb71315b9429..2f2792ea3e5f 100644 --- a/layout/generic/test/mochitest.ini +++ b/layout/generic/test/mochitest.ini @@ -168,3 +168,4 @@ skip-if = debug == true || tsan # the test is slow. tsan: bug 1612707 support-files = file_reframe_for_lazy_load_image.html [test_bug1655135.html] +[test_tor_bug23104.html] diff --git a/layout/generic/test/test_tor_bug23104.html b/layout/generic/test/test_tor_bug23104.html new file mode 100644 index ..ae73a3446037 --- /dev/null +++ b/layout/generic/test/test_tor_bug23104.html @@ -0,0 +1,51 @@ + + + + +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 13379: Sign our MAR files.
commit 4f89dc13371eb8b61428578af9648d724b199969 Author: Kathy Brade Date: Wed Dec 17 16:37:11 2014 -0500 Bug 13379: Sign our MAR files. Configure with --enable-verify-mar (when updating, require a valid signature on the MAR file before it is applied). Use the Tor Browser version instead of the Firefox version inside the MAR file info block (necessary to prevent downgrade attacks). Use NSS on all platforms for checking MAR signatures (instead of using OS-native APIs, which Mozilla does on Mac OS and Windows). So that the NSS and NSPR libraries the updater depends on can be found at runtime, we add the firefox directory to the shared library search path on macOS. On Linux, rpath is used by Mozilla to solve that problem, but that approach won't work on macOS because the updater executable is copied during the update process to a location that is under TorBrowser-Data, and the location of TorBrowser-Data varies. Also includes the fix for bug 18900. --- .mozconfig | 1 + .mozconfig-asan| 1 + .mozconfig-mac | 1 + .mozconfig-mingw | 1 + modules/libmar/tool/mar.c | 6 +-- modules/libmar/tool/moz.build | 12 -- modules/libmar/verify/moz.build| 14 +++--- .../mozapps/update/updater/updater-common.build| 24 +-- toolkit/mozapps/update/updater/updater.cpp | 25 +++ toolkit/xre/moz.build | 3 ++ toolkit/xre/nsUpdateDriver.cpp | 50 ++ 11 files changed, 113 insertions(+), 25 deletions(-) diff --git a/.mozconfig b/.mozconfig index 24efaea57b0b..d71c858844e3 100755 --- a/.mozconfig +++ b/.mozconfig @@ -36,3 +36,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING= ac_add_options --disable-tor-launcher ac_add_options --with-tor-browser-version=dev-build ac_add_options --disable-tor-browser-update +ac_add_options --enable-verify-mar diff --git a/.mozconfig-asan b/.mozconfig-asan index 13232e054d45..ca05fb12eedb 100644 --- a/.mozconfig-asan +++ b/.mozconfig-asan @@ -28,6 +28,7 @@ ac_add_options --enable-official-branding ac_add_options --enable-default-toolkit=cairo-gtk3 ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-strip ac_add_options --disable-install-strip diff --git a/.mozconfig-mac b/.mozconfig-mac index 1f89cab30bbc..9be7751f8241 100644 --- a/.mozconfig-mac +++ b/.mozconfig-mac @@ -42,6 +42,7 @@ ac_add_options --disable-debug ac_add_options --enable-tor-browser-data-outside-app-dir ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-crashreporter ac_add_options --disable-webrtc diff --git a/.mozconfig-mingw b/.mozconfig-mingw index 4fb050308060..29c58d8fdab2 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -14,6 +14,7 @@ ac_add_options --enable-strip ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-bits-download # Let's make sure no preference is enabling either Adobe's or Google's CDM. diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 0bf2cb4bd1d4..ea2b79924914 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -65,7 +65,7 @@ static void print_usage() { "signed_input_archive.mar base_64_encoded_signature_file " "changed_signed_output.mar\n"); printf("(i) is the index of the certificate to extract\n"); -# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) +# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) printf("Verify a MAR file:\n"); printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); printf( @@ -149,7 +149,7 @@ int main(int argc, char** argv) { memset((void*)certBuffers, 0, sizeof(certBuffers)); #endif #if !defined(NO_SIGN_VERIFY) && \ -((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)) +(!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) memset(DERFilePaths, 0, sizeof(DERFilePaths)); memset(fileSizes, 0, sizeof(fileSizes)); #endif @@ -181,7 +181,7 @@ int main(int argc, char** argv) { argc -= 2; } #if !defined(NO_SIGN_VERIFY) -# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX) +# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) /* -D DERFilePath, also matches -D[index] DERFilePath We allow an index for verifying to be symmetric with the import and export command line arguments. */ diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build index 7c303422fb3b..f80e0c932f13 100644 --- a/modules/libmar/tool/moz.build +++
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 11641: change TBB directory structure to be more like Firefox's
commit a43a2e837b335de057a009ba6d5db565b9cfdb7d Author: Kathy Brade Date: Tue Apr 29 13:08:24 2014 -0400 Bug 11641: change TBB directory structure to be more like Firefox's Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. --- toolkit/xre/nsAppRunner.cpp | 21 - 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 711245e3d501..41ce687d979f 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1445,8 +1445,10 @@ static void DumpHelp() { " --migrationStart with migration wizard.\n" " --ProfileManager Start with ProfileManager.\n" #ifdef MOZ_HAS_REMOTE - " --no-remoteDo not accept or send remote commands; implies\n" + " --no-remote(default) Do not accept or send remote commands; " + "implies\n" " --new-instance.\n" + " --allow-remote Accept and send remote commands.\n" " --new-instance Open new instance, not a new window in running " "instance.\n" #endif @@ -3623,16 +3625,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { gSafeMode); #if defined(MOZ_HAS_REMOTE) + // In Tor Browser, remoting is disabled by default unless -osint is used. + bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND); + bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND); + if (!allowRemote && !isOsint) { +SaveToEnv("MOZ_NO_REMOTE=1"); + } // Handle --no-remote and --new-instance command line arguments. Setup // the environment to better accommodate other components and various // restart scenarios. ar = CheckArg("no-remote"); - if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) { + if ((ar == ARG_FOUND) && allowRemote) { +PR_fprintf(PR_STDERR, + "Error: argument --no-remote is invalid when argument " + "--allow-remote is specified\n"); +return 1; + } + if (EnvHasValue("MOZ_NO_REMOTE")) { mDisableRemoteClient = true; mDisableRemoteServer = true; -if (!EnvHasValue("MOZ_NO_REMOTE")) { - SaveToEnv("MOZ_NO_REMOTE=1"); -} } ar = CheckArg("new-instance"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
commit 28225e1999100f3068b7393306679937ffd3 Author: Mike Perry Date: Fri May 5 03:41:57 2017 -0700 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. --- browser/app/profile/000-tor-browser.js | 9 +- .../search/extensions/ddg-onion/favicon.ico| Bin 0 -> 973 bytes .../search/extensions/ddg-onion/manifest.json | 26 .../components/search/extensions/ddg/favicon.ico | Bin 5430 -> 0 bytes .../components/search/extensions/ddg/favicon.png | Bin 0 -> 1150 bytes .../components/search/extensions/ddg/manifest.json | 42 +- .../extensions/google/_locales/b-1-d/messages.json | 23 .../extensions/google/_locales/b-1-e/messages.json | 23 .../extensions/google/_locales/b-d/messages.json | 23 .../extensions/google/_locales/b-e/messages.json | 23 .../extensions/google/_locales/en/messages.json| 24 .../search/extensions/google/manifest.json | 17 ++- browser/components/search/extensions/list.json | 141 ++--- .../search/extensions/startpage/favicon.png| Bin 0 -> 1150 bytes .../search/extensions/startpage/manifest.json | 26 .../search/extensions/twitter/favicon.ico | Bin 0 -> 1650 bytes .../search/extensions/twitter/manifest.json| 26 .../extensions/wikipedia/_locales/NN/messages.json | 20 --- .../extensions/wikipedia/_locales/NO/messages.json | 20 --- .../extensions/wikipedia/_locales/af/messages.json | 20 --- .../extensions/wikipedia/_locales/an/messages.json | 20 --- .../extensions/wikipedia/_locales/ar/messages.json | 20 --- .../wikipedia/_locales/ast/messages.json | 20 --- .../extensions/wikipedia/_locales/az/messages.json | 20 --- .../wikipedia/_locales/be-tarask/messages.json | 20 --- .../extensions/wikipedia/_locales/be/messages.json | 20 --- .../extensions/wikipedia/_locales/bg/messages.json | 20 --- .../extensions/wikipedia/_locales/bn/messages.json | 20 --- .../extensions/wikipedia/_locales/br/messages.json | 20 --- .../extensions/wikipedia/_locales/bs/messages.json | 20 --- .../extensions/wikipedia/_locales/ca/messages.json | 20 --- .../extensions/wikipedia/_locales/cy/messages.json | 20 --- .../extensions/wikipedia/_locales/cz/messages.json | 20 --- .../extensions/wikipedia/_locales/da/messages.json | 20 --- .../extensions/wikipedia/_locales/de/messages.json | 20 --- .../wikipedia/_locales/dsb/messages.json | 20 --- .../extensions/wikipedia/_locales/el/messages.json | 20 --- .../extensions/wikipedia/_locales/en/messages.json | 20 --- .../extensions/wikipedia/_locales/eo/messages.json | 20 --- .../extensions/wikipedia/_locales/es/messages.json | 20 --- .../extensions/wikipedia/_locales/et/messages.json | 20 --- .../extensions/wikipedia/_locales/eu/messages.json | 20 --- .../extensions/wikipedia/_locales/fa/messages.json | 20 --- .../extensions/wikipedia/_locales/fi/messages.json | 20 --- .../extensions/wikipedia/_locales/fr/messages.json | 20 --- .../wikipedia/_locales/fy-NL/messages.json | 20 --- .../wikipedia/_locales/ga-IE/messages.json | 20 --- .../extensions/wikipedia/_locales/gd/messages.json | 20 --- .../extensions/wikipedia/_locales/gl/messages.json | 20 --- .../extensions/wikipedia/_locales/gn/messages.json | 20 --- .../extensions/wikipedia/_locales/gu/messages.json | 20 --- .../extensions/wikipedia/_locales/he/messages.json | 20 --- .../extensions/wikipedia/_locales/hi/messages.json | 20 --- .../extensions/wikipedia/_locales/hr/messages.json | 20 --- .../wikipedia/_locales/hsb/messages.json | 20 ---
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 16439: Remove screencasting code
commit d1c78f27682479be10cf6d246b33cba406057844 Author: Kathy Brade Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index 348ea91f5f2e..a0f8c5a69ac2 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -259,10 +259,11 @@ if 'Android' != CONFIG['OS_TARGET']: ] else: DEFINES['ANDROID'] = True -EXTRA_JS_MODULES += [ -'secondscreen/RokuApp.jsm', -'secondscreen/SimpleServiceDiscovery.jsm', -] +if not CONFIG['TOR_BROWSER_VERSION']: +EXTRA_JS_MODULES += [ +'secondscreen/RokuApp.jsm', +'secondscreen/SimpleServiceDiscovery.jsm', +] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows': ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 19121: reinstate the update.xml hash check
commit 035f48aa42fd189feb8f6d1343af2c1ea4d0e835 Author: Kathy Brade Date: Mon Apr 23 15:22:57 2018 -0400 Bug 19121: reinstate the update.xml hash check Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and hashValue attributes from nsIUpdatePatch and code related to these attributes." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. We kept the addition to the AppConstants API in case other JS code references it in the future. --- toolkit/modules/AppConstants.jsm| 7 toolkit/mozapps/update/UpdateService.jsm| 63 - toolkit/mozapps/update/UpdateTelemetry.jsm | 1 + toolkit/mozapps/update/nsIUpdateService.idl | 11 + 4 files changed, 81 insertions(+), 1 deletion(-) diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index 4192ee5b1c44..cffe32e025c7 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({ false, #endif + MOZ_VERIFY_MAR_SIGNATURE: +#ifdef MOZ_VERIFY_MAR_SIGNATURE + true, +#else + false, +#endif + MOZ_MAINTENANCE_SERVICE: #ifdef MOZ_MAINTENANCE_SERVICE true, diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 2ea1ae85ff68..6d361dd04e7d 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -799,6 +799,20 @@ function LOG(string) { } } +/** + * Convert a string containing binary values to hex. + */ +function binaryToHex(input) { + var result = ""; + for (var i = 0; i < input.length; ++i) { +var hex = input.charCodeAt(i).toString(16); +if (hex.length == 1) + hex = "0" + hex; +result += hex; + } + return result; +} + /** * Gets the specified directory at the specified hierarchy under the * update root directory and creates it if it doesn't exist. @@ -1591,6 +1605,8 @@ function UpdatePatch(patch) { } break; case "finalURL": + case "hashFunction": + case "hashValue": case "state": case "type": case "URL": @@ -1610,6 +1626,8 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode", +"hashFunction", +"hashValue", "finalURL", "selected", "size", @@ -1623,6 +1641,8 @@ UpdatePatch.prototype = { */ serialize: function UpdatePatch_serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); +patch.setAttribute("hashFunction", this.hashFunction); +patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -4355,7 +4375,42 @@ Downloader.prototype = { } LOG("Downloader:_verifyDownload downloaded size == expected size."); -return true; +let fileStream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); +fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE, 0); + +let digest; +try { + let hash = Cc["@mozilla.org/security/hash;1"]. + createInstance(Ci.nsICryptoHash); + var hashFunction = Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; + if (hashFunction == undefined) { +throw Cr.NS_ERROR_UNEXPECTED; + } + hash.init(hashFunction); + hash.updateFromStream(fileStream, -1); + // NOTE: For now, we assume that the format of _patch.hashValue is hex + // encoded binary (such as what is typically output by programs like + // sha1sum). In the future, this may change to base64 depending on how + // we choose to compute these hashes. + digest = binaryToHex(hash.finish(false)); +} catch (e) { + LOG("Downloader:_verifyDownload - failed to compute hash of the " + + "downloaded update archive"); + digest = ""; +} + +fileStream.close(); + +if (digest == this._patch.hashValue.toLowerCase()) { + LOG("Downloader:_verifyDownload hashes match."); + return true; +} + +LOG("Downloader:_verifyDownload hashes do not match. "); +AUSTLMY.pingDownloadCode(this.isCompleteUpdate, + AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH); +return false; }, /** @@ -4980,6
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 13028: Prevent potential proxy bypass cases.
