- tbb-commits - lists.torproject.org

[tor-browser-bundle/master] Remove old patches.
by mikeperry＠torproject.org 29 Oct '14

29 Oct '14

commit af7bd8eba8f6c442a3a628c0a957ec089409a464 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Oct 28 17:54:15 2014 -0700 Remove old patches. --- gitian/patches/bug10297.patch | 55 ---- gitian/patches/bug11069.patch | 209 -------------- gitian/patches/bug11156.patch | 275 ------------------- gitian/patches/bug11200-hang-0.2.5.patch | 81 ------ gitian/patches/bug11200.patch | 39 --- gitian/patches/bug5018.patch | 225 --------------- gitian/patches/bug8402.patch | 437 ------------------------------ gitian/patches/bug9665.patch | 108 -------- 8 files changed, 1429 deletions(-) diff --git a/gitian/patches/bug10297.patch b/gitian/patches/bug10297.patch deleted file mode 100644 index 58dfdc2..0000000 --- a/gitian/patches/bug10297.patch +++ /dev/null @@ -1,55 +0,0 @@ -From ad47e1a52072c2a4528e421a6a3bf9c7029f4501 Mon Sep 17 00:00:00 2001 -From: David Fifield <david(a)bamsoftware.com> -Date: Thu, 5 Dec 2013 04:56:28 +0000 -Subject: [PATCH] Set CREATE_NO_WINDOW in tor_spawn_background. - -This flag prevents the creation of a console window popup on Windows. We -need it for pluggable transport executables--otherwise you get blank -console windows when you launch the 3.x browser bundle with transports -enabled. - -http://msdn.microsoft.com/en-us/library/ms684863.aspx#CREATE_NO_WINDOW - -The browser bundles that used Vidalia used to set this flag when -launching tor itself; it was apparently inherited by the pluggable -transports launched by tor. In the 3.x bundles, tor is launched by some -JavaScript code, which doesn't have the ability to set CREATE_NO_WINDOW. -tor itself is now being compiled with the -mwindows option, so that it -is a GUI application, not a console application, and doesn't show a -console window in any case. This workaround doesn't work for pluggable -transports, because they need to be able to write control messages to -stdout. - -https://trac.torproject.org/projects/tor/ticket/9444#comment:30 ---- - changes/bug10297 | 4 ++++ - src/common/util.c | 2 +- - 2 files changed, 5 insertions(+), 1 deletion(-) - create mode 100644 changes/bug10297 - -diff --git a/changes/bug10297 b/changes/bug10297 -new file mode 100644 -index 0000000..4cdd80f ---- /dev/null -+++ b/changes/bug10297 -@@ -0,0 +1,4 @@ -+ o Minor features: -+ - Spawn background processes using the CREATE_NO_WINDOW flag on -+ Windows, in order to prevent a console window from appearing. -+ Resolves ticket 10297. -diff --git a/src/common/util.c b/src/common/util.c -index 5eb0f9a..252f6af 100644 ---- a/src/common/util.c -+++ b/src/common/util.c -@@ -3685,7 +3685,7 @@ tor_spawn_background(const char *const filename, const char **argv, - TRUE, // handles are inherited - /*(TODO: set CREATE_NEW CONSOLE/PROCESS_GROUP to make GetExitCodeProcess() - * work?) */ -- 0, // creation flags -+ CREATE_NO_WINDOW, // creation flags - (env==NULL) ? NULL : env->windows_environment_block, - NULL, // use parent's current directory - &siStartInfo, // STARTUPINFO pointer --- -1.7.9.5 - diff --git a/gitian/patches/bug11069.patch b/gitian/patches/bug11069.patch deleted file mode 100644 index b6032e9..0000000 --- a/gitian/patches/bug11069.patch +++ /dev/null @@ -1,209 +0,0 @@ -From 67c70b2566fc9bef4527fb8a0c24ce7d8c4d0647 Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Mon, 10 Mar 2014 22:52:07 +0000 -Subject: [PATCH] Throw control port warning if we failed to connect to all our - bridges. - -Conflicts: - src/or/connection.c - src/or/control.c - src/or/control.h - src/test/test_extorport.c ---- - changes/bug11069 | 4 ++++ - src/or/connection.c | 25 +++++++++++++++++++++++++ - src/or/connection.h | 2 ++ - src/or/connection_or.c | 8 +++++--- - src/or/control.c | 13 ++++++++----- - src/or/control.h | 3 ++- - src/or/entrynodes.c | 21 --------------------- - src/or/entrynodes.h | 1 - - 8 files changed, 46 insertions(+), 31 deletions(-) - create mode 100644 changes/bug11069 - -diff --git a/changes/bug11069 b/changes/bug11069 -new file mode 100644 -index 0000000..5aa3085 ---- /dev/null -+++ b/changes/bug11069 -@@ -0,0 +1,4 @@ -+ o Minor bugfixes (clients): -+ - Fix tor so that it raises a control port warning when we fail to -+ connect to all of our bridges. Fixes bug 11069; bugfix on -+ tor-0.2.1.2-alpha. -diff --git a/src/or/connection.c b/src/or/connection.c -index 4f74a1d..ba28d81 100644 ---- a/src/or/connection.c -+++ b/src/or/connection.c -@@ -3846,6 +3846,31 @@ connection_get_by_type_purpose(int type, int purpose) - return NULL; - } - -+/** Return 1 if there are any active OR connections apart from -+ * this_conn. -+ * -+ * We use this to guess if we should tell the controller that we -+ * didn't manage to connect to any of our bridges. */ -+int -+any_other_active_or_conns(const or_connection_t *this_conn) -+{ -+ smartlist_t *conns = get_connection_array(); -+ SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) { -+ if (conn == TO_CONN(this_conn)) { /* don't consider this conn */ -+ continue; -+ } -+ -+ if (conn->type == CONN_TYPE_OR && -+ !conn->marked_for_close) { -+ log_debug(LD_DIR, "%s: Found an OR connection: %s", -+ __func__, conn->address); -+ return 1; -+ } -+ } SMARTLIST_FOREACH_END(conn); -+ -+ return 0; -+} -+ - /** Return 1 if conn is a listener conn, else return 0. */ - int - connection_is_listener(connection_t *conn) -diff --git a/src/or/connection.h b/src/or/connection.h -index c78fe6e..9bd5f88 100644 ---- a/src/or/connection.h -+++ b/src/or/connection.h -@@ -180,6 +180,8 @@ connection_t *connection_get_by_type_state_rendquery(int type, int state, - dir_connection_t *connection_dir_get_by_purpose_and_resource( - int state, const char *resource); - -+int any_other_active_or_conns(const or_connection_t *this_conn); -+ - #define connection_speaks_cells(conn) ((conn)->type == CONN_TYPE_OR) - int connection_is_listener(connection_t *conn); - int connection_state_is_open(connection_t *conn); -diff --git a/src/or/connection_or.c b/src/or/connection_or.c -index 8e7cd9e..8684f18 100644 ---- a/src/or/connection_or.c -+++ b/src/or/connection_or.c -@@ -645,7 +645,8 @@ connection_or_about_to_close(or_connection_t *or_conn) - reason); - if (!authdir_mode_tests_reachability(options)) - control_event_bootstrap_problem( -- orconn_end_reason_to_control_string(reason), reason); -+ orconn_end_reason_to_control_string(reason), -+ reason, or_conn); - } - } - } else if (conn->hold_open_until_flushed) { -@@ -1008,7 +1009,7 @@ connection_or_connect_failed(or_connection_t *conn, - { - control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED, reason); - if (!authdir_mode_tests_reachability(get_options())) -- control_event_bootstrap_problem(msg, reason); -+ control_event_bootstrap_problem(msg, reason, conn); - } - - /** conn got an error in connection_handle_read_impl() or -@@ -1638,7 +1639,8 @@ connection_or_client_learned_peer_id(or_connection_t *conn, - if (!authdir_mode_tests_reachability(options)) - control_event_bootstrap_problem( - "Unexpected identity in router certificate", -- END_OR_CONN_REASON_OR_IDENTITY); -+ END_OR_CONN_REASON_OR_IDENTITY, -+ conn); - return -1; - } - if (authdir_mode_tests_reachability(options)) { -diff --git a/src/or/control.c b/src/or/control.c -index a88de12..cd2c55c 100644 ---- a/src/or/control.c -+++ b/src/or/control.c -@@ -4696,10 +4696,12 @@ control_event_bootstrap(bootstrap_status_t status, int progress) - - /** Called when Tor has failed to make bootstrapping progress in a way - * that indicates a problem. warn gives a hint as to why, and -- * reason provides an "or_conn_end_reason" tag. -+ * reason provides an "or_conn_end_reason" tag. or_conn -+ * is the connection that caused this problem. - */ - void --control_event_bootstrap_problem(const char *warn, int reason) -+control_event_bootstrap_problem(const char *warn, int reason, -+ const or_connection_t *or_conn) - { - int status = bootstrap_percent; - const char *tag, *summary; -@@ -4721,9 +4723,10 @@ control_event_bootstrap_problem(const char *warn, int reason) - if (reason == END_OR_CONN_REASON_NO_ROUTE) - recommendation = "warn"; - -- if (get_options()->UseBridges && -- !any_bridge_descriptors_known() && -- !any_pending_bridge_descriptor_fetches()) -+ /* If we are using bridges and all our OR connections are now -+ closed, it means that we totally failed to connect to our -+ bridges. Throw a warning. */ -+ if (get_options()->UseBridges && !any_other_active_or_conns(or_conn)) - recommendation = "warn"; - - if (we_are_hibernating()) -diff --git a/src/or/control.h b/src/or/control.h -index 61062da..1d90a90 100644 ---- a/src/or/control.h -+++ b/src/or/control.h -@@ -85,7 +85,8 @@ void enable_control_logging(void); - void monitor_owning_controller_process(const char *process_spec); - - void control_event_bootstrap(bootstrap_status_t status, int progress); --void control_event_bootstrap_problem(const char *warn, int reason); -+void control_event_bootstrap_problem(const char *warn, int reason, -+ const or_connection_t *or_conn); - - void control_event_clients_seen(const char *controller_str); - -diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c -index 2aa063c..b145c94 100644 ---- a/src/or/entrynodes.c -+++ b/src/or/entrynodes.c -@@ -2134,27 +2134,6 @@ any_bridge_descriptors_known(void) - return choose_random_entry(NULL) != NULL; - } - --/** Return 1 if there are any directory conns fetching bridge descriptors -- * that aren't marked for close. We use this to guess if we should tell -- * the controller that we have a problem. */ --int --any_pending_bridge_descriptor_fetches(void) --{ -- smartlist_t *conns = get_connection_array(); -- SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) { -- if (conn->type == CONN_TYPE_DIR && -- conn->purpose == DIR_PURPOSE_FETCH_SERVERDESC && -- TO_DIR_CONN(conn)->router_purpose == ROUTER_PURPOSE_BRIDGE && -- !conn->marked_for_close && -- conn->linked && -- conn->linked_conn && !conn->linked_conn->marked_for_close) { -- log_debug(LD_DIR, "found one: %s", conn->address); -- return 1; -- } -- } SMARTLIST_FOREACH_END(conn); -- return 0; --} -- - /** Return 1 if we have at least one descriptor for an entry guard - * (bridge or member of EntryNodes) and all descriptors we know are - * down. Else return 0. If act is 1, then mark the down guards -diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h -index 52b8dc0..f6c07d9 100644 ---- a/src/or/entrynodes.h -+++ b/src/or/entrynodes.h -@@ -104,7 +104,6 @@ void retry_bridge_descriptor_fetch_directly(const char *digest); - void fetch_bridge_descriptors(const or_options_t *options, time_t now); - void learned_bridge_descriptor(routerinfo_t *ri, int from_cache); - int any_bridge_descriptors_known(void); --int any_pending_bridge_descriptor_fetches(void); - int entries_known_but_down(const or_options_t *options); - void entries_retry_all(const or_options_t *options); - --- -1.8.1.2 - diff --git a/gitian/patches/bug11156.patch b/gitian/patches/bug11156.patch deleted file mode 100644 index d9f8e7a..0000000 --- a/gitian/patches/bug11156.patch +++ /dev/null @@ -1,275 +0,0 @@ -From af42f9b9125fb3f50f7383e63fb02bab1df82db9 Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Wed, 12 Mar 2014 20:25:05 -0700 -Subject: [PATCH] Don't do directory fetches before all PTs have been - configured. - ---- - src/or/microdesc.c | 2 +- - src/or/networkstatus.c | 36 ++++++++++++++++++++++++++++++------ - src/or/networkstatus.h | 2 +- - src/or/nodelist.c | 8 ++++---- - src/or/routerlist.c | 6 +++--- - 5 files changed, 39 insertions(+), 15 deletions(-) - -diff --git a/src/or/microdesc.c b/src/or/microdesc.c -index 90ac0ac..1f12347 100644 ---- a/src/or/microdesc.c -+++ b/src/or/microdesc.c -@@ -725,7 +725,7 @@ update_microdesc_downloads(time_t now) - smartlist_t *missing; - digestmap_t *pending; - -- if (should_delay_dir_fetches(options)) -+ if (should_delay_dir_fetches(options, NULL)) - return; - if (directory_too_idle_to_fetch_descriptors(options, now)) - return; -diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c -index 1b5c6db..bcadc52 100644 ---- a/src/or/networkstatus.c -+++ b/src/or/networkstatus.c -@@ -31,6 +31,7 @@ - #include "router.h" - #include "routerlist.h" - #include "routerparse.h" -+#include "transports.h" - - /* For tracking v2 networkstatus documents. Only caches do this now. */ - -@@ -1380,14 +1381,37 @@ update_consensus_networkstatus_fetch_time(time_t now) - - /** Return 1 if there's a reason we shouldn't try any directory - * fetches yet (e.g. we demand bridges and none are yet known). -- * Else return 0. */ -+ * Else return 0. -+ -+ * If we return 1 and msg_out is provided, set msg_out -+ * to an explanation of why directory fetches are delayed. (If we -+ * return 0, we set msg_out to NULL.) -+ */ - int --should_delay_dir_fetches(const or_options_t *options) -+should_delay_dir_fetches(const or_options_t *options, const char **msg_out) - { -- if (options->UseBridges && !any_bridge_descriptors_known()) { -- log_info(LD_DIR, "delaying dir fetches (no running bridges known)"); -- return 1; -+ if (msg_out) { -+ *msg_out = NULL; - } -+ -+ if (options->UseBridges) { -+ if (!any_bridge_descriptors_known()) { -+ if (msg_out) { -+ *msg_out = "No running bridges"; -+ } -+ log_info(LD_DIR, "Delaying dir fetches (no running bridges known)"); -+ return 1; -+ } -+ -+ if (pt_proxies_configuration_pending()) { -+ if (msg_out) { -+ *msg_out = "Pluggable transport proxies still configuring"; -+ } -+ log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)"); -+ return 1; -+ } -+ } -+ - return 0; - } - -@@ -1397,7 +1421,7 @@ void - update_networkstatus_downloads(time_t now) - { - const or_options_t *options = get_options(); -- if (should_delay_dir_fetches(options)) -+ if (should_delay_dir_fetches(options, NULL)) - return; - if (authdir_mode_any_main(options) || options->FetchV2Networkstatus) - update_v2_networkstatus_cache_downloads(now); -diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h -index 761f8e7..f50f6f1 100644 ---- a/src/or/networkstatus.h -+++ b/src/or/networkstatus.h -@@ -69,7 +69,7 @@ int networkstatus_nickname_is_unnamed(const char *nickname); - void networkstatus_consensus_download_failed(int status_code, - const char *flavname); - void update_consensus_networkstatus_fetch_time(time_t now); --int should_delay_dir_fetches(const or_options_t *options); -+int should_delay_dir_fetches(const or_options_t *options,const char **msg_out); - void update_networkstatus_downloads(time_t now); - void update_certificate_downloads(time_t now); - int consensus_is_waiting_for_certs(void); -diff --git a/src/or/nodelist.c b/src/or/nodelist.c -index 178f084..600a1fd 100644 ---- a/src/or/nodelist.c -+++ b/src/or/nodelist.c -@@ -1439,6 +1439,7 @@ update_router_have_minimum_dir_info(void) - const networkstatus_t *consensus = - networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor()); - int using_md; -+ const char *delay_fetches_msg = NULL; - - if (!consensus) { - if (!networkstatus_get_latest_consensus()) -@@ -1451,10 +1452,9 @@ update_router_have_minimum_dir_info(void) - goto done; - } - -- if (should_delay_dir_fetches(get_options())) { -- log_notice(LD_DIR, "no known bridge descriptors running yet; stalling"); -- strlcpy(dir_info_status, "No live bridge descriptors.", -- sizeof(dir_info_status)); -+ if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) { -+ log_notice(LD_DIR, "Delaying dir fetches: %s", delay_fetches_msg); -+ strlcpy(dir_info_status, "%s", sizeof(dir_info_status)); - res = 0; - goto done; - } -diff --git a/src/or/routerlist.c b/src/or/routerlist.c -index cb39729..d78c7bb 100644 ---- a/src/or/routerlist.c -+++ b/src/or/routerlist.c -@@ -684,7 +684,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now) - char id_digest_str[2*DIGEST_LEN+1]; - char sk_digest_str[2*DIGEST_LEN+1]; - -- if (should_delay_dir_fetches(get_options())) -+ if (should_delay_dir_fetches(get_options(), NULL)) - return; - - pending_cert = fp_pair_map_new(); -@@ -4901,7 +4901,7 @@ void - update_router_descriptor_downloads(time_t now) - { - const or_options_t *options = get_options(); -- if (should_delay_dir_fetches(options)) -+ if (should_delay_dir_fetches(options, NULL)) - return; - if (!we_fetch_router_descriptors(options)) - return; -@@ -4925,7 +4925,7 @@ update_extrainfo_downloads(time_t now) - int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0; - if (! options->DownloadExtraInfo) - return; -- if (should_delay_dir_fetches(options)) -+ if (should_delay_dir_fetches(options, NULL)) - return; - if (!router_have_minimum_dir_info()) - return; --- -1.8.1.2 - -From 1a3eb5c72dd0feb43a542ca465c57dd0801ff7cc Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Tue, 8 Apr 2014 16:59:46 +0100 -Subject: [PATCH 1/4] Don't halt bootstrap to figure out if we should restart - PT proxies. - -Instead, figure out if we should restart PT proxies _immediately_ after -we re-read the config file. ---- - changes/bug11156 | 5 +++++ - src/or/config.c | 6 ++++++ - src/or/transports.c | 3 +-- - 3 files changed, 12 insertions(+), 2 deletions(-) - create mode 100644 changes/bug11156 - -diff --git a/changes/bug11156 b/changes/bug11156 -new file mode 100644 -index 0000000..bb20ed1e ---- /dev/null -+++ b/changes/bug11156 -@@ -0,0 +1,5 @@ -+ o Minor bugfixes (clients): -+ - Fix a bug where a client-side Tor with pluggable transports -+ would take 60 seconds to bootstrap if a config re-read was -+ triggered at just the right timing during bootstrap. Refixes bug -+ 11156; bugfix on 0.2.5.3-alpha. -\ No newline at end of file -diff --git a/src/or/config.c b/src/or/config.c -index dbf643c..c2d6545 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -1433,6 +1433,12 @@ options_act(const or_options_t *old_options) - sweep_transport_list(); - sweep_proxy_list(); - -+ /* Start the PT proxy configuration. By doing this configuration -+ here, we also figure out which proxies need to be restarted and -+ which not. */ -+ if (pt_proxies_configuration_pending()) -+ pt_configure_remaining_proxies(); -+ - /* Bail out at this point if we're not going to be a client or server: - * we want to not fork, and to log stuff to stderr. */ - if (!running_tor) -diff --git a/src/or/transports.c b/src/or/transports.c -index 7e496fe..e1876d6 100644 ---- a/src/or/transports.c -+++ b/src/or/transports.c -@@ -534,8 +534,7 @@ launch_managed_proxy(managed_proxy_t *mp) - } - - /** Check if any of the managed proxies we are currently trying to -- * configure have anything new to say. This is called from -- * run_scheduled_events(). */ -+ * configure has anything new to say. */ - void - pt_configure_remaining_proxies(void) - { --- -1.8.1.2 - -From 4719a2f5248b8cf6d70daef91fd1cf9fd65628f4 Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Mon, 21 Apr 2014 14:17:35 +0300 -Subject: [PATCH 4/4] fixup! Don't halt bootstrap to figure out if we should - restart PT proxies. - ---- - src/or/config.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/or/config.c b/src/or/config.c -index c2d6545..551b09f 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -1436,7 +1436,7 @@ options_act(const or_options_t *old_options) - /* Start the PT proxy configuration. By doing this configuration - here, we also figure out which proxies need to be restarted and - which not. */ -- if (pt_proxies_configuration_pending()) -+ if (pt_proxies_configuration_pending() && !net_is_disabled()) - pt_configure_remaining_proxies(); - - /* Bail out at this point if we're not going to be a client or server: --- -1.8.1.2 - -From dfcbc4500aad07a641e9e856d442c848d86d2c7e Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Thu, 1 May 2014 17:32:29 +0100 -Subject: [PATCH] fixup! Fix a misuse of strlcpy() introduced by the #11156 - patch. - ---- - changes/bug11654 | 4 ++++ - 1 file changed, 4 insertions(+) - create mode 100644 changes/bug11654 - -diff --git a/changes/bug11654 b/changes/bug11654 -new file mode 100644 -index 0000000..97c70b2 ---- /dev/null -+++ b/changes/bug11654 -@@ -0,0 +1,4 @@ -+ o Minor bugfixes: -+ - Fix a broken log message about delayed directory fetches that -+ was caused by a misuse of strlcpy(). Fixes bug 11654; bugfix on -+ 0.2.5.3-alpha. --- -1.9.1 - diff --git a/gitian/patches/bug11200-hang-0.2.5.patch b/gitian/patches/bug11200-hang-0.2.5.patch deleted file mode 100644 index 76cd159..0000000 --- a/gitian/patches/bug11200-hang-0.2.5.patch +++ /dev/null @@ -1,81 +0,0 @@ -From fcac4b4467427e8f6ad948e8c8e6f34a0131e716 Mon Sep 17 00:00:00 2001 -From: Roger Dingledine <arma(a)torproject.org> -Date: Tue, 5 Aug 2014 16:54:46 -0400 -Subject: [PATCH] Build circuits more readily when DisableNetwork goes to 0 - -When Tor starts with DisabledNetwork set, it would correctly -conclude that it shouldn't try making circuits, but it would -mistakenly cache this conclusion and continue believing it even -when DisableNetwork is set to 0. Fixes the bug introduced by the -fix for bug 11200; bugfix on 0.2.5.4-alpha. ---- - changes/bug11200-caching | 7 +++++++ - src/or/nodelist.c | 21 ++++++++++++--------- - 2 files changed, 19 insertions(+), 9 deletions(-) - create mode 100644 changes/bug11200-caching - -diff --git a/changes/bug11200-caching b/changes/bug11200-caching -new file mode 100644 -index 0000000..e3fbaec ---- /dev/null -+++ b/changes/bug11200-caching -@@ -0,0 +1,7 @@ -+ o Major bugfixes: -+ - When Tor starts with DisabledNetwork set, it would correctly -+ conclude that it shouldn't try making circuits, but it would -+ mistakenly cache this conclusion and continue believing it even -+ when DisableNetwork is set to 0. Fixes the bug introduced by the -+ fix for bug 11200; bugfix on 0.2.5.4-alpha. -+ -diff --git a/src/or/nodelist.c b/src/or/nodelist.c -index 8f87081..7b1f338 100644 ---- a/src/or/nodelist.c -+++ b/src/or/nodelist.c -@@ -1275,10 +1275,21 @@ static char dir_info_status[256] = ""; - int - router_have_minimum_dir_info(void) - { -+ static int logged_delay=0; -+ const char *delay_fetches_msg = NULL; -+ if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) { -+ if (!logged_delay) -+ log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg); -+ logged_delay=1; -+ strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status)); -+ return 0; -+ } -+ logged_delay = 0; /* reset it if we get this far */ -+ - if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) { - update_router_have_minimum_dir_info(); -- need_to_update_have_min_dir_info = 0; - } -+ - return have_min_dir_info; - } - -@@ -1498,7 +1509,6 @@ update_router_have_minimum_dir_info(void) - const networkstatus_t *consensus = - networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor()); - int using_md; -- const char *delay_fetches_msg = NULL; - - if (!consensus) { - if (!networkstatus_get_latest_consensus()) -@@ -1511,13 +1521,6 @@ update_router_have_minimum_dir_info(void) - goto done; - } - -- if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) { -- log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg); -- strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status)); -- res = 0; -- goto done; -- } -- - using_md = consensus->flavor == FLAV_MICRODESC; - - { --- -1.9.1 - diff --git a/gitian/patches/bug11200.patch b/gitian/patches/bug11200.patch deleted file mode 100644 index 040309a..0000000 --- a/gitian/patches/bug11200.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 6770153d4ced726e54305ad38d14ea82df0d639e Mon Sep 17 00:00:00 2001 -From: Nick Mathewson <nickm(a)torproject.org> -Date: Sat, 29 Mar 2014 21:49:32 -0700 -Subject: [PATCH] should_disable_dir_fetches() now returns 1 if - DisableNetwork==1 - -This change prevents LD_BUG warnings and bootstrap failure messages -when we try to do directory fetches when starting with -DisableNetwork == 1, a consensus present, but no descriptors (or -insufficient descriptors) yet. - -Fixes bug 11200 and bug 10405. It's a bugfix on 0.2.3.9-alpha. -Thanks to mcs for walking me through the repro instructions! ---- - src/or/networkstatus.