September 2011 - tor-commits - lists.torproject.org

[torbutton/master] Update changelog + bump versions to 1.4.3.
by mikeperry＠torproject.org 09 Sep '11

09 Sep '11

commit e0b34f4786928829dfd8d2463b7b05aab313601d Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri Sep 9 15:40:13 2011 -0700 Update changelog + bump versions to 1.4.3. --- README.RELEASE | 2 +- src/CHANGELOG | 7 +++++++ src/install.rdf | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/README.RELEASE b/README.RELEASE index 0d68a55..3dfaaec 100644 --- a/README.RELEASE +++ b/README.RELEASE @@ -5,7 +5,7 @@ #. Decide the version number. - export VERSION="1.4.2" + export VERSION="1.4.3" vim ./src/install.rdf # edit <em:version> tag to reflect version #. Test upgrades of candidate XPI in latest Firefox and TBB product matrix diff --git a/src/CHANGELOG b/src/CHANGELOG index 51bef80..1c760bf 100644 --- a/src/CHANGELOG +++ b/src/CHANGELOG @@ -1,3 +1,10 @@ +1.4.3 + 9 Sep 2011 + * bug 3933: Don't touch app.update.auto in TBB + * bug 3960: Don't disable zoom.siteSpecific on TBB + * bug 3928: Fix auto-scroll on twitter + * bug 3649: Make permissions and disk errors human-readable + 1.4.2 3 Sep 2011 * bug 3879: Fix broken framed sites (yopmail, gmane, gmaps, etc) diff --git a/src/install.rdf b/src/install.rdf index af40be4..d6fadd6 100644 --- a/src/install.rdf +++ b/src/install.rdf @@ -6,7 +6,7 @@ <em:name>Torbutton</em:name> <em:creator>Mike Perry & Kory Kirk</em:creator> <em:id>{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}</em:id> - <em:version>1.4.2</em:version> + <em:version>1.4.3</em:version> <em:homepageURL>https://www.torproject.org/torbutton/</em:homepageURL> <em:optionsURL>chrome://torbutton/content/preferences.xul</em:optionsURL> <em:iconURL>chrome://torbutton/skin/tor.png</em:iconURL>

1 0

[torbutton/master] Bug #3649: Make permissions and disk errors human-readable.
by mikeperry＠torproject.org 09 Sep '11

09 Sep '11

commit f0f34bfdff94a64adc348a1b546e985be489107c Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri Sep 9 15:04:31 2011 -0700 Bug #3649: Make permissions and disk errors human-readable. Never write "this should never happen" in a comment. Doing so is apparently a an ancient voodoo curse that ensures that it does. --- src/chrome/content/torbutton.js | 41 ++++++++++++++++++++++++---- src/chrome/locale/en/torbutton.properties | 3 ++ 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index 3998770..2e52830 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -402,10 +402,24 @@ function torbutton_set_status() { try { torbutton_update_status(true, false); } catch(e) { - // This should never happen.. - // FIXME: Do we need to translate it? I'm guessing not. - window.alert("Torbutton: Please file bug report! Error applying Tor settings: "+e); torbutton_log(5,'Error applying tor settings: '+e); + var wm = Cc["@mozilla.org/appshell/window-mediator;1"] + .getService(Components.interfaces.nsIWindowMediator); + var chrome = wm.getMostRecentWindow("navigator:browser"); + var o_stringbundle = torbutton_get_stringbundle(); + var warning1 = o_stringbundle.GetStringFromName("torbutton.popup.pref_error"); + + if (e.result == 0x80520015 || e.result == 0x80520013) { // NS_ERROR_FILE_ACCESS_DENIED/NS_ERROR_FILE_READ_ONLY + var warning2 = o_stringbundle.GetStringFromName("torbutton.popup.permission_denied"); + chrome.alert(warning1+"\n\n"+warning2); + } else if (e.result == 0x80520010) { // NS_ERROR_FILE_NO_DEVICE_SPACE + var o_stringbundle = torbutton_get_stringbundle(); + var warning2 = o_stringbundle.GetStringFromName("torbutton.popup.device_full"); + chrome.alert(warning1+"\n\n"+warning2); + } else { + // This should never happen.. + chrome.alert(warning1+"\n\n"+e); + } // Setting these prefs should avoid ininite recursion // because torbutton_update_status should return immediately // on the next call. @@ -419,10 +433,25 @@ function torbutton_set_status() { try { torbutton_update_status(false, false); } catch(e) { - // This should never happen.. - // FIXME: Do we need to translate it? I'm guessing not. - window.alert("Torbutton: Please file bug report! Error applying Non-Tor settings: "+e); torbutton_log(5,'Error applying nontor settings: '+e); + + var wm = Cc["@mozilla.org/appshell/window-mediator;1"] + .getService(Components.interfaces.nsIWindowMediator); + var chrome = wm.getMostRecentWindow("navigator:browser"); + var o_stringbundle = torbutton_get_stringbundle(); + var warning1 = o_stringbundle.GetStringFromName("torbutton.popup.pref_error"); + + if (e.result == 0x80520015 || e.result == 0x80520013) { // NS_ERROR_FILE_ACCESS_DENIED/NS_ERROR_FILE_READ_ONLY + var warning2 = o_stringbundle.GetStringFromName("torbutton.popup.permission_denied"); + chrome.alert(warning1+"\n\n"+warning2); + } else if (e.result == 0x80520010) { // NS_ERROR_FILE_NO_DEVICE_SPACE + var o_stringbundle = torbutton_get_stringbundle(); + var warning2 = o_stringbundle.GetStringFromName("torbutton.popup.device_full"); + chrome.alert(warning1+"\n\n"+warning2); + } else { + // This should never happen.. + chrome.alert(warning1+"\n\n"+e); + } // Setting these prefs should avoid infinite recursion // because torbutton_update_status should return immediately // on the next call. diff --git a/src/chrome/locale/en/torbutton.properties b/src/chrome/locale/en/torbutton.properties index c1aa1b6..773e8db 100644 --- a/src/chrome/locale/en/torbutton.properties +++ b/src/chrome/locale/en/torbutton.properties @@ -37,3 +37,6 @@ torbutton.popup.no_redirect = Don't Redirect torbutton.popup.prompted_language = To give you more privacy, Torbutton can request the English language version of web pages. This may cause web pages that you prefer to read in your native language to display in English instead.\n\nWould you like to request English language web pages for better privacy? torbutton.popup.no_newnym = Torbutton cannot safely give you a new identity. It does not have access to the Tor Control Port.\n\nAre you running Tor Browser Bundle? torbutton.popup.use_tbb = It appears that you are using Torbutton with Firefox, which is no longer a recommended safe configuration.\n\nInstead, we recommend that you obtain the latest Tor Browser Bundle by sending email to gettor(a)torproject.org or by downloading it at the following URL: +torbutton.popup.pref_error = Torbutton cannot update preferences in the Tor Browser profile directory. +torbutton.popup.permission_denied = Please either reset the permissions of the Tor Browser directory or copy it to a new location. +torbutton.popup.device_full = The disk appears to be full. Please free up space or move Tor Browser to a new device.