commit 446ce2588131ec578b44be20444292d98c1865f7 Author: Mike Perry Date: Mon Sep 29 14:30:19 2014 -0700 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. --- security/nss/lib/certhigh/ocsp.c| 8 .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 + 2 files changed, 29 insertions(+) diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index cea8456606bf..86fa971cfbef 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port) PRNetAddr addr; char *netdbbuf = NULL; +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host, +port); +goto loser; +#endif + sock = PR_NewTCPSocket(); if (sock == NULL) goto loser; diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index e8698376b5be..85791d84a932 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create( plContext), PKIX_COULDNOTCREATESOCKETOBJECT); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct socket connect\n"); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + socket->isServer = isServer; socket->timeout = timeout; socket->clientSock = NULL; @@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName( localCopyName = PL_strdup(serverName); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort"); PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, +portnum); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), ); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 18821: Disable libmdns for Android and Desktop
commit ae3c80578fa159e25b6a311641e2e1ead29ba673 Author: Georg Koppen Date: Wed Apr 20 14:34:50 2016 + Bug 18821: Disable libmdns for Android and Desktop There should be no need to remove the OS X support introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this is governed by a preference (which is actually set to `false`). However, we remove it at build time as well (defense in depth). This is basically a backout of the relevant passages of https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d, https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd. Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses) as well. --- dom/presentation/provider/components.conf | 10 -- dom/presentation/provider/moz.build | 1 - netwerk/dns/mdns/libmdns/components.conf | 15 --- netwerk/dns/mdns/libmdns/moz.build| 28 4 files changed, 54 deletions(-) diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf index 04cb28ec757e..56994ed7cd94 100644 --- a/dom/presentation/provider/components.conf +++ b/dom/presentation/provider/components.conf @@ -6,9 +6,6 @@ categories = {} -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'): -categories["presentation-device-provider"] = "MulticastDNSDeviceProvider" - Classes = [ { 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}', @@ -16,11 +13,4 @@ Classes = [ 'jsm': 'resource://gre/modules/PresentationControlService.jsm', 'constructor': 'PresentationControlService', }, -{ -'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}', -'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'], -'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider', -'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'], -'categories': categories, -}, ] diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build index eaea61af415a..d97b75ddbcf9 100644 --- a/dom/presentation/provider/moz.build +++ b/dom/presentation/provider/moz.build @@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [ UNIFIED_SOURCES += [ 'DeviceProviderHelpers.cpp', -'MulticastDNSDeviceProvider.cpp', ] XPCOM_MANIFESTS += [ diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf index 6e64140c820e..1b50dbf673a4 100644 --- a/netwerk/dns/mdns/libmdns/components.conf +++ b/netwerk/dns/mdns/libmdns/components.conf @@ -5,20 +5,5 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. Classes = [ -{ -'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}', -'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'], -'type': 'mozilla::net::nsDNSServiceInfo', -'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'], -}, ] -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa': -Classes += [ -{ -'cid': '{f9346d98-f27a-4e89-b744-493843416480}', -'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'], -'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm', -'constructor': 'nsDNSServiceDiscovery', -}, -] diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build index 05dc75eb9eda..a6fc1a8a559a 100644 --- a/netwerk/dns/mdns/libmdns/moz.build +++ b/netwerk/dns/mdns/libmdns/moz.build @@ -4,34 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': -UNIFIED_SOURCES += [ -'MDNSResponderOperator.cpp', -'MDNSResponderReply.cpp', -'nsDNSServiceDiscovery.cpp', -] - -LOCAL_INCLUDES += [ - '/netwerk/base', -] - -else: -EXTRA_JS_MODULES += [ -'DNSServiceDiscovery.jsm', -'fallback/DataReader.jsm', -'fallback/DataWriter.jsm', -'fallback/DNSPacket.jsm', -'fallback/DNSRecord.jsm', -'fallback/DNSResourceRecord.jsm', -'fallback/DNSTypes.jsm', -'fallback/MulticastDNS.jsm', -] - -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': -EXTRA_JS_MODULES += [ -'MulticastDNSAndroid.jsm', -] - UNIFIED_SOURCES += [ 'nsDNSServiceInfo.cpp', ] ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
commit 5b4e46224b369513c39c22c5731291e677fb64bf Author: Mike Perry Date: Wed Aug 27 15:19:10 2014 -0700 Bug 12974: Disable NTLM and Negotiate HTTP Auth This is technically an embargoed Mozilla bug, so I probably shouldn't provide too many details. Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt very many (or any of them) actually need it. The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421 --- extensions/auth/nsHttpNegotiateAuth.cpp | 4 netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++ 2 files changed, 7 insertions(+) diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 99720475b9dd..1c08fcf3da7e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -152,6 +152,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel, nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState; *identityInvalid = false; + + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + if (rawModule) { return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 0a30de051014..891aaadfd758 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel, *identityInvalid = false; + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 14631: Improve profile access error messages.
commit 2eb9285e7a7fb82734c45db3d12618f1d20f9db1 Author: Kathy Brade Date: Tue Feb 24 13:50:23 2015 -0500 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. --- .../mozapps/profile/profileSelection.properties| 5 + toolkit/profile/nsToolkitProfileService.cpp| 57 +++- toolkit/profile/nsToolkitProfileService.h | 13 +- toolkit/xre/nsAppRunner.cpp| 157 ++--- 4 files changed, 208 insertions(+), 24 deletions(-) diff --git a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties index 2be092bf4c4b..922b52cb1385 100644 --- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties +++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties @@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. +# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. +profileProblemTitle=%S Profile Problem +profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. +profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. +profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: â%Sâ - Path: â%Sâ diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index 125821452eca..14fa47dabb58 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -1160,9 +1160,10 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; + ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, ); + aProfile, aDidCreate, , profileStatus); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1195,7 +1196,8 @@ nsToolkitProfileService::SelectStartupProfile( nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, -bool* aWasDefaultSelection) { +bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { + aProfileStatus = PROFILE_STATUS_OK; if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1289,6 +1291,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); +aProfileStatus = CheckProfileWriteAccess(lf); +if (PROFILE_STATUS_OK != aProfileStatus) { + NS_ADDREF(*aRootDir = lf); + NS_ADDREF(*aLocalDir = lf); + return NS_ERROR_FAILURE; +} + // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(); @@ -2078,3 +2087,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } + +// Check for write permission to the profile directory by trying to create a +// new file (after ensuring that no file with the same name exists). +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( +nsIFile* aProfileDir) { +#if defined(XP_UNIX) + constexpr auto writeTestFileName = u".parentwritetest"_ns; +#else + constexpr auto writeTestFileName = u"parent.writetest"_ns; +#endif + + nsCOMPtr writeTestFile; + nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); + if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); + + if (NS_SUCCEEDED(rv)) { +bool doesExist = false; +rv = writeTestFile->Exists(); +if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); + } + + if (NS_SUCCEEDED(rv)) { +rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
commit 2edb7db6d9c72fb6fb14d392ed42a95480f4bc32 Author: Kathy Brade Date: Thu Apr 21 10:40:26 2016 -0400 Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp Instead of using the local computer's IP address within symlink-based profile lock signatures, always use 127.0.0.1. --- toolkit/profile/nsProfileLock.cpp | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp index 01818d32e6f7..adccfa4dd6d4 100644 --- a/toolkit/profile/nsProfileLock.cpp +++ b/toolkit/profile/nsProfileLock.cpp @@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile, if (!mReplacedLockTime) aLockFile->GetLastModifiedTimeOfLink(); + // For Tor Browser, avoid a DNS lookup here so the Tor network is not + // bypassed. Instead, always use 127.0.0.1 for the IP address portion + // of the lock signature, which may cause the browser to refuse to + // start in the rare event that all of the following conditions are met: + // 1. The browser profile is on a network file system. + // 2. The file system does not support fcntl() locking. + // 3. Tor Browser is run from two different computers at the same time. + struct in_addr inaddr; inaddr.s_addr = htonl(INADDR_LOOPBACK); - char hostname[256]; - PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname); - if (status == PR_SUCCESS) { -char netdbbuf[PR_NETDB_BUF_SIZE]; -PRHostEnt hostent; -status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, ); -if (status == PR_SUCCESS) memcpy(, hostent.h_addr, sizeof inaddr); - } - mozilla::SmprintfPointer signature = mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr), aHaveFcntlLock ? "+" : "", (unsigned long)getpid()); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 13252: Do not store data in the app bundle
commit bbedd020d723fd68788a7933813424d11137c30b Author: Kathy Brade Date: Fri Mar 18 14:20:02 2016 -0400 Bug 13252: Do not store data in the app bundle When --enable-tor-browser-data-outside-app-dir is enabled, all user data is stored in a directory named TorBrowser-Data which is located next to the application directory. Display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. On Mac OS, add support for the --invisible command line option which is used by the meek-http-helper to avoid showing an icon for the helper browser on the dock. --- toolkit/xre/nsAppRunner.cpp| 76 +++ toolkit/xre/nsXREDirProvider.cpp | 43 +-- toolkit/xre/nsXREDirProvider.h | 6 ++ xpcom/io/TorFileUtils.cpp | 133 + xpcom/io/TorFileUtils.h| 32 xpcom/io/moz.build | 5 ++ xpcom/io/nsAppFileLocationProvider.cpp | 53 ++--- 7 files changed, 280 insertions(+), 68 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 63411525b37f..711245e3d501 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1973,6 +1973,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } +// If aUnlocker is NULL, it is also OK for the following arguments to be NULL: +// aProfileDir, aProfileLocalDir, aResult. static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIFile* aProfileLocalDir, ProfileStatus aStatus, @@ -1981,17 +1983,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIProfileLock** aResult) { nsresult rv; - bool exists; - aProfileDir->Exists(); - if (!exists) { -return ProfileMissingDialog(aNative); + if (aProfileDir) { +bool exists; +aProfileDir->Exists(); +if (!exists) { + return ProfileMissingDialog(aNative); +} } ScopedXPCOMStartup xpcom; rv = xpcom.Initialize(); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); + if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); rv = xpcom.SetWindowCreator(aNative); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); @@ -2081,7 +2085,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, } } else { #ifdef MOZ_WIDGET_ANDROID - if (java::GeckoAppShell::UnlockProfile()) { + if (aProfileDir && aProfileLocalDir && aResult && + java::GeckoAppShell::UnlockProfile()) { return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr, aResult); } @@ -2190,6 +2195,23 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false); } +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) { + // Check whether we can write to the directory that will contain + // TorBrowser-Data. + nsCOMPtr tbDataDir; + RefPtr dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR; + nsresult rv = + dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + nsCOMPtr tbDataDirParent; + rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); +} +#endif + static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr gResetOldProfile; @@ -3258,6 +3280,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK(); #endif +#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND); + if (hideDockIcon) { +ProcessSerialNumber psn = {0, kCurrentProcess}; +TransformProcessType(, kProcessTransformToBackgroundApplication); + } +#endif + IncreaseDescriptorLimits(); #ifdef USE_GLX_TEST @@ -4109,7 +4139,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { return 0; } +#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \ +defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + nsCOMPtr exeFile, exeDir; + bool persistent; + rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, , +getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, 1); + rv = exeFile->GetParent(getter_AddRefs(exeDir)); + NS_ENSURE_SUCCESS(rv, 1); +#endif + rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc)); +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + if (NS_FAILED(rv)) { +//
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
commit dbf39d711b2475756d66707c9acefa26404cdfd0 Author: teor Date: Mon Mar 13 23:06:23 2017 +1100 Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. --- browser/app/Makefile.in | 2 +- browser/app/macbuild/Contents/Info.plist.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 7a6647fb2109..6cd9c9cb6ae8 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -104,5 +104,5 @@ ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' endif - printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo' + printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in index 18a88470296a..f9d01d8277aa 100644 --- a/browser/app/macbuild/Contents/Info.plist.in +++ b/browser/app/macbuild/Contents/Info.plist.in @@ -179,7 +179,7 @@ CFBundleShortVersionString %APP_VERSION% CFBundleSignature - MOZB + TORB CFBundleURLTypes ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