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c -index bcadc52..9a1824b 100644 ---- a/src/or/networkstatus.c -+++ b/src/or/networkstatus.c -@@ -1394,6 +1394,14 @@ should_delay_dir_fetches(const or_options_t *options, const char **msg_out) - *msg_out = NULL; - } - -+ if (options->DisableNetwork) { -+ if (msg_out) { -+ *msg_out = "DisableNetwork is set."; -+ } -+ log_info(LD_DIR, "Delaying dir fetches (DisableNetwork is set)"); -+ return 1; -+ } -+ - if (options->UseBridges) { - if (!any_bridge_descriptors_known()) { - if (msg_out) { --- -1.8.1.2 - diff --git a/gitian/patches/bug5018.patch b/gitian/patches/bug5018.patch deleted file mode 100644 index b0ac8e6..0000000 --- a/gitian/patches/bug5018.patch +++ /dev/null @@ -1,225 +0,0 @@ -From 3394daa34842a397561e65002a33c13355df651d Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Thu, 28 Feb 2013 18:58:36 +0200 -Subject: [PATCH 1/4] Only launch transport proxies that provide useful - transports. - ---- - changes/bug5018 | 3 +++ - src/or/config.c | 20 ++++++++++++++++---- - src/or/entrynodes.c | 23 +++++++++++++++++++++++ - src/or/entrynodes.h | 1 + - 4 files changed, 43 insertions(+), 4 deletions(-) - create mode 100644 changes/bug5018 - -diff --git a/changes/bug5018 b/changes/bug5018 -new file mode 100644 -index 0000000..c5c12ef ---- /dev/null -+++ b/changes/bug5018 -@@ -0,0 +1,3 @@ -+ o Minor features: -+ - Don't launch pluggable transport proxies that contribute -+ transports we don't need. Resolves ticket 5018. -diff --git a/src/or/config.c b/src/or/config.c -index ef02946..47510c5 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -4242,7 +4242,8 @@ parse_client_transport_line(const char *line, int validate_only) - int is_managed=0; - char **proxy_argv=NULL; - char **tmp=NULL; -- int proxy_argc,i; -+ int proxy_argc, i; -+ int is_useless_proxy=1; - - int line_length; - -@@ -4264,11 +4265,16 @@ parse_client_transport_line(const char *line, int validate_only) - smartlist_split_string(transport_list, transports, ",", - SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0); - SMARTLIST_FOREACH_BEGIN(transport_list, const char *, transport_name) { -+ /* validate transport names */ - if (!string_is_C_identifier(transport_name)) { - log_warn(LD_CONFIG, "Transport name is not a C identifier (%s).", - transport_name); - goto err; - } -+ -+ /* see if we actually need the transports provided by this proxy */ -+ if (!validate_only && transport_is_needed(transport_name)) -+ is_useless_proxy = 0; - } SMARTLIST_FOREACH_END(transport_name); - - /* field2 is either a SOCKS version or "exec" */ -@@ -4287,9 +4293,15 @@ parse_client_transport_line(const char *line, int validate_only) - } - - if (is_managed) { /* managed */ -- if (!validate_only) { /* if we are not just validating, use the -- rest of the line as the argv of the proxy -- to be launched */ -+ if (!validate_only && is_useless_proxy) { -+ log_warn(LD_GENERAL, "Pluggable transport proxy (%s) does not provide " -+ "any needed transports and will not be launched.", line); -+ } -+ -+ /* If we are not just validating, use the rest of the line as the -+ argv of the proxy to be launched. Also, make sure that we are -+ only launching proxies that contribute useful transports. */ -+ if (!validate_only && !is_useless_proxy) { - proxy_argc = line_length-2; - tor_assert(proxy_argc > 0); - proxy_argv = tor_malloc_zero(sizeof(char*)*(proxy_argc+1)); -diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c -index 2aa063c..4062cee 100644 ---- a/src/or/entrynodes.c -+++ b/src/or/entrynodes.c -@@ -1773,6 +1773,29 @@ bridge_resolve_conflicts(const tor_addr_t *addr, uint16_t port, - } SMARTLIST_FOREACH_END(bridge); - } - -+/** Return True if we have a bridge that uses a transport with name -+ * transport_name. */ -+int -+transport_is_needed(const char *transport_name) -+{ -+ int retval; -+ smartlist_t *needed_transports = NULL; -+ -+ if (!bridge_list) -+ return 0; -+ -+ needed_transports = smartlist_new(); -+ -+ SMARTLIST_FOREACH_BEGIN(bridge_list, const bridge_info_t *, bridge) { -+ if (bridge->transport_name) -+ smartlist_add(needed_transports, bridge->transport_name); -+ } SMARTLIST_FOREACH_END(bridge); -+ -+ retval = smartlist_string_isin(needed_transports, transport_name); -+ smartlist_free(needed_transports); -+ return retval; -+} -+ - /** Remember a new bridge at addr:port. If digest - * is set, it tells us the identity key too. If we already had the - * bridge in our list, unmark it, and don't actually add anything new. -diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h -index 52b8dc0..b02cd48 100644 ---- a/src/or/entrynodes.h -+++ b/src/or/entrynodes.h -@@ -118,6 +118,7 @@ struct transport_t; - int find_transport_by_bridge_addrport(const tor_addr_t *addr, uint16_t port, - const struct transport_t **transport); - -+int transport_is_needed(const char *transport_name); - int validate_pluggable_transports_config(void); - - double pathbias_get_close_success_count(entry_guard_t *guard); --- -1.8.1.2 - -From 54f75531a9613ee7b964be93b0051bc75322e7e3 Mon Sep 17 00:00:00 2001 -From: David Fifield <david(a)bamsoftware.com> -Date: Sat, 26 Oct 2013 14:34:48 -0700 -Subject: [PATCH 2/4] Simplify transport_is_needed. - -By Roger at -https://trac.torproject.org/projects/tor/ticket/5018#comment:11. ---- - src/or/entrynodes.c | 14 ++++---------- - 1 file changed, 4 insertions(+), 10 deletions(-) - -diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c -index 4062cee..98a01c5 100644 ---- a/src/or/entrynodes.c -+++ b/src/or/entrynodes.c -@@ -1778,22 +1778,16 @@ bridge_resolve_conflicts(const tor_addr_t *addr, uint16_t port, - int - transport_is_needed(const char *transport_name) - { -- int retval; -- smartlist_t *needed_transports = NULL; -- - if (!bridge_list) - return 0; - -- needed_transports = smartlist_new(); -- - SMARTLIST_FOREACH_BEGIN(bridge_list, const bridge_info_t *, bridge) { -- if (bridge->transport_name) -- smartlist_add(needed_transports, bridge->transport_name); -+ if (bridge->transport_name && -+ !strcmp(bridge->transport_name, transport_name)) -+ return 1; - } SMARTLIST_FOREACH_END(bridge); - -- retval = smartlist_string_isin(needed_transports, transport_name); -- smartlist_free(needed_transports); -- return retval; -+ return 0; - } - - /** Remember a new bridge at addr:port. If digest --- -1.8.1.2 - -From 936ff64974b00a898fa0e77e3fd6f9b2df57f448 Mon Sep 17 00:00:00 2001 -From: David Fifield <david(a)bamsoftware.com> -Date: Sat, 26 Oct 2013 14:37:50 -0700 -Subject: [PATCH 3/4] Document that unneeded transports are ignored. - -Suggested by Roger in -https://trac.torproject.org/projects/tor/ticket/5018#comment:11. ---- - src/or/config.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/or/config.c b/src/or/config.c -index 47510c5..435d981 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -4220,7 +4220,8 @@ parse_bridge_line(const char *line, int validate_only) - * line. Return 0 if the line is well-formed, and -1 if it - * isn't. - * -- * If validate_only is 0, and the line is well-formed: -+ * If validate_only is 0, the line is well-formed, and the -+ * transport is needed by some bridge: - * - If it's an external proxy line, add the transport described in the line to - * our internal transport list. - * - If it's a managed proxy line, launch the managed proxy. */ --- -1.8.1.2 - -From a4cf8514af1d2dbfd15857af83076577b7dcc4ee Mon Sep 17 00:00:00 2001 -From: George Kadianakis <desnacked(a)riseup.net> -Date: Mon, 10 Mar 2014 22:05:31 +0000 -Subject: [PATCH 4/4] Tone down the log message for when we don't need a PT - proxy. - -Conflicts: - changes/bug5018 ---- - src/or/config.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/or/config.c b/src/or/config.c -index 435d981..914c3de 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -4295,8 +4295,8 @@ parse_client_transport_line(const char *line, int validate_only) - - if (is_managed) { /* managed */ - if (!validate_only && is_useless_proxy) { -- log_warn(LD_GENERAL, "Pluggable transport proxy (%s) does not provide " -- "any needed transports and will not be launched.", line); -+ log_notice(LD_GENERAL, "Pluggable transport proxy (%s) does not provide " -+ "any needed transports and will not be launched.", line); - } - - /* If we are not just validating, use the rest of the line as the --- -1.8.1.2 - diff --git a/gitian/patches/bug8402.patch b/gitian/patches/bug8402.patch deleted file mode 100644 index 2aa74c6..0000000 --- a/gitian/patches/bug8402.patch +++ /dev/null @@ -1,437 +0,0 @@ -From 88ddabbce1e15627f51b1bd6aef06f1b3515dd15 Mon Sep 17 00:00:00 2001 -From: Yawning Angel <yawning(a)schwanenlied.me> -Date: Thu, 1 May 2014 03:57:29 +0000 -Subject: [PATCH 1/2] Allow ClientTransportPlugins to use proxies - -This change allows using Socks4Proxy, Socks5Proxy and HTTPSProxy with -ClientTransportPlugins via the TOR_PT_PROXY extension to the -pluggable transport specification. - -This fixes bug #8402. - -WARNING: - -This is a backport to tor-0.2.4.x of a unmerged patch. Differences -at the time of writing from my real branch are: - * Unit tests. - * get_proxy_type() is removed in the backport, 0.2.5.x uses the - routine elsewhere, so it is left intact (with modifications). ---- - src/or/config.c | 24 +++++++---- - src/or/connection.c | 55 ++++++++++--------------- - src/or/transports.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++-- - src/or/transports.h | 3 ++ - 4 files changed, 152 insertions(+), 44 deletions(-) - -diff --git a/src/or/config.c b/src/or/config.c -index 09fdc0c..3fe5b73 100644 ---- a/src/or/config.c -+++ b/src/or/config.c -@@ -490,7 +490,9 @@ static int options_transition_affects_descriptor( - static int check_nickname_list(const char *lst, const char *name, char **msg); - - static int parse_bridge_line(const char *line, int validate_only); --static int parse_client_transport_line(const char *line, int validate_only); -+static int parse_client_transport_line(const or_options_t *options, -+ const char *line, -+ int validate_only); - - static int parse_server_transport_line(const char *line, int validate_only); - static char *get_bindaddr_from_transport_listen_line(const char *line, -@@ -1337,7 +1339,7 @@ options_act(const or_options_t *old_options) - pt_prepare_proxy_list_for_config_read(); - if (options->ClientTransportPlugin) { - for (cl = options->ClientTransportPlugin; cl; cl = cl->next) { -- if (parse_client_transport_line(cl->value, 0)<0) { -+ if (parse_client_transport_line(options, cl->value, 0)<0) { - log_warn(LD_BUG, - "Previously validated ClientTransportPlugin line " - "could not be added!"); -@@ -2954,11 +2956,11 @@ options_validate(or_options_t *old_options, or_options_t *options, - } - } - -- /* Check if more than one proxy type has been enabled. */ -+ /* Check if more than one exclusive proxy type has been enabled. */ - if (!!options->Socks4Proxy + !!options->Socks5Proxy + -- !!options->HTTPSProxy + !!options->ClientTransportPlugin > 1) -+ !!options->HTTPSProxy > 1) - REJECT("You have configured more than one proxy type. " -- "(Socks4Proxy|Socks5Proxy|HTTPSProxy|ClientTransportPlugin)"); -+ "(Socks4Proxy|Socks5Proxy|HTTPSProxy)"); - - /* Check if the proxies will give surprising behavior. */ - if (options->HTTPProxy && !(options->Socks4Proxy || -@@ -3073,7 +3075,7 @@ options_validate(or_options_t *old_options, or_options_t *options, - } - - for (cl = options->ClientTransportPlugin; cl; cl = cl->next) { -- if (parse_client_transport_line(cl->value, 1)<0) -+ if (parse_client_transport_line(options, cl->value, 1)<0) - REJECT("Transport line did not parse. See logs for details."); - } - -@@ -4229,7 +4231,8 @@ parse_bridge_line(const char *line, int validate_only) - * our internal transport list. - * - If it's a managed proxy line, launch the managed proxy. */ - static int --parse_client_transport_line(const char *line, int validate_only) -+parse_client_transport_line(const or_options_t *options, const char *line, -+ int validate_only) - { - smartlist_t *items = NULL; - int r; -@@ -4308,6 +4311,13 @@ parse_client_transport_line(const char *line, int validate_only) - pt_kickstart_client_proxy(transport_list, proxy_argv); - } - } else { /* external */ -+ /* ClientTransportPlugins connecting through a proxy is managed only. */ -+ if (options->Socks4Proxy || options->Socks5Proxy || options->HTTPSProxy) { -+ log_warn(LD_CONFIG, "You have configured an external proxy with another " -+ "proxy type. (Socks4Proxy|Socks5Proxy|HTTPSProxy)"); -+ goto err; -+ } -+ - if (smartlist_len(transport_list) != 1) { - log_warn(LD_CONFIG, "You can't have an external proxy with " - "more than one transports."); -diff --git a/src/or/connection.c b/src/or/connection.c -index 4f74a1d..683cf46 100644 ---- a/src/or/connection.c -+++ b/src/or/connection.c -@@ -81,7 +81,6 @@ static const char *connection_proxy_state_to_string(int state); - static int connection_read_https_proxy_response(connection_t *conn); - static void connection_send_socks5_connect(connection_t *conn); - static const char *proxy_type_to_string(int proxy_type); --static int get_proxy_type(void); - - /** The last addresses that our network interface seemed to have been - * binding to. We use this as one way to detect when our IP changes. -@@ -4390,6 +4389,27 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, - { - const or_options_t *options = get_options(); - -+ /* Client Transport Plugins can use another proxy, but that should be hidden -+ * from the rest of tor (as the plugin is responsible for dealing with the -+ * proxy), check it first, then check the rest of the proxy types to allow -+ * the config to have unused ClientTransportPlugin entries. -+ */ -+ if (options->ClientTransportPlugin) { -+ const transport_t *transport = NULL; -+ int r; -+ r = find_transport_by_bridge_addrport(&conn->addr, conn->port, &transport); -+ if (r<0) -+ return -1; -+ if (transport) { /* transport found */ -+ tor_addr_copy(addr, &transport->addr); -+ *port = transport->port; -+ *proxy_type = transport->socks_version; -+ return 0; -+ } -+ -+ /* Unused ClientTransportPlugin. */ -+ } -+ - if (options->HTTPSProxy) { - tor_addr_copy(addr, &options->HTTPSProxyAddr); - *port = options->HTTPSProxyPort; -@@ -4405,43 +4425,12 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, - *port = options->Socks5ProxyPort; - *proxy_type = PROXY_SOCKS5; - return 0; -- } else if (options->ClientTransportPlugin || -- options->Bridges) { -- const transport_t *transport = NULL; -- int r; -- r = find_transport_by_bridge_addrport(&conn->addr, conn->port, &transport); -- if (r<0) -- return -1; -- if (transport) { /* transport found */ -- tor_addr_copy(addr, &transport->addr); -- *port = transport->port; -- *proxy_type = transport->socks_version; -- return 0; -- } - } - - *proxy_type = PROXY_NONE; - return 0; - } - --/** Returns the global proxy type used by tor. */ --static int --get_proxy_type(void) --{ -- const