1 0

r25046: {} my presentation for Privacy Coalition/EPIC today. (in projects/presentations: . images)
by Andrew Lewman 09 Sep '11

09 Sep '11

Author: phobos Date: 2011-09-09 19:54:52 +0000 (Fri, 09 Sep 2011) New Revision: 25046 Added: projects/presentations/2011-09-09-Privacy-Coalition.pdf projects/presentations/2011-09-09-Privacy-Colalition.tex projects/presentations/images/2011-09-05-DigiNotar-blog-disclosure-detail.png Log: my presentation for Privacy Coalition/EPIC today. Added: projects/presentations/2011-09-09-Privacy-Coalition.pdf =================================================================== (Binary files differ) Property changes on: projects/presentations/2011-09-09-Privacy-Coalition.pdf ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Added: projects/presentations/2011-09-09-Privacy-Colalition.tex =================================================================== --- projects/presentations/2011-09-09-Privacy-Colalition.tex (rev 0) +++ projects/presentations/2011-09-09-Privacy-Colalition.tex 2011-09-09 19:54:52 UTC (rev 25046) @@ -0,0 +1,141 @@ +\documentclass{beamer} +\mode<presentation> +%\usetheme{Boadilla} +\beamertemplatenavigationsymbolsempty +\title{Privacy Coalition} +\author{Andrew Lewman \\ andrew(a)torproject.org} +\date{09 Sep 2011} +\begin{document} + +\begin{frame} +\maketitle +\begin{center} +\includegraphics[height=3cm]{./images/2009-tor-logo} +\end{center} +\end{frame} + +\begin{frame}[plain] + \begin{centering} + \pgfimage[height=\paperheight]{./images/1984first} + \par + \end{centering} +\end{frame} + +\begin{frame} +\frametitle{George Orwell was an optimist} +\begin{quotation} +\noindent \includegraphics[width=1cm]{./images/opquo}\quad Who controls the past, controls the future: who controls the present controls the past +\end{quotation} +\flushright --- George Orwell, Nineteen Eighty Four, 1949 +\end{frame} + +\begin{frame} +\frametitle{Internet Censorship Is Everywhere} +\includegraphics<1>[scale=0.5]{./images/youdontquestionme-inet-censorship-map-with-key} +\includegraphics<2>[scale=0.5]{./images/cropped-saudi-arabia-filter-message} +\includegraphics<3>[scale=0.5]{./security-part2-anon/jingjing} +\includegraphics<3>[scale=0.5]{./security-part2-anon/chacha} +\includegraphics<4>[scale=0.3]{./images/IPRC_Seized_2010_11} +\end{frame} + +\begin{frame} +\frametitle{Censoring the 'net is all the rage} +\begin{center} +\includegraphics[scale=.7]{./images/2011-06-08-china-net-censorship-piracy-porn-crop} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Censoring the 'net is all the rage} +\begin{quotation} +\noindent \includegraphics[width=1cm]{./images/opquo}\quad more than 700 pornographic and copyright infringing websites have been shut down +\end{quotation} +\end{frame} + +\begin{frame} +\frametitle{Censoring the 'net is all the rage} +\begin{center} +\includegraphics[scale=0.6]{./images/2011-06-23-cnet-us-internet-censorship-voluntary} +\end{center} +\end{frame} +\setbeamercolor{sidebar}{bg=black} +\begin{frame}[plain] + \begin{centering} + \pgfimage[height=\paperheight]{./images/images_pic-large-27489-In_the_future} + \par + \end{centering} +\end{frame} + +\begin{frame} +\frametitle{Internet Surveillance is getting more