commit 85c27ddb54d39576105aa28ecbf739173c11045e Author: Kathy Brade Date: Fri Oct 18 15:20:06 2013 -0400 Bug 9173: Change the default Firefox profile directory to be TBB-relative. This should eliminate our need to rely on a wrapper script that sets /Users/arthur and launches Firefox with -profile. --- toolkit/profile/nsToolkitProfileService.cpp | 5 +- toolkit/xre/nsAppRunner.cpp | 2 +- toolkit/xre/nsConsoleWriter.cpp | 2 +- toolkit/xre/nsXREDirProvider.cpp| 149 ++-- toolkit/xre/nsXREDirProvider.h | 16 +-- xpcom/io/nsAppFileLocationProvider.cpp | 97 +++--- 6 files changed, 84 insertions(+), 187 deletions(-) diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index e0909c78d6cc..125821452eca 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() { NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!"); nsresult rv; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData)); NS_ENSURE_SUCCESS(rv, rv); - rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData)); + rv = + gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData)); NS_ENSURE_SUCCESS(rv, rv); rv = mAppData->Clone(getter_AddRefs(mProfileDBFile)); diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index a24b516c6be9..59663eda4590 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3262,7 +3262,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) && NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) { nsCOMPtr file; -rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file)); +rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file)); if (NS_SUCCEEDED(rv)) { CrashReporter::SetUserAppDataDirectory(file); } diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp index d89ea3bde31d..4a9a6d28034a 100644 --- a/toolkit/xre/nsConsoleWriter.cpp +++ b/toolkit/xre/nsConsoleWriter.cpp @@ -29,7 +29,7 @@ void WriteConsoleLog() { } else { if (!gLogConsoleErrors) return; -rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile)); +rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile)); if (NS_FAILED(rv)) return; lfile->AppendNative("console.log"_ns); diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 197d29a85106..b88fd3eb368c 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -32,6 +32,7 @@ #include "nsArrayEnumerator.h" #include "nsEnumeratorUtils.h" #include "nsReadableUtils.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #include "SpecialSystemDirectory.h" @@ -244,9 +245,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) -rv = file->AppendNative("Profiles"_ns); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -262,9 +260,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) -rv = file->AppendNative("Profiles"_ns); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -1394,7 +1389,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr& aFile, nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal) { // Copied from nsAppFileLocationProvider (more or less) - nsresult rv; + NS_ENSURE_ARG_POINTER(aFile); nsCOMPtr localDir; if (aLocal && gDataDirHomeLocal) { @@ -1404,80 +1399,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } -#if defined(XP_MACOSX) - FSRef fsRef; - OSType folderType; - if (aLocal) { -folderType = kCachedDataFolderType; - } else { -# ifdef MOZ_THUNDERBIRD -folderType = kDomainLibraryFolderType; -# else -folderType = kApplicationSupportFolderType; -# endif - } - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, ); - NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); - - rv =
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
commit f633abfe144c4764f7c61f66518c659bbd5a2654 Author: Kathy Brade Date: Tue Jun 28 15:13:05 2016 -0400 Bug 19273: Avoid JavaScript patching of the external app helper dialog. When handling an external URI or downloading a file, invoke Torbutton's external app blocker component (which will present a download warning dialog unless the user has checked the "Automatically download files from now on" box). For e10s compatibility, avoid using a modal dialog and instead use a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton to indicate the user's desire to cancel or continue each request. Other bugs fixed: Bug 21766: Crash with e10s enabled while trying to download a file Bug 21886: Download is stalled in non-e10s mode Bug 22471: Downloading files via the PDF viewer download button is broken Bug 22472: Fix FTP downloads when external helper app dialog is shown Bug 22610: Avoid crashes when canceling external helper app downloads Bug 22618: Downloading pdf file via file:/// is stalling --- .../exthandler/nsExternalHelperAppService.cpp | 207 + uriloader/exthandler/nsExternalHelperAppService.h | 3 + .../exthandler/nsIExternalHelperAppService.idl | 47 + 3 files changed, 222 insertions(+), 35 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 19abfd653c42..2dee9b859c9b 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -133,6 +133,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] = static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] = "browser.helperApps.neverAsk.openFile"; +static const char WARNING_DIALOG_CONTRACT_ID[] = +"@torproject.org/torbutton-extAppBlocker;1"; + // Helper functions for Content-Disposition headers /** @@ -389,6 +392,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory, return NS_OK; } +static already_AddRefed GetDialogParentAux( +BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) { + nsCOMPtr dialogParent = aWindowContext; + + if (!dialogParent && aBrowsingContext) { +dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow()); + } + if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) { +RefPtr element = aBrowsingContext->Top()->GetEmbedderElement(); +if (element) { + dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); +} + } + return dialogParent.forget(); +} + /** * Structure for storing extension->type mappings. * @see defaultMimeEntries @@ -552,6 +571,111 @@ static const char* descriptionOverwriteExtensions[] = { "avif", "pdf", "svg", "webp", "xml", }; +// +// begin nsExternalLoadURIHandler class definition and implementation +// +class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher { + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER + + nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, + BrowsingContext* aBrowsingContext); + + protected: + ~nsExternalLoadURIHandler(); + + nsCOMPtr mHandlerInfo; + nsCOMPtr mURI; + nsCOMPtr mTriggeringPrincipal; + RefPtr mBrowsingContext; + nsCOMPtr mWarningDialog; +}; + +NS_IMPL_ADDREF(nsExternalLoadURIHandler) +NS_IMPL_RELEASE(nsExternalLoadURIHandler) + +NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler) + NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) +NS_INTERFACE_MAP_END + +nsExternalLoadURIHandler::nsExternalLoadURIHandler( +nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, +nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext) +: mHandlerInfo(aHandlerInfo), + mURI(aURI), + mTriggeringPrincipal(aTriggeringPrincipal), + mBrowsingContext(aBrowsingContext) + +{ + nsresult rv = NS_OK; + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, ); + if (NS_SUCCEEDED(rv) && mWarningDialog) { +// This will create a reference cycle (the dialog holds a reference to us +// as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest +// or CancelRequest. +nsCOMPtr dialogParent = +GetDialogParentAux(aBrowsingContext, nullptr); +rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { +// If for some reason we could not open the download warning prompt, +// continue with the request. +ContinueRequest(); + } +} +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 40069: Add helpers for message passing with extensions
commit 9f6c00052bde179cbe94a9a4b398f57b53f0f564 Author: Alex Catarineu Date: Sun Aug 2 19:12:25 2020 +0200 Bug 40069: Add helpers for message passing with extensions --- toolkit/components/extensions/ExtensionParent.jsm | 47 +++ 1 file changed, 47 insertions(+) diff --git a/toolkit/components/extensions/ExtensionParent.jsm b/toolkit/components/extensions/ExtensionParent.jsm index b7bf99accb73..33c3359af04c 100644 --- a/toolkit/components/extensions/ExtensionParent.jsm +++ b/toolkit/components/extensions/ExtensionParent.jsm @@ -264,6 +264,8 @@ const ProxyMessenger = { /** @type Map */ ports: new Map(), + _torRuntimeMessageListeners: [], + init() { this.conduit = new BroadcastConduit(ProxyMessenger, { id: "ProxyMessenger", @@ -326,6 +328,10 @@ const ProxyMessenger = { }, async recvRuntimeMessage(arg, { sender }) { +// We need to listen to some extension messages in Tor Browser +for (const listener of this._torRuntimeMessageListeners) { + listener(arg); +} arg.firstResponse = true; let kind = await this.normalizeArgs(arg, sender); let result = await this.conduit.castRuntimeMessage(kind, arg); @@ -1870,6 +1876,45 @@ for (let name of StartupCache.STORE_NAMES) { StartupCache[name] = new CacheStore(name); } +async function torSendExtensionMessage(extensionId, message) { + // This should broadcast the message to all children "conduits" + // listening for a "RuntimeMessage". Those children conduits + // will either be extension background pages or other extension + // pages listening to browser.runtime.onMessage. + const result = await ProxyMessenger.conduit.castRuntimeMessage("messenger", { +extensionId, +holder: new StructuredCloneHolder(message), +firstResponse: true, +sender: { + id: extensionId, + envType: "addon_child", +}, + }); + return result +? result.value +: Promise.reject({ message: ERROR_NO_RECEIVERS }); +} + +async function torWaitForExtensionMessage(extensionId, checker) { + return new Promise(resolve => { +const msgListener = msg => { + try { +if (msg && msg.extensionId === extensionId) { + const deserialized = msg.holder.deserialize({}); + if (checker(deserialized)) { +const idx = ProxyMessenger._torRuntimeMessageListeners.indexOf( + msgListener +); +ProxyMessenger._torRuntimeMessageListeners.splice(idx, 1); +resolve(deserialized); + } +} + } catch (e) {} +}; +ProxyMessenger._torRuntimeMessageListeners.push(msgListener); + }); +} + var ExtensionParent = { GlobalManager, HiddenExtensionPage, @@ -1881,6 +1926,8 @@ var ExtensionParent = { promiseExtensionViewLoaded, watchExtensionProxyContextLoad, DebugUtils, + torSendExtensionMessage, + torWaitForExtensionMessage, }; // browserPaintedPromise and browserStartupPromise are promises that ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 16620: Clear window.name when no referrer sent
commit f66ef346d28bf84a7ed048167a9183af4942d642 Author: Kathy Brade Date: Fri Oct 30 14:28:13 2015 -0400 Bug 16620: Clear window.name when no referrer sent Convert JS implementation (within Torbutton) to a C++ browser patch. --- docshell/base/nsDocShell.cpp | 60 +++ docshell/test/mochitest/mochitest.ini | 3 + docshell/test/mochitest/test_tor_bug16620.html | 212 + docshell/test/mochitest/tor_bug16620.html | 51 ++ docshell/test/mochitest/tor_bug16620_form.html | 51 ++ 5 files changed, 377 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 4132d9e03ff3..ce9f1c32f5b7 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7541,11 +7541,71 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI)); } FirePageHideNotification(!mSavingOldViewer); + if (mIsBeingDestroyed) { // Force to stop the newly created orphaned viewer. viewer->Stop(); return NS_ERROR_DOCSHELL_DYING; } + + // Tor bug 16620: Clear window.name of top-level documents if + // there is no referrer. We make an exception for new windows, + // e.g., window.open(url, "MyName"). + bool isNewWindowTarget = false; + nsCOMPtr props(do_QueryInterface(aRequest, )); + if (props) { +props->GetPropertyAsBool(u"docshell.newWindowTarget"_ns, + ); + } + + if (!isNewWindowTarget) { +nsCOMPtr httpChannel(do_QueryInterface(aOpenedChannel)); +nsCOMPtr httpReferrer; +if (httpChannel) { + nsCOMPtr referrerInfo; + rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo)); + NS_ENSURE_SUCCESS(rv, rv); + if (referrerInfo) { +// We want GetComputedReferrer() instead of GetOriginalReferrer(), since +// the former takes into consideration referrer policy, protocol +// whitelisting... +httpReferrer = referrerInfo->GetComputedReferrer(); + } +} + +bool isTopFrame = mBrowsingContext->IsTop(); + +#ifdef DEBUG_WINDOW_NAME +printf("DOCSHELL %p CreateContentViewer - possibly clearing window.name:\n", + this); +printf(" current window.name: \"%s\"\n", + NS_ConvertUTF16toUTF8(mName).get()); + +nsAutoCString curSpec, loadingSpec; +if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec); +if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec); +printf(" current URI: %s\n", curSpec.get()); +printf(" loading URI: %s\n", loadingSpec.get()); +printf(" is top document: %s\n", isTopFrame ? "Yes" : "No"); + +if (!httpReferrer) { + printf(" referrer: None\n"); +} else { + nsAutoCString refSpec; + httpReferrer->GetSpec(refSpec); + printf(" referrer: %s\n", refSpec.get()); +} +#endif + +bool clearName = isTopFrame && !httpReferrer; +if (clearName) SetName(u""_ns); + +#ifdef DEBUG_WINDOW_NAME +printf(" action taken: %s window.name\n", + clearName ? "Cleared" : "Preserved"); +#endif + } + mLoadingURI = nullptr; // Set mFiredUnloadEvent = false so that the unload handler for the diff --git a/docshell/test/mochitest/mochitest.ini b/docshell/test/mochitest/mochitest.ini index db7803826a81..8633b7c75617 100644 --- a/docshell/test/mochitest/mochitest.ini +++ b/docshell/test/mochitest/mochitest.ini @@ -53,6 +53,8 @@ support-files = start_historyframe.html url1_historyframe.html url2_historyframe.html + tor_bug16620.html + tor_bug16620_form.html [test_anchor_scroll_after_document_open.html] [test_bfcache_plus_hash.html] @@ -123,6 +125,7 @@ support-files = file_history_length_during_pageload.html file_history_length_during_pageload_2.html [test_pushState_after_document_open.html] +[test_tor_bug16620.html] [test_navigate_after_pagehide.html] [test_windowedhistoryframes.html] skip-if = !debug && os == 'android' # Bug 1573892 diff --git a/docshell/test/mochitest/test_tor_bug16620.html b/docshell/test/mochitest/test_tor_bug16620.html new file mode 100644 index ..f60a06711c17 --- /dev/null +++ b/docshell/test/mochitest/test_tor_bug16620.html @@ -0,0 +1,212 @@ + + + + + + Test for Tor Bug 16620 - Clear window.name when no referrer sent + + + + +https://trac.torproject.org/projects/tor/ticket/16620;>Tor Bug 16620 + + +// ## Test constants +const kTestPath = "/tests/docshell/test/mochitest/"; +const kLinkFile = "tor_bug16620.html"; +const kFormFile = "tor_bug16620_form.html"; +const kBaseURL1 = "http://example.com"; +const kBaseURL1_https = "https://example.com"; +const kBaseURL2 = "http://example.net"; +const kSendReferrerPref = "network.http.sendRefererHeader"; +const kSendReferrerNever = 0;
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 12620: TorBrowser regression tests
commit ecb4f385c2a4b6813da4e6f75ebb1e2d1b60ea93 Author: Arthur Edelstein Date: Wed Aug 27 16:25:00 2014 -0700 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. --- run-tbb-tests| 60 +++ tbb-tests/browser.ini| 5 ++ tbb-tests/browser_tor_TB4.js | 162 +++ tbb-tests/browser_tor_bug2950.js | 74 ++ tbb-tests/mochitest.ini | 3 + tbb-tests/moz.build | 10 +++ tbb-tests/test_tor_bug2874.html | 25 ++ toolkit/toolkit.mozbuild | 3 +- 8 files changed, 341 insertions(+), 1 deletion(-) diff --git a/run-tbb-tests b/run-tbb-tests new file mode 100755 index ..5e266f9ba4cd --- /dev/null +++ b/run-tbb-tests @@ -0,0 +1,60 @@ +#!/bin/bash + +# This script runs all the Mochitest tests that have been added or +# modified since the last ffxbld commit. +# +# It does not currently run XPCShell tests. We should change this if we +# start using this type or other types of tests. +# +# The logs of the tests are stored in the tbb-tests.log file. +# Ignored tests are listed in the tbb-tests-ignore.txt file. +# +# https://trac.torproject.org/projects/tor/ticket/18923 + +IFS=$'\n' + +if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ] +then +echo "Using tests list from file tbb-tests-list.txt" +tests=($(cat tbb-tests-list.txt)) +else +ffxbld_commit=$(git log -500 --format='%an %H' | grep '^ffxbld ' \ +| head -1 | cut -d ' ' -f 2) + +tests=($(git diff --name-status "$ffxbld_commit" HEAD | \ +grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \ + -e '^[AM].*/browser_[^/]\+\.js$' \ + | sed 's/^[AM]\s\+//')) +fi + +echo 'The following tests will be run:' +for i in "${!tests[@]}" +do +if [ -z "$USE_TESTS_LIST" ] \ +&& grep -q "^${tests[$i]}$" tbb-tests-ignore.txt +then +unset "tests[$i]" +continue +fi +echo "- ${tests[$i]}" +done + +if [ -n "$WRITE_TESTS_LIST" ] +then +rm -f tbb-tests-list.txt +for i in "${!tests[@]}" +do +echo "${tests[$i]}" >> tbb-tests-list.txt +done +exit 0 +fi + +rm -f tbb-tests.log +echo $'\n''Starting tests' +./mach mochitest --log-tbpl tbb-tests.log --setpref security.nocertdb=false \ + "${tests[@]}" + +echo "*" +echo "*" +echo "Summary of failed tests:" +grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini new file mode 100644 index ..f481660f1417 --- /dev/null +++ b/tbb-tests/browser.ini @@ -0,0 +1,5 @@ +[DEFAULT] + +[browser_tor_bug2950.js] +[browser_tor_omnibox.js] +[browser_tor_TB4.js] diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js new file mode 100644 index ..af688bee0226 --- /dev/null +++ b/tbb-tests/browser_tor_TB4.js @@ -0,0 +1,162 @@ +// # Test for TB4: Tor Browser's Firefox preference overrides +// Simple regression tests to check the value of each pref and +// decides if it is set as expected. + +// TODO: Write unit tests to check that each pref setting here +// causes the browser to have the desired behavior (a big task). + +function test() { + +let expectedPrefs = [ + // Disable browser auto updaters and associated homepage notifications + ["app.update.auto", false], + ["app.update.enabled", false], + ["browser.search.update", false], + ["browser.rights.3.shown", true], + ["browser.startup.homepage_override.mstone", "ignore"], + ["startup.homepage_welcome_url", ""], + ["startup.homepage_override_url", ""], + + // Disable the "Refresh" prompt that is displayed for stale profiles. + ["browser.disableResetPrompt", true], + + // Disk activity: Disable Browsing History Storage + ["browser.privatebrowsing.autostart", true], + ["browser.cache.disk.enable", false], + ["browser.cache.offline.enable", false], + ["dom.indexedDB.enabled", false], + ["permissions.memory_only", true], + ["network.cookie.lifetimePolicy", 2], + ["security.nocertdb", true], + + // Disk activity: TBB Directory Isolation + ["browser.download.useDownloadDir", false], + ["browser.shell.checkDefaultBrowser", false], + ["browser.download.manager.addToRecentDocs", false], + + // Misc privacy: Disk + ["signon.rememberSignons", false], + ["browser.formfill.enable", false], + ["signon.autofillForms", false], + ["browser.sessionstore.privacy_level", 2], +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 14970: Don't block our unsigned extensions