or_options_t *options = get_options(); -- -- if (options->HTTPSProxy) -- return PROXY_CONNECT; -- else if (options->Socks4Proxy) -- return PROXY_SOCKS4; -- else if (options->Socks5Proxy) -- return PROXY_SOCKS5; -- else if (options->ClientTransportPlugin) -- return PROXY_PLUGGABLE; -- else -- return PROXY_NONE; --} -- - /** Log a failed connection to a proxy server. - * conn is the connection we use the proxy server for. */ - void -@@ -4457,7 +4446,7 @@ log_failed_proxy_connection(connection_t *conn) - log_warn(LD_NET, - "The connection to the %s proxy server at %s just failed. " - "Make sure that the proxy server is up and running.", -- proxy_type_to_string(get_proxy_type()), -+ proxy_type_to_string(proxy_type), - fmt_addrport(&proxy_addr, proxy_port)); - } - -diff --git a/src/or/transports.c b/src/or/transports.c -index 3749d6b..cae1f31 100644 ---- a/src/or/transports.c -+++ b/src/or/transports.c -@@ -103,6 +103,8 @@ static INLINE int proxy_configuration_finished(const managed_proxy_t *mp); - - static void managed_proxy_destroy(managed_proxy_t *mp, - int also_terminate_process); -+static char* get_pt_proxy_uri(void); -+static void parse_proxy_error(const char *line); - - static void handle_finished_proxy(managed_proxy_t *mp); - static int configure_proxy(managed_proxy_t *mp); -@@ -123,6 +125,8 @@ static INLINE void free_execve_args(char **arg); - #define PROTO_SMETHOD_ERROR "SMETHOD-ERROR" - #define PROTO_CMETHODS_DONE "CMETHODS DONE" - #define PROTO_SMETHODS_DONE "SMETHODS DONE" -+#define PROTO_PROXY_DONE "PROXY DONE" -+#define PROTO_PROXY_ERROR "PROXY-ERROR" - - /** The first and only supported - at the moment - configuration - protocol version. */ -@@ -434,6 +438,17 @@ add_transport_to_proxy(const char *transport, managed_proxy_t *mp) - static int - proxy_needs_restart(const managed_proxy_t *mp) - { -+ int ret = 1; -+ char* proxy_uri; -+ -+ /* If the PT proxy config has changed, then all existing pluggable transports -+ * should be restarted. -+ */ -+ -+ proxy_uri = get_pt_proxy_uri(); -+ if (strcmp_opt(proxy_uri, mp->proxy_uri) != 0) -+ goto needs_restart; -+ - /* mp->transport_to_launch is populated with the names of the - transports that must be launched *after* the SIGHUP. - mp->transports is populated with the transports that were -@@ -454,10 +469,10 @@ proxy_needs_restart(const managed_proxy_t *mp) - - } SMARTLIST_FOREACH_END(t); - -- return 0; -- -- needs_restart: -- return 1; -+ ret = 0; -+needs_restart: -+ tor_free(proxy_uri); -+ return ret; - } - - /** Managed proxy mp must be restarted. Do all the necessary -@@ -488,6 +503,11 @@ proxy_prepare_for_restart(managed_proxy_t *mp) - SMARTLIST_FOREACH(mp->transports, transport_t *, t, transport_free(t)); - smartlist_clear(mp->transports); - -+ /* Reset the proxy's HTTPS/SOCKS proxy */ -+ tor_free(mp->proxy_uri); -+ mp->proxy_uri = get_pt_proxy_uri(); -+ mp->proxy_supported = 0; -+ - /* flag it as an infant proxy so that it gets launched on next tick */ - mp->conf_state = PT_PROTO_INFANT; - unconfigured_proxies_n++; -@@ -718,12 +738,52 @@ managed_proxy_destroy(managed_proxy_t *mp, - /* free the argv */ - free_execve_args(mp->argv); - -+ /* free the outgoing proxy URI */ -+ tor_free(mp->proxy_uri); -+ - tor_process_handle_destroy(mp->process_handle, also_terminate_process); - mp->process_handle = NULL; - - tor_free(mp); - } - -+/** Convert the tor proxy options to a URI suitable for TOR_PT_PROXY. */ -+static char * -+get_pt_proxy_uri(void) -+{ -+ const or_options_t *options = get_options(); -+ char *uri = NULL; -+ -+ if (options->Socks4Proxy || options->Socks5Proxy || options->HTTPSProxy) { -+ char addr[TOR_ADDR_BUF_LEN+1]; -+ -+ if (options->Socks4Proxy) { -+ tor_addr_to_str(addr, &options->Socks4ProxyAddr, sizeof(addr), 1); -+ tor_asprintf(&uri, "socks4a://%s:%d", addr, options->Socks4ProxyPort); -+ } else if (options->Socks5Proxy) { -+ tor_addr_to_str(addr, &options->Socks5ProxyAddr, sizeof(addr), 1); -+ if (!options->Socks5ProxyUsername && !options->Socks5ProxyPassword) { -+ tor_asprintf(&uri, "socks5://%s:%d", addr, options->Socks5ProxyPort); -+ } else { -+ tor_asprintf(&uri, "socks5://%s:%s@%s:%d", -+ options->Socks5ProxyUsername, -+ options->Socks5ProxyPassword, -+ addr, options->Socks5ProxyPort); -+ } -+ } else if (options->HTTPSProxy) { -+ tor_addr_to_str(addr, &options->HTTPSProxyAddr, sizeof(addr), 1); -+ if (!options->HTTPSProxyAuthenticator) { -+ tor_asprintf(&uri, "http://%s:%d", addr, options->HTTPSProxyPort); -+ } else { -+ tor_asprintf(&uri, "http://%s@%s:%d", options->HTTPSProxyAuthenticator, -+ addr, options->HTTPSProxyPort); -+ } -+ } -+ } -+ -+ return uri; -+} -+ - /** Handle a configured or broken managed proxy mp. */ - static void - handle_finished_proxy(managed_proxy_t *mp) -@@ -736,6 +796,12 @@ handle_finished_proxy(managed_proxy_t *mp) - managed_proxy_destroy(mp, 0); /* destroy it but don't terminate */ - break; - case PT_PROTO_CONFIGURED: /* if configured correctly: */ -+ if (mp->proxy_uri && !mp->proxy_supported) { -+ log_warn(LD_CONFIG, "Managed proxy '%s' did not configure the " -+ "specified outgoing proxy.", mp->argv[0]); -+ managed_proxy_destroy(mp, 1); /* annihilate it. */ -+ break; -+ } - register_proxy(mp); /* register its transports */ - mp->conf_state = PT_PROTO_COMPLETED; /* and mark it as completed. */ - break; -@@ -854,6 +920,22 @@ handle_proxy_line(const char *line, managed_proxy_t *mp) - goto err; - - return; -+ } else if (!strcmpstart(line, PROTO_PROXY_DONE)) { -+ if (mp->conf_state != PT_PROTO_ACCEPTING_METHODS) -+ goto err; -+ -+ if (mp->proxy_uri) { -+ mp->proxy_supported = 1; -+ return; -+ } -+ -+ /* No proxy was configured, this should log */ -+ } else if (!strcmpstart(line, PROTO_PROXY_ERROR)) { -+ if (mp->conf_state != PT_PROTO_ACCEPTING_METHODS) -+ goto err; -+ -+ parse_proxy_error(line); -+ goto err; - } else if (!strcmpstart(line, SPAWN_ERROR_MESSAGE)) { - /* managed proxy launch failed: parse error message to learn why. */ - int retval, child_state, saved_errno; -@@ -1105,6 +1187,21 @@ parse_cmethod_line(const char *line, managed_proxy_t *mp) - return r; - } - -+/** Parses an PROXY-ERROR line and warns the user accordingly. */ -+static void -+parse_proxy_error(const char *line) -+{ -+ /* (Length of the protocol string) plus (a space) and (the first char of -+ the error message) */ -+ if (strlen(line) < (strlen(PROTO_PROXY_ERROR) + 2)) -+ log_notice(LD_CONFIG, "Managed proxy sent us an %s without an error " -+ "message.", PROTO_PROXY_ERROR); -+ -+ log_warn(LD_CONFIG, "Managed proxy failed to configure the " -+ "pluggable transport's outgoing proxy. (%s)", -+ line+strlen(PROTO_PROXY_ERROR)+1); -+} -+ - /** Return the string that tor should place in TOR_PT_SERVER_BINDADDR - * while configuring the server managed proxy in mp. The - * string is stored in the heap, and it's the the responsibility of -@@ -1193,6 +1290,14 @@ create_managed_proxy_environment(const managed_proxy_t *mp) - * variable in Tor's environment and crash PTs that try to parse - * it even when not run in server mode.) */ - smartlist_add(envs, tor_strdup("TOR_PT_EXTENDED_SERVER_PORT=")); -+ } else { -+ /* If ClientTransportPlugin has a HTTPS/SOCKS proxy configured, set the -+ * TOR_PT_PROXY line. -+ */ -+ -+ if (mp->proxy_uri) { -+ smartlist_add_asprintf(envs, "TOR_PT_PROXY=%s", mp->proxy_uri); -+ } - } - - SMARTLIST_FOREACH_BEGIN(envs, const char *, env_var) { -@@ -1225,6 +1330,7 @@ managed_proxy_create(const smartlist_t *transport_list, - mp->is_server = is_server; - mp->argv = proxy_argv; - mp->transports = smartlist_new(); -+ mp->proxy_uri = get_pt_proxy_uri(); - - mp->transports_to_launch = smartlist_new(); - SMARTLIST_FOREACH(transport_list, const char *, transport, -diff --git a/src/or/transports.h b/src/or/transports.h -index 6ee82f4..f13de5d 100644 ---- a/src/or/transports.h -+++ b/src/or/transports.h -@@ -74,6 +74,9 @@ typedef struct { - char **argv; /* the cli arguments of this proxy */ - int conf_protocol; /* the configuration protocol version used */ - -+ char *proxy_uri; /* the outgoing proxy in TOR_PT_PROXY URI format */ -+ int proxy_supported : 1; /* the proxy claims to honor TOR_PT_PROXY */ -+ - int is_server; /* is it a server proxy? */ - - /* A pointer to the process handle of this managed proxy. */ --- -1.8.1.2 - -From 34004139ee9380c5c468d28037520d02681dd7cf Mon Sep 17 00:00:00 2001 -From: Yawning Angel <yawning(a)schwanenlied.me> -Date: Thu, 1 May 2014 19:01:34 +0000 -Subject: [PATCH 2/2] Improve the log message when a transport doesn't support - proxies. - -Per feedback, explicltly note that the transport will be killed when it -does not acknowledge the configured outgoing proxy. ---- - src/or/transports.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/or/transports.c b/src/or/transports.c -index cae1f31..917d12a 100644 ---- a/src/or/transports.c -+++ b/src/or/transports.c -@@ -798,7 +798,8 @@ handle_finished_proxy(managed_proxy_t *mp) - case PT_PROTO_CONFIGURED: /* if configured correctly: */ - if (mp->proxy_uri && !mp->proxy_supported) { - log_warn(LD_CONFIG, "Managed proxy '%s' did not configure the " -- "specified outgoing proxy.", mp->argv[0]); -+ "specified outgoing proxy and will be terminated.", -+ mp->argv[0]); - managed_proxy_destroy(mp, 1); /* annihilate it. */ - break; - } --- -1.8.1.2 - diff --git a/gitian/patches/bug9665.patch b/gitian/patches/bug9665.patch deleted file mode 100644 index aeab37b..0000000 --- a/gitian/patches/bug9665.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 08ae53e400ff6fa2d8147aad440c38173c106cae Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?F=C3=A1bio=20J=2E=20Bertinatto?= <fabiojrb(a)gmail.com> -Date: Tue, 5 Nov 2013 00:50:16 -0200 -Subject: [PATCH 1/3] Fix bug9665 - ---- - src/or/connection_or.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/or/connection_or.c b/src/or/connection_or.c -index 04ad2cc..ba3ac00 100644 ---- a/src/or/connection_or.c -+++ b/src/or/connection_or.c -@@ -1195,6 +1195,11 @@ connection_or_connect(const tor_addr_t *_addr, uint16_t port, - "your pluggable transport proxy stopped running.", - fmt_addrport(&TO_CONN(conn)->addr, TO_CONN(conn)->port), - transport_name, transport_name); -+ -+ control_event_bootstrap_problem( -+ "Can't connect to bridge", -+ END_OR_CONN_REASON_NO_ROUTE); -+ - } else { - log_warn(LD_GENERAL, "Tried to connect to '%s' through a proxy, but " - "the proxy address could not be found.", --- -1.8.1.2 - -From 754a50592c412d95d2eb48038784d0ef725a7dc2 Mon Sep 17 00:00:00 2001 -From: Nick Mathewson <nickm(a)torproject.org> -Date: Mon, 7 Apr 2014 13:41:07 -0400 -Subject: [PATCH 2/3] Forward-port bug9665 fix to work with our fix for 11069 - ---- - src/or/connection_or.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/or/connection_or.c b/src/or/connection_or.c -index ba3ac00..01ff4dc 100644 ---- a/src/or/connection_or.c -+++ b/src/or/connection_or.c -@@ -1198,7 +1198,8 @@ connection_or_connect(const tor_addr_t *_addr, uint16_t port, - - control_event_bootstrap_problem( - "Can't connect to bridge", -- END_OR_CONN_REASON_NO_ROUTE); -+ END_OR_CONN_REASON_NO_ROUTE, -+ conn); - - } else { - log_warn(LD_GENERAL, "Tried to connect to '%s' through a proxy, but " --- -1.8.1.2 - -From 90341b4852bf88f1fdf9fd150fa2f5c47f88b2cb Mon Sep 17 00:00:00 2001 -From: Nick Mathewson <nickm(a)torproject.org> -Date: Mon, 7 Apr 2014 13:44:22 -0400 -Subject: [PATCH 3/3] For missing transport, say "PT_MISSING" not "NO_ROUTE" - ---- - src/or/connection_or.c | 2 +- - src/or/or.h | 3 ++- - src/or/reasons.c | 2 ++ - 3 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/or/connection_or.c b/src/or/connection_or.c -index 01ff4dc..6572a91 100644 ---- a/src/or/connection_or.c -+++ b/src/or/connection_or.c -@@ -1198,7 +1198,7 @@ connection_or_connect(const tor_addr_t *_addr, uint16_t port, - - control_event_bootstrap_problem( - "Can't connect to bridge", -- END_OR_CONN_REASON_NO_ROUTE, -+ END_OR_CONN_REASON_PT_MISSING, - conn); - - } else { -diff --git a/src/or/or.h b/src/or/or.h -index 38ab176..1b35c1f 100644 ---- a/src/or/or.h -+++ b/src/or/or.h -@@ -604,7 +604,8 @@ typedef enum { - #define END_OR_CONN_REASON_NO_ROUTE 6 /* no route to host/net */ - #define END_OR_CONN_REASON_IO_ERROR 7 /* read/write error */ - #define END_OR_CONN_REASON_RESOURCE_LIMIT 8 /* sockets, buffers, etc */ --#define END_OR_CONN_REASON_MISC 9 -+#define END_OR_CONN_REASON_PT_MISSING 9 /* PT failed or not available */ -+#define END_OR_CONN_REASON_MISC 10 - - /* Reasons why we (or a remote OR) might close a stream. See tor-spec.txt for - * documentation of these. The values must match. */ -diff --git a/src/or/reasons.c b/src/or/reasons.c -index 0674474..750e89b 100644 ---- a/src/or/reasons.c -+++ b/src/or/reasons.c -@@ -231,6 +231,8 @@ orconn_end_reason_to_control_string(int r) - return "RESOURCELIMIT"; - case END_OR_CONN_REASON_MISC: - return "MISC"; -+ case END_OR_CONN_REASON_PT_MISSING: -+ return "PT_MISSING"; - case 0: - return ""; - default: --- -1.8.1.2 -

1 0

[tor-browser-bundle/master] Bug 8405: Add Tor patch for domain isolation.
by mikeperry＠torproject.org 29 Oct '14

29 Oct '14

commit 1eeb621e9a20afc065518f34e6a6c87c35109fa3 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Oct 28 17:50:47 2014 -0700 Bug 8405: Add Tor patch for domain isolation. Also clean up our patch application. --- gitian/descriptors/linux/gitian-tor.yml | 20 ++----- gitian/descriptors/mac/gitian-tor.yml | 20 ++----- gitian/descriptors/windows/gitian-tor.yml | 20 ++----- gitian/patches/bug8405.patch | 84 +++++++++++++++++++++++++++++ 4 files changed, 99 insertions(+), 45 deletions(-) diff --git a/gitian/descriptors/linux/gitian-tor.yml b/gitian/descriptors/linux/gitian-tor.yml index e678203..68a5bae 100644 --- a/gitian/descriptors/linux/gitian-tor.yml +++ b/gitian/descriptors/linux/gitian-tor.yml @@ -27,6 +27,7 @@ files: - "bug9665.patch" - "bug8402.patch" - "bug8402-master.patch" +- "bug8405.patch" - "dzip.sh" - "openssl-linux32-utils.zip" - "openssl-linux64-utils.zip" @@ -82,23 +83,12 @@ script: | export GIT_COMMITTER_NAME="nobody" export GIT_COMMITTER_EMAIL="nobody@localhost" export GIT_COMMITTER_DATE="$REFERENCE_DATETIME" - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; + if [ ${TOR_TAG::9} == "tor-0.2.5" ]; then - git am ~/build/bug10297.patch - fi - if [ $BUILD_PT_BUNDLES ]; then - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; - then - git am ~/build/bug5018.patch - git am ~/build/bug11069.patch - git am ~/build/bug11156.patch - git am ~/build/bug9665.patch - git am ~/build/bug11200.patch - git am ~/build/bug8402.patch - elif [ ${TOR_TAG::9} == "tor-0.2.5" ]; - then + git am ~/build/bug8405.patch git am ~/build/bug8402-master.patch - fi + else # 0.2.6 and master + git am ~/build/bug8405.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/descriptors/mac/gitian-tor.yml b/gitian/descriptors/mac/gitian-tor.yml index 6022c0b..36b5b0f 100644 --- a/gitian/descriptors/mac/gitian-tor.yml +++ b/gitian/descriptors/mac/gitian-tor.yml @@ -23,6 +23,7 @@ files: - "bug9665.patch" - "bug8402.patch" - "bug8402-master.patch" +- "bug8405.patch" - "apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb" - "multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz" - "dzip.sh" @@ -60,23 +61,12 @@ script: | export GIT_COMMITTER_NAME="nobody" export GIT_COMMITTER_EMAIL="nobody@localhost" export GIT_COMMITTER_DATE="$REFERENCE_DATETIME" - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; + if [ ${TOR_TAG::9} == "tor-0.2.5" ]; then - git am ~/build/bug10297.patch - fi - if [ $BUILD_PT_BUNDLES ]; then - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; - then - git am ~/build/bug5018.patch - git am ~/build/bug11069.patch - git am ~/build/bug11156.patch - git am ~/build/bug9665.patch - git am ~/build/bug11200.patch - git am ~/build/bug8402.patch - elif [ ${TOR_TAG::9} == "tor-0.2.5" ]; - then + git am ~/build/bug8405.patch git am ~/build/bug8402-master.patch - fi + else # 0.2.6 and master + git am ~/build/bug8405.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/descriptors/windows/gitian-tor.yml b/gitian/descriptors/windows/gitian-tor.yml index 0ac603c..6be93b5 100644 --- a/gitian/descriptors/windows/gitian-tor.yml +++ b/gitian/descriptors/windows/gitian-tor.yml @@ -23,6 +23,7 @@ files: - "bug9665.patch" - "bug8402.patch" - "bug8402-master.patch" +- "bug8405.patch" - "binutils.tar.bz2" - "dzip.sh" - "mingw-w64-win32-utils.zip" @@ -60,23 +61,12 @@ script: | export GIT_COMMITTER_NAME="nobody" export GIT_COMMITTER_EMAIL="nobody@localhost" export GIT_COMMITTER_DATE="$REFERENCE_DATETIME" - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; + if [ ${TOR_TAG::9} == "tor-0.2.5" ]; then - git am ~/build/bug10297.patch - fi - if [ $BUILD_PT_BUNDLES ]; then - if [ ${TOR_TAG::9} == "tor-0.2.4" ]; - then - git am ~/build/bug5018.patch - git am ~/build/bug11069.patch - git am ~/build/bug11156.patch - git am ~/build/bug9665.patch - git am ~/build/bug11200.patch - git am ~/build/bug8402.patch - elif [ ${TOR_TAG::9} == "tor-0.2.5" ]; - then + git am ~/build/bug8405.patch git am ~/build/bug8402-master.patch - fi + else # 0.2.6 and master + git am ~/build/bug8405.patch fi mkdir -p $OUTDIR/src #git archive HEAD | tar -x -C $OUTDIR/src diff --git a/gitian/patches/bug8405.patch b/gitian/patches/bug8405.patch new file mode 100644 index 0000000..3c40632 --- /dev/null +++ b/gitian/patches/bug8405.patch @@ -0,0 +1,84 @@ +From a298c77f7eba232154ff08ca1119b05ccd9eee9e Mon Sep 17 00:00:00 2001 +From: Arthur Edelstein <arthuredelstein(a)gmail.com> +Date: Tue, 15 Jul 2014 21:27:59 -0700 +Subject: [PATCH] Bug #8405: Report SOCKS username/password in CIRC status + events + +Introduces two new circuit status name-value parameters: SOCKS_USERNAME +and SOCKS_PASSWORD. Values are enclosing in quotes and unusual characters +are escaped. + +Example: + + 650 CIRC 5 EXTENDED [...] SOCKS_USERNAME="my_username" SOCKS_PASSWORD="my_password" +--- + src/common/util.c | 14 ++++++++++++++ + src/common/util.h | 1 + + src/or/control.c | 14 ++++++++++++++ + 3 files changed, 29 insertions(+) + +diff --git a/src/common/util.c b/src/common/util.c +index 8589344..64cee56 100644 +--- a/src/common/util.c ++++ b/src/common/util.c +@@ -1222,6 +1222,20 @@ esc_for_log(const char *s) + return result; + } + ++/** Similar to esc_for_log. Allocate and return a new string representing ++ * the first n characters in chars, surround by quotes and using ++ * standard C escapes. If a NUL character is encountered in chars, ++ * the resulting string will be terminated there. ++ */ ++char * ++esc_for_log_len(const char *chars, size_t n) ++{ ++ char *string = tor_strndup(chars, n); ++ char *string_escaped = esc_for_log(string); ++ tor_free(string); ++ return string_escaped; ++} ++ + /** Allocate and return a new string representing the contents of s, + * surrounded by quotes and using standard C escapes. + * +diff --git a/src/common/util.h b/src/common/util.h +index 97367a9..50c5a3d 100644 +--- a/src/common/util.h ++++ b/src/common/util.h +@@ -229,6 +229,7 @@ int tor_mem_is_zero(const char *mem, size_t len); + int tor_digest_is_zero(const char *digest); + int tor_digest256_is_zero(const char *digest); + char *esc_for_log(const char *string) ATTR_MALLOC; ++char *esc_for_log_len(const char *chars, size_t n) ATTR_MALLOC; + const char *escaped(const char *string); + + char *tor_escape_str_for_pt_args(const char *string, +diff --git a/src/or/control.c b/src/or/control.c +index 9285fc5..aa46df6 100644 +--- a/src/or/control.c ++++ b/src/or/control.c +@@ -1862,6 +1862,20 @@ circuit_describe_status_for_controller(origin_circuit_t *circ) + smartlist_add_asprintf(descparts, "TIME_CREATED=%s", tbuf); + } + ++ // Show username and/or password if available. ++ if (circ->socks_username_len > 0) { ++ char* socks_username_escaped = esc_for_log_len(circ->socks_username, ++ (size_t) circ->socks_username_len); ++ smartlist_add_asprintf(descparts, "SOCKS_USERNAME=%s", socks_username_escaped); ++ tor_free(socks_username_escaped); ++ } ++ if (circ->socks_password_len > 0) { ++ char* socks_password_escaped = esc_for_log_len(circ->socks_password, ++ (size_t) circ->socks_password_len); ++ smartlist_add_asprintf(descparts, "SOCKS_PASSWORD=%s", socks_password_escaped); ++ tor_free(socks_password_escaped); ++ } ++ + rv = smartlist_join_strings(descparts, " ", 0, NULL); + + SMARTLIST_FOREACH(descparts, char *, cp, tor_free(cp)); +-- +1.8.3.4 (Apple Git-47) +

1 0

[tor-browser-bundle/master] Switch nightlies and alpha to new Tor Browser branch.
by mikeperry＠torproject.org 28 Oct '14

28 Oct '14

commit 42d1b7373a8dbb9f6359c1c1a3589af392878d7b Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Oct 28 16:15:39 2014 -0700 Switch nightlies and alpha to new Tor Browser branch. --- gitian/versions.alpha | 2 +- gitian/versions.nightly | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 0fb2bd0..6c49137 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -8,7 +8,7 @@ FIREFOX_VERSION=31.2.0esr TORBROWSER_UPDATE_CHANNEL=alpha -TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1-build3 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.5-1-build1 TOR_TAG=tor-0.2.5.10 TORLAUNCHER_TAG=0.2.7.0.1 TORBUTTON_TAG=1.7.0.1 diff --git a/gitian/versions.nightly b/gitian/versions.nightly index dc545ae..e6ea2a1 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -8,7 +8,7 @@ FIREFOX_VERSION=31.2.0esr TORBROWSER_UPDATE_CHANNEL=default -TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.5-1 TOR_TAG=master TORLAUNCHER_TAG=master TORBUTTON_TAG=master