advanced} +\begin{center} +\includegraphics<1>[scale=0.5]{./images/procera-evolved-dpi} +\includegraphics<2>[scale=0.5]{./images/iran-ssl-dpi-26-seconds-to-death} +\includegraphics<3>[scale=0.6]{./images/2011-infoweek-comodo-hacker} +\includegraphics<4>[scale=0.6]{./images/al-jazeera-egypt-crackdown-US-co-ties} +\includegraphics<5>[scale=0.5]{./images/nsa-room} +\includegraphics<6>[scale=0.6]{./images/2011-09-04-DigiNotar-blog-disclosure} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Internet Surveillance is getting more advanced} +\begin{quotation} +\noindent \includegraphics[width=1cm]{./images/opquo}\quad The most egregious certs issued were for *.*.com and *.*.org while certificates for Windows Update and certificates for other hosts are of limited harm by comparison. The attackers also issued certificates in the names of other certificate authorities such as "VeriSign Root CA" and "Thawte Root CA" as we witnessed with ComodoGate... +\end{quotation} +\flushright --- Tor Project blog, https://blog.torproject.org/blog/diginotar-damage-disclosure +\end{frame} + +\begin{frame}[plain] + \begin{centering} + \pgfimage[height=\paperheight]{./images/paco-primera-pagina-oleo-lienzo-110-x-150-cms-2008-red} + \par + \end{centering} +\end{frame} + +\begin{frame} +\frametitle{The Tor Project, Inc.} +\begin{Large} +501(c)(3) non-profit organization dedicated to the research and development of technologies for online anonymity and privacy +\end{Large} +\begin{center} +\includegraphics[height=5cm]{./images/2009-oval_sticker_new} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Tor hides communication patterns by relaying data through volunteer servers} +\begin{center} +\begin{overlayarea}{9cm}{6cm} +\only<1>{\includegraphics[width=9cm]{./images/tor-network}} +\only<2>{\includegraphics[width=9cm]{./images/tor-safe-selection}} +\only<3>{\includegraphics[width=9cm]{./images/tor-safe-path}} +\only<4>{\includegraphics[width=9cm]{./images/tor-keys1}} +\end{overlayarea} +\flushright +\tiny Diagram: Robert Watson +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Thanks!} +\begin{LARGE} +Visit \url{https://www.torproject.org/} for more information, links, and ideas. +\end{LARGE} +\end{frame} + +\begin{frame} +\frametitle{Copyright \& Sources} +\begin{itemize} +\begin{small} +\item Internet censorship is everywhere, first image: Reporters without Borders, http://www.rsf.org +\item censoring the 'net is all the rage, http://thenextweb.com/asia/2011/06/08/china-increases-internet-control-take… +\item censoring the 'net is all the rage, http://news.cnet.com/8301-31001\_3-20073522-261/exclusive-top-isps-poised-t… +\item Internet surveillance, second image: http://www.informationweek.com/news/security/attacks/229400850 +\item Internet surveillance, third image: Al Jazeera, February 2011 +\item spring is in the air, Paco Pomet, http://pacopomet.wordpress.com/ +\end{small} +\end{itemize} +\end{frame} + +\end{document} Property changes on: projects/presentations/2011-09-09-Privacy-Colalition.tex ___________________________________________________________________ Added: svn:mime-type + text/x-tex Added: projects/presentations/images/2011-09-05-DigiNotar-blog-disclosure-detail.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/2011-09-05-DigiNotar-blog-disclosure-detail.png ___________________________________________________________________ Added: svn:mime-type + image/png

1 0

r25045: {website} woo, let's play spot the easter egg (website/trunk/docs/en)
by Roger Dingledine 09 Sep '11