commit 36c4dde9d5da786b650059f854c266f4bdd9ce78 Author: Georg Koppen Date: Thu Mar 30 10:38:06 2017 + Bug 14970: Don't block our unsigned extensions Mozilla introduced extension signing as a way to make it harder for an attacker to get a malicious add-on running in a user's browser. See: https://blog.mozilla.org/addons/2015/02/10/extension-signing-safer-experience and https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/ for some background information. Since ESR45 this feature is enabled by default and we exempt EFF's HTTPS-Everywhere from this requirement. --- browser/components/BrowserGlue.jsm | 6 +- toolkit/mozapps/extensions/content/aboutaddonsCommon.js | 6 ++ toolkit/mozapps/extensions/internal/XPIDatabase.jsm | 5 + toolkit/mozapps/extensions/internal/XPIInstall.jsm | 1 + 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 68b77e6f42cf..a432b28b97bc 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2257,7 +2257,11 @@ BrowserGlue.prototype = { ); AddonManager.getAddonsByIDs(disabledAddons).then(addons => { for (let addon of addons) { - if (addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) { + // We don't need a false notification that our extensions are + // disabled. Even if they lack Mozilla's blessing they are enabled + // nevertheless. + if ((addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) && + (addon.id !== "https-everywhere-...@eff.org")) { this._notifyUnsignedAddonsDisabled(); break; } diff --git a/toolkit/mozapps/extensions/content/aboutaddonsCommon.js b/toolkit/mozapps/extensions/content/aboutaddonsCommon.js index 5459d0fff050..9204aa657b83 100644 --- a/toolkit/mozapps/extensions/content/aboutaddonsCommon.js +++ b/toolkit/mozapps/extensions/content/aboutaddonsCommon.js @@ -225,9 +225,15 @@ var gBrowser = { }, }; +// This function is the central check point to decide whether to show a warning +// about unsigned extensions or not. We want those warnings but only for +// extensions we don't distribute. function isCorrectlySigned(addon) { // Add-ons without an "isCorrectlySigned" property are correctly signed as // they aren't the correct type for signing. + if (addon.id == "https-everywhere-...@eff.org") { +return true; + } return addon.isCorrectlySigned !== false; } diff --git a/toolkit/mozapps/extensions/internal/XPIDatabase.jsm b/toolkit/mozapps/extensions/internal/XPIDatabase.jsm index 0b9bfa34b138..c8407541c2df 100644 --- a/toolkit/mozapps/extensions/internal/XPIDatabase.jsm +++ b/toolkit/mozapps/extensions/internal/XPIDatabase.jsm @@ -2211,6 +2211,11 @@ this.XPIDatabase = { *True if the add-on should not be appDisabled */ isUsableAddon(aAddon) { +// Ensure that we allow https-everywhere +if (aAddon.id == "https-everywhere-...@eff.org") { + return true; +} + if (this.mustSign(aAddon.type) && !aAddon.isCorrectlySigned) { logger.warn(`Add-on ${aAddon.id} is not correctly signed.`); if (Services.prefs.getBoolPref(PREF_XPI_SIGNATURES_DEV_ROOT, false)) { diff --git a/toolkit/mozapps/extensions/internal/XPIInstall.jsm b/toolkit/mozapps/extensions/internal/XPIInstall.jsm index 4e172f89694a..3396d43116d2 100644 --- a/toolkit/mozapps/extensions/internal/XPIInstall.jsm +++ b/toolkit/mozapps/extensions/internal/XPIInstall.jsm @@ -3953,6 +3953,7 @@ var XPIInstall = { if ( XPIDatabase.mustSign(addon.type) && + addon.id !== "https-everywhere-...@eff.org" && addon.signedState <= AddonManager.SIGNEDSTATE_MISSING ) { throw new Error( ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 10760: Integrate TorButton to TorBrowser core
commit bc8f2ce056c7c6b3900fbe82a80766430f35f807 Author: Alex Catarineu Date: Wed Feb 19 23:05:08 2020 +0100 Bug 10760: Integrate TorButton to TorBrowser core Because of the non-restartless nature of Torbutton, it required a two-stage installation process. On mobile, it was a problem, because it was not loading when the user opened the browser for the first time. Moving it to tor-browser and making it a system extension allows it to load when the user opens the browser for first time. Additionally, this patch also fixes Bug 27611. Bug 26321: New Circuit and New Identity menu items Bug 14392: Make about:tor behave like other initial pages. Bug 25013: Add torbutton as a tor-browser submodule --- .gitmodules| 3 ++ browser/base/content/aboutDialog.xhtml | 38 +++-- browser/base/content/browser-doctype.inc | 6 +++ browser/base/content/browser-menubar.inc | 49 -- browser/base/content/browser-sets.inc | 2 + browser/base/content/browser.js| 1 + browser/base/content/browser.xhtml | 26 +++- .../controlcenter/content/identityPanel.inc.xhtml | 14 +++ browser/installer/package-manifest.in | 2 + docshell/base/nsAboutRedirector.cpp| 6 ++- docshell/build/components.conf | 1 + mobile/android/installer/package-manifest.in | 4 ++ toolkit/moz.build | 1 + .../mozapps/extensions/internal/XPIProvider.jsm| 9 toolkit/torproject/torbutton | 1 + .../lib/environments/browser-window.js | 6 ++- 16 files changed, 139 insertions(+), 30 deletions(-) diff --git a/.gitmodules b/.gitmodules new file mode 100644 index ..2f03bd8e22df --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "toolkit/torproject/torbutton"] + path = toolkit/torproject/torbutton + url = https://git.torproject.org/torbutton.git diff --git a/browser/base/content/aboutDialog.xhtml b/browser/base/content/aboutDialog.xhtml index 69cbf846bbef..5274cbc02831 100644 --- a/browser/base/content/aboutDialog.xhtml +++ b/browser/base/content/aboutDialog.xhtml @@ -7,11 +7,11 @@ + + http://www.w3.org/1999/xhtml; @@ -28,7 +28,7 @@ data-l10n-id="aboutDialog-title" #endif role="dialog" -aria-describedby="version distribution distributionId communityDesc contributeDesc trademark" +aria-describedby="version distribution distributionId projectDesc helpDesc trademark trademarkTor" > #ifdef XP_MACOSX #include macWindow.inc.xhtml @@ -132,24 +132,36 @@ - -http://www.mozilla.org/; data-l10n-name="community-mozillaLink"> - + + + + + +https://www.torproject.org/;> + + - -https://donate.mozilla.org/?utm_source=firefoxutm_medium=referralutm_campaign=firefox_aboututm_content=firefox_about; data-l10n-name="helpus-donateLink"> -http://www.mozilla.org/contribute/; data-l10n-name="helpus-getInvolvedLink"> + + +https://donate.torproject.org/;> + + + +https://community.torproject.org/;> + + - - - -https://www.mozilla.org/privacy/; data-l10n-id="bottomLinks-privacy"> + +https://support.torproject.org/;> +https://community.torproject.org/relay/;> + + diff --git a/browser/base/content/browser-doctype.inc b/browser/base/content/browser-doctype.inc index 9aa278773158..48cf6cd3eda0 100644 --- a/browser/base/content/browser-doctype.inc +++ b/browser/base/content/browser-doctype.inc @@ -14,3 +14,9 @@ %syncBrandDTD; %brandingsDTD; + +%torbuttonDTD; + +%aboutTorDTD; + +%aboutDialogDTD; diff --git a/browser/base/content/browser-menubar.inc b/browser/base/content/browser-menubar.inc index a865c1fd0d9c..a0eb209f08e4 100644 --- a/browser/base/content/browser-menubar.inc +++ b/browser/base/content/browser-menubar.inc @@ -33,6 +33,18 @@ command="Tools:NonFissionWindow" accesskey="s" label="New Non-Fission Window"/> #endif + + + + - + + + + + +https://tb-manual.torproject.org/' + Services.locale.requestedLocale, {triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal()});" +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 3547: Block all plugins.
commit f4e0e76c2583469d74dc1ba35caf6041175b62a5 Author: Mike Perry Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index dfac7b052567..aa06842dd3f5 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -478,6 +478,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Add TorStrings module for localization
commit b6ec35b38181a0fe05be80657fa86eb40f991493 Author: Alex Catarineu Date: Fri Jul 24 21:15:20 2020 +0200 Add TorStrings module for localization --- browser/modules/TorStrings.jsm | 490 + browser/modules/moz.build | 1 + 2 files changed, 491 insertions(+) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm new file mode 100644 index ..e8a8d37ae373 --- /dev/null +++ b/browser/modules/TorStrings.jsm @@ -0,0 +1,490 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorStrings"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); +const { getLocale } = ChromeUtils.import( + "resource://torbutton/modules/utils.js" +); + +XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]); +XPCOMUtils.defineLazyGetter(this, "domParser", () => { + const parser = new DOMParser(); + parser.forceEnableDTD(); + return parser; +}); + +/* + Tor DTD String Bundle + + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorDTDStringBundle { + constructor(aBundleURLs, aPrefix) { +let locations = []; +for (const [index, url] of aBundleURLs.entries()) { + locations.push(`%dtd_${index};`); +} +this._locations = locations; +this._prefix = aPrefix; + } + + // copied from testing/marionette/l10n.js + localizeEntity(urls, id) { +// Use the DOM parser to resolve the entity and extract its real value +let header = ``; +let elem = `&${id};`; +let doc = domParser.parseFromString(header + elem, "text/xml"); +let element = doc.querySelector("elem[id='elementID']"); + +if (element === null) { + throw new Error(`Entity with id='${id}' hasn't been found`); +} + +return element.textContent; + } + + getString(key, fallback) { +if (key) { + try { +return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`); + } catch (e) {} +} + +// on failure, assign the fallback if it exists +if (fallback) { + return fallback; +} +// otherwise return string key +return `$(${key})`; + } +} + +/* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { +try { + this._bundle = Services.strings.createBundle(aBundleURL); +} catch (e) {} + +this._prefix = aPrefix; + } + + getString(key, fallback) { +if (key) { + try { +return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} +} + +// on failure, assign the fallback if it exists +if (fallback) { + return fallback; +} +// otherwise return string key +return `$(${key})`; + } +} + +/* + Security Level Strings +*/ +var TorStrings = { + /* +Tor Browser Security Level Strings + */ + securityLevel: (function() { +let tsb = new TorDTDStringBundle( + ["chrome://torbutton/locale/torbutton.dtd"], + "torbutton.prefs.sec_" +); +let getString = function(key, fallback) { + return tsb.getString(key, fallback); +}; + +// read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error +let retval = { + securityLevel: getString("caption", "Security Level"), + customWarning: getString("custom_warning", "Custom"), + overview: getString( +"overview", +"Disable certain web features that can be used to attack your security and anonymity." + ), + standard: { +level: getString("standard_label", "Standard"), +tooltip: getString("standard_tooltip", "Security Level : Standard"), +summary: getString( + "standard_description", + "All Tor Browser and website features are enabled." +), + }, + safer: { +level: getString("safer_label", "Safer"), +tooltip: getString("safer_tooltip", "Security Level : Safer"), +summary: getString( + "safer_description", + "Disables website features that are often dangerous, causing some sites to lose functionality." +), +description1: getString( + "js_on_https_sites_only", + "JavaScript is disabled on non-HTTPS sites." +), +description2: getString( + "limit_typography", + "Some fonts and math symbols are disabled." +), +description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." +), + }, + safest: { +level: getString("safest_label", "Safest"), +tooltip: getString("safest_tooltip", "Security Level : Safest"), +summary: getString( +
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] TB3: Tor Browser's official .mozconfigs.
commit c2505684a74284ce35293c04f670f0582437b7c5 Author: Mike Perry Date: Mon May 6 15:51:06 2013 -0700 TB3: Tor Browser's official .mozconfigs. Also: Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24 Changes needed to build Mac in 64bit Bug 10715: Enable Webgl for mingw-w64 again. Disable ICU when cross-compiling; clean-up. Bug 15773: Enable ICU on OS X Bug 15990: Don't build the sandbox with mingw-w64 Bug 12761: Switch to ESR 38 for OS X Updating .mozconfig-asan Bug 12516: Compile hardenend Tor Browser with -fwrapv Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 13419: Add back ICU for Windows Bug 21239: Use GTK2 for ESR52 Linux builds Bug 23025: Add hardening flags for macOS Bug 24478: Enable debug assertions and tests in our ASan builds --enable-proxy-bypass-protection Bug 27597: ASan build option in tor-browser-build is broken Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 21849: Don't allow SSL key logging. Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 25741 - TBA: Disable features at compile-time MOZ_NATIVE_DEVICES for casting and the media player MOZ_TELEMETRY_REPORTING for telemetry MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo) Bug 25741 - TBA: Add default configure options in dedicated file Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 29859: Disable HLS support for now Add --disable-tor-launcher build option Add --enable-tor-browser-update build option Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40061: Omit the Windows default browser agent from the build --- .mozconfig| 38 .mozconfig-android| 35 ++ .mozconfig-asan | 43 +++ .mozconfig-mac| 55 +++ .mozconfig-mingw | 30 +++ browser/base/moz.build| 3 ++ browser/installer/Makefile.in | 8 + browser/moz.configure | 8 ++--- build/moz.configure/old.configure | 6 mobile/android/confvars.sh| 9 ++ mobile/android/geckoview/build.gradle | 1 + mobile/android/moz.configure | 17 +-- mobile/android/torbrowser.configure | 30 +++ old-configure.in | 49 +++ security/moz.build| 2 +- security/nss/lib/ssl/Makefile | 2 +- toolkit/modules/AppConstants.jsm | 15 ++ toolkit/modules/moz.build | 3 ++ 18 files changed, 346 insertions(+), 8 deletions(-) diff --git a/.mozconfig b/.mozconfig new file mode 100755 index ..24efaea57b0b --- /dev/null +++ b/.mozconfig @@ -0,0 +1,38 @@ +. $topsrcdir/browser/config/mozconfig + +# This mozconfig file is not used in official Tor Browser builds. +# It is only intended to be used when doing incremental Linux builds +# during development. The platform-specific mozconfig configuration +# files used in official Tor Browser releases can be found in the +# tor-browser-build repo: +# https://gitweb.torproject.org/builders/tor-browser-build.git/ +# under: +# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-optimize +ac_add_options --enable-official-branding + +# Let's support GTK3 for ESR60 +ac_add_options
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] Bug 28044: Integrate Tor Launcher into tor-browser
commit 69e06d479539b33e2fc09a74d7bf423d7b47bfbd Author: Kathy Brade Date: Tue Feb 26 10:07:17 2019 -0500 Bug 28044: Integrate Tor Launcher into tor-browser Build and package Tor Launcher as part of the browser (similar to how pdfjs is handled). If a Tor Launcher extension is present in the user's profile, it is removed. --- browser/extensions/moz.build| 5 + browser/installer/package-manifest.in | 5 + toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++ 3 files changed, 20 insertions(+) diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index f71ece63c42d..9787ecf81592 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -11,3 +11,8 @@ DIRS += [ 'webcompat', 'report-site-issue' ] + +if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: +DIRS += [ +'tor-launcher', +] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 2865597f498e..9cb8a3c65d7b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -252,6 +252,11 @@ @RESPATH@/browser/chrome/browser.manifest @RESPATH@/chrome/pdfjs.manifest @RESPATH@/chrome/pdfjs/* +#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER +@RESPATH@/browser/chrome/torlauncher.manifest +@RESPATH@/browser/chrome/torlauncher/* +@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js +#endif @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 14bbba2b39b9..87e4d3ee9e45 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,16 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); +// Since it is now part of the browser, uninstall the Tor Launcher +// extension. This will remove the Tor Launcher .xpi from user +// profiles on macOS. +if (id === "tor-launc...@torproject.org") { + logger.debug("Uninstalling the Tor Launcher extension."); + loc.installer.uninstallAddon(id); + changed = true; + continue; +} + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-81.0b2-10.0-1] TB4: Tor Browser's Firefox preference overrides.