1 0

[tor-browser-bundle/master] Bug 12903: Integrate obfs4proxy into Tor Browser.
by mikeperry＠torproject.org 28 Oct '14

28 Oct '14

commit bb6389fbe7aa9539c4dce2aba0659e61ae8a376a Author: Georg Koppen <gk(a)torproject.org> Date: Mon Oct 13 11:42:46 2014 +0000 Bug 12903: Integrate obfs4proxy into Tor Browser. We start shipping obfs4proxy in Tor Browser nightlies and the alpha series. --- .../Docs/Licenses/PluggableTransports/LICENSE | 77 +++++++++++++++++--- Bundle-Data/PTConfigs/bridge_prefs.js | 4 + .../PTConfigs/linux/torrc-defaults-appendix | 6 +- Bundle-Data/PTConfigs/mac/torrc-defaults-appendix | 5 +- .../PTConfigs/windows/torrc-defaults-appendix | 5 +- .../linux/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../mac/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../windows/gitian-pluggable-transports.yml | 54 ++++++++++++++ gitian/fetch-inputs.sh | 17 ++++- gitian/gpg/obfs4proxy.gpg | Bin 0 -> 34128 bytes gitian/mkbundle-linux.sh | 3 +- gitian/mkbundle-mac.sh | 3 +- gitian/mkbundle-windows.sh | 3 +- gitian/verify-tags.sh | 5 +- gitian/versions.alpha | 9 +++ gitian/versions.nightly | 9 +++ 16 files changed, 291 insertions(+), 17 deletions(-) diff --git a/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE b/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE index 749986b..c6efd2c 100644 --- a/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE +++ b/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE @@ -13,15 +13,6 @@ file LICENSE.PYTHON. =============================================================================== -Go - -Some pluggable transports are written in Go and the binary packages include -parts of the Go runtime library. A copy of the Go license (which itself -includes the licenses of some of Go's components) is included in the file -LICENSE.GO. - -=============================================================================== - OpenSSL (From http://openssl.org/source/license.html.) @@ -447,3 +438,71 @@ To the extent possible under law, the authors have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty. See LICENSE.CC0. + +=============================================================================== + +obfs4 + +Copyright (c) 2014, Yawning Angel <yawning at torproject dot org> +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +=============================================================================== + +go.net + +Copyright 2009 The Go Authors. All rights reserved. +Use of this source code is governed by a BSD-style +license that can be found in the LICENSE file. + +For details about the Go License, please see LICENSE.GO. + +=============================================================================== + +go.crypto + +Copyright 2009 The Go Authors. All rights reserved. +Use of this source code is governed by a BSD-style +license that can be found in the LICENSE file. + +For details about the Go License, please see LICENSE.GO. + +=============================================================================== + +agl/ed25519 + +Copyright 2013 The Go Authors. All rights reserved. +Use of this source code is governed by a BSD-style +license that can be found in the LICENSE file. + +For details about the Go License, please see LICENSE.GO. + +=============================================================================== + +dchest/siphash + +To the extent possible under law, the authors have dedicated all +copyright and related and neighboring rights to this software to the +public domain worldwide. This software is distributed without any +warranty. See LICENSE.CC0. diff --git a/Bundle-Data/PTConfigs/bridge_prefs.js b/Bundle-Data/PTConfigs/bridge_prefs.js index d9c2049..7684fec 100644 --- a/Bundle-Data/PTConfigs/bridge_prefs.js +++ b/Bundle-Data/PTConfigs/bridge_prefs.js @@ -30,6 +30,10 @@ pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.4 pref("extensions.torlauncher.default_bridge.scramblesuit.2", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T"); pref("extensions.torlauncher.default_bridge.scramblesuit.3", "scramblesuit 83.212.101.3:443 A09D536DD1752D542E1FBB3C9CE4449D51298239 password=XTCXLG2JAMJKZW2POLBAOWOQETQSMASH"); +pref("extensions.torlauncher.default_bridge.obfs4.1", "obfs4 178.209.52.110:443 67E72FF33D7D41BF11C569646A0A7B4B188340DF cert=Z+cv8z19Qb8RxWlkagp7SxiDQN++b7D2Tntowhf+j4D15/kLuj3EoSSGvuREGPc3h60Ofw iat-mode=0"); +pref("extensions.torlauncher.default_bridge.obfs4.2", "obfs4 83.212.101.3:41213 A09D536DD1752D542E1FBB3C9CE4449D51298239 cert=lPRQ/MXdD1t5SRZ9MquYQNT9m5DV757jtdXdlePmRCudUU9CFUOX1Tm7/meFSyPOsud7Cw iat-mode=0"); +pref("extensions.torlauncher.default_bridge.obfs4.3", "obfs4 104.131.108.182:56880 EF577C30B9F788B0E1801CF7E433B3B77792B77A cert=0SFhfDQrKjUJP8Qq6wrwSICEPf3Vl/nJRsYxWbg3QRoSqhl2EB78MPS2lQxbXY4EW1wwXA iat-mode=0"); + pref("extensions.torlauncher.default_bridge.meek-google.1", "meek 0.0.2.0:1 url=https://meek-reflect.appspot.com/ front=www.google.com"); pref("extensions.torlauncher.default_bridge.meek-amazon.1", "meek 0.0.2.0:2 url=https://d2zfqthxsdq309.cloudfront.net/ front=a0.awsstatic.com"); pref("extensions.torlauncher.default_bridge.meek-azure.1", "meek 0.0.2.0:3 url=https://az668014.vo.msecnd.net/ front=ajax.aspnetcdn.com"); diff --git a/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix b/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix index d019d19..50e03fd 100644 --- a/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix @@ -2,7 +2,11 @@ ClientTransportPlugin fte exec ./TorBrowser/Tor/PluggableTransports/fteproxy.bin --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec ./TorBrowser/Tor/PluggableTransports/obfsproxy.bin managed +ClientTransportPlugin scramblesuit exec ./TorBrowser/Tor/PluggableTransports/obfsproxy.bin managed + +## obfs4proxy configuration +ClientTransportPlugin obfs2,obfs3,obfs4 exec ./TorBrowser/Tor/PluggableTransports/obfs4proxy + ## flash proxy configuration # # Change the second number here (9000) to the number of a port that can diff --git a/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix b/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix index d6ec189..604098f 100644 --- a/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix @@ -2,7 +2,10 @@ ClientTransportPlugin fte exec PluggableTransports/fteproxy.bin --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec PluggableTransports/obfsproxy.bin managed +ClientTransportPlugin scramblesuit exec PluggableTransports/obfsproxy.bin managed + +## obfs4proxy configuration +ClientTransportPlugin obfs2,obfs3,obfs4 exec PluggableTransports/obfs4proxy ## flash proxy configuration # diff --git a/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix b/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix index f1b103d..d92d201 100644 --- a/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix @@ -2,7 +2,10 @@ ClientTransportPlugin fte exec TorBrowser\Tor\PluggableTransports\fteproxy --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec TorBrowser\Tor\PluggableTransports\obfsproxy managed +ClientTransportPlugin scramblesuit exec TorBrowser\Tor\PluggableTransports\obfsproxy managed + +## obfs4proxy configuration +ClientTransportPlugin obfs2,obfs3,obfs4 exec TorBrowser\Tor\PluggableTransports\obfs4proxy ## flash proxy configuration # diff --git a/gitian/descriptors/linux/gitian-pluggable-transports.yml b/gitian/descriptors/linux/gitian-pluggable-transports.yml index 7e23ec5..daa1225 100644 --- a/gitian/descriptors/linux/gitian-pluggable-transports.yml +++ b/gitian/descriptors/linux/gitian-pluggable-transports.yml @@ -32,6 +32,12 @@ remotes: "dir": "goptlib" - "url": "https://git.torproject.org/pluggable-transports/meek.git" "dir": "meek" +- "url": "https://github.com/agl/ed25519.git" + "dir": "ed25519" +- "url": "https://github.com/dchest/siphash.git" + "dir": "siphash" +- "url": "https://git.torproject.org/pluggable-transports/obfs4.git" + "dir": "obfs4" files: - "pycrypto.tar.gz" - "argparse.tar.gz" @@ -46,6 +52,8 @@ files: - "gmp-linux64-utils.zip" - "openssl-linux32-utils.zip" - "openssl-linux64-utils.zip" +- "go.crypto.tar.bz2" +- "go.net.tar.bz2" script: | INSTDIR="$HOME/install" PTDIR="$INSTDIR/Tor/PluggableTransports" @@ -217,6 +225,52 @@ script: | cp -a README doc/*.1 $INSTDIR/Docs/meek cd .. + # Building go ed25519 + cd ed25519 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/agl/" + ln -sf "$PWD" "$GOPATH/src/github.com/agl/ed25519" + go install github.com/agl/ed25519/extra25519 + cd .. + + # Building go siphash + cd siphash + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/dchest/" + ln -sf "$PWD" "$GOPATH/src/github.com/dchest/siphash" + go install github.com/dchest/siphash + cd .. + + # Building go.crypto + tar xjf go.crypto.tar.bz2 + cd go.crypto + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.crypto" + go install code.google.com/p/go.crypto/curve25519 + go install code.google.com/p/go.crypto/hkdf + go install code.google.com/p/go.crypto/nacl/secretbox + cd .. + + # Building go.net + tar xjf go.net.tar.bz2 + cd go.net + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.net" + go install code.google.com/p/go.net/proxy + cd .. + + # Building obfs4proxy + cd obfs4 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/git.torproject.org/pluggable-transports" + ln -sf "$PWD" "$GOPATH/src/git.torproject.org/pluggable-transports/obfs4.git" + cd obfs4proxy + go build -ldflags '-s' + cp -a obfs4proxy $PTDIR + cd ../.. + # Grabbing the results cd $INSTDIR ~/build/dzip.sh pluggable-transports-linux$GBUILD_BITS-gbuilt.zip Tor/ Docs/ diff --git a/gitian/descriptors/mac/gitian-pluggable-transports.yml b/gitian/descriptors/mac/gitian-pluggable-transports.yml index 33df49f..4c25f07 100644 --- a/gitian/descriptors/mac/gitian-pluggable-transports.yml +++ b/gitian/descriptors/mac/gitian-pluggable-transports.yml @@ -30,6 +30,12 @@ remotes: "dir": "goptlib" - "url": "https://git.torproject.org/pluggable-transports/meek.git" "dir": "meek" +- "url": "https://github.com/agl/ed25519.git" + "dir": "ed25519" +- "url": "https://github.com/dchest/siphash.git" + "dir": "siphash" +- "url": "https://git.torproject.org/pluggable-transports/obfs4.git" + "dir": "obfs4" files: - "pycrypto.tar.gz" - "argparse.tar.gz" @@ -44,6 +50,8 @@ files: - "dzip.sh" - "gmp-mac32-utils.zip" - "openssl-mac32-utils.zip" +- "go.crypto.tar.bz2" +- "go.net.tar.bz2" script: | INSTDIR="$HOME/install" TBDIR="$INSTDIR/TorBrowserBundle.app/TorBrowser" @@ -245,6 +253,52 @@ script: | cp -a README doc/*.1 $TBDIR/Docs/meek cd .. + # Building go ed25519 + cd ed25519 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/agl/" + ln -sf "$PWD" "$GOPATH/src/github.com/agl/ed25519" + go install github.com/agl/ed25519/extra25519 + cd .. + + # Building go siphash + cd siphash + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/dchest/" + ln -sf "$PWD" "$GOPATH/src/github.com/dchest/siphash" + go install github.com/dchest/siphash + cd .. + + # Building go.crypto + tar xjf go.crypto.tar.bz2 + cd go.crypto + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.crypto" + go install code.google.com/p/go.crypto/curve25519 + go install code.google.com/p/go.crypto/hkdf + go install code.google.com/p/go.crypto/nacl/secretbox + cd .. + + # Building go.net + tar xjf go.net.tar.bz2 + cd go.net + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.net" + go install code.google.com/p/go.net/proxy + cd .. + + # Building obfs4proxy + cd obfs4 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/git.torproject.org/pluggable-transports" + ln -sf "$PWD" "$GOPATH/src/git.torproject.org/pluggable-transports/obfs4.git" + cd obfs4proxy + go build -ldflags '-s' + cp -a obfs4proxy $PTDIR + cd ../.. + # Grabbing the result cd $INSTDIR ~/build/dzip.sh pluggable-transports-mac$GBUILD_BITS-gbuilt.zip TorBrowserBundle.app diff --git a/gitian/descriptors/windows/gitian-pluggable-transports.yml b/gitian/descriptors/windows/gitian-pluggable-transports.yml index 6a6301d..bd3189b 100644 --- a/gitian/descriptors/windows/gitian-pluggable-transports.yml +++ b/gitian/descriptors/windows/gitian-pluggable-transports.yml @@ -29,6 +29,12 @@ remotes: "dir": "goptlib" - "url": "https://git.torproject.org/pluggable-transports/meek.git" "dir": "meek" +- "url": "https://github.com/agl/ed25519.git" + "dir": "ed25519" +- "url": "https://github.com/dchest/siphash.git" + "dir": "siphash" +- "url": "https://git.torproject.org/pluggable-transports/obfs4.git" + "dir": "obfs4" files: - "setuptools.tar.gz" - "pycrypto.tar.gz" @@ -49,6 +55,8 @@ files: - "openssl-win32-utils.zip" - "gmp-win32-utils.zip" - "gcclibs-win32-utils.zip" +- "go.crypto.tar.bz2" +- "go.net.tar.bz2" script: | # Set the timestamp on every .pyc file in a zip file, and re-dzip the zip file. function py2exe_zip_timestomp { @@ -323,6 +331,52 @@ script: | cp -a README doc/*.1.txt $INSTDIR/Docs/meek cd .. + # Building go ed25519 + cd ed25519 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/agl/" + ln -sf "$PWD" "$GOPATH/src/github.com/agl/ed25519" + go install github.com/agl/ed25519/extra25519 + cd .. + + # Building go siphash + cd siphash + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/github.com/dchest/" + ln -sf "$PWD" "$GOPATH/src/github.com/dchest/siphash" + go install github.com/dchest/siphash + cd .. + + # Building go.crypto + tar xjf go.crypto.tar.bz2 + cd go.crypto + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.crypto" + go install code.google.com/p/go.crypto/curve25519 + go install code.google.com/p/go.crypto/hkdf + go install code.google.com/p/go.crypto/nacl/secretbox + cd .. + + # Building go.net + tar xjf go.net.tar.bz2 + cd go.net + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/code.google.com/p/" + ln -sf "$PWD" "$GOPATH/src/code.google.com/p/go.net" + go install code.google.com/p/go.net/proxy + cd .. + + # Building obfs4proxy + cd obfs4 + find -type f | xargs touch --date="$REFERENCE_DATETIME" + mkdir -p "$GOPATH/src/git.torproject.org/pluggable-transports" + ln -sf "$PWD" "$GOPATH/src/git.torproject.org/pluggable-transports/obfs4.git" + cd obfs4proxy + go build -ldflags '-s' + cp -a obfs4proxy.exe $PTDIR + cd ../.. + # http://bugs.winehq.org/show_bug.cgi?id=3591 cp -a $INSTDIR/python/python27.dll $PTDIR/ diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh index ef4dbf7..049824a 100755 --- a/gitian/fetch-inputs.sh +++ b/gitian/fetch-inputs.sh @@ -6,6 +6,7 @@ MIRROR_URL=https://people.torproject.org/~mikeperry/mirrors/sources/ MIRROR_URL_DCF=https://people.torproject.org/~dcf/mirrors/sources/ MIRROR_URL_ASN=https://people.torproject.org/~asn/mirrors/sources/ +MIRROR_URL_YAWNING=https://people.torproject.org/~yawning/mirrors/sources/ set -e set -u umask 0022 @@ -179,6 +180,15 @@ do get "${!PACKAGE}" "${!URL}" done +# XXX/Yawning. As far as I can tell, this gitian thing doesn't support +# fetching from hg repositories. +for i in GOCRYPTO GONET +do + PACKAGE="${i}_PACKAGE" + URL="${MIRROR_URL_YAWNING}${!PACKAGE}" + get "${!PACKAGE}" "${MIRROR_URL_YAWNING}${!PACKAGE}" +done + # Verify packages with weak or no signatures via multipath downloads # (OpenSSL is signed with MD5, and OSXSDK is not signed at all) # XXX: Google won't allow wget -N.. We need to re-download the whole @@ -208,7 +218,7 @@ wget -U "" -N ${HTTPSE_URL} # Verify packages with weak or no signatures via direct sha256 check # (OpenSSL is signed with MD5, and OSXSDK is not signed at all) -for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT HTTPSE MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP PARSLEY GO GCC +for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT HTTPSE MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP PARSLEY GO GCC GOCRYPTO GONET do PACKAGE="${i}_PACKAGE" HASH="${i}_HASH" @@ -262,6 +272,8 @@ ln -sf "$GMP_PACKAGE" gmp.tar.bz2 ln -sf "$LXML_PACKAGE" lxml.tar.gz ln -sf "$PARSLEY_PACKAGE" parsley.tar.gz ln -sf "$GO_PACKAGE" go.tar.gz +ln -sf "$GONET_PACKAGE" go.net.tar.bz2 +ln -sf "$GOCRYPTO_PACKAGE" go.crypto.tar.bz2 # Fetch latest gitian-builder itself # XXX - this is broken if a non-standard inputs dir is selected using the command line flag. @@ -295,6 +307,9 @@ txsocksx https://github.com/habnabit/txsocksx.git $TXSOCKSX_TAG goptlib https://git.torproject.org/pluggable-transports/goptlib.git $GOPTLIB_TAG meek https://git.torproject.org/pluggable-transports/meek.git $MEEK_TAG faketime https://github.com/wolfcw/libfaketime $FAKETIME_TAG +ed25519 https://github.com/agl/ed25519.git $GOED25519_TAG +siphash https://github.com/dchest/siphash.git $GOSIPHASH_TAG +obfs4 https://git.torproject.org/pluggable-transports/obfs4.git $OBFS4_TAG EOF exit 0 diff --git a/gitian/gpg/obfs4proxy.gpg b/gitian/gpg/obfs4proxy.gpg new file mode 100644 index 0000000..b9c490a Binary files /dev/null and b/gitian/gpg/obfs4proxy.gpg differ diff --git a/gitian/mkbundle-linux.sh b/gitian/mkbundle-linux.sh index 8321ffe..45f4f9b 100755 --- a/gitian/mkbundle-linux.sh +++ b/gitian/mkbundle-linux.sh @@ -94,6 +94,7 @@ then PYPTLIB_TAG=refs/tags/$PYPTLIB_TAG OBFSPROXY_TAG=refs/tags/$OBFSPROXY_TAG FLASHPROXY_TAG=refs/tags/$FLASHPROXY_TAG + OBFS4_TAG=refs/tags/$OBFS4_TAG fi cd $GITIAN_DIR @@ -221,7 +222,7 @@ then echo "****** Starting Pluggable Transports Component of Linux Bundle (4/5 for Linux) ******" echo - ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG $DESCRIPTOR_DIR/linux/gitian-pluggable-transports.yml + ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG,ed25519=$GOED25519_TAG,siphash=$GOSIPHASH_TAG,obfs4=$OBFS4_TAG $DESCRIPTOR_DIR/linux/gitian-pluggable-transports.yml if [ $? -ne 0 ]; then #mv var/build.log ./pluggable-transports-fail-linux.log.`date +%Y%m%d%H%M%S` diff --git a/gitian/mkbundle-mac.sh b/gitian/mkbundle-mac.sh index 9c5d99b..807319b 100755 --- a/gitian/mkbundle-mac.sh +++ b/gitian/mkbundle-mac.sh @@ -99,6 +99,7 @@ then PYPTLIB_TAG=refs/tags/$PYPTLIB_TAG OBFSPROXY_TAG=refs/tags/$OBFSPROXY_TAG FLASHPROXY_TAG=refs/tags/$FLASHPROXY_TAG + OBFS4_TAG=refs/tags/$OBFS4_TAG fi cd $GITIAN_DIR @@ -187,7 +188,7 @@ then echo "****** Starting Pluggable Transports Component of Mac Bundle (4/5 for Mac) ******" echo - ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG $DESCRIPTOR_DIR/mac/gitian-pluggable-transports.yml + ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG,ed25519=$GOED25519_TAG,siphash=$GOSIPHASH_TAG,obfs4=$OBFS4_TAG $DESCRIPTOR_DIR/mac/gitian-pluggable-transports.yml if [ $? -ne 0 ]; then #mv var/build.log ./firefox-fail-mac.log.`date +%Y%m%d%H%M%S` diff --git a/gitian/mkbundle-windows.sh b/gitian/mkbundle-windows.sh index 7600e07..38d1eff 100755 --- a/gitian/mkbundle-windows.sh +++ b/gitian/mkbundle-windows.sh @@ -92,6 +92,7 @@ then PYPTLIB_TAG=refs/tags/$PYPTLIB_TAG OBFSPROXY_TAG=refs/tags/$OBFSPROXY_TAG FLASHPROXY_TAG=refs/tags/$FLASHPROXY_TAG + OBFS4_TAG=refs/tags/$OBFS4_TAG fi cd $GITIAN_DIR @@ -190,7 +191,7 @@ then echo "****** Starting Pluggable Transports Component of Windows Bundle (4/5 for Windows) ******" echo - ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG $DESCRIPTOR_DIR/windows/gitian-pluggable-transports.yml + ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit pyptlib=$PYPTLIB_TAG,obfsproxy=$OBFSPROXY_TAG,flashproxy=$FLASHPROXY_TAG,libfte=$LIBFTE_TAG,fteproxy=$FTEPROXY_TAG,txsocksx=$TXSOCKSX_TAG,goptlib=$GOPTLIB_TAG,meek=$MEEK_TAG,ed25519=$GOED25519_TAG,siphash=$GOSIPHASH_TAG,obfs4=$OBFS4_TAG $DESCRIPTOR_DIR/windows/gitian-pluggable-transports.yml if [ $? -ne 0 ]; then #mv var/build.log ./pluggable-transports-fail-win32.log.`date +%Y%m%d%H%M%S` diff --git a/gitian/verify-tags.sh b/gitian/verify-tags.sh index b7a89f1..09454bb 100755 --- a/gitian/verify-tags.sh +++ b/gitian/verify-tags.sh @@ -101,6 +101,7 @@ obfsproxy obfsproxy.gpg $OBFSPROXY_TAG flashproxy flashproxy.gpg $FLASHPROXY_TAG goptlib goptlib.gpg $GOPTLIB_TAG meek meek.gpg $MEEK_TAG +obfs4 obfs4proxy.gpg $OBFS4_TAG EOF #https-everywhere https-everywhere.gpg $HTTPSE_TAG @@ -113,6 +114,8 @@ libfte $LIBFTE_TAG fteproxy $FTEPROXY_TAG txsocksx $TXSOCKSX_TAG faketime $FAKETIME_TAG +ed25519 $GOED25519_TAG +siphash $GOSIPHASH_TAG EOF # Verify signatures on signed packages @@ -136,7 +139,7 @@ done # Verify packages with weak or no signatures via direct sha256 check # (OpenSSL is signed with MD5, and OSXSDK is not signed at all) -for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT HTTPSE MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP PARSLEY GO GCC +for i in OSXSDK TOOLCHAIN4 TOOLCHAIN4_OLD NOSCRIPT HTTPSE MSVCR100 PYCRYPTO ARGPARSE PYYAML ZOPEINTERFACE TWISTED M2CRYPTO SETUPTOOLS OPENSSL GMP PARSLEY GO GCC GOCRYPTO GONET do PACKAGE="${i}_PACKAGE" HASH="${i}_HASH" diff --git a/gitian/versions.alpha b/gitian/versions.alpha index e17b071..0912b5d 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -27,6 +27,9 @@ TXSOCKSX_TAG=216eb0894a1755872f4789f9458aa6cf543b8433 # unsigned habnabit/1.13.0 GOPTLIB_TAG=0.2 MEEK_TAG=0.11 FAKETIME_TAG=70aa6b394d9341522dffe8a5a5cf5929e82cc6b9 # unsigned v0.9.6 +GOED25519_TAG=c4161f4c7483313562781c61b9a20aba73daf9de +GOSIPHASH_TAG=42ba037e748c9062a75e0924705c43b893edefcd +OBFS4_TAG=obfs4proxy-0.0.3 GITIAN_TAG=tor-browser-builder-3.x-7 @@ -74,6 +77,8 @@ SETUPTOOLS_PACKAGE=setuptools-${SETUPTOOLS_VER}.tar.gz LXML_PACKAGE=lxml-${LXML_VER}.tar.gz PARSLEY_PACKAGE=Parsley-${PARSLEY_VER}.tar.gz GO_PACKAGE=go${GO_VER}.src.tar.gz +GOCRYPTO_PACKAGE=go.crypto-5478be1963aa.tar.bz2 +GONET_PACKAGE=go.net-9c0f9daaa74b.tar.bz2 # Hashes for packages with weak sigs or no sigs OPENSSL_HASH=3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7 @@ -94,6 +99,8 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=1bb6fde89cfe8b9756a875af55d994cce0994861227b5dc0f268c143d91cd5ff +GOCRYPTO_HASH=a8e301714f5724999321f0397b867a5670a5e5c4f808ba157bdd93ee0d028827 +GONET_HASH=1812fec55256e1a6fe546111cc658520b80972f38826c94ec11ef24315d32353 ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/${OPENSSL_PACKAGE} @@ -119,3 +126,5 @@ SETUPTOOLS_URL=https://pypi.python.org/packages/source/s/setuptools/${SETUP… LXML_URL=https://pypi.python.org/packages/source/l/lxml/${LXML_PACKAGE} PARSLEY_URL=https://pypi.python.org/packages/source/P/Parsley/${PARSLEY_PAC… GO_URL=http://golang.org/dl/${GO_PACKAGE} +GOCRYPTO_URL=https://people.torproject.org/~yawning/mirrors/sources/${GOCRYPTO_PACKAGE} +GONET_URL=https://people.torproject.org/~yawning/mirrors/sources/${GONET_PACKAGE} diff --git a/gitian/versions.nightly b/gitian/versions.nightly index 5541ded..3867629 100755 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@ -28,6 +28,9 @@ TXSOCKSX_TAG=216eb0894a1755872f4789f9458aa6cf543b8433 # unsigned habnabit/1.13.0 GOPTLIB_TAG=master MEEK_TAG=master FAKETIME_TAG=70aa6b394d9341522dffe8a5a5cf5929e82cc6b9 # unsigned v0.9.6 +GOED25519_TAG=c4161f4c7483313562781c61b9a20aba73daf9de +GOSIPHASH_TAG=42ba037e748c9062a75e0924705c43b893edefcd +OBFS4_TAG=master GITIAN_TAG=tor-browser-builder-3.x-7 @@ -75,6 +78,8 @@ SETUPTOOLS_PACKAGE=setuptools-${SETUPTOOLS_VER}.tar.gz LXML_PACKAGE=lxml-${LXML_VER}.tar.gz PARSLEY_PACKAGE=Parsley-${PARSLEY_VER}.tar.gz GO_PACKAGE=go${GO_VER}.src.tar.gz +GOCRYPTO_PACKAGE=go.crypto-5478be1963aa.tar.bz2 +GONET_PACKAGE=go.net-9c0f9daaa74b.tar.bz2 # Hashes for packages with weak sigs or no sigs OPENSSL_HASH=3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7 @@ -95,6 +100,8 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=1bb6fde89cfe8b9756a875af55d994cce0994861227b5dc0f268c143d91cd5ff +GOCRYPTO_HASH=a8e301714f5724999321f0397b867a5670a5e5c4f808ba157bdd93ee0d028827 +GONET_HASH=1812fec55256e1a6fe546111cc658520b80972f38826c94ec11ef24315d32353 ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/${OPENSSL_PACKAGE} @@ -120,3 +127,5 @@ SETUPTOOLS_URL=https://pypi.python.org/packages/source/s/setuptools/${SETUP… LXML_URL=https://pypi.python.org/packages/source/l/lxml/${LXML_PACKAGE} PARSLEY_URL=https://pypi.python.org/packages/source/P/Parsley/${PARSLEY_PAC… GO_URL=http://golang.org/dl/${GO_PACKAGE} +GOCRYPTO_URL=https://people.torproject.org/~yawning/mirrors/sources/${GOCRYPTO_PACKAGE} +GONET_URL=https://people.torproject.org/~yawning/mirrors/sources/${GONET_PACKAGE}

1 0

[tor-browser-bundle/master] Update versions file for 4.5-alpha.
by mikeperry＠torproject.org 28 Oct '14

28 Oct '14

commit 329adc09efb6e7f7bcf36297313ddeaad979287f Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Oct 28 15:51:00 2014 -0700 Update versions file for 4.5-alpha. --- gitian/versions.alpha | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 0912b5d..0fb2bd0 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -1,35 +1,32 @@ -TORBROWSER_VERSION=4.0-alpha-3 +TORBROWSER_VERSION=4.5-alpha-1 BUNDLE_LOCALES="ar de es-ES fa fr it ko nl pl pt-PT ru tr vi zh-CN" BUILD_PT_BUNDLES=1 VERIFY_TAGS=1 -FIREFOX_VERSION=24.8.1esr +FIREFOX_VERSION=31.2.0esr TORBROWSER_UPDATE_CHANNEL=alpha -TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1-build1 -TOR_TAG=tor-0.2.5.8-rc -TORLAUNCHER_TAG=25bc6349f5f1e43c7d383883e6d6822b8edb41bc # 0.2.7.0 -TORBUTTON_TAG=1.6.12.3 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1-build3 +TOR_TAG=tor-0.2.5.10 +TORLAUNCHER_TAG=0.2.7.0.1 +TORBUTTON_TAG=1.7.0.1 HTTPSE_TAG=3.5.3 # XXX: HTTPSE_VER is used instead, pending #11630 NSIS_TAG=v0.2 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.21-stable -MINGW_TAG=9418eaa1854320b57f40e29ec5bbc4f5717ecd58 # tag v3.1.0 +MINGW_TAG=469ed5d227202b373409c8a3b4c1358be39b9983 # XXX: ??? PYPTLIB_TAG=pyptlib-0.0.6 OBFSPROXY_TAG=obfsproxy-0.2.12 FLASHPROXY_TAG=1.6 -LIBFTE_TAG=58734a5aec563600fa8d82fb48ea9d6b8e26556c # tag 0.1.0 +LIBFTE_TAG=85ef8ae58dbf0d02ea26b627e343784b5574c428 # sketch master with fix FTEPROXY_TAG=597f8378f6f4f3de570b8e1064c2e4cb8d67fbd0 # tag 0.2.19 LIBDMG_TAG=dfd5e5cc3dc1191e37d3c3a6118975afdd1d7014 TXSOCKSX_TAG=216eb0894a1755872f4789f9458aa6cf543b8433 # unsigned habnabit/1.13.0.2 GOPTLIB_TAG=0.2 MEEK_TAG=0.11 FAKETIME_TAG=70aa6b394d9341522dffe8a5a5cf5929e82cc6b9 # unsigned v0.9.6 -GOED25519_TAG=c4161f4c7483313562781c61b9a20aba73daf9de -GOSIPHASH_TAG=42ba037e748c9062a75e0924705c43b893edefcd -OBFS4_TAG=obfs4proxy-0.0.3 GITIAN_TAG=tor-browser-builder-3.x-7 @@ -38,7 +35,7 @@ GMP_VER=5.1.3 FIREFOX_LANG_VER=$FIREFOX_VERSION FIREFOX_LANG_BUILD=build1 BINUTILS_VER=2.24 -GCC_VER=4.8.3 +GCC_VER=4.9.1 PYTHON_VER=2.7.5 PYCRYPTO_VER=2.6.1 ARGPARSE_VER=1.2.1 @@ -56,7 +53,7 @@ GO_VER=1.3.3 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.6.8.42-fx+fn+sm.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-2.6.9.3-sm+fn+fx.xpi HTTPSE_PACKAGE=https-everywhere-${HTTPSE_VER}.xpi TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz @@ -86,7 +83,7 @@ GMP_HASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160 OSXSDK_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=b474156fd6b9957b38054a34c8acb581204f08733cce898ed581c67d425dda33 +NOSCRIPT_HASH=d399d724953fe032ccca758e577c2136b8fd6c377cea0e3f42ed999b796d290a HTTPSE_HASH=6feb4982d13f89656b61435b6b49e1996c61bc79e52d046d02312879376028e3 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c @@ -99,6 +96,7 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=1bb6fde89cfe8b9756a875af55d994cce0994861227b5dc0f268c143d91cd5ff +GCC_HASH=d334781a124ada6f38e63b545e2a3b8c2183049515a1abab6d513f109f1d717e GOCRYPTO_HASH=a8e301714f5724999321f0397b867a5670a5e5c4f808ba157bdd93ee0d028827 GONET_HASH=1812fec55256e1a6fe546111cc658520b80972f38826c94ec11ef24315d32353

1 0

[tor-browser-bundle/master] Merge remote-tracking branch 'gk/bug_12903_squashed_v3'
by mikeperry＠torproject.org 28 Oct '14

28 Oct '14

commit 104bd981bfb47563d3eb8c28069a1d87deea03ed Merge: 875f231 0a916fb Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Oct 28 15:40:50 2014 -0700 Merge remote-tracking branch 'gk/bug_12903_squashed_v3' .../Docs/Licenses/PluggableTransports/LICENSE | 77 +++++++++++++++++--- Bundle-Data/PTConfigs/bridge_prefs.js | 4 + .../PTConfigs/linux/torrc-defaults-appendix | 6 +- Bundle-Data/PTConfigs/mac/torrc-defaults-appendix | 5 +- .../PTConfigs/windows/torrc-defaults-appendix | 5 +- .../linux/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../mac/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../windows/gitian-pluggable-transports.yml | 54 ++++++++++++++ gitian/fetch-inputs.sh | 17 ++++- gitian/gpg/obfs4proxy.gpg | Bin 0 -> 34128 bytes gitian/mkbundle-linux.sh | 3 +- gitian/mkbundle-mac.sh | 3 +- gitian/mkbundle-windows.sh | 3 +- gitian/verify-tags.sh | 5 +- gitian/versions.alpha | 9 +++ gitian/versions.nightly | 9 +++ 16 files changed, 291 insertions(+), 17 deletions(-)

1 0

[tor-browser-bundle/master] Bug 12903: Integrate obfs4proxy into Tor Browser.
by mikeperry＠torproject.org 28 Oct '14

28 Oct '14

commit 0a916fb562dcc744e4f3ce7b491669bcfd41b64c Merge: 3fd3351 bb6389f Author: Georg Koppen <gk(a)torproject.org> Date: Mon Oct 13 15:27:00 2014 +0000 Bug 12903: Integrate obfs4proxy into Tor Browser. We start shipping obfs4proxy in Tor Browser nightlies and the alpha series. .../Docs/Licenses/PluggableTransports/LICENSE | 77 +++++++++++++++++--- Bundle-Data/PTConfigs/bridge_prefs.js | 4 + .../PTConfigs/linux/torrc-defaults-appendix | 6 +- Bundle-Data/PTConfigs/mac/torrc-defaults-appendix | 5 +- .../PTConfigs/windows/torrc-defaults-appendix | 5 +- .../linux/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../mac/gitian-pluggable-transports.yml | 54 ++++++++++++++ .../windows/gitian-pluggable-transports.yml | 54 ++++++++++++++ gitian/fetch-inputs.sh | 17 ++++- gitian/gpg/obfs4proxy.gpg | Bin 0 -> 34128 bytes gitian/mkbundle-linux.sh | 3 +- gitian/mkbundle-mac.sh | 3 +- gitian/mkbundle-windows.sh | 3 +- gitian/verify-tags.sh | 5 +- gitian/versions.alpha | 9 +++ gitian/versions.nightly | 9 +++ 16 files changed, 291 insertions(+), 17 deletions(-) diff --cc gitian/versions.nightly index 9dc6f3f,3867629..5bd9d63 --- a/gitian/versions.nightly +++ b/gitian/versions.nightly @@@ -95,7 -100,8 +100,9 @@@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505a SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=1bb6fde89cfe8b9756a875af55d994cce0994861227b5dc0f268c143d91cd5ff +GCC_HASH=d334781a124ada6f38e63b545e2a3b8c2183049515a1abab6d513f109f1d717e + GOCRYPTO_HASH=a8e301714f5724999321f0397b867a5670a5e5c4f808ba157bdd93ee0d028827 + GONET_HASH=1812fec55256e1a6fe546111cc658520b80972f38826c94ec11ef24315d32353 ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/${OPENSSL_PACKAGE}

1 0

[tor-browser-bundle/master] Bump TBB version.
by mikeperry＠torproject.org 25 Oct '14

25 Oct '14

commit 875f231364067b4092cfd000761010b04acc9e52 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Sat Oct 25 15:28:55 2014 -0700 Bump TBB version. --- gitian/versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/versions b/gitian/versions index 30222f7..b6ec79f 100755 --- a/gitian/versions +++ b/gitian/versions @@ -1,4 +1,4 @@ -TORBROWSER_VERSION=4.0 +TORBROWSER_VERSION=4.0.1 BUNDLE_LOCALES="ar de es-ES fa fr it ko nl pl pt-PT ru tr vi zh-CN" BUILD_PT_BUNDLES=1

1 0

[tor-browser-bundle/master] Pick up new #13091 fix.
by mikeperry＠torproject.org 25 Oct '14

25 Oct '14

commit 2fd4c60edcd6946728f62072f20f88a4eaf9ad50 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Sat Oct 25 01:07:28 2014 -0700 Pick up new #13091 fix. --- Bundle-Data/Docs/ChangeLog.txt | 1 + gitian/versions | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index fe53b58..b99e049 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -6,6 +6,7 @@ Tor Browser 4.0.1 -- Oct 30 2014 * Bug 13460: Fix MSVC compilation issue * Windows * Bug 13443: Disable DirectShow to prevent crashes on many sites + * Bug 13091: Make app name "Tor Browser" instead of "Tor" Tor Browser 4.0 -- Oct 15 2014 * All Platforms diff --git a/gitian/versions b/gitian/versions index 8d8c4c9..30222f7 100755 --- a/gitian/versions +++ b/gitian/versions @@ -8,7 +8,7 @@ FIREFOX_VERSION=31.2.0esr TORBROWSER_UPDATE_CHANNEL=release -TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1-build2 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-4.x-1-build3 TOR_TAG=tor-0.2.5.10 TORLAUNCHER_TAG=0.2.7.0.1 TORBUTTON_TAG=1.7.0.1

1 0

[tor-browser/tor-browser-31.2.0esr-4.x-1] fixup! Bug 13091: include spaces in Win resources.
by mikeperry＠torproject.org 25 Oct '14

25 Oct '14

commit 26735f870de9ec7cb7b9e6aa5bbf4fd9f92ea4fd Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 24 14:07:03 2014 -0400 fixup! Bug 13091: include spaces in Win resources. Our app display name, "Tor Browser", was truncated to "Tor" within Windows resources (FileDescription, InternalName, and ProductName fields). Fixed by adding quotes around parameters passed to the version_win.pl program. --- config/version.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/version.mk b/config/version.mk index 414a1eb..219ac60 100644 --- a/config/version.mk +++ b/config/version.mk @@ -15,7 +15,7 @@ ifeq ($(MOZ_WIDGET_TOOLKIT),windows) ifndef RESFILE RCFILE=./module.rc RESFILE=./module.res -_RC_STRING = -QUIET 1 -DEPTH $(DEPTH) -TOPSRCDIR $(topsrcdir) -OBJDIR . -SRCDIR $(srcdir) -DISPNAME $(MOZ_APP_DISPLAYNAME) -APPVERSION $(MOZ_APP_VERSION) +_RC_STRING = -QUIET 1 -DEPTH $(DEPTH) -TOPSRCDIR $(topsrcdir) -OBJDIR . -SRCDIR $(srcdir) -DISPNAME "$(MOZ_APP_DISPLAYNAME)" -APPVERSION "$(MOZ_APP_VERSION)" ifdef MOZILLA_OFFICIAL _RC_STRING += -OFFICIAL 1 endif

1 0