09 Sep '11

Author: arma Date: 2011-09-09 18:21:32 +0000 (Fri, 09 Sep 2011) New Revision: 25045 Modified: website/trunk/docs/en/signing-keys.wml Log: woo, let's play spot the easter egg Modified: website/trunk/docs/en/signing-keys.wml =================================================================== --- website/trunk/docs/en/signing-keys.wml 2011-09-09 17:07:51 UTC (rev 25044) +++ website/trunk/docs/en/signing-keys.wml 2011-09-09 18:21:32 UTC (rev 25045) @@ -14,20 +14,26 @@ <p>The signing keys we use are:</p> <ul> - <li>Roger's (0x28988BF5) typically signs the source code file.</li> - <li>Nick's (0x165733EA, or its subkey 0x8D29319A).</li> - <li>Andrew's (0x31B0974B) typically signed older packages for windows and mac.</li> - <li>Peter's (0xC82E0039, or its subkey 0xE1DEC577).</li> - <li>Tomás's (0x9A753A6B) signs current Vidalia release tarballs and tags.</li> - <li>Matt's (0x5FA14861) signed older Vidalia release tarballs.</li> - <li>Damian's (0x9ABBEEC6) signs Arm releases</li> - <li>Jacob's (0xE012B42D).</li> - <li>Erinn's (0x63FEE659) and (0xF1F5C9B5) typically signs all windows, mac, and most linux packages.</li> - <li>Mike's (0xDDC6C0AD) signs the Torbutton xpi.</li> - <li>Karsten's (0xF7C11265) signs the metrics archives and tools.</li> - <li>Robert Hogan's (0x22F6856F) signs torsocks release tarballs and tags.</li> - <li>Nathan's (0xB374CBD2) signs the Android APK file for Orbot.</li> - <li>Tor Project Archive (0x886DDD89) signs the deb.torproject.org repositories and archives</li> + <li>Roger Dingledine (0x28988BF5 and 0x19F78451) or Nick Mathewson + (0x165733EA, or its subkey 0x8D29319A) sign the Tor source code + tarballs.</li> + <li>Erinn Clark (0x63FEE659) signs the Tor Browser Bundles, Vidalia + bundles, and many other packages. She signs RPMs with her other key + (0xF1F5C9B5). Andrew Lewman (0x31B0974B) used to sign packages for + Windows and OS X.</li> + <li>Tor Project Archive (0x886DDD89) signs the deb.torproject.org + repositories and archives.</li> + <li>Nathan Freitas (0xB374CBD2) signs the Android APK file for + Orbot.</li> + <li>Tomás Touceda (0x9A753A6B) signs current Vidalia tarballs. Matt + Edman (0x5FA14861) signed older Vidalia tarballs.</li> + <li>Damian Johnson (0x9ABBEEC6) signs Arm releases.</li> + <li>Mike Perry (0xDDC6C0AD) signs the Torbutton xpi.</li> + <li>Karsten Loesing (0xF7C11265) signs the metrics archives and + tools.</li> + <li>Robert Hogan (0x22F6856F) signs torsocks release tarballs.</li> + <li>Other developers include Peter Palfrader (0xC82E0039, or its + subkey 0xE1DEC577) and Jacob Appelbaum (0xE012B42D).</li> </ul> The fingerprints for the keys should be: @@ -37,12 +43,34 @@ Key fingerprint = B117 2656 DFF9 83C3 042B C699 EB5A 896A 2898 8BF5 uid Roger Dingledine <arma(a)mit.edu> + pub 4096R/19F78451 2010-05-07 + Key fingerprint = F65C E37F 04BA 5B36 0AE6 EE17 C218 5258 19F7 8451 + uid Roger Dingledine <arma(a)mit.edu> + uid Roger Dingledine <arma(a)freehaven.net> + uid Roger Dingledine <arma(a)torproject.org> + sub 4096R/BA694D6A 2011-04-26 [expires: 2012-05-08] + pub 3072R/165733EA 2004-07-03 Key fingerprint = B35B F85B F194 89D0 4E28 C33C 2119 4EBB 1657 33EA uid Nick Mathewson <nickm(a)alum.mit.edu> uid Nick Mathewson <nickm(a)wangafu.net> uid Nick Mathewson <nickm(a)freehaven.net> + uid [jpeg image of size 3369] + sub 3072R/8D29319A 2004-07-03 + sub 3072R/F25B8E5E 2004-07-03 + pub 2048R/63FEE659 2003-10-16 + Key fingerprint = 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 + uid Erinn Clark <erinn(a)torproject.org> + uid Erinn Clark <erinn(a)debian.org> + uid Erinn Clark <erinn(a)double-helix.org> + sub 2048R/EB399FD7 2003-10-16 + + pub 1024D/F1F5C9B5 2010-02-03 + Key fingerprint = C2E3 4CFC 13C6 2BD9 2C75 79B5 6B8A AEB1 F1F5 C9B5 + uid Erinn Clark <erinn(a)torproject.org> + sub 1024g/7828F26A 2010-02-03 + pub 1024D/31B0974B 2003-07-17 Key fingerprint = 0295 9AA7 190A B9E9 027E 0736 3B9D 093F 31B0 974B uid Andrew Lewman (phobos) <phobos(a)rootme.org> @@ -50,12 +78,17 @@ uid Andrew Lewman <andrew(a)torproject.org> sub 4096g/B77F95F7 2003-07-17 - pub 4096R/C82E0039 2003-03-24 - Key fingerprint = 25FC 1614 B8F8 7B52 FF2F 99B9 62AF 4031 C82E 0039 - uid Peter Palfrader - uid Peter Palfrader <peter(a)palfrader.org> - uid Peter Palfrader <weasel(a)debian.org> + pub 2048R/886DDD89 2009-09-04 [expires: 2014-09-03] + Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89 + uid deb.torproject.org archive signing key + sub 2048R/219EC810 2009-09-04 [expires: 2012-09-03] + pub 3072D/B374CBD2 2010-06-09 [expires: 2012-06-09] + Key fingerprint = B92B CA64 72F7 C6F0 8D47 8503 D2AC D203 B374 CBD2 + uid Nathan of Guardian <nathan(a)guardianproject.info> + uid [jpeg image of size 6978] + sub 4096g/B5878C3B 2010-06-09 [expires: 2012-06-09] + pub 1024D/9A753A6B 2009-09-11 Key fingerprint = 553D 7C2C 626E F16F 27F3 30BC 95E3 881D 9A75 3A6B uid Tomás Touceda <chiiph(a)gmail.com> @@ -75,24 +108,6 @@ sub 2048g/146276B2 2009-06-17 sub 2048R/87F30690 2010-08-07 - pub 4096R/E012B42D 2010-05-07 - Key fingerprint = D8C9 AF51 CAA9 CAEA D3D8 9C9E A34F A745 E012 B42D - uid Jacob Appelbaum <jacob(a)appelbaum.net> - uid Jacob Appelbaum <jacob(a)torproject.org> - sub 4096R/7CA91A52 2010-05-07 [expires: 2011-05-07] - - pub 2048R/63FEE659 2003-10-16 - Key fingerprint = 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 - uid Erinn Clark <erinn(a)torproject.org> - uid Erinn Clark <erinn(a)debian.org> - uid Erinn Clark <erinn(a)double-helix.org> - sub 2048R/EB399FD7 2003-10-16 - - pub 1024D/F1F5C9B5 2010-02-03 - Key fingerprint = C2E3 4CFC 13C6 2BD9 2C75 79B5 6B8A AEB1 F1F5 C9B5 - uid Erinn Clark <erinn(a)torproject.org> - sub 1024g/7828F26A 2010-02-03 - pub 1024D/DDC6C0AD 2006-07-26 Key fingerprint = BECD 90ED D1EE 8736 7980 ECF8 1B0C A30C DDC6 C0AD uid Mike Perry <mikeperry(a)fscked.org> @@ -109,15 +124,16 @@ uid Robert Hogan <robert(a)roberthogan.net> sub 1024g/FC4A9460 2006-08-19 - pub 3072D/B374CBD2 2010-06-09 [expires: 2011-06-09] - Key fingerprint = B92B CA64 72F7 C6F0 8D47 8503 D2AC D203 B374 CBD2 - uid Nathan of Guardian <nathan(a)guardianproject.info> - sub 4096g/B5878C3B 2010-06-09 [expires: 2011-06-09] + pub 4096R/C82E0039 2003-03-24 + Key fingerprint = 25FC 1614 B8F8 7B52 FF2F 99B9 62AF 4031 C82E 0039 + uid Peter Palfrader + uid Peter Palfrader <peter(a)palfrader.org> + uid Peter Palfrader <weasel(a)debian.org> - pub 2048R/886DDD89 2009-09-04 [expires: 2014-09-03] - Key fingerprint = A3C4 F0F9 79CA A22C DBA8 F512 EE8C BC9E 886D DD89 - uid deb.torproject.org archive signing key - sub 2048R/219EC810 2009-09-04 [expires: 2012-09-03] + pub 4096R/42DDE84F 2011-04-19 [expires: 2012-04-18] + uid Jacob Appelbaum <jacob(a)torproject.org> + uid Jacob Appelbaum <jacob(a)appelbaum.net> + sub 4096R/437C9647 2011-04-19 [expires: 2012-04-18] </pre> </div>

1 0

[tor/release-0.2.2] typos on line 1 of your changelog make you look dumb
by arma＠torproject.org 09 Sep '11

09 Sep '11

commit bcd99a200503d34b6b995c70b6b8a613bdc565fd Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Sep 9 13:51:43 2011 -0400 typos on line 1 of your changelog make you look dumb --- ChangeLog | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/ChangeLog b/ChangeLog index cb3d333..ddc3b5c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ Changes in version 0.2.2.33 - 2011-09-?? - o Major bugfies: + o Major bugfixes: - Avoid an assertion failure when reloading a configuration with TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug 3923; bugfix on 0.2.2.25-alpha.

1 0

[tor/master] start an 0.2.3.4-alpha changelog
by arma＠torproject.org 09 Sep '11

09 Sep '11

commit ae2856b6f6c3f270f5713a622822106df6be318c Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Sep 9 13:51:15 2011 -0400 start an 0.2.3.4-alpha changelog --- ChangeLog | 64 ++++++++++++++++++++++++++++++++++++++++++++++ changes/bug2649a | 5 --- changes/bug2649b | 5 --- changes/bug3327 | 14 ---------- changes/bug3421 | 6 ---- changes/bug3428b | 9 ------ changes/bug3851 | 4 --- changes/bug3894 | 4 --- changes/bug3909 | 3 -- changes/bug3923 | 5 --- changes/replay-firstpart | 13 --------- changes/split_entry_conn | 5 --- 12 files changed, 64 insertions(+), 73 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1e0f850..75db367 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,67 @@ +Changes in version 0.2.3.4-alpha - 2011-09-?? + o Major bugfixes: + - Avoid an assertion failure when reloading a configuration with + TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug + 3923; bugfix on 0.2.2.25-alpha. + + o Major features: + - Relays now try regenerating and uploading their descriptor more + frequently if they are not listed in the consensus, or if the + version of their descriptor listed in the consensus is too + old. This fix should prevent situations where a server declines + to re-publish itself because it has done so too recently, even + though the authorities decided not to list its recent-enough + descriptor. Fix for bug 3327. + + o Minor features (security): + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We think + that these attacks is infeasible (requiring the attacker to send + on the order of zettabytes of altered cells in a short interval), + but we'd rather block them off in case there are any classes of + this attack that we missed. Reported by Willem Pinckaers. + + o Minor features: + - Add a VoteOnHidServDirectoriesV2 configuration option to allow + directory authorities to abstain from voting on assignment of + the HSDir consensus flag. Related to bug 2649. + - Relays now include a reason for regenerating their descriptors + an HTTP header when uploading to the authorities. This will + make it easier to debug descriptor-upload issues in the future. + - When starting as root and then changing our UID via the User + control option, if we are running with ControlSocket, make sure + that the ControlSocket is owned by the same account that Tor will + run under. Implements ticket 3421; fix by Jérémy Bobbio. + + o Minor bugfixes: + - Change the default required uptime for a relay to be accepted as + a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; + fixes bug 2649. + - Abort if tor_vasprintf fails in connection_printf_to_buf (a + utility function used in the control-port code). This shouldn't + ever happen unless Tor is completely out of memory, but if it + did happen and Tor somehow recovered from it, Tor could have + sent a log message to a control port in the middle of a reply to + a controller command. Fixes part of bug 3428. + - Make 'FetchUselessDescriptors' cause all descriptor types and + all consensus types to get fetched. Fixes bug 3851; bugfix on + 0.2.3.1-alpha. + + o Build fixes: + - Clean up some code issues that prevented Tor from building on older + BSDs. Fixes bug 3894; reported by "grarpamp". + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Found by Marco Bonetti. + + o Code refactoring: + - Make a new "entry connection" struct as an internal subtype of "edge + connection", to simplify the code and make exit connections smaller. + + Changes in version 0.2.3.3-alpha - 2011-09-01 Tor 0.2.3.3-alpha adds a new "stream isolation" feature to improve Tor's security, and provides client-side support for the microdescriptor diff --git a/changes/bug2649a b/changes/bug2649a deleted file mode 100644 index 4ee31eb..0000000 --- a/changes/bug2649a +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Add a VoteOnHidServDirectoriesV2 configuration option to allow - directory authorities to abstain from voting on assignment of - the HSDir consensus flag. Related to bug 2649. - diff --git a/changes/bug2649b b/changes/bug2649b deleted file mode 100644 index 1ff14e5..0000000 --- a/changes/bug2649b +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Change the default required uptime for a relay to be accepted as - a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; - fixes bug 2649. - diff --git a/changes/bug3327 b/changes/bug3327 deleted file mode 100644 index 454eb31..0000000 --- a/changes/bug3327 +++ /dev/null @@ -1,14 +0,0 @@ - o Major features: - - Relays now try regenerating and uploading their descriptor more - frequently if they are not listed in the consensus, or if the - version of their descriptor listed in the consensus is too - old. This fix should prevent situations where a server declines - to re-publish itself because it has done so too recently, even - though the authorities decided not to list its recent-enough - descriptor. Fix for bug 3327. - - o Minor features: - - Relays now include a reason for regenerating their descriptors - an HTTP header when uploading to the authorities. This will - make it easier to debug descriptor-upload issues in the future. - diff --git a/changes/bug3421 b/changes/bug3421 deleted file mode 100644 index 8a40729..0000000 --- a/changes/bug3421 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - When starting as root and then changing our UID via the User - control option, if we are running with ControlSocket, make sure - that the ControlSocket is owned by the same account that Tor will - run under. Implements ticket 3421; fix by Jérémy Bobbio. - diff --git a/changes/bug3428b b/changes/bug3428b deleted file mode 100644 index 2cdd688..0000000 --- a/changes/bug3428b +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Abort if tor_vasprintf fails in connection_printf_to_buf (a - utility function used in the control-port code). This shouldn't - ever happen unless Tor is completely out of memory, but if it - had happened and Tor somehow recovered from it, Tor could have - sent a log message to a control port in the middle of a reply to - a controller command. Fixes part of bug 3428. - - diff --git a/changes/bug3851 b/changes/bug3851 deleted file mode 100644 index 91572f0..0000000 --- a/changes/bug3851 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Make 'FetchUselessDescriptors' cause all descriptor types and - all consensus types get fetched. Fixes bug 3851; bugfix on - 0.2.3.1-alpha. diff --git a/changes/bug3894 b/changes/bug3894 deleted file mode 100644 index 4c2220a..0000000 --- a/changes/bug3894 +++ /dev/null @@ -1,4 +0,0 @@ - o Build fixes: - - Clean up some code issues that prevented Tor from building on older - BSDs. Fixes bug 3894; reported by grarpamp. - diff --git a/changes/bug3909 b/changes/bug3909 deleted file mode 100644 index 0b4b292..0000000 --- a/changes/bug3909 +++ /dev/null @@ -1,3 +0,0 @@ - o Build fixes: - - Search for a platform-specific version of "ar" when cross-compiling. - Should fix builds on iOS. Found by Marco Bonetti. diff --git a/changes/bug3923 b/changes/bug3923 deleted file mode 100644 index 9c0e138..0000000 --- a/changes/bug3923 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfies: - - Avoid an assertion failure when reloading a configuration with - TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes - bug 3923; bugfix on 0.2.2.25-alpha. - diff --git a/changes/replay-firstpart b/changes/replay-firstpart deleted file mode 100644 index f4a7767..0000000 --- a/changes/replay-firstpart +++ /dev/null @@ -1,13 +0,0 @@ - o Minor features (security): - - - Check for replays of the public-key encrypted portion of an - INTRODUCE1 cell, in addition to the current check for replays of - the g^x value. This prevents a possible class of active attacks - by an attacker who controls both an introduction point and a - rendezvous point, and who uses the malleability of AES-CTR to - alter the encrypted g^x portion of the INTRODUCE1 cell. We - think that these attacks is infeasible (requiring the attacker - to send on the order of zettabytes of altered cells in a short - interval), but we'd rather block them off in case there are any - classes of this attack that we missed. Reported by dvorak. - diff --git a/changes/split_entry_conn b/changes/split_entry_conn deleted file mode 100644 index c0a2eb6..0000000 --- a/changes/split_entry_conn +++ /dev/null @@ -1,5 +0,0 @@ - o Code refactoring: - - Make "entry connection" in to a new internal subtype of "edge - connection", to simplify the code and make exit connections - smaller. -

1 0

[tor/release-0.2.2] fold in latest changes files
by arma＠torproject.org 09 Sep '11

09 Sep '11

commit d063a809a0996ad3e9b53674fa66c6701177fbcf Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Sep 9 13:43:40 2011 -0400 fold in latest changes files --- ChangeLog | 24 ++++++++++++++++++++++++ changes/bug2649a | 5 ----- changes/bug2649b | 5 ----- changes/bug3894 | 4 ---- changes/bug3909 | 3 --- changes/replay-firstpart | 13 ------------- 6 files changed, 24 insertions(+), 30 deletions(-) diff --git a/ChangeLog b/ChangeLog index 58c17a8..cb3d333 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,16 +4,40 @@ Changes in version 0.2.2.33 - 2011-09-?? TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug 3923; bugfix on 0.2.2.25-alpha. + o Minor features (security): + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We think + that these attacks is infeasible (requiring the attacker to send + on the order of zettabytes of altered cells in a short interval), + but we'd rather block them off in case there are any classes of + this attack that we missed. Reported by Willem Pinckaers. + + o Minor features: + - Add a VoteOnHidServDirectoriesV2 configuration option to allow + directory authorities to abstain from voting on assignment of + the HSDir consensus flag. Related to bug 2649. + o Minor bugfixes: - Correct the man page to explain that HashedControlPassword and CookieAuthentication can both be set, in which case either method is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, when we decided to allow these config options to both be set. Issue raised by bug 3898. + - Change the default required uptime for a relay to be accepted as + a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; + fixes bug 2649. o Build fixes: - Provide a substitute implementation of lround() for MSVC, which apparently lacks it. Patch from Gisle Vanem. + - Clean up some code issues that prevented Tor from building on older + BSDs. Fixes bug 3894; reported by "grarpamp". + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Found by Marco Bonetti. Changes in version 0.2.2.32 - 2011-08-27 diff --git a/changes/bug2649a b/changes/bug2649a deleted file mode 100644 index 4ee31eb..0000000 --- a/changes/bug2649a +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Add a VoteOnHidServDirectoriesV2 configuration option to allow - directory authorities to abstain from voting on assignment of - the HSDir consensus flag. Related to bug 2649. - diff --git a/changes/bug2649b b/changes/bug2649b deleted file mode 100644 index 1ff14e5..0000000 --- a/changes/bug2649b +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Change the default required uptime for a relay to be accepted as - a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; - fixes bug 2649. - diff --git a/changes/bug3894 b/changes/bug3894 deleted file mode 100644 index 4c2220a..0000000 --- a/changes/bug3894 +++ /dev/null @@ -1,4 +0,0 @@ - o Build fixes: - - Clean up some code issues that prevented Tor from building on older - BSDs. Fixes bug 3894; reported by grarpamp. - diff --git a/changes/bug3909 b/changes/bug3909 deleted file mode 100644 index 0b4b292..0000000 --- a/changes/bug3909 +++ /dev/null @@ -1,3 +0,0 @@ - o Build fixes: - - Search for a platform-specific version of "ar" when cross-compiling. - Should fix builds on iOS. Found by Marco Bonetti. diff --git a/changes/replay-firstpart b/changes/replay-firstpart deleted file mode 100644 index f4a7767..0000000 --- a/changes/replay-firstpart +++ /dev/null @@ -1,13 +0,0 @@ - o Minor features (security): - - - Check for replays of the public-key encrypted portion of an - INTRODUCE1 cell, in addition to the current check for replays of - the g^x value. This prevents a possible class of active attacks - by an attacker who controls both an introduction point and a - rendezvous point, and who uses the malleability of AES-CTR to - alter the encrypted g^x portion of the INTRODUCE1 cell. We - think that these attacks is infeasible (requiring the attacker - to send on the order of zettabytes of altered cells in a short - interval), but we'd rather block them off in case there are any - classes of this attack that we missed. Reported by dvorak. -

1 0

[torbutton/master] Bug #3928: FIX TEH TWITTERNETZ!11
by mikeperry＠torproject.org 09 Sep '11

09 Sep '11

commit 3ef322d0a4c618b1613541890ed33011103732b4 Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Fri Sep 9 10:34:38 2011 -0700 Bug #3928: FIX TEH TWITTERNETZ!11 The auto-scroll was broken because we were overzealously killing a scrollbar offset, thinking it was a window offset. #sorryboutit. --- src/chrome/content/jshooks4.js | 6 ------ 1 files changed, 0 insertions(+), 6 deletions(-) diff --git a/src/chrome/content/jshooks4.js b/src/chrome/content/jshooks4.js index 60a4e1c..f5573ac 100644 --- a/src/chrome/content/jshooks4.js +++ b/src/chrome/content/jshooks4.js @@ -28,12 +28,6 @@ window.__HookObjects = function() { Object.defineProperty(window.__proto__, "screenY", {get: function() { return 0;}, configurable: false}); - Object.defineProperty(window.__proto__, "pageXOffset", - {get: function() { return 0;}, - configurable: false}); - Object.defineProperty(window.__proto__, "pageYOffset", - {get: function() { return 0;}, - configurable: false}); // We can't define individual getters/setters for window.screen // for some reason. works in html but not in these hooks.. No idea why

1 0

[tor/release-0.2.2] Merge branch 'maint-0.2.2' into release-0.2.2
by arma＠torproject.org 09 Sep '11

09 Sep '11

1 0

[tor/release-0.2.2] Merge remote-tracking branch 'public/enhance_replay_detection' into maint-0.2.2
by arma＠torproject.org 09 Sep '11

09 Sep '11

commit 4467799f45346a59c37de9337b24ace361cb8b6a Merge: dfa6cde cb9226b Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Sep 9 12:53:45 2011 -0400 Merge remote-tracking branch 'public/enhance_replay_detection' into maint-0.2.2 changes/replay-firstpart | 13 +++++++++++++ src/or/rendservice.c | 26 +++++++++++++++++++++++--- 2 files changed, 36 insertions(+), 3 deletions(-)

1 0