commit 7a82da7d220144dccfa4e5e8b48413df0d826c14 Author: Mike Perry Date: Tue Sep 10 18:20:43 2013 -0700 TB4: Tor Browser's Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera ) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit b0b860f553acd859b06fa9a9df01bc5892d11417 Author: Translation commit bot Date: Thu Aug 27 19:17:51 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 31 +-- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index cffe99a304..bfe2c637e3 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8470,6 +8470,9 @@ msgid "" "aggressively](https://lists.torproject.org/pipermail/tor-; "dev/2008-June/001519.html)." msgstr "" +"Hemos emparchado a OpenSSL para [liberar memoria buffer no usada más " +"agresivamente](https://lists.torproject.org/pipermail/tor-; +"dev/2008-June/001519.html)." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8477,6 +8480,8 @@ msgid "" "If you update to OpenSSL 1.0.0 or newer, Tor's build process will " "automatically recognize and use this feature." msgstr "" +"Si actualizás a OpenSSL 1.0.0 o más nuevo, la compilación de Tor lo " +"reconocerá automáticamente, y usará esta caracterÃstica." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8484,6 +8489,8 @@ msgid "" "* If you still can't handle the memory load, consider reducing the amount of" " bandwidth your relay advertises." msgstr "" +"* Si aún no podés manejar la carga de memoria, considerá reducir la cantidad" +" de ancho de banda que publicita tu repetidor." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8491,11 +8498,13 @@ msgid "" "Advertising less bandwidth means you will attract fewer users, so your relay" " shouldn't grow as large." msgstr "" +"Publicitar menos ancho de banda significa que atraerás menos usuarios, por " +"lo que tu repetidor no deberÃa crecer tanto." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) msgid "See the `MaxAdvertisedBandwidth` option in the man page." -msgstr "" +msgstr "Mirá la opción `MaxAdvertisedBandwidth` en la página del manual." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8503,6 +8512,8 @@ msgid "" "All of this said, fast Tor relays do use a lot of ram. It is not unusual for" " a fast exit relay to use 500-1000 MB of memory." msgstr "" +"Dicho todo esto, los repetidores Tor rápidos sà usan un montón de RAM. No es" +" inusual para un repetidor de salida rápido usar 500-1000 MB de memoria." #: https//support.torproject.org/operators/relay-write-more-bytes/ #: (content/operators/relay-write-more-bytes/contents+en.lrquestion.title) @@ -10579,7 +10590,7 @@ msgstr "" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "# dnf install epel-release -y" -msgstr "" +msgstr "# dnf install epel-release -y" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) @@ -10594,22 +10605,22 @@ msgstr "" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "[tor]" -msgstr "" +msgstr "[tor]" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "name=Tor for Enterprise Linux $releasever - $basearch" -msgstr "" +msgstr "name=Tor for Enterprise Linux $releasever - $basearch" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "baseurl=https://rpm.torproject.org/centos/$releasever/$basearch; -msgstr "" +msgstr "baseurl=https://rpm.torproject.org/centos/$releasever/$basearch; #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "enabled=1" -msgstr "" +msgstr "enabled=1" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) @@ -10624,7 +10635,7 @@ msgstr "gpgkey=https://rpm.torproject.org/centos/public_gpg.key; #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "cost=100" -msgstr "" +msgstr "cost=100" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) @@ -10634,12 +10645,12 @@ msgstr "" #: https//support.torproject.org/rpm/tor-rpm-install/ #: (content/rpm/install/contents+en.lrquestion.description) msgid "name=Tor for Fedora $releasever - $basearch" -msgstr "" +msgstr "name=Tor for Fedora $releasever - $basearch" #: https//support.torproject.org/rpm/tor-rpm-install/ #:
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit ab0ae7b2caa6e0d5825a08362e2bba66d38b34df Author: Translation commit bot Date: Thu Aug 27 19:15:11 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 44 +--- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/contents+ar.po b/contents+ar.po index 0a794b2880..7c8e44a72e 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -1770,22 +1770,22 @@ msgstr "** ØاÙ٠تجÙب ** اÙ٠ضÙÙÙ٠اÙتاÙÙÙÙ:" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "* OVH SAS (AS16276)" -msgstr "" +msgstr "* OVH SAS (AS16276)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "* Online S.a.s. (AS12876)" -msgstr "" +msgstr "* Online S.a.s. (AS12876)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "* Hetzner Online GmbH (AS24940)" -msgstr "" +msgstr "* Hetzner Online GmbH (AS24940)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "* DigitalOcean, LLC (AS14061)" -msgstr "" +msgstr "* DigitalOcean, LLC (AS14061)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1793,6 +1793,8 @@ msgid "" "To find out which host and countries are already used by many other " "operators (that should be avoided) you can use Relay Search:" msgstr "" +"Ù٠عرÙØ© اÙ٠ضÙÙ ÙاÙبÙدا٠اÙ٠ستخد٠ة باÙÙع٠٠٠Ùب٠اÙعدÙد ٠٠اÙ٠شغÙÙ٠اÙآخرÙÙ " +"(Ùجب تجÙب Ø°ÙÙ) Ø ÙÙ ÙÙ٠استخدا٠Relay Search:" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1800,6 +1802,8 @@ msgid "" "* [Autonomous System Level " "Overview](https://metrics.torproject.org/rs.html#aggregate/as)" msgstr "" +"* [Ùظرة عا٠ة عÙ٠٠ستÙ٠اÙÙظا٠اÙذاتÙ] " +"(https://metrics.torproject.org/rs.html#aggregate/as)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1807,11 +1811,13 @@ msgid "" "* [Country Level " "Overview](https://metrics.torproject.org/rs.html#aggregate/cc)" msgstr "" +"* [Ùظرة عا٠ة عÙ٠٠ستÙ٠اÙدÙÙØ©] " +"(https://metrics.torproject.org/rs.html#aggregate/cc)" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "# Choosing an Operating System" -msgstr "" +msgstr "# اختÙار Ùظا٠اÙتشغÙÙ" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1820,11 +1826,13 @@ msgid "" "you're able, the network would most benefit from BSD and other non-Linux " "based relays." msgstr "" +"ÙÙص٠باستخدا٠Ùظا٠اÙتشغÙ٠اÙذ٠تعرÙÙ ÙØ«ÙرÙا Ø ÙÙÙ٠إذا ÙÙت ÙادرÙا Ø " +"ÙستستÙÙد اÙشبÙØ© Ø£Ùثر Ù Ù BSD ÙاÙ٠رØÙات اÙأخر٠غÙر اÙ٠ستÙدة Ø¥ÙÙ ÙÙÙÙس." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "Most relays currently run on Debian." -msgstr "" +msgstr "تع٠٠٠عظ٠اÙ٠رØÙات ØاÙÙÙا عÙ٠دبÙاÙ." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1832,16 +1840,18 @@ msgid "" "The following table shows the current OS distribution on the Tor network to " "give you an idea of how much more non-Linux relays we should have:" msgstr "" +"ÙÙØ¶Ø Ø§ÙجدÙ٠اÙتاÙ٠تÙزÙع Ùظا٠اÙتشغÙ٠اÙØاÙ٠عÙ٠شبÙØ© Tor Ùإعطائ٠ÙÙرة ع٠" +"عدد اÙ٠رØÙات بخÙا٠ÙÙÙÙس اÙت٠Ùجب أ٠تÙÙÙ ÙدÙÙا:" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "* https://nusenu.github.io/OrNetStats/#os-distribution-relays; -msgstr "" +msgstr "* https://nusenu.github.io/OrNetStats/#os-distribution-relays; #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "# OS Level Configuration" -msgstr "" +msgstr "#
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit b7db24c6083bf48e40d2ee81df35c4f19e4e168d Author: Translation commit bot Date: Thu Aug 27 18:47:54 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 34 -- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index 665c37171c..cffe99a304 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8343,16 +8343,19 @@ msgstr "¿Qué tan estable necesita ser mi repetidor?" #: (content/operators/relay-flexible/contents+en.lrquestion.description) msgid "We aim to make setting up a Tor relay easy and convenient:" msgstr "" +"Apuntamos a hacer que la configuración de un repetidor Tor sea fácil y " +"conveniente:" #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) msgid "* It's fine if the relay goes offline sometimes." -msgstr "" +msgstr "* Está bien si el repetidor queda a veces fuera de lÃnea." #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) msgid "The directories notice this quickly and stop advertising the relay." msgstr "" +"Los directorios notan esto rápidamente y paran de publicitar al repetidor." #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) @@ -8360,6 +8363,8 @@ msgid "" "Just try to make sure it's not too often, since connections using the relay " "when it disconnects will break." msgstr "" +"Solo tratá de asegurarte que no sea muy a menudo, ya que las conexiones que " +"están usando al repetidor cuando se desconecta se cortarán." #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) @@ -8369,6 +8374,10 @@ msgid "" "specifies what sort of outbound connections are allowed or refused from that" " relay." msgstr "" +"Cada repetidor Tor tiene una [polÃtica de " +"salida](https://2019.www.torproject.org/docs/faq.html.en#ExitPolicies) que " +"especifica qué clases de conexiones salientes están permitidas o rechazadas " +"en el mismo." #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) @@ -8376,6 +8385,9 @@ msgid "" "If you are uncomfortable allowing people to exit from your relay, you can " "set it up to only allow connections to other Tor relays." msgstr "" +"Si no estás confortable permitiendo a la gente que salga desde tu repetidor," +" podés configurarlo para permitir solamente conexiones a otros repetidores " +"Tor." #: https//support.torproject.org/operators/relay-flexible/ #: (content/operators/relay-flexible/contents+en.lrquestion.description) @@ -8384,11 +8396,15 @@ msgid "" "capacity, so high-bandwidth relays will attract more users than low-" "bandwidth ones. Therefore, having low-bandwidth relays is useful too." msgstr "" +"* Tu repetidor estimará pasivamente su capacidad de ancho de banda reciente " +"y la publicitará, por lo que repetidores de ancho de banda alto atraerán más" +" usuarios que los de ancho de banda bajo. Por consiguiente, tener " +"repetidores de ancho de banda bajo también es útil." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.title) msgid "Why is my Tor relay using so much memory?" -msgstr "" +msgstr "¿Por qué está usando tanta memoria mi repetidor Tor?" #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8396,6 +8412,8 @@ msgid "" "If your Tor relay is using more memory than you'd like, here are some tips " "for reducing its footprint:" msgstr "" +"Si tu repetidor Tor está usando más memoria de la que te gustarÃa, acá hay " +"algunos consejos para reducir su huella:" #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8403,6 +8421,8 @@ msgid "" "* If you're on Linux, you may be encountering memory fragmentation bugs in " "glibc's malloc implementation." msgstr "" +"* Si estás en Linux, podrÃas estar encontrándote errores de fragmentación de" +" memoria en la implementación de malloc de glibc." #: https//support.torproject.org/operators/relay-memory/ #: (content/operators/relay-memory/contents+en.lrquestion.description) @@ -8410,6 +8430,8 @@ msgid "" "That is, when Tor releases memory back to the system, the pieces of memory " "are fragmented so they're hard to reuse." msgstr "" +"Eso es, cuando Tor devuelve memoria al sistema, esas piezas están " +"fragmentadas, por lo que son difÃciles de reutilizar." #: https//support.torproject.org/operators/relay-memory/ #:
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 57787b1c4270cba8892b872bc32578faf8a5d8a9 Author: Translation commit bot Date: Thu Aug 27 18:45:10 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/contents+ar.po b/contents+ar.po index 90e017ae7e..0a794b2880 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -1721,12 +1721,12 @@ msgstr "" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "You can usually ask these questions in a Pre-Sales ticket." -msgstr "" +msgstr "ÙÙ ÙÙ٠عادة Ø·Ø±Ø Ùذ٠اÙأسئÙØ© Ù٠تذÙرة ٠ا Ùب٠اÙبÙع." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "# AS/location diversity" -msgstr "" +msgstr "# AS / تÙÙع اÙÙ ÙÙع" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1734,22 +1734,24 @@ msgid "" "When selecting your hosting provider, consider network diversity on an " "autonomous system (AS) and country level." msgstr "" +"عÙد اختÙار ٠زÙد اÙاستضاÙØ© Ø Ø¶Ø¹ Ù٠اعتبار٠تÙÙع اÙشبÙØ© عÙ٠٠ستÙ٠اÙÙظا٠" +"اÙ٠ستÙÙ (AS) ÙعÙ٠٠ستÙ٠اÙدÙÙØ©." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "A more diverse network is more resilient to attacks and outages." -msgstr "" +msgstr "تعد اÙشبÙØ© اÙØ£Ùثر تÙÙعÙا Ø£Ùثر ٠رÙÙØ© ÙÙ Ù ÙاجÙØ© اÙÙج٠ات ÙاÙÙطاع اÙتÙار." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "" "Sometimes it is not clear which AS you are buying from in case of resellers." -msgstr "" +msgstr "Ù٠بعض اÙØ£ØÙØ§Ù Ø ÙÙس ٠٠اÙÙØ§Ø¶Ø Ø£Ù AS اÙذ٠تشتر٠٠ÙÙ ÙÙ ØاÙØ© اÙبائعÙÙ." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "To be sure, ask the host about the AS number before ordering a server." -msgstr "" +msgstr "ÙÙتأÙد Ø Ø§Ø³Ø£Ù Ø§Ù٠ضÙ٠ع٠رÙÙ AS Ùب٠طÙب اÙخاد٠." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) @@ -1757,11 +1759,13 @@ msgid "" "It is best to avoid hosts where many Tor relays are already hosted, but it " "is still better to add one there than to run no relay at all." msgstr "" +"٠٠اÙØ£Ùض٠تجÙب اÙ٠ضÙÙÙÙ ØÙØ« Ùت٠باÙÙع٠استضاÙØ© اÙعدÙد ٠٠٠رØÙات Tor Ø ÙÙÙÙ " +"Ùا Ùزا٠٠٠اÙØ£Ùض٠إضاÙØ© ÙاØد ÙÙا٠بدÙا٠٠٠عد٠تشغÙ٠أ٠٠رØ٠عÙ٠اÙإطÙاÙ." #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) msgid "**Try to avoid** the following hosters:" -msgstr "" +msgstr "** ØاÙ٠تجÙب ** اÙ٠ضÙÙÙ٠اÙتاÙÙÙÙ:" #: https//community.torproject.org/relay/technical-considerations/ #: (content/relay-operations/technical-considerations/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit b1e32b7f0133853cea368285553ef6a0c09d5e2d Author: Translation commit bot Date: Thu Aug 27 18:17:48 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 33 ++--- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/contents+es-AR.po b/contents+es-AR.po index 6b4566c661..665c37171c 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8220,7 +8220,7 @@ msgstr "" #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.title) msgid "How should I configure the outgoing filters on my relay?" -msgstr "" +msgstr "¿Cómo deberÃa configurar los filtros de salida en mi repetidor?" #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) @@ -8228,6 +8228,8 @@ msgid "" "All outgoing connections must be allowed, so that each relay can communicate" " with every other relay." msgstr "" +"Todas las conexiones salientes deben ser permitidas, para que cada repetidor" +" pueda comunicarse con todos los demás." #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) @@ -8236,17 +8238,23 @@ msgid "" " common carrier regulations that prevent internet service providers from " "being held liable for third-party content that passes through their network." msgstr "" +"En muchas jurisdicciones, los operadores de repetidores Tor están legalmente" +" protegidos por las mismas regulaciones de telecomunicaciones que previenen " +"que los proveedores de servicio de Internet sean hechos responsables por el " +"contenido de terceros que pasa a través de sus redes." #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) msgid "" "Exit relays that filter some traffic would likely forfeit those protections." msgstr "" +"Los repetidores de salida que filtran algo de tráfico en toda probabilidad " +"se excluirÃan de esas protecciones." #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) msgid "Tor promotes free network access without interference." -msgstr "" +msgstr "Tor promueve el acceso libre e la red sin interferencia." #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) @@ -8254,6 +8262,8 @@ msgid "" "Exit relays must not filter the traffic that passes through them to the " "internet." msgstr "" +"Los repetidores de salida no deben filtrar el tráfico que pasa a rtavés de " +"ellos hacia Internet." #: https//support.torproject.org/operators/outgoing-firewall/ #: (content/operators/outgoing-firewall/contents+en.lrquestion.description) @@ -8262,11 +8272,16 @@ msgid "" "[BadExit](https://community.torproject.org/relay/community-resources/bad-; "relays/) flag once detected." msgstr "" +"Los repetidores de salida que sean encontrados filtrando tráfico serán " +"marcados como [BadExit](https://community.torproject.org/relay/community-; +"resources/bad-relays/) una vez detectados." #: https//support.torproject.org/operators/packaged-tor/ #: (content/operators/packaged-tor/contents+en.lrquestion.title) msgid "Should I install Tor from my package manager, or build from source?" msgstr "" +"¿Debiera instalar Tor desde mi gestor de paquetes, o compilarlo desde el " +"código fuente?" #: https//support.torproject.org/operators/packaged-tor/ #: (content/operators/packaged-tor/contents+en.lrquestion.description) @@ -8275,6 +8290,9 @@ msgid "" "to installing Tor from the [Tor Project's " "repository](https://support.torproject.org/apt/tor-deb-repo/)." msgstr "" +"Si estás usando Debian o Ubuntu especialmente, hay una cantidad de " +"beneficios en instalar Tor desde el [repositorio del Tor " +"Project](https://support.torproject.org/apt/tor-deb-repo/)." #: https//support.torproject.org/operators/packaged-tor/ #: (content/operators/packaged-tor/contents+en.lrquestion.description) @@ -8282,6 +8300,8 @@ msgid "" "* Your `ulimit -n` gets set to 32768 high enough for Tor to keep open all " "the connections it needs." msgstr "" +"* Tu `ulimit -n` queda establecido en 32768, suficientemente alto para que " +"Tor mantenga abiertas todas las conexiones que necesita." #: https//support.torproject.org/operators/packaged-tor/ #: (content/operators/packaged-tor/contents+en.lrquestion.description) @@ -8289,11 +8309,14 @@ msgid "" "* A user profile is created just for Tor, so Tor doesn't need to run as " "root." msgstr "" +"* Un perfil de usuario es creado solo para Tor, por lo que no necesita " +"correr como superusuario." #: https//support.torproject.org/operators/packaged-tor/ #:
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 042b9e5bd7aef0ac4663d67c62a48393ed819e4e Author: Translation commit bot Date: Thu Aug 27 18:15:10 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ka.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contents+ka.po b/contents+ka.po index 6eb6b90d34..0aacf69818 100644 --- a/contents+ka.po +++ b/contents+ka.po @@ -5114,7 +5114,7 @@ msgid "" "It is not recommended to install Tor exit relays on servers that you need " "for other services as well." msgstr "" -"ááá á©áá áá áááá§áááá Tor-áá¡ áááá¡ááááá ááááááªááááá áá á¡áá ááá áááá, á áááááá¡á᪠" +"ááá á©ááá áá áááá§áááá Tor-áá¡ áááá¡ááááá ááááááªááááá áá á¡áá ááá áááá, á áááááá¡á᪠" "á¡á®áá áááá¡áá®á£á áááááá¡áááá¡ áá§ááááá." #: https//community.torproject.org/relay/setup/exit/ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Bug 40045: Fix complete .mar file creation for dmg2mar
commit 340d124db3ef1f1ac173f28b2ceb5c8532e99797 Author: Matthew Finkel Date: Wed Aug 19 15:33:58 2020 + Bug 40045: Fix complete .mar file creation for dmg2mar --- projects/release/dmg2mar | 2 +- tools/dmg2mar| 11 ++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/projects/release/dmg2mar b/projects/release/dmg2mar index d6175f5..42fae50 100644 --- a/projects/release/dmg2mar +++ b/projects/release/dmg2mar @@ -1,4 +1,4 @@ #!/bin/bash [% c("var/set_default_env") -%] cd [% shell_quote(path(dest_dir)) %]/[% c("var/signed_status") %]/[% c("version") %] -[% shell_quote(c("basedir")) %]/tools/dmg2mar +[% shell_quote(c("basedir")) %]/tools/dmg2mar [% c("var/channel") %] diff --git a/tools/dmg2mar b/tools/dmg2mar index 9b98956..13a4c9e 100755 --- a/tools/dmg2mar +++ b/tools/dmg2mar @@ -103,6 +103,7 @@ sub get_dmg_files_from_sha256sums { } sub convert_files { +my ($channel) = @_; my $pm = Parallel::ForkManager->new(get_nbprocs); $pm->run_on_finish(sub { print "Finished $_[2]\n" }); foreach my $file (get_dmg_files_from_sha256sums) { @@ -140,9 +141,13 @@ sub convert_files { find($wanted, "$tmpdir/$appname.app"); unlink $output; +local $ENV{MOZ_PRODUCT_VERSION} = $file->{version}; +local $ENV{MAR_CHANNEL_ID} = "torbrowser-torproject-$channel"; (undef, $err, $success) = capture_exec('make_full_update.sh', '-q', $output, "$tmpdir/$appname.app"); exit_error "Error updating $output: $err" unless $success; +exit_error "make_full_update.sh failed. $output does not exist." +unless -f $output; $pm->finish; } $pm->wait_all_children; @@ -164,6 +169,10 @@ sub remove_incremental_mars { # Set LC_ALL=C to avoid reproducibility issues when creating mar files $ENV{LC_ALL} = 'C'; + +exit_error "Please specify update channel" unless @ARGV == 1; +my $channel = $ARGV[0]; + extract_martools; -convert_files; +convert_files $channel; remove_incremental_mars; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Merge remote-tracking branch 'gitlab/merge-requests/38' into master
commit f7ca0b7eb215dd909197a4a2d35f96fdb186f172 Merge: bdcf6b3 81bae4a Author: Georg Koppen Date: Thu Aug 27 17:34:41 2020 + Merge remote-tracking branch 'gitlab/merge-requests/38' into master projects/release/dmg2mar| 2 +- tools/dmg2mar | 11 ++- tools/update-responses/update_responses | 4 ++-- 3 files changed, 13 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] fixup! Bug 40027: Fix incremental .mar creation for esr78
commit 81bae4ade31e803fb3627ad0283e020331d1a21c Author: Matthew Finkel Date: Mon Aug 24 17:41:58 2020 + fixup! Bug 40027: Fix incremental .mar creation for esr78 --- tools/update-responses/update_responses | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/update-responses/update_responses b/tools/update-responses/update_responses index de703ee..b07d937 100755 --- a/tools/update-responses/update_responses +++ b/tools/update-responses/update_responses @@ -230,8 +230,8 @@ sub create_incremental_mar { exit_error "Missing code signature while creating $mar_file"; } } -$ENV{MOZ_PRODUCT_VERSION} = $new_version; -$ENV{MAR_CHANNEL_ID} = "torbrowser-torproject-$channel"; +local $ENV{MOZ_PRODUCT_VERSION} = $new_version; +local $ENV{MAR_CHANNEL_ID} = "torbrowser-torproject-$channel"; my ($out, $err, $success) = capture_exec('make_incremental_update.sh', $mar_file_path, "$tmpdir/A", "$tmpdir/B"); if (!$success) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 1fc95d60448ab99484f32ee7b7829a70306c36e4 Author: Translation commit bot Date: Thu Aug 27 12:46:40 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- zh_CN.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zh_CN.po b/zh_CN.po index ff92493433..963fe37a97 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -36,7 +36,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-08-27 12:06+\n" +"PO-Revision-Date: 2020-08-27 12:38+\n" "Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit 49bef0403756152cdbc502e84764163c0e7b55a9 Author: Translation commit bot Date: Thu Aug 27 12:45:54 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- zh_CN.po | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index 59cd0c3be1..17034f02b5 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -36,7 +36,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-08-27 12:06+\n" +"PO-Revision-Date: 2020-08-27 12:38+\n" "Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" @@ -1650,19 +1650,19 @@ msgid "" "A captive portal is a web page that is displayed before you can access the Internet. Captive portals usually require to log in to the network or enter information such as an email address.\n" "\n" "The Unsafe Browser is not anonymous and can deanonymize you. Use it only to log in to captive portals." -msgstr "" +msgstr "ä¸å®å ¨çæµè§å¨å 许æ¨ç»é强å¶é¨æ·ã\n\n强å¶é¨æ·æ¯æ¨æ¥å ¥äºèç½åæ¾ç¤ºçç½é¡µã强å¶é¨æ·é常è¦æ±ç»éç½ç»æè¾å ¥çµåé®ç®±å°åä¹ç±»çä¿¡æ¯ã\n\nä¸å®å ¨çæµè§å¨ä¸æ¯å¿åçï¼èä¸ä¼æ¶é¤æ¨çå¿åç¶æãåªä½¿ç¨å®ç»é强å¶é¨æ·ã" #: ../config/chroot_local-includes/usr/share/tails/greeter/additional_settings.ui.in:572 msgid "Disable the Unsafe Browser (default)" -msgstr "" +msgstr "ç¦ç¨ä¸å®å ¨çæµè§å¨ï¼é»è®¤ï¼" #: ../config/chroot_local-includes/usr/share/tails/greeter/additional_settings.ui.in:617 msgid "Enable the Unsafe Browser" -msgstr "" +msgstr "å¯ç¨ä¸å®å ¨çæµè§å¨" #: ../config/chroot_local-includes/usr/share/tails/greeter/main.ui.in:100 msgid "Settings were loaded from the persistent storage." -msgstr "" +msgstr "设置æ¯ä»æä¹ ååå¨å è½½çã" #: ../config/chroot_local-includes/usr/share/tails/greeter/main.ui.in:168 msgid "" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 42f53cc63882c9326c2dea1ec979d801b49838a1 Author: Translation commit bot Date: Thu Aug 27 12:16:35 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- zh_CN.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zh_CN.po b/zh_CN.po index 20dd0ad7b9..ff92493433 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -36,7 +36,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-08-27 11:45+\n" +"PO-Revision-Date: 2020-08-27 12:06+\n" "Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit e32f4062eb26220c2cd8c9ad40896adcb6992375 Author: Translation commit bot Date: Thu Aug 27 12:15:52 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- zh_CN.po | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index 12b99dd61a..59cd0c3be1 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -36,7 +36,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-08-27 11:45+\n" +"PO-Revision-Date: 2020-08-27 12:06+\n" "Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" @@ -688,7 +688,7 @@ msgstr "欢è¿" msgid "" "Beta: only the additional setting to enable the Unsafe Browser is made " "persistent" -msgstr "" +msgstr "Betaæµè¯ï¼åªæå¯ç¨ä¸å®å ¨çæµè§å¨çé¢å¤è®¾ç½®ææ¯æä¹ åç" #: config/chroot_local-includes/usr/src/persistence-setup/lib/Tails/Persistence/Configuration/Presets.pm:85 msgid "Browser Bookmarks" @@ -871,7 +871,7 @@ msgstr "Tails å¯å¨æ¶ç设å¤å·²æ æ³æ¾å°ãå¯è½æ¨ä½¿ç¨äºâtoramâ #: config/chroot_local-includes/usr/local/lib/seahorse-tool-wrapper:42 msgid "Import Failed" -msgstr "" +msgstr "å¯¼å ¥å¤±è´¥" #. Translators: Don't translate {path} or {error}, #. they are placeholders and will be replaced. @@ -880,12 +880,12 @@ msgstr "" msgid "" "Failed to import keys from {path}:\n" "{error}" -msgstr "" +msgstr "ä»è·¯å¾å¯¼å ¥å¯é¥å¤±è´¥ï¼\n{ é误 }" #: config/chroot_local-includes/usr/local/lib/seahorse-tool-wrapper:53 msgid "Key Imported" msgid_plural "Keys Imported" -msgstr[0] "" +msgstr[0] "å·²å¯¼å ¥å¯é¥" #. Translators: Don't translate {uids}, it's a placeholder and #. will be replaced. @@ -893,7 +893,7 @@ msgstr[0] "" #, python-brace-format msgid "Imported a key for {uids}" msgid_plural "Imported keys for {uids}" -msgstr[0] "" +msgstr[0] "为{uids}å¯¼å ¥å¯é¥" #: config/chroot_local-includes/usr/share/gnome-shell/extensions/status-menu-hel...@tails.boum.org/extension.js:75 msgid "Lock screen" @@ -1419,14 +1419,14 @@ msgstr "éæ©æ件容å¨" #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:38 msgid "Launch the Unsafe Browser?" -msgstr "" +msgstr "确认å¯å¨ä¸å®å ¨çæµè§å¨ï¼" #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:40 msgid "" "The Unsafe Browser is not anonymous and the websites that you visit can see " "your real IP address.\\n\\nOnly use the Unsafe Browser to log in to a " "captive portal or browse trusted web pages on the local network." -msgstr "" +msgstr "ä¸å®å ¨çæµè§å¨ä¸æ¯å¿åçï¼æ¨è®¿é®çç½ç«å¯ä»¥çè§æ¨ççå®IPå°åãåªä½¿ç¨ä¸å®å ¨çæµè§å¨ç»é强å¶é¨æ·ææµè§æ¬å°ç½ç»ä¸åä¿¡ç¨çç½é¡µã" #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:51 msgid "Starting the Unsafe Browser..." @@ -1460,7 +1460,7 @@ msgstr "éå®å ¨æµè§å¨" msgid "" "The Unsafe Browser was not enabled in the Welcome Screen.\\n\\nTo use the Unsafe Browser, restart Tails and enable the Unsafe Browser in the additional settings of the Welcome Screen.\\n\n" "To always enable the Unsafe Browser, turn on the Welcome Screen feature of the Persistent Storage." -msgstr "" +msgstr "å¨æ¬¢è¿é¡µä¸æ²¡æå¯ç¨ä¸å®å ¨çæµè§å¨ãè¦ä½¿ç¨ä¸å®å ¨çæµè§å¨ï¼éå¯Tails并å¨æ¬¢è¿é¡µçé¢å¤ç设置ä¸å¯ç¨ã\nè¦ä¸ç´å¯ç¨ä¸å®å ¨çæµè§å¨ï¼è¯·æå¼æ¬¢è¿é¡µçæä¹ ååå¨åè½ã" #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:99 msgid "" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 910735bfd4575ac3db547242afdf97d981bbc662 Author: Translation commit bot Date: Thu Aug 27 11:46:30 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- zh_CN.po | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index dd735adb26..20dd0ad7b9 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -20,6 +20,7 @@ # leungsookfan , 2014 # 916b300d72c9f404e033ca28026e4c57_4fab4b5, 2018 # Cloud P , 2019 +# Runzhe Liang <18051080...@163.com>, 2020 # Sanya chang <408070...@qq.com>, 2013 # Scott Rhodes , 2020 # khi, 2014 @@ -35,8 +36,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-07-27 12:13+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2020-08-27 11:45+\n" +"Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit 2912c725045c1d0f1a8f70634f24c5ba112cb42c Author: Translation commit bot Date: Thu Aug 27 11:45:50 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- zh_CN.po | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/zh_CN.po b/zh_CN.po index dd735adb26..12b99dd61a 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -20,6 +20,7 @@ # leungsookfan , 2014 # 916b300d72c9f404e033ca28026e4c57_4fab4b5, 2018 # Cloud P , 2019 +# Runzhe Liang <18051080...@163.com>, 2020 # Sanya chang <408070...@qq.com>, 2013 # Scott Rhodes , 2020 # khi, 2014 @@ -35,8 +36,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-07-27 05:58+0200\n" -"PO-Revision-Date: 2020-07-27 12:13+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2020-08-27 11:45+\n" +"Last-Translator: Runzhe Liang <18051080...@163.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/otf/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -428,7 +429,7 @@ msgstr "è±æº" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/additional_settings.py:333 msgid "_Unsafe Browser" -msgstr "" +msgstr "âä¸å®å ¨çæµè§å¨" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/additional_settings.py:342 msgid "Enabled" @@ -436,7 +437,7 @@ msgstr "å¯ç¨" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/additional_settings.py:344 msgid "Disabled (default)" -msgstr "" +msgstr "å·²ç¦ç¨ï¼é»è®¤ï¼" #: config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/additional_settings.py:395 msgid "On (default)" @@ -681,7 +682,7 @@ msgstr "æ件ä¿åè³âPersistentâç®å½" #: config/chroot_local-includes/usr/src/persistence-setup/lib/Tails/Persistence/Configuration/Presets.pm:70 msgid "Welcome Screen" -msgstr "" +msgstr "欢è¿" #: config/chroot_local-includes/usr/src/persistence-setup/lib/Tails/Persistence/Configuration/Presets.pm:72 msgid "" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torbutton/master] Bug 40006: Fix new identity for 81
commit 72cbb6d501aa798a676da9331e686581ee4038cf Author: Alex Catarineu Date: Wed Aug 26 12:29:31 2020 +0200 Bug 40006: Fix new identity for 81 New identity tries to disable some buttons to prevent them from being clicked while doing a new identity. These are now initialized lazily, which makes the current code fail. Instead of doing that, we now avoid disabling the buttons and ignore new identity requests while one is in progress. --- chrome/content/torbutton.js | 24 +++- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/chrome/content/torbutton.js b/chrome/content/torbutton.js index 0d2e7e2d..a9d4ccd1 100644 --- a/chrome/content/torbutton.js +++ b/chrome/content/torbutton.js @@ -760,15 +760,18 @@ torbutton_new_circuit = function() { gBrowser.reloadWithFlags(Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CACHE); } +let newIdentityInProgress = false; + // Bug 1506 P4: Needed for New Identity. torbutton_new_identity = async function() { try { -// Make sure that we can only click once on New Identiy to avoid race +// Ignore if there's a New Identity in progress to avoid race // conditions leading to failures (see bug 11783 for an example). -// TODO: Remove the Torbutton menu entry again once we have done our -// security control redesign. -document.getElementById("menu_newIdentity").disabled = true; -document.getElementById("appMenuNewIdentity").disabled = true; +if (newIdentityInProgress) { + return; +} + +newIdentityInProgress = true; let shouldConfirm = m_tb_prefs.getBoolPref("extensions.torbutton.confirm_newnym"); @@ -789,14 +792,9 @@ torbutton_new_identity = async function() { if (confirmed) { await torbutton_do_new_identity(); - } else { -// TODO: Remove the Torbutton menu entry again once we have done our -// security control redesign. -document.getElementById("menu_newIdentity").disabled = false; -document.getElementById("appMenuNewIdentity").disabled = false; } } else { -await torbutton_do_new_identity(); + await torbutton_do_new_identity(); } } catch(e) { // If something went wrong make sure we have the New Identity button @@ -805,8 +803,8 @@ torbutton_new_identity = async function() { // security control redesign. torbutton_log(5, "Unexpected error on new identity: " + e); window.alert("Torbutton: Unexpected error on new identity: " + e); -document.getElementById("menu_newIdentity").disabled = false; -document.getElementById("appMenuNewIdentity").disabled = false; + } finally { +newIdentityInProgress = false; } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Add issue number to change log.
commit f496edec6fec8adc0b4e5c0454989c2bc06312e3 Author: Karsten Loesing Date: Thu Aug 27 11:09:07 2020 +0200 Add issue number to change log. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b7fcb2..a212842 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ - Remove the `onionperf measure --oneshot` switch and replace it with new switches `--tgen-pause-initial`, `--tgen-pause-between`, `--tgen-transfer-size`, and `--tgen-num-transfers ` to further - configure the generated TGen model. + configure the generated TGen model. Implemets #33432. # Changes in version 0.6 - 2020-08-08 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Rename variables for consistency and clarity.
commit 86f746c3c6ee6dc3be342f53fea90e6c02d39991 Author: Philipp Winter Date: Fri Aug 14 10:49:09 2020 -0700 Rename variables for consistency and clarity. initial_pause-> pause_initial inter_transfer_pause -> pause_between Thanks to Rob for the suggestion. --- onionperf/model.py | 19 --- onionperf/onionperf | 12 ++-- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/onionperf/model.py b/onionperf/model.py index b589249..3bfe35f 100644 --- a/onionperf/model.py +++ b/onionperf/model.py @@ -43,14 +43,14 @@ class TGenLoadableModel(TGenModel): class TGenModelConf(object): """Represents a TGen traffic model configuration.""" -def __init__(self, initial_pause=0, num_transfers=1, transfer_size="5 MiB", - continuous_transfers=False, inter_transfer_pause=5, port=None, servers=[], +def __init__(self, pause_initial=0, num_transfers=1, transfer_size="5 MiB", + continuous_transfers=False, pause_between=5, port=None, servers=[], socks_port=None): -self.initial_pause = initial_pause +self.pause_initial = pause_initial +self.pause_between = pause_between self.num_transfers = num_transfers self.transfer_size = transfer_size self.continuous_transfers = continuous_transfers -self.inter_transfer_pause = inter_transfer_pause self.port = port self.servers = servers self.socks_port = socks_port @@ -98,20 +98,17 @@ class TorperfModel(GeneratableTGenModel): loglevel="info", heartbeat="1 minute") -g.add_node("pause", time="%d seconds" % self.config.initial_pause) -g.add_edge("start", "pause") - -# "One-shot mode," i.e., onionperf will stop after the given number of -# iterations. The idea is: -# start -> pause -> stream-1 -> pause-1 -> ... -> stream-n -> pause-n -> end +g.add_node("pause_initial", + time="%d seconds" % self.config.pause_initial) g.add_node("stream", sendsize="0", recvsize=self.config.transfer_size, timeout="15 seconds", stallout="10 seconds") g.add_node("pause_between", - time="%d seconds" % self.config.inter_transfer_pause) + time="%d seconds" % self.config.pause_between) +g.add_edge("start", "pause_initial") g.add_edge("pause_initial", "stream") # only add an end node if we need to stop diff --git a/onionperf/onionperf b/onionperf/onionperf index d95e691..a49982b 100755 --- a/onionperf/onionperf +++ b/onionperf/onionperf @@ -190,16 +190,16 @@ def main(): action="store", dest="tgenconnectport", default=8080) -measure_parser.add_argument('--tgen-start-pause', +measure_parser.add_argument('--tgen-pause-initial', help="""the number of seconds TGen should wait before walking through its action graph""", metavar="N", type=int, -action="store", dest="tgenstartpause", +action="store", dest="tgenpauseinitial", default=5) -measure_parser.add_argument('--tgen-intertransfer-pause', +measure_parser.add_argument('--tgen-pause-between', help="""the number of seconds TGen should wait in between two transfers""", metavar="N", type=int, -action="store", dest="tgenintertransferpause", +action="store", dest="tgenpausebetween", default=300) measure_parser.add_argument('--tgen-transfer-size', @@ -377,11 +377,11 @@ def measure(args): tor_ctl_port=server_tor_ctl_port, tor_socks_port=server_tor_socks_port) -tgen_model = TGenModelConf(initial_pause=args.tgenstartpause, +tgen_model = TGenModelConf(pause_initial=args.tgenpauseinitial, transfer_size=args.tgentransfersize, num_transfers=args.tgennumtransfers, continuous_transfers=args.tgennumtransfers == 0, - inter_transfer_pause=args.tgenintertransferpause) + pause_between=args.tgenpausebetween) meas = Measurement(args.torpath, args.tgenpath, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Let TGen client finish by itself in one-shot mode.
commit 959cf3689106189001a83c7e58dc40e10497a081 Author: Philipp Winter Date: Fri Aug 7 14:48:58 2020 -0700 Let TGen client finish by itself in one-shot mode. We tell TGen client to finish on its own by passing the count option to the end node: https://github.com/shadow/tgen/blob/master/doc/TGen-Options.md#end-options This patch adds another argument to the function watchdog_thread_task(), no_relaunch, which instructs the function to not re-launch its process if it fails. --- onionperf/measurement.py | 45 +++-- onionperf/model.py | 3 ++- 2 files changed, 25 insertions(+), 23 deletions(-) diff --git a/onionperf/measurement.py b/onionperf/measurement.py index e2d8d1c..d699292 100644 --- a/onionperf/measurement.py +++ b/onionperf/measurement.py @@ -50,10 +50,11 @@ def readline_thread_task(instream, q): # wait for lines from stdout until the EOF for line in iter(instream.readline, b''): q.put(line) -def watchdog_thread_task(cmd, cwd, writable, done_ev, send_stdin, ready_search_str, ready_ev): +def watchdog_thread_task(cmd, cwd, writable, done_ev, send_stdin, ready_search_str, ready_ev, no_relaunch): -# launch or re-launch our sub process until we are told to stop -# if we fail too many times in too short of time, give up and exit +# launch or re-launch (or don't re-launch, if no_relaunch is set) our sub +# process until we are told to stop if we fail too many times in too short +# of time, give up and exit failure_times = [] pause_time_seconds = 0 while done_ev.is_set() is False: @@ -105,6 +106,10 @@ def watchdog_thread_task(cmd, cwd, writable, done_ev, send_stdin, ready_search_s subp.wait() elif done_ev.is_set(): logging.info("command '{}' finished as expected".format(cmd)) +elif no_relaunch: +logging.info("command '{}' finished on its own".format(cmd)) +# our command finished on its own. time to terminate. +done_ev.set() else: logging.warning("command '{}' finished before expected".format(cmd)) now = time.time() @@ -284,15 +289,9 @@ class Measurement(object): time.sleep(1) while True: if tgen_model.num_transfers: -downloads = 0 -while True: -downloads = self.__get_download_count(tgen_client_writable.filename) -time.sleep(1) -if downloads >= tgen_model.num_transfers: -logging.info("Onionperf has downloaded %d files and will now shut down." % tgen_model.num_transfers) -break -else: -continue +# This function blocks until our TGen client process +# terminated on its own. +self.__wait_for_tgen_client() break if self.__is_alive(): @@ -366,7 +365,10 @@ class Measurement(object): logging.info("Logging TGen {1} process output to {0}".format(tgen_logpath, name)) tgen_cmd = "{0} {1}".format(self.tgen_bin_path, tgen_confpath) -tgen_args = (tgen_cmd, tgen_datadir, tgen_writable, self.done_event, None, None, None) +# If we're running in "one-shot mode", TGen client will terminate on +# its own and we don't need our watchdog to restart the process. +no_relaunch = (name == "client" and tgen_model_conf.num_transfers) +tgen_args = (tgen_cmd, tgen_datadir, tgen_writable, self.done_event, None, None, None, no_relaunch) tgen_watchdog = threading.Thread(target=watchdog_thread_task, name="tgen_{0}_watchdog".format(name), args=tgen_args) tgen_watchdog.start() self.threads.append(tgen_watchdog) @@ -464,7 +466,7 @@ WarnUnsafeSocks 0\nSafeLogging 0\nMaxCircuitDirtiness 60 seconds\nDataDirectory tor_stdin_bytes = str_tools._to_bytes(tor_config) tor_ready_str = "Bootstrapped 100" tor_ready_ev = threading.Event() -tor_args = (tor_cmd, tor_datadir, tor_writable, self.done_event, tor_stdin_bytes, tor_ready_str, tor_ready_ev) +tor_args = (tor_cmd, tor_datadir, tor_writable, self.done_event, tor_stdin_bytes, tor_ready_str, tor_ready_ev, False) tor_watchdog = threading.Thread(target=watchdog_thread_task, name="tor_{0}_watchdog".format(name), args=tor_args) tor_watchdog.start() self.threads.append(tor_watchdog) @@ -491,14 +493,13 @@ WarnUnsafeSocks 0\nSafeLogging 0\nMaxCircuitDirtiness 60 seconds\nDataDirectory return tor_writable, torctl_writable -def __get_download_count(self, tgen_logpath): -count = 0 -if tgen_logpath is not None and os.path.exists(tgen_logpath): -
[tor-commits] [onionperf/develop] Apply 1 suggestion(s) to 1 file(s)
commit a6aa4189e04ee1b05dbdb68b90f24e14bf3443ac Author: Philipp Winter Date: Fri Aug 14 16:47:04 2020 + Apply 1 suggestion(s) to 1 file(s) --- onionperf/model.py | 54 ++ 1 file changed, 22 insertions(+), 32 deletions(-) diff --git a/onionperf/model.py b/onionperf/model.py index bdd5a53..b589249 100644 --- a/onionperf/model.py +++ b/onionperf/model.py @@ -104,40 +104,30 @@ class TorperfModel(GeneratableTGenModel): # "One-shot mode," i.e., onionperf will stop after the given number of # iterations. The idea is: # start -> pause -> stream-1 -> pause-1 -> ... -> stream-n -> pause-n -> end -if self.config.num_transfers > 0: -for i in range(self.config.num_transfers): -g.add_node("stream-%d" % i, - sendsize="0", - recvsize=self.config.transfer_size, - timeout="15 seconds", - stallout="10 seconds") -g.add_node("pause-%d" % i, - time="%d seconds" % self.config.inter_transfer_pause) - -g.add_edge("stream-%d" % i, "pause-%d" % i) -if i > 0: -g.add_edge("pause-%d" % (i-1), "stream-%d" % i) - +g.add_node("stream", + sendsize="0", + recvsize=self.config.transfer_size, + timeout="15 seconds", + stallout="10 seconds") +g.add_node("pause_between", + time="%d seconds" % self.config.inter_transfer_pause) + +g.add_edge("pause_initial", "stream") + +# only add an end node if we need to stop +if self.config.continuous_transfers: +# continuous mode, i.e., no end node +g.add_edge("stream", "pause_between") +else: +# one-shot mode, i.e., end after configured number of transfers g.add_node("end", count=str(self.config.num_transfers)) -g.add_edge("pause", "stream-0") -g.add_edge("pause-%d" % (self.config.num_transfers - 1), "end") - -# Continuous mode, i.e., onionperf will not stop. The idea is: -# start -> pause -> stream -> pause -# ^ | -# +---+ -elif self.config.continuous_transfers: -g.add_node("stream", - sendsize="0", - recvsize=self.config.transfer_size, - timeout="15 seconds", - stallout="10 seconds") -g.add_node("pause", - time="%d seconds" % self.config.inter_transfer_pause) -g.add_edge("pause", "stream") -g.add_edge("stream", "pause") -g.add_edge("pause", "stream") +# check for end condition after every transfer +g.add_edge("stream", "end") +# if end condition not met, pause +g.add_edge("end", "pause_between") + +g.add_edge("pause_between", "stream") return g ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Make models more configurable.
commit 7ef8c64833d41337d5c9cc5baaee2808092c9aad Author: Philipp Winter Date: Fri Jun 26 10:00:29 2020 -0700 Make models more configurable. This patch removes the --oneshot subcommand and replaces it with several new subcommands for OnionPerf's "measure" command: --tgen-start-pause (Initial pause before file transfers.) --tgen-num-transfers(Number of file transfers.) --tgen-intertransfer-pause (Pause in between file transfers.) --tgen-transfer-size(Size of each file transfer.) By default, OnionPerf continues to run in "continuous" mode. One can simulate oneshot mode by running onionperf with the following flags: onionperf measure --tgen-num-transfers=1 In addition to the above subcommands, this patch improves the code base by 1) adding a TGenConf class to hold TGen's configuration and by 2) adding a TGenModelConf class to hold TGen's traffic model. This fixes tpo/metrics/onionperf#33432. --- onionperf/measurement.py| 102 +++--- onionperf/model.py | 108 +++- onionperf/onionperf | 60 +++- onionperf/tests/test_measurement.py | 12 ++-- 4 files changed, 175 insertions(+), 107 deletions(-) diff --git a/onionperf/measurement.py b/onionperf/measurement.py index af1fa0d..e2d8d1c 100644 --- a/onionperf/measurement.py +++ b/onionperf/measurement.py @@ -15,6 +15,16 @@ from stem.control import Controller from stem.version import Version, Requirement, get_system_tor_version from stem import __version__ as stem_version +class TGenConf(object): +"""Represents a TGen configuration, for both client and server.""" +def __init__(self, listen_port=None, connect_ip=None, connect_port=None, tor_ctl_port=None, tor_socks_port=None): +self.listen_port = str(listen_port) +self.tor_ctl_port = tor_ctl_port +self.tor_socks_port = tor_socks_port +# TGen clients use connect_ip and connect_port. +self.connect_ip = connect_ip +self.connect_port = connect_port + # onionperf imports from . import analysis, monitor, model, util @@ -173,12 +183,11 @@ def logrotate_thread_task(writables, tgen_writable, torctl_writable, docroot, ni class Measurement(object): -def __init__(self, tor_bin_path, tgen_bin_path, datadir_path, privatedir_path, nickname, oneshot, additional_client_conf=None, torclient_conf_file=None, torserver_conf_file=None, single_onion=False): +def __init__(self, tor_bin_path, tgen_bin_path, datadir_path, privatedir_path, nickname, additional_client_conf=None, torclient_conf_file=None, torserver_conf_file=None, single_onion=False): self.tor_bin_path = tor_bin_path self.tgen_bin_path = tgen_bin_path self.datadir_path = datadir_path self.privatedir_path = privatedir_path -self.oneshot = oneshot self.nickname = nickname self.threads = None self.done_event = None @@ -190,20 +199,30 @@ class Measurement(object): self.torserver_conf_file = torserver_conf_file self.single_onion = single_onion -def run(self, do_onion=True, do_inet=True, client_tgen_listen_port=5, client_tgen_connect_ip='0.0.0.0', client_tgen_connect_port=8080, client_tor_ctl_port=59050, client_tor_socks_port=59000, - server_tgen_listen_port=8080, server_tor_ctl_port=59051, server_tor_socks_port=59001): +def run(self, do_onion=True, do_inet=True, tgen_model=None, tgen_client_conf=None, tgen_server_conf=None): ''' -only `server_tgen_listen_port` are "public" and need to be opened on the firewall. -if `client_tgen_connect_port` != `server_tgen_listen_port`, then you should have installed a forwarding rule in the firewall. +only `tgen_server_conf.listen_port` are "public" and need to be opened on the firewall. +if `tgen_client_conf.connect_port` != `tgen_server_conf.listen_port`, then you should have installed a forwarding rule in the firewall. all ports need to be unique though, and unique among multiple onionperf instances. here are some sane defaults: -client_tgen_listen_port=5, client_tgen_connect_port=8080, client_tor_ctl_port=59050, client_tor_socks_port=59000, -server_tgen_listen_port=8080, server_tor_ctl_port=59051, server_tor_socks_port=59001 +tgen_client_conf.listen_port=5, tgen_client_conf.connect_port=8080, tgen_client_conf.tor_ctl_port=59050, tgen_client_conf.tor_socks_port=59000, +tgen_server_conf.listen_port=8080, tgen_server_conf.tor_ctl_port=59051, tgen_server_conf.tor_socks_port=59001 ''' self.threads = [] self.done_event = threading.Event() +if tgen_client_conf is None: +tgen_client_conf = TGenConf(listen_port=5, +
[tor-commits] [onionperf/develop] Make some tweaks to new TGen model.
commit b8f1e5c2695c097a7494f7975403664c0c833825 Author: Karsten Loesing Date: Sun Aug 16 22:03:34 2020 +0200 Make some tweaks to new TGen model. - Change timeout back to 270 seconds and stallout back to 0 seconds. - Change initial pause to 300 seconds to keep default behavior unchanged. - Change model, so that pause_between starts in parallel to a stream, not when the stream is completed. This is the same behavior as before. Also add a change log entry for all changes. --- CHANGELOG.md| 7 +++ onionperf/model.py | 20 onionperf/onionperf | 2 +- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0c4c4f2..ac6897b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +# Changes in version 0.7 - 2020-??-?? + + - Remove the `onionperf measure --oneshot` switch and replace it with + new switches `--tgen-pause-initial`, `--tgen-pause-between`, + `--tgen-transfer-size`, and `--tgen-num-transfers ` to further + configure the generated TGen model. + # Changes in version 0.6 - 2020-??-?? - Update to TGen 1.0.0, use TGenTools for parsing TGen log files, and diff --git a/onionperf/model.py b/onionperf/model.py index d45763e..fde587f 100644 --- a/onionperf/model.py +++ b/onionperf/model.py @@ -43,8 +43,8 @@ class TGenLoadableModel(TGenModel): class TGenModelConf(object): """Represents a TGen traffic model configuration.""" -def __init__(self, pause_initial=0, num_transfers=1, transfer_size="5 MiB", - continuous_transfers=False, pause_between=5, port=None, servers=[], +def __init__(self, pause_initial=300, num_transfers=1, transfer_size="5 MiB", + continuous_transfers=False, pause_between=300, port=None, servers=[], socks_port=None): self.pause_initial = pause_initial self.pause_between = pause_between @@ -103,28 +103,24 @@ class TorperfModel(GeneratableTGenModel): g.add_node("stream", sendsize="0", recvsize=self.config.transfer_size, - timeout="15 seconds", - stallout="10 seconds") + timeout="270 seconds", + stallout="0 seconds") g.add_node("pause_between", time="%d seconds" % self.config.pause_between) g.add_edge("start", "pause_initial") g.add_edge("pause_initial", "stream") +g.add_edge("pause_initial", "pause_between") +g.add_edge("pause_between", "stream") +g.add_edge("pause_between", "pause_between") # only add an end node if we need to stop -if self.config.continuous_transfers: -# continuous mode, i.e., no end node -g.add_edge("stream", "pause_between") -else: +if not self.config.continuous_transfers: # one-shot mode, i.e., end after configured number of transfers g.add_node("end", count="%d" % self.config.num_transfers) # check for end condition after every transfer g.add_edge("stream", "end") -# if end condition not met, pause -g.add_edge("end", "pause_between") - -g.add_edge("pause_between", "stream") return g diff --git a/onionperf/onionperf b/onionperf/onionperf index a49982b..6a16da2 100755 --- a/onionperf/onionperf +++ b/onionperf/onionperf @@ -194,7 +194,7 @@ def main(): help="""the number of seconds TGen should wait before walking through its action graph""", metavar="N", type=int, action="store", dest="tgenpauseinitial", -default=5) +default=300) measure_parser.add_argument('--tgen-pause-between', help="""the number of seconds TGen should wait in between two transfers""", ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Use format string for consistency.
commit 1eea5e10700c76f8e1b37e626eaeaf96c5488150 Author: Philipp Winter Date: Fri Aug 14 11:29:01 2020 -0700 Use format string for consistency. Thanks to Rob for pointing this out. --- onionperf/model.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/onionperf/model.py b/onionperf/model.py index 3bfe35f..d45763e 100644 --- a/onionperf/model.py +++ b/onionperf/model.py @@ -118,7 +118,7 @@ class TorperfModel(GeneratableTGenModel): else: # one-shot mode, i.e., end after configured number of transfers g.add_node("end", - count=str(self.config.num_transfers)) + count="%d" % self.config.num_transfers) # check for end condition after every transfer g.add_edge("stream", "end") # if end condition not met, pause ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [onionperf/develop] Merge branch 'phw-enhancement-33432-3' into develop
commit c707674ba9b0d7931038c12bbe2d01585a88eb22 Merge: dfec0b8 b8f1e5c Author: Karsten Loesing Date: Thu Aug 27 10:38:21 2020 +0200 Merge branch 'phw-enhancement-33432-3' into develop CHANGELOG.md| 4 ++ onionperf/measurement.py| 139 +++- onionperf/model.py | 98 ++--- onionperf/onionperf | 60 onionperf/tests/test_measurement.py | 12 ++-- 5 files changed, 185 insertions(+), 128 deletions(-) diff --cc CHANGELOG.md index c31a40e,ac6897b..4b7fcb2 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@@ -1,9 -1,11 +1,13 @@@ # Changes in version 0.7 - 2020-??-?? + - Add `onionperf measure --drop-guards` parameter to use and drop + guards after a given number of hours. Implements #33399. + - Remove the `onionperf measure --oneshot` switch and replace it with +new switches `--tgen-pause-initial`, `--tgen-pause-between`, +`--tgen-transfer-size`, and `--tgen-num-transfers ` to further +configure the generated TGen model. -# Changes in version 0.6 - 2020-??-?? +# Changes in version 0.6 - 2020-08-08 - Update to TGen 1.0.0, use TGenTools for parsing TGen log files, and update analysis results file version to 3.0. Implements #33974. diff --cc onionperf/measurement.py index 709fbc6,d699292..f198be0 --- a/onionperf/measurement.py +++ b/onionperf/measurement.py @@@ -173,7 -188,7 +188,7 @@@ def logrotate_thread_task(writables, tg class Measurement(object): - def __init__(self, tor_bin_path, tgen_bin_path, datadir_path, privatedir_path, nickname, oneshot, additional_client_conf=None, torclient_conf_file=None, torserver_conf_file=None, single_onion=False, drop_guards_interval_hours=0): -def __init__(self, tor_bin_path, tgen_bin_path, datadir_path, privatedir_path, nickname, additional_client_conf=None, torclient_conf_file=None, torserver_conf_file=None, single_onion=False): ++def __init__(self, tor_bin_path, tgen_bin_path, datadir_path, privatedir_path, nickname, additional_client_conf=None, torclient_conf_file=None, torserver_conf_file=None, single_onion=False, drop_guards_interval_hours=0): self.tor_bin_path = tor_bin_path self.tgen_bin_path = tgen_bin_path self.datadir_path = datadir_path @@@ -189,13 -203,11 +203,12 @@@ self.torclient_conf_file = torclient_conf_file self.torserver_conf_file = torserver_conf_file self.single_onion = single_onion +self.drop_guards_interval_hours = drop_guards_interval_hours - def run(self, do_onion=True, do_inet=True, client_tgen_listen_port=5, client_tgen_connect_ip='0.0.0.0', client_tgen_connect_port=8080, client_tor_ctl_port=59050, client_tor_socks_port=59000, - server_tgen_listen_port=8080, server_tor_ctl_port=59051, server_tor_socks_port=59001): + def run(self, do_onion=True, do_inet=True, tgen_model=None, tgen_client_conf=None, tgen_server_conf=None): ''' - only `server_tgen_listen_port` are "public" and need to be opened on the firewall. - if `client_tgen_connect_port` != `server_tgen_listen_port`, then you should have installed a forwarding rule in the firewall. + only `tgen_server_conf.listen_port` are "public" and need to be opened on the firewall. + if `tgen_client_conf.connect_port` != `tgen_server_conf.listen_port`, then you should have installed a forwarding rule in the firewall. all ports need to be unique though, and unique among multiple onionperf instances. here are some sane defaults: diff --cc onionperf/onionperf index 641db70,6a16da2..e6aa44a --- a/onionperf/onionperf +++ b/onionperf/onionperf @@@ -195,12 -190,30 +190,36 @@@ def main() action="store", dest="tgenconnectport", default=8080) + measure_parser.add_argument('--tgen-pause-initial', + help="""the number of seconds TGen should wait before walking through its action graph""", + metavar="N", type=int, + action="store", dest="tgenpauseinitial", + default=300) + + measure_parser.add_argument('--tgen-pause-between', + help="""the number of seconds TGen should wait in between two transfers""", + metavar="N", type=int, + action="store", dest="tgenpausebetween", + default=300) + + measure_parser.add_argument('--tgen-transfer-size', + help="""the size of the file transfer that TGen will perform (e.g., '5 MiB' or '10 KiB')""", + metavar="STRING", type=str, + action="store", dest="tgentransfersize", + default="5 MiB") + + measure_parser.add_argument('--tgen-num-transfers', + help="""the number of file transfers that TGen will perform""", + metavar="N", type=int, + action="store", dest="tgennumtransfers", + default=0) + +measure_parser.add_argument('--drop-guards', +
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit 0b53764906a1166e70f24efad039e45689c222cf Author: Translation commit bot Date: Thu Aug 27 06:17:53 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+es-AR.po | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contents+es-AR.po b/contents+es-AR.po index 7905287a52..6b4566c661 100644 --- a/contents+es-AR.po +++ b/contents+es-AR.po @@ -8158,6 +8158,9 @@ msgid "" "guide](https://community.torproject.org/relay/setup/bridge/) to learn how to" " set up an obfs4 bridge." msgstr "" +"Mirá nuestra [guÃa de configuración de " +"obfs4](https://community.torproject.org/relay/setup/bridge/) para aprender " +"cómo configurar un puente obfs4." #: https//support.torproject.org/operators/operators-7/ #: (content/operators/operators-7/contents+en.lrquestion.title) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits