November 2012 - tor-commits - lists.torproject.org

r25864: {website} you're cooler when you're not trying to be cool (website/trunk/projects/en)
by Roger Dingledine 06 Nov '12

06 Nov '12

Author: arma Date: 2012-11-06 22:39:45 +0000 (Tue, 06 Nov 2012) New Revision: 25864 Modified: website/trunk/projects/en/obfsproxy.wml Log: you're cooler when you're not trying to be cool Modified: website/trunk/projects/en/obfsproxy.wml =================================================================== --- website/trunk/projects/en/obfsproxy.wml 2012-11-06 22:39:22 UTC (rev 25863) +++ website/trunk/projects/en/obfsproxy.wml 2012-11-06 22:39:45 UTC (rev 25864) @@ -51,8 +51,8 @@ like to see added in future releases. </p> - <a id="moarbridges"></a> - <h2><a class="anchor" href="#moarbridges">Looking for obfsproxy bridges?</a></h2> + <a id="morebridges"></a> + <h2><a class="anchor" href="#morebridges">Looking for obfsproxy bridges?</a></h2> <p> <a href="https://bridges.torproject.org/?transport=obfs2">You can use BridgeDB to get obfsproxy bridges.</a> </p>

1 0

r25863: {website} Add instructions for setting up obfsbridges on Debianoids. (in website/trunk: . projects/en)
by George Kadianakis 06 Nov '12

06 Nov '12

Author: asn Date: 2012-11-06 22:39:22 +0000 (Tue, 06 Nov 2012) New Revision: 25863 Added: website/trunk/projects/en/obfsproxy-debian-instructions.wml Modified: website/trunk/.gitignore website/trunk/projects/en/obfsproxy-instructions.wml Log: Add instructions for setting up obfsbridges on Debianoids. Modified: website/trunk/.gitignore =================================================================== --- website/trunk/.gitignore 2012-11-06 22:36:54 UTC (rev 25862) +++ website/trunk/.gitignore 2012-11-06 22:39:22 UTC (rev 25863) @@ -67,6 +67,7 @@ press/press.html.en projects/arm.html.en projects/gettor.html.en +projects/obfsproxy-debian-instructions.html.en projects/obfsproxy-instructions.html.en projects/obfsproxy.html.en projects/projects.html.en Added: website/trunk/projects/en/obfsproxy-debian-instructions.wml =================================================================== --- website/trunk/projects/en/obfsproxy-debian-instructions.wml (rev 0) +++ website/trunk/projects/en/obfsproxy-debian-instructions.wml 2012-11-06 22:39:22 UTC (rev 25863) @@ -0,0 +1,149 @@ +## translation metadata +# Revision: $Revision$ +# Translation-Priority: 4-optional + +#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8" + +<div id="content" class="clearfix"> + <div id="breadcrumbs"> + <a href="<page index>">Home » </a> + <a href="<page projects/projects>">Projects » </a> + <a href="<page projects/obfsproxy>">obfsproxy</a> + </div> + <div id="maincol"> + +  + + <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1> + + <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a> + + <p> + This guide will help you setup an obfuscated bridge on a Debian/Ubuntu system. + </p> + + <h3>Step 0: Add Tor repositories to APT</h3> + <br> + + <p> + You need + to <a href="https://www.torproject.org/docs/debian#development">install + the experimental official Tor Project APT repositories</a>, + because a fresh version of Tor (0.2.4.x) is required (Older + versions of Tor don't report their bridge addresses to BridgeDB). + </p> + + <h3>Step 1: Install Tor and obfsproxy</h3> + <br> + + <p> + Now install tor and obfsproxy: + </p> + + <pre style="margin: 1.5em 0 1.5em 2em"> +\# apt-get update +\# apt-get install obfsproxy tor + </pre> + + <p> + Note that obfsproxy requires + libevent2 and your distribution (e.g. Debian stable) might not + have it in its repos. You can + <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try + our experimental backport libevent2 debs</a>, + or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build + libevent2 from source</a>. + </p> + + <h3>Step 2: Set up Tor</h3> + <br> + + <p> + You will need an appropriate + Tor <a href="<page docs/faq>#torrc">configuration file</a> + (usually at <i>/etc/tor/torrc</i>): + </p> + + <pre style="margin: 1.5em 0 1.5em 2em"> +SocksPort 0 +ORPort auto +BridgeRelay 1 +Exitpolicy reject *:* + +\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like. +Nickname CHANGEME_1 +\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example. +\#ContactInfo CHANGEME_2 + +ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed + </pre> + + <p> + Don't forget to edit the <i>CHANGEME</i> fields! + </p> + + <h3>Step 3: Launch Tor and verify that it works</h3> + <br> + + <p> + Restart Tor for the the new configuration file to be in effect: + </p> + + <pre style="margin: 1.5em 0 1.5em 2em"> +service tor restart + </pre> + + <p> + Now check <i>/var/log/tor/log</i> and you should see something + like this: + </p> + + <pre style="margin: 1.5em 0 1.5em 2em"> +Nov 05 16:40:45.000 [notice] We now have enough directory information to build circuits. +Nov 05 16:40:45.000 [notice] Bootstrapped 80%: Connecting to the Tor network. +Nov 05 16:40:46.000 [notice] Bootstrapped 85%: Finishing handshake with first hop. +Nov 05 16:40:46.000 [notice] Bootstrapped 90%: Establishing a Tor circuit. +Nov 05 16:40:48.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. +Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done. + </pre> + + <p> + If Tor is earlier in the bootstrapping phase, wait till it gets to + 100%. + </p> + + <p> + Now you need to find the address on which obfsproxy is + listening. To do this, check your Tor logs for a line similar to + this one: + + <pre style="margin: 1.5em 0 1.5em 2em"> +Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821 + </pre> + + <p> + The last number, in this case <i>26821</i>, is the TCP port number + that your clients should point their obfsproxy to. So for example, + if your public IP is 1.2.3.4, your clients should put <i>Bridge + obfs2 1.2.3.4:26821</i> in their configuration file. + </pre> + </p> + + <p> + <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg"> + <b>Don't forget!</b> If you are behind a NAT, you should <b>port + forward</b> the port that obfsproxy is listening on. In the + example above you would have to forward port <i>26821</i>. + </p> + + </div> +  + <div id = "sidecol"> +#include "side.wmi" +#include "info.wmi" + </div> +  +</div> + +#include <foot.wmi> + Modified: website/trunk/projects/en/obfsproxy-instructions.wml =================================================================== --- website/trunk/projects/en/obfsproxy-instructions.wml 2012-11-06 22:36:54 UTC (rev 25862) +++ website/trunk/projects/en/obfsproxy-instructions.wml 2012-11-06 22:39:22 UTC (rev 25863) @@ -18,6 +18,16 @@ <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="client torrc"></a> + <p> + <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg"> + <b> Hey! </b> + Are you looking for the guide on how to set up an obfuscated + bridge on a Debian system? + <a href="../projects/obfsproxy-debian-instructions.html.en">Check + this out</a>. + </p> + <br><br> + <h3>Step 1: Install dependencies, obfsproxy, and Tor</h3> <br>

1 0

r25862: {website} Add some more pluggable transport content. (in website/trunk: docs/en projects/en)
by George Kadianakis 06 Nov '12

06 Nov '12

Author: asn Date: 2012-11-06 22:36:54 +0000 (Tue, 06 Nov 2012) New Revision: 25862 Modified: website/trunk/docs/en/pluggable-transports.wml website/trunk/projects/en/obfsproxy.wml Log: Add some more pluggable transport content. Modified: website/trunk/docs/en/pluggable-transports.wml =================================================================== --- website/trunk/docs/en/pluggable-transports.wml 2012-11-05 22:38:55 UTC (rev 25861) +++ website/trunk/docs/en/pluggable-transports.wml 2012-11-06 22:36:54 UTC (rev 25862) @@ -77,6 +77,12 @@ Maintained by Brandon Wiley. </li> + <li><b>Format-Transforming Encryption</b> transforms Tor traffic + to arbitrary formats using their language descriptions. See + the <a href="http://eprint.iacr.org/2012/494">research + paper</a>. The scheme is not deployed yet. + </li> + </ul> <hr> Modified: website/trunk/projects/en/obfsproxy.wml =================================================================== --- website/trunk/projects/en/obfsproxy.wml 2012-11-05 22:38:55 UTC (rev 25861) +++ website/trunk/projects/en/obfsproxy.wml 2012-11-06 22:36:54 UTC (rev 25862) @@ -51,6 +51,13 @@ like to see added in future releases. </p> + <a id="moarbridges"></a> + <h2><a class="anchor" href="#moarbridges">Looking for obfsproxy bridges?</a></h2> + <p> + <a href="https://bridges.torproject.org/?transport=obfs2">You can use BridgeDB to get obfsproxy bridges.</a> + </p> + + <a id="download"></a> <h2><a class="anchor" href="#download">Download Obfsproxy Tor Browser Bundle</a></h2>

1 0

[torspec/master] add a discussion section to the end of 213
by arma＠torproject.org 06 Nov '12

06 Nov '12

commit 580ce9f083e5dec1c9b3aa49ef2e76ed30908b39 Author: Roger Dingledine <arma(a)torproject.org> Date: Tue Nov 6 17:30:42 2012 -0500 add a discussion section to the end of 213 --- proposals/213-remove-stream-sendmes.txt | 30 ++++++++++++++++++++++++++++++ 1 files changed, 30 insertions(+), 0 deletions(-) diff --git a/proposals/213-remove-stream-sendmes.txt b/proposals/213-remove-stream-sendmes.txt index d8d517d..f413876 100644 --- a/proposals/213-remove-stream-sendmes.txt +++ b/proposals/213-remove-stream-sendmes.txt @@ -120,3 +120,33 @@ Status: Open And since it's not super-urgent, I suggest we hold off on option two to see if option three makes sense. +5. Discussion + + Based on feedback from Andreas Krey on tor-dev, I believe this proposal + is flawed, and should likely move to Status: Dead. + + Looking at it from the exit relay's perspective (which is where it matters + most, since most use of Tor is sending a little bit and receiving a lot): + when a create cell shows up to establish a circuit, that circuit is + allowed to send back at most 1000 cells. When a begin relay cell shows + up to ask that circuit to open a new stream, that stream is allowed to + send back at most 500 cells. + + Whenever the Tor client has received 100 cells on that circuit, she + immediately sends a circuit-level sendme back towards the exit, to let + it know to increment its "number of cells it's allowed to send on the + circuit" by 100. + + However, a stream-level sendme is only sent when both a) the Tor client + has received 50 cells on a particular stream, *and* b) the application + that initiated the stream is willing to accept more data. + + If we ripped out stream-level sendmes, then as you say, we'd have to + choose between "queue all the data for the stream, no matter how big it + gets" and "tell the whole circuit to shut up". + + I believe you have just poked a hole in the n23 ("defenestrator") design + as well: http://freehaven.net/anonbib/#pets2011-defenestrator + since it lacks any stream-level pushback for streams that are blocking + on writes. Nicely done! +

1 0

[ooni-probe/master] Add docs for modules, kit and lib
by art＠torproject.org 06 Nov '12

06 Nov '12

commit 135bfd2e2414c23ce8e34681a98d1a8b36efc112 Author: Arturo Filastò <arturo(a)filasto.net> Date: Tue Nov 6 22:37:00 2012 +0100 Add docs for modules, kit and lib --- docs/source/api/modules.rst | 7 +++++++ docs/source/api/ooni.kit.rst | 19 +++++++++++++++++++ docs/source/api/ooni.lib.rst | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 62 insertions(+), 0 deletions(-) diff --git a/docs/source/api/modules.rst b/docs/source/api/modules.rst new file mode 100644 index 0000000..a9f85c8 --- /dev/null +++ b/docs/source/api/modules.rst @@ -0,0 +1,7 @@ +ooni +==== + +.. toctree:: + :maxdepth: 4 + + ooni diff --git a/docs/source/api/ooni.kit.rst b/docs/source/api/ooni.kit.rst new file mode 100644 index 0000000..d870355 --- /dev/null +++ b/docs/source/api/ooni.kit.rst @@ -0,0 +1,19 @@ +kit Package +=========== + +:mod:`kit` Package +------------------ + +.. automodule:: ooni.kit + :members: + :undoc-members: + :show-inheritance: + +:mod:`domclass` Module +---------------------- + +.. automodule:: ooni.kit.domclass + :members: + :undoc-members: + :show-inheritance: + diff --git a/docs/source/api/ooni.lib.rst b/docs/source/api/ooni.lib.rst new file mode 100644 index 0000000..2711370 --- /dev/null +++ b/docs/source/api/ooni.lib.rst @@ -0,0 +1,36 @@ +lib Package +=========== + +:mod:`lib` Package +------------------ + +.. automodule:: ooni.lib + :members: + :undoc-members: + :show-inheritance: + +:mod:`rfc3339` Module +--------------------- + +.. automodule:: ooni.lib.rfc3339 + :members: + :undoc-members: + :show-inheritance: + +:mod:`txscapy` Module +--------------------- + +.. automodule:: ooni.lib.txscapy + :members: + :undoc-members: + :show-inheritance: + +:mod:`txtraceroute` Module +-------------------------- + +.. automodule:: ooni.lib.txtraceroute + :members: + :undoc-members: + :show-inheritance: + +

1 0

[ooni-probe/master] Fix up documentation
by art＠torproject.org 06 Nov '12

06 Nov '12

commit 9db45a1e8a31c6fff9a5a732ff307330ecdbcea3 Author: Arturo Filastò <arturo(a)filasto.net> Date: Tue Nov 6 22:31:22 2012 +0100 Fix up documentation * Add proper requirements.txt file --- docs/source/api/ooni.rst | 15 ++++- docs/source/api/ooni.templates.rst | 15 ++++- docs/source/api/ooni.utils.rst | 114 +++++++++++++++++++++++++++++++++-- docs/source/index.rst | 1 + docs/source/writing_tests.rst | 3 +- ooni/lib/txscapy.py | 12 ++-- ooni/nettest.py | 2 +- ooni/templates/httpt.py | 6 ++ requirements.txt | 27 ++++++++- 9 files changed, 171 insertions(+), 24 deletions(-) diff --git a/docs/source/api/ooni.rst b/docs/source/api/ooni.rst index bcdd402..aee4ab6 100644 --- a/docs/source/api/ooni.rst +++ b/docs/source/api/ooni.rst @@ -9,10 +9,10 @@ ooni Package :undoc-members: :show-inheritance: -:mod:`input` Module -------------------- +:mod:`inputunit` Module +----------------------- -.. automodule:: ooni.input +.. automodule:: ooni.inputunit :members: :undoc-members: :show-inheritance: @@ -25,6 +25,14 @@ ooni Package :undoc-members: :show-inheritance: +:mod:`oconfig` Module +--------------------- + +.. automodule:: ooni.oconfig + :members: + :undoc-members: + :show-inheritance: + :mod:`oonicli` Module --------------------- @@ -54,6 +62,7 @@ Subpackages .. toctree:: + ooni.kit ooni.lib ooni.templates ooni.utils diff --git a/docs/source/api/ooni.templates.rst b/docs/source/api/ooni.templates.rst index 662da1d..6951e31 100644 --- a/docs/source/api/ooni.templates.rst +++ b/docs/source/api/ooni.templates.rst @@ -1,11 +1,20 @@ templates Package ================= -:mod:`http` Module ------------------- +:mod:`httpt` Module +------------------- -.. automodule:: ooni.templates.http +.. automodule:: ooni.templates.httpt :members: :undoc-members: :show-inheritance: +:mod:`scapyt` Module +-------------------- + +.. automodule:: ooni.templates.scapyt + :members: + :undoc-members: + :show-inheritance: + + diff --git a/docs/source/api/ooni.utils.rst b/docs/source/api/ooni.utils.rst index 5361b43..4478eaa 100644 --- a/docs/source/api/ooni.utils.rst +++ b/docs/source/api/ooni.utils.rst @@ -3,12 +3,19 @@ utils Package :mod:`utils` Package -------------------- - .. automodule:: ooni.utils :members: :undoc-members: :show-inheritance: +.. + :mod:`assertions` Module + ------------------------ + .. automodule:: ooni.utils.assertions + :members: + :undoc-members: + :show-inheritance: + :mod:`config` Module -------------------- @@ -25,6 +32,30 @@ utils Package :undoc-members: :show-inheritance: +:mod:`geodata` Module +--------------------- + +.. automodule:: ooni.utils.geodata + :members: + :undoc-members: + :show-inheritance: + +:mod:`hacks` Module +------------------- + +.. automodule:: ooni.utils.hacks + :members: + :undoc-members: + :show-inheritance: + +.. + :mod:`legacy` Module + -------------------- + .. automodule:: ooni.utils.legacy + :members: + :undoc-members: + :show-inheritance: + :mod:`log` Module ----------------- @@ -41,11 +72,80 @@ utils Package :undoc-members: :show-inheritance: -:mod:`net` Module ------------------ +.. + :mod:`meta` Module + ------------------ + .. automodule:: ooni.utils.meta + :members: + :undoc-members: + :show-inheritance: -.. automodule:: ooni.utils.net - :members: - :undoc-members: - :show-inheritance: +.. + :mod:`net` Module + ----------------- +.. + .. automodule:: ooni.utils.net + :members: + :undoc-members: + :show-inheritance: + +.. + :mod:`onion` Module + ------------------- + .. automodule:: ooni.utils.onion + :members: + :undoc-members: + :show-inheritance: + +.. + :mod:`otime` Module + ------------------- + .. automodule:: ooni.utils.otime + :members: + :undoc-members: + :show-inheritance: + +.. + XXX this is commented out because it triggers this error + gcooni/utils/onion.py:docstring of + ooni.utils.onion.CustomCircuit.circuit_failed:1: ERROR: Unknown interpreted + text role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.CustomCircuit.circuit_failed:5: ERROR: Unknown interpreted + text role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.CustomCircuit.waiting_on:5: ERROR: Unknown interpreted + text role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_filter_nodes:1: ERROR: Unknown interpreted text + role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_filter_nodes:22: ERROR: Unexpected indentation. + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_filter_nodes_with_timer:1: ERROR: Unknown + interpreted text role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_filter_nodes_with_timer:26: ERROR: Unexpected + indentation. + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_with_timer:1: ERROR: Unknown interpreted text + role "ivar". + gcooni/utils/onion.py:docstring of + ooni.utils.onion.start_tor_with_timer:24: ERROR: Unexpected indentation. + :mod:`process` Module + --------------------- + .. automodule:: ooni.utils.process + :members: + :undoc-members: + :show-inheritance: + +.. + XXX this is commented out because the indentation of the docstrings is + wrong. + :mod:`timer` Module + ------------------- + .. automodule:: ooni.utils.timer + :members: + :undoc-members: + :show-inheritance: diff --git a/docs/source/index.rst b/docs/source/index.rst index e92cc5a..5c96dd1 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -43,6 +43,7 @@ Contents :maxdepth: 2 :glob: + oonib install tutorial writing_tests diff --git a/docs/source/writing_tests.rst b/docs/source/writing_tests.rst index 3d58dab..01ddfb5 100644 --- a/docs/source/writing_tests.rst +++ b/docs/source/writing_tests.rst @@ -12,7 +12,8 @@ Test Cases The atom of OONI Testing is called a Test Case. A test case class may contain multiple Test Functions. -.. autoclass:: ooni.nettest.TestCase +.. autoclass:: ooni.nettest.NetTestCase + :noindex: :class:`ooni.nettest.TestCase` is a subclass of :class:`unittest.TestCase` so the assert methods that apply to :class:`unittest.TestCase` will also apply to diff --git a/ooni/lib/txscapy.py b/ooni/lib/txscapy.py index dffda36..00224d6 100644 --- a/ooni/lib/txscapy.py +++ b/ooni/lib/txscapy.py @@ -1,12 +1,12 @@ # -*- coding:utf8 -*- """ - txscapy - ****** - (c) 2012 Arturo Filastò - a twisted wrapper for scapys send and receive functions. +txscapy +******* +(c) 2012 Arturo Filastò +a twisted wrapper for scapys send and receive functions. - This software has been written to be part of OONI, the Open Observatory of - Network Interference. More information on that here: http://ooni.nu/ +This software has been written to be part of OONI, the Open Observatory of +Network Interference. More information on that here: http://ooni.nu/ """ diff --git a/ooni/nettest.py b/ooni/nettest.py index c2a8575..3534a32 100644 --- a/ooni/nettest.py +++ b/ooni/nettest.py @@ -63,7 +63,7 @@ class NetTestCase(unittest.TestCase): you will subclass this object. * inputs: can be set to a static set of inputs. All the tests (the methods - starting with the "test_" prefix) will be run once per input. At every run + starting with the "test" prefix) will be run once per input. At every run the _input_ attribute of the TestCase instance will be set to the value of the current iteration over inputs. Any python iterable object can be set to inputs. diff --git a/ooni/templates/httpt.py b/ooni/templates/httpt.py index 0b0b7cb..1491cbc 100644 --- a/ooni/templates/httpt.py +++ b/ooni/templates/httpt.py @@ -144,16 +144,22 @@ class HTTPTest(NetTestCase): Perform an HTTP request with the specified method. url: the full url path of the request + method: the HTTP Method to be used + headers: the request headers to be sent + body: the request body + headers_processor: a function to be used for processing the HTTP header responses (defaults to self.processResponseHeaders). This function takes as argument the HTTP headers as a dict. + body_processory: a function to be used for processing the HTTP response body (defaults to self.processResponseBody). This function takes the response body as an argument. + """ log.debug("Performing request %s %s %s" % (url, method, headers)) diff --git a/requirements.txt b/requirements.txt index faada4c..f9d7541 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,24 @@ -twisted -Scapy -pyyaml +BeautifulSoup==3.2.1 +Jinja2==2.6 +PyYAML==3.10 +Pygments==1.5 +Sphinx==1.1.3 +Twisted==12.2.0 +argparse==1.2.1 +cyclone==1.0-rc13 +distribute==0.6.24 +dnspython==1.10.0 +docutils==0.9.1 +ipaddr==2.1.10 +numpy==1.6.2 +pyOpenSSL==0.13 +pygeoip==0.2.5 +repoze.sphinx.autointerface==0.7.1 +scapy==2.1.0 +storm==0.19 +transaction==1.3.0 +txtorcon==0.7 +wsgiref==0.1.2 +zope.component==4.0.0 +zope.event==4.0.0 +zope.interface==4.0.1

1 0

[ooni-probe/master] Move bridgeT and echo test to bridge reachability directory
by art＠torproject.org 06 Nov '12

06 Nov '12

commit cb4b72cd7276845f74443c6fc2338986592c3cdf Author: Arturo Filastò <arturo(a)filasto.net> Date: Tue Nov 6 19:50:35 2012 +0100 Move bridgeT and echo test to bridge reachability directory --- nettests/bridge_reachability/bridget.py | 462 +++++++++++++++++++++++++++++++ nettests/bridge_reachability/echo.py | 196 +++++++++++++ nettests/bridget.py | 462 ------------------------------- nettests/core/dnstamper.py | 7 +- nettests/echo.py | 196 ------------- ooni/utils/log.py | 2 +- 6 files changed, 663 insertions(+), 662 deletions(-) diff --git a/nettests/bridge_reachability/bridget.py b/nettests/bridge_reachability/bridget.py new file mode 100644 index 0000000..6bad316 --- /dev/null +++ b/nettests/bridge_reachability/bridget.py @@ -0,0 +1,462 @@ +#!/usr/bin/env python +# -*- encoding: utf-8 -*- +# +# +-----------+ +# | BRIDGET | +# | +--------------------------------------------+ +# +--------| Use a Tor process to test making a Tor | +# | connection to a list of bridges or relays. | +# +--------------------------------------------+ +# +# :authors: Isis Lovecruft, Arturo Filasto +# :licence: see included LICENSE +# :version: 0.1.0-alpha + +from __future__ import with_statement +from functools import partial +from random import randint + +import os +import sys + +from twisted.python import usage +from twisted.internet import defer, error, reactor + +from ooni import nettest + +from ooni.utils import log, date +from ooni.utils.config import ValueChecker + +from ooni.utils.onion import TxtorconImportError +from ooni.utils.onion import PTNoBridgesException, PTNotFoundException + + +try: + from ooni.utils.onion import parse_data_dir +except: + log.msg("Please go to /ooni/lib and do 'make txtorcon' to run this test!") + +class MissingAssetException(Exception): + pass + +class RandomPortException(Exception): + """Raised when using a random port conflicts with configured ports.""" + def __init__(self): + log.msg("Unable to use random and specific ports simultaneously") + return sys.exit() + +class BridgetArgs(usage.Options): + """Commandline options.""" + allowed = "Port to use for Tor's %s, must be between 1024 and 65535." + sock_check = ValueChecker(allowed % "SocksPort").port_check + ctrl_check = ValueChecker(allowed % "ControlPort").port_check + + optParameters = [ + ['bridges', 'b', None, + 'File listing bridge IP:ORPorts to test'], + ['relays', 'f', None, + 'File listing relay IPs to test'], + ['socks', 's', 9049, None, sock_check], + ['control', 'c', 9052, None, ctrl_check], + ['torpath', 'p', None, + 'Path to the Tor binary to use'], + ['datadir', 'd', None, + 'Tor DataDirectory to use'], + ['transport', 't', None, + 'Tor ClientTransportPlugin'], + ['resume', 'r', 0, + 'Resume at this index']] + optFlags = [['random', 'x', 'Use random ControlPort and SocksPort']] + + def postOptions(self): + if not self['bridges'] and not self['relays']: + raise MissingAssetException( + "Bridget can't run without bridges or relays to test!") + if self['transport']: + ValueChecker.uid_check( + "Can't run bridget as root with pluggable transports!") + if not self['bridges']: + raise PTNoBridgesException + if self['socks'] or self['control']: + if self['random']: + raise RandomPortException + if self['datadir']: + ValueChecker.dir_check(self['datadir']) + if self['torpath']: + ValueChecker.file_check(self['torpath']) + +class BridgetTest(nettest.NetTestCase): + """ + XXX fill me in + + :ivar config: + An :class:`ooni.lib.txtorcon.TorConfig` instance. + :ivar relays: + A list of all provided relays to test. + :ivar bridges: + A list of all provided bridges to test. + :ivar socks_port: + Integer for Tor's SocksPort. + :ivar control_port: + Integer for Tor's ControlPort. + :ivar transport: + String defining the Tor's ClientTransportPlugin, for testing + a bridge's pluggable transport functionality. + :ivar tor_binary: + Path to the Tor binary to use, e.g. \'/usr/sbin/tor\' + """ + name = "bridget" + author = "Isis Lovecruft <isis(a)torproject.org>" + version = "0.1" + description = "Use a Tor process to test connecting to bridges or relays" + advancedOptParameters = BridgetArgs + + def setUp(self): + """ + Extra initialization steps. We only want one child Tor process + running, so we need to deal with most of the TorConfig() only once, + before the experiment runs. + """ + self.socks_port = 9049 + self.control_port = 9052 + self.circuit_timeout = 90 + self.tor_binary = '/usr/sbin/tor' + self.data_directory = None + + def read_from_file(filename): + log.msg("Loading information from %s ..." % opt) + with open(filename) as fp: + lst = [] + for line in fp.readlines(): + if line.startswith('#'): + continue + else: + lst.append(line.replace('\n','')) + return lst + + def __count_remaining__(which): + total, reach, unreach = map(lambda x: which[x], + ['all', 'reachable', 'unreachable']) + count = len(total) - reach() - unreach() + return count + + ## XXX should we do report['bridges_up'].append(self.bridges['current']) + self.bridges = {} + self.bridges['all'], self.bridges['up'], self.bridges['down'] = \ + ([] for i in range(3)) + self.bridges['reachable'] = lambda: len(self.bridges['up']) + self.bridges['unreachable'] = lambda: len(self.bridges['down']) + self.bridges['remaining'] = lambda: __count_remaining__(self.bridges) + self.bridges['current'] = None + self.bridges['pt_type'] = None + self.bridges['use_pt'] = False + + self.relays = {} + self.relays['all'], self.relays['up'], self.relays['down'] = \ + ([] for i in range(3)) + self.relays['reachable'] = lambda: len(self.relays['up']) + self.relays['unreachable'] = lambda: len(self.relays['down']) + self.relays['remaining'] = lambda: __count_remaining__(self.relays) + self.relays['current'] = None + + if self.localOptions: + try: + from txtorcon import TorConfig + except ImportError: + raise TxtorconImportError + else: + self.config = TorConfig() + finally: + options = self.localOptions + + if options['bridges']: + self.config.UseBridges = 1 + self.bridges['all'] = read_from_file(options['bridges']) + if options['relays']: + ## first hop must be in TorState().guards + # XXX where is this defined? + self.config.EntryNodes = ','.join(relay_list) + self.relays['all'] = read_from_file(options['relays']) + if options['socks']: + self.socks_port = options['socks'] + if options['control']: + self.control_port = options['control'] + if options['random']: + log.msg("Using randomized ControlPort and SocksPort ...") + self.socks_port = randint(1024, 2**16) + self.control_port = randint(1024, 2**16) + if options['torpath']: + self.tor_binary = options['torpath'] + if options['datadir']: + self.data_directory = parse_data_dir(options['datadir']) + if options['transport']: + ## ClientTransportPlugin transport exec pathtobinary [options] + ## XXX we need a better way to deal with all PTs + log.msg("Using ClientTransportPlugin %s" % options['transport']) + self.bridges['use_pt'] = True + [self.bridges['pt_type'], pt_exec] = \ + options['transport'].split(' ', 1) + + if self.bridges['pt_type'] == "obfs2": + self.config.ClientTransportPlugin = \ + self.bridges['pt_type'] + " " + pt_exec + else: + raise PTNotFoundException + + self.config.SocksPort = self.socks_port + self.config.ControlPort = self.control_port + self.config.CookieAuthentication = 1 + + def test_bridget(self): + """ + if bridges: + 1. configure first bridge line + 2a. configure data_dir, if it doesn't exist + 2b. write torrc to a tempfile in data_dir + 3. start tor } if any of these + 4. remove bridges which are public relays } fail, add current + 5. SIGHUP for each bridge } bridge to unreach- + } able bridges. + if relays: + 1a. configure the data_dir, if it doesn't exist + 1b. write torrc to a tempfile in data_dir + 2. start tor + 3. remove any of our relays which are already part of current + circuits + 4a. attach CustomCircuit() to self.state + 4b. RELAY_EXTEND for each relay } if this fails, add + } current relay to list + } of unreachable relays + 5. + if bridges and relays: + 1. configure first bridge line + 2a. configure data_dir if it doesn't exist + 2b. write torrc to a tempfile in data_dir + 3. start tor + 4. remove bridges which are public relays + 5. remove any of our relays which are already part of current + circuits + 6a. attach CustomCircuit() to self.state + 6b. for each bridge, build three circuits, with three + relays each + 6c. RELAY_EXTEND for each relay } if this fails, add + } current relay to list + } of unreachable relays + + :param args: + The :class:`BridgetAsset` line currently being used. Except that it + in Bridget it doesn't, so it should be ignored and avoided. + """ + try: + from ooni.utils import process + from ooni.utils.onion import remove_public_relays, start_tor + from ooni.utils.onion import start_tor_filter_nodes + from ooni.utils.onion import setup_fail, setup_done + from ooni.utils.onion import CustomCircuit + from ooni.utils.timer import deferred_timeout, TimeoutError + from ooni.lib.txtorcon import TorConfig, TorState + except ImportError: + raise TxtorconImportError + except TxtorconImportError, tie: + log.err(tie) + sys.exit() + + def reconfigure_done(state, bridges): + """ + Append :ivar:`bridges['current']` to the list + :ivar:`bridges['up']. + """ + log.msg("Reconfiguring with 'Bridge %s' successful" + % bridges['current']) + bridges['up'].append(bridges['current']) + return state + + def reconfigure_fail(state, bridges): + """ + Append :ivar:`bridges['current']` to the list + :ivar:`bridges['down']. + """ + log.msg("Reconfiguring TorConfig with parameters %s failed" + % state) + bridges['down'].append(bridges['current']) + return state + + @defer.inlineCallbacks + def reconfigure_bridge(state, bridges): + """ + Rewrite the Bridge line in our torrc. If use of pluggable + transports was specified, rewrite the line as: + Bridge <transport_type> <IP>:<ORPort> + Otherwise, rewrite in the standard form: + Bridge <IP>:<ORPort> + + :param state: + A fully bootstrapped instance of + :class:`ooni.lib.txtorcon.TorState`. + :param bridges: + A dictionary of bridges containing the following keys: + + bridges['remaining'] :: A function returning and int for the + number of remaining bridges to test. + bridges['current'] :: A string containing the <IP>:<ORPort> + of the current bridge. + bridges['use_pt'] :: A boolean, True if we're testing + bridges with a pluggable transport; + False otherwise. + bridges['pt_type'] :: If :ivar:`bridges['use_pt'] is True, + this is a string containing the type + of pluggable transport to test. + :return: + :param:`state` + """ + log.msg("Current Bridge: %s" % bridges['current']) + log.msg("We now have %d bridges remaining to test..." + % bridges['remaining']()) + try: + if bridges['use_pt'] is False: + controller_response = yield state.protocol.set_conf( + 'Bridge', bridges['current']) + elif bridges['use_pt'] and bridges['pt_type'] is not None: + controller_reponse = yield state.protocol.set_conf( + 'Bridge', bridges['pt_type'] +' '+ bridges['current']) + else: + raise PTNotFoundException + + if controller_response == 'OK': + finish = yield reconfigure_done(state, bridges) + else: + log.err("SETCONF for %s responded with error:\n %s" + % (bridges['current'], controller_response)) + finish = yield reconfigure_fail(state, bridges) + + defer.returnValue(finish) + + except Exception, e: + log.err("Reconfiguring torrc with Bridge line %s failed:\n%s" + % (bridges['current'], e)) + defer.returnValue(None) + + def attacher_extend_circuit(attacher, deferred, router): + ## XXX todo write me + ## state.attacher.extend_circuit + raise NotImplemented + #attacher.extend_circuit + + def state_attach(state, path): + log.msg("Setting up custom circuit builder...") + attacher = CustomCircuit(state) + state.set_attacher(attacher, reactor) + state.add_circuit_listener(attacher) + return state + + ## OLD + #for circ in state.circuits.values(): + # for relay in circ.path: + # try: + # relay_list.remove(relay) + # except KeyError: + # continue + ## XXX how do we attach to circuits with bridges? + d = defer.Deferred() + attacher.request_circuit_build(d) + return d + + def state_attach_fail(state): + log.err("Attaching custom circuit builder failed: %s" % state) + + log.msg("Bridget: initiating test ... ") ## Start the experiment + + ## if we've at least one bridge, and our config has no 'Bridge' line + if self.bridges['remaining']() >= 1 \ + and not 'Bridge' in self.config.config: + + ## configure our first bridge line + self.bridges['current'] = self.bridges['all'][0] + self.config.Bridge = self.bridges['current'] + ## avoid starting several + self.config.save() ## processes + assert self.config.config.has_key('Bridge'), "No Bridge Line" + + ## start tor and remove bridges which are public relays + from ooni.utils.onion import start_tor_filter_nodes + state = start_tor_filter_nodes(reactor, self.config, + self.control_port, self.tor_binary, + self.data_directory, self.bridges) + #controller = defer.Deferred() + #controller.addCallback(singleton_semaphore, tor) + #controller.addErrback(setup_fail) + #bootstrap = defer.gatherResults([controller, filter_bridges], + # consumeErrors=True) + + if state is not None: + log.debug("state:\n%s" % state) + log.debug("Current callbacks on TorState():\n%s" + % state.callbacks) + + ## if we've got more bridges + if self.bridges['remaining']() >= 2: + #all = [] + for bridge in self.bridges['all'][1:]: + self.bridges['current'] = bridge + #new = defer.Deferred() + #new.addCallback(reconfigure_bridge, state, self.bridges) + #all.append(new) + #check_remaining = defer.DeferredList(all, consumeErrors=True) + #state.chainDeferred(check_remaining) + state.addCallback(reconfigure_bridge, self.bridges) + + if self.relays['remaining']() > 0: + while self.relays['remaining']() >= 3: + #path = list(self.relays.pop() for i in range(3)) + #log.msg("Trying path %s" % '->'.join(map(lambda node: + # node, path))) + self.relays['current'] = self.relays['all'].pop() + for circ in state.circuits.values(): + for node in circ.path: + if node == self.relays['current']: + self.relays['up'].append(self.relays['current']) + if len(circ.path) < 3: + try: + ext = attacher_extend_circuit(state.attacher, circ, + self.relays['current']) + ext.addCallback(attacher_extend_circuit_done, + state.attacher, circ, + self.relays['current']) + except Exception, e: + log.err("Extend circuit failed: %s" % e) + else: + continue + + #state.callback(all) + #self.reactor.run() + return state + + def disabled_startTest(self, args): + """ + Local override of :meth:`OONITest.startTest` to bypass calling + self.control. + + :param args: + The current line of :class:`Asset`, not used but kept for + compatibility reasons. + :return: + A fired deferred which callbacks :meth:`experiment` and + :meth:`OONITest.finished`. + """ + self.start_time = date.now() + self.d = self.experiment(args) + self.d.addErrback(log.err) + self.d.addCallbacks(self.finished, log.err) + return self.d + +## ISIS' NOTES +## ----------- +## TODO: +## x cleanup documentation +## x add DataDirectory option +## x check if bridges are public relays +## o take bridge_desc file as input, also be able to give same +## format as output +## x Add asynchronous timeout for deferred, so that we don't wait +## o Add assychronous timout for deferred, so that we don't wait +## forever for bridges that don't work. diff --git a/nettests/bridge_reachability/echo.py b/nettests/bridge_reachability/echo.py new file mode 100644 index 0000000..611970e --- /dev/null +++ b/nettests/bridge_reachability/echo.py @@ -0,0 +1,196 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# +# +---------+ +# | echo.py | +# +---------+ +# A simple ICMP-8 ping test. +# +# :author: Isis Lovecruft +# :version: 0.0.1-pre-alpha +# :license: (c) 2012 Isis Lovecruft +# see attached LICENCE file +# + +import os +import sys + +from pprint import pprint + +from twisted.internet import reactor +from twisted.plugin import IPlugin +from twisted.python import usage +from ooni.nettest import NetTestCase +from ooni.utils import log, Storage +from ooni.utils.net import PermissionsError, IfaceError + +try: + from scapy.all import sr1, IP, ICMP ## XXX v4/v6? + from ooni.lib import txscapy + from ooni.lib.txscapy import txsr, txsend + from ooni.templates.scapyt import ScapyTest +except: + log.msg("This test requires scapy, see www.secdev.org/projects/scapy") + +## xxx TODO: move these to a utility function for determining OSes +LINUX=sys.platform.startswith("linux") +OPENBSD=sys.platform.startswith("openbsd") +FREEBSD=sys.platform.startswith("freebsd") +NETBSD=sys.platform.startswith("netbsd") +DARWIN=sys.platform.startswith("darwin") +SOLARIS=sys.platform.startswith("sunos") +WINDOWS=sys.platform.startswith("win32") + +class EchoTest(ScapyTest): + """ + xxx fill me in + """ + name = 'echo' + author = 'Isis Lovecruft <isis(a)torproject.org>' + description = 'A simple ICMP-8 test to see if a host is reachable.' + version = '0.0.1' + inputFile = ['file', 'f', None, 'File of list of IPs to ping'] + requirements = None + #report = Storage() + + optParameters = [ + ['interface', 'i', None, 'Network interface to use'], + ['count', 'c', 5, 'Number of packets to send', int], + ['size', 's', 56, 'Number of bytes to send in ICMP data field', int], + ['ttl', 'l', 25, 'Set the IP Time to Live', int], + ['timeout', 't', 2, 'Seconds until timeout if no response', int], + ['pcap', 'p', None, 'Save pcap to this file'], + ['receive', 'r', True, 'Receive response packets'] + ] + + def setUp(self, *a, **kw): + ''' + :ivar ifaces: + Struct returned from getifaddrs(3) and turned into a tuple in the + form (*ifa_name, AF_FAMILY, *ifa_addr) + ''' + + if self.localOptions: + log.debug("%s: local_options found" % self.name) + for key, value in self.localOptions.items(): + log.debug("%s: setting self.%s = %s" % (key, value)) + setattr(self, key, value) + + ## xxx is this now .subOptions? + #self.inputFile = self.localOptions['file'] + self.timeout *= 1000 ## convert to milliseconds + + if not self.interface: + log.msg("No network interface specified!") + log.debug("OS detected: %s" % sys.platform) + if LINUX or OPENBSD or NETBSD or FREEBSD or DARWIN or SOLARIS: + from twisted.internet.test import _posixifaces + log.msg("Attempting to discover network interfaces...") + ifaces = _posixifaces._interfaces() + elif WINDOWS: + from twisted.internet.test import _win32ifaces + log.msg("Attempting to discover network interfaces...") + ifaces = _win32ifaces._interfaces() + else: + log.debug("Client OS %s not accounted for!" % sys.platform) + log.debug("Unable to discover network interfaces...") + ifaces = [('lo', '')] + + ## found = {'eth0': '1.1.1.1'} + found = [{i[0]: i[2]} for i in ifaces if i[0] != 'lo'] + log.info("Found interfaces:\n%s" % pprint(found)) + self.interfaces = self.tryInterfaces(found) + else: + ## xxx need a way to check that iface exists, is up, and + ## we have permissions on it + log.debug("Our interface has been set to %s" % self.interface) + + if self.pcap: + try: + self.pcapfile = open(self.pcap, 'a+') + except: + log.msg("Unable to write to pcap file %s" % self.pcap) + self.pcapfile = None + + try: + assert os.path.isfile(self.file) + fp = open(self.file, 'r') + except Exception, e: + hosts = ['8.8.8.8', '38.229.72.14'] + log.err(e) + else: + self.inputs = self.inputProcessor(fp) + self.removePorts(hosts) + + log.debug("Initialization of %s test completed with:\n%s" + % (self.name, ''.join(self.__dict__))) + + @staticmethod + def inputParser(inputs): + log.debug("Removing possible ports from host addresses...") + log.debug("Initial inputs:\n%s" % pprint(inputs)) + + assert isinstance(inputs, list) + hosts = [h.rsplit(':', 1)[0] for h in inputs] + log.debug("Inputs converted to:\n%s" % hosts) + + return hosts + + def tryInterfaces(self, ifaces): + try: + from scapy.all import sr1 ## we want this check to be blocking + except: + log.msg("This test requires scapy: www.secdev.org/projects/scapy") + raise SystemExit + + ifup = {} + while ifaces: + for ifname, ifaddr in ifaces: + log.debug("Currently testing network capabilities of interface" + + "%s by sending a packet to our address %s" + % (ifname, ifaddr)) + try: + pkt = IP(dst=ifaddr)/ICMP() + ans, unans = sr(pkt, iface=ifname, timeout=self.timeout) + except Exception, e: + raise PermissionsError if e.find("Errno 1") else log.err(e) + else: + ## xxx i think this logic might be wrong + log.debug("Interface test packet\n%s\n\n%s" + % (pkt.summary(), pkt.show2())) + if ans.summary(): + log.info("Received answer for test packet on interface" + +"%s :\n%s" % (ifname, ans.summary())) + ifup.update(ifname, ifaddr) + else: + log.info("Our interface test packet was unanswered:\n%s" + % unans.summary()) + + if len(ifup) > 0: + log.msg("Discovered the following working network interfaces: %s" + % ifup) + return ifup + else: + raise IfaceError("Could not find a working network interface.") + + def buildPackets(self): + log.debug("self.input is %s" % self.input) + log.debug("self.hosts is %s" % self.hosts) + for addr in self.input: + packet = IP(dst=self.input)/ICMP() + self.request.append(packet) + return packet + + def test_icmp(self): + if self.recieve: + self.buildPackets() + all = [] + for packet in self.request: + d = self.sendReceivePackets(packets=packet) + all.append(d) + self.response.update({packet: d}) + d_list = defer.DeferredList(all) + return d_list + else: + d = self.sendPackets() + return d diff --git a/nettests/bridget.py b/nettests/bridget.py deleted file mode 100644 index 6bad316..0000000 --- a/nettests/bridget.py +++ /dev/null @@ -1,462 +0,0 @@ -#!/usr/bin/env python -# -*- encoding: utf-8 -*- -# -# +-----------+ -# | BRIDGET | -# | +--------------------------------------------+ -# +--------| Use a Tor process to test making a Tor | -# | connection to a list of bridges or relays. | -# +--------------------------------------------+ -# -# :authors: Isis Lovecruft, Arturo Filasto -# :licence: see included LICENSE -# :version: 0.1.0-alpha - -from __future__ import with_statement -from functools import partial -from random import randint - -import os -import sys - -from twisted.python import usage -from twisted.internet import defer, error, reactor - -from ooni import nettest - -from ooni.utils import log, date -from ooni.utils.config import ValueChecker - -from ooni.utils.onion import TxtorconImportError -from ooni.utils.onion import PTNoBridgesException, PTNotFoundException - - -try: - from ooni.utils.onion import parse_data_dir -except: - log.msg("Please go to /ooni/lib and do 'make txtorcon' to run this test!") - -class MissingAssetException(Exception): - pass - -class RandomPortException(Exception): - """Raised when using a random port conflicts with configured ports.""" - def __init__(self): - log.msg("Unable to use random and specific ports simultaneously") - return sys.exit() - -class BridgetArgs(usage.Options): - """Commandline options.""" - allowed = "Port to use for Tor's %s, must be between 1024 and 65535." - sock_check = ValueChecker(allowed % "SocksPort").port_check - ctrl_check = ValueChecker(allowed % "ControlPort").port_check - - optParameters = [ - ['bridges', 'b', None, - 'File listing bridge IP:ORPorts to test'], - ['relays', 'f', None, - 'File listing relay IPs to test'], - ['socks', 's', 9049, None, sock_check], - ['control', 'c', 9052, None, ctrl_check], - ['torpath', 'p', None, - 'Path to the Tor binary to use'], - ['datadir', 'd', None, - 'Tor DataDirectory to use'], - ['transport', 't', None, - 'Tor ClientTransportPlugin'], - ['resume', 'r', 0, - 'Resume at this index']] - optFlags = [['random', 'x', 'Use random ControlPort and SocksPort']] - - def postOptions(self): - if not self['bridges'] and not self['relays']: - raise MissingAssetException( - "Bridget can't run without bridges or relays to test!") - if self['transport']: - ValueChecker.uid_check( - "Can't run bridget as root with pluggable transports!") - if not self['bridges']: - raise PTNoBridgesException - if self['socks'] or self['control']: - if self['random']: - raise RandomPortException - if self['datadir']: - ValueChecker.dir_check(self['datadir']) - if self['torpath']: - ValueChecker.file_check(self['torpath']) - -class BridgetTest(nettest.NetTestCase): - """ - XXX fill me in - - :ivar config: - An :class:`ooni.lib.txtorcon.TorConfig` instance. - :ivar relays: - A list of all provided relays to test. - :ivar bridges: - A list of all provided bridges to test. - :ivar socks_port: - Integer for Tor's SocksPort. - :ivar control_port: - Integer for Tor's ControlPort. - :ivar transport: - String defining the Tor's ClientTransportPlugin, for testing - a bridge's pluggable transport functionality. - :ivar tor_binary: - Path to the Tor binary to use, e.g. \'/usr/sbin/tor\' - """ - name = "bridget" - author = "Isis Lovecruft <isis(a)torproject.org>" - version = "0.1" - description = "Use a Tor process to test connecting to bridges or relays" - advancedOptParameters = BridgetArgs - - def setUp(self): - """ - Extra initialization steps. We only want one child Tor process - running, so we need to deal with most of the TorConfig() only once, - before the experiment runs. - """ - self.socks_port = 9049 - self.control_port = 9052 - self.circuit_timeout = 90 - self.tor_binary = '/usr/sbin/tor' - self.data_directory = None - - def read_from_file(filename): - log.msg("Loading information from %s ..." % opt) - with open(filename) as fp: - lst = [] - for line in fp.readlines(): - if line.startswith('#'): - continue - else: - lst.append(line.replace('\n','')) - return lst - - def __count_remaining__(which): - total, reach, unreach = map(lambda x: which[x], - ['all', 'reachable', 'unreachable']) - count = len(total) - reach() - unreach() - return count - - ## XXX should we do report['bridges_up'].append(self.bridges['current']) - self.bridges = {} - self.bridges['all'], self.bridges['up'], self.bridges['down'] = \ - ([] for i in range(3)) - self.bridges['reachable'] = lambda: len(self.bridges['up']) - self.bridges['unreachable'] = lambda: len(self.bridges['down']) - self.bridges['remaining'] = lambda: __count_remaining__(self.bridges) - self.bridges['current'] = None - self.bridges['pt_type'] = None - self.bridges['use_pt'] = False - - self.relays = {} - self.relays['all'], self.relays['up'], self.relays['down'] = \ - ([] for i in range(3)) - self.relays['reachable'] = lambda: len(self.relays['up']) - self.relays['unreachable'] = lambda: len(self.relays['down']) - self.relays['remaining'] = lambda: __count_remaining__(self.relays) - self.relays['current'] = None - - if self.localOptions: - try: - from txtorcon import TorConfig - except ImportError: - raise TxtorconImportError - else: - self.config = TorConfig() - finally: - options = self.localOptions - - if options['bridges']: - self.config.UseBridges = 1 - self.bridges['all'] = read_from_file(options['bridges']) - if options['relays']: - ## first hop must be in TorState().guards - # XXX where is this defined? - self.config.EntryNodes = ','.join(relay_list) - self.relays['all'] = read_from_file(options['relays']) - if options['socks']: - self.socks_port = options['socks'] - if options['control']: - self.control_port = options['control'] - if options['random']: - log.msg("Using randomized ControlPort and SocksPort ...") - self.socks_port = randint(1024, 2**16) - self.control_port = randint(1024, 2**16) - if options['torpath']: - self.tor_binary = options['torpath'] - if options['datadir']: - self.data_directory = parse_data_dir(options['datadir']) - if options['transport']: - ## ClientTransportPlugin transport exec pathtobinary [options] - ## XXX we need a better way to deal with all PTs - log.msg("Using ClientTransportPlugin %s" % options['transport']) - self.bridges['use_pt'] = True - [self.bridges['pt_type'], pt_exec] = \ - options['transport'].split(' ', 1) - - if self.bridges['pt_type'] == "obfs2": - self.config.ClientTransportPlugin = \ - self.bridges['pt_type'] + " " + pt_exec - else: - raise PTNotFoundException - - self.config.SocksPort = self.socks_port - self.config.ControlPort = self.control_port - self.config.CookieAuthentication = 1 - - def test_bridget(self): - """ - if bridges: - 1. configure first bridge line - 2a. configure data_dir, if it doesn't exist - 2b. write torrc to a tempfile in data_dir - 3. start tor } if any of these - 4. remove bridges which are public relays } fail, add current - 5. SIGHUP for each bridge } bridge to unreach- - } able bridges. - if relays: - 1a. configure the data_dir, if it doesn't exist - 1b. write torrc to a tempfile in data_dir - 2. start tor - 3. remove any of our relays which are already part of current - circuits - 4a. attach CustomCircuit() to self.state - 4b. RELAY_EXTEND for each relay } if this fails, add - } current relay to list - } of unreachable relays - 5. - if bridges and relays: - 1. configure first bridge line - 2a. configure data_dir if it doesn't exist - 2b. write torrc to a tempfile in data_dir - 3. start tor - 4. remove bridges which are public relays - 5. remove any of our relays which are already part of current - circuits - 6a. attach CustomCircuit() to self.state - 6b. for each bridge, build three circuits, with three - relays each - 6c. RELAY_EXTEND for each relay } if this fails, add - } current relay to list - } of unreachable relays - - :param args: - The :class:`BridgetAsset` line currently being used. Except that it - in Bridget it doesn't, so it should be ignored and avoided. - """ - try: - from ooni.utils import process - from ooni.utils.onion import remove_public_relays, start_tor - from ooni.utils.onion import start_tor_filter_nodes - from ooni.utils.onion import setup_fail, setup_done - from ooni.utils.onion import CustomCircuit - from ooni.utils.timer import deferred_timeout, TimeoutError - from ooni.lib.txtorcon import TorConfig, TorState - except ImportError: - raise TxtorconImportError - except TxtorconImportError, tie: - log.err(tie) - sys.exit() - - def reconfigure_done(state, bridges): - """ - Append :ivar:`bridges['current']` to the list - :ivar:`bridges['up']. - """ - log.msg("Reconfiguring with 'Bridge %s' successful" - % bridges['current']) - bridges['up'].append(bridges['current']) - return state - - def reconfigure_fail(state, bridges): - """ - Append :ivar:`bridges['current']` to the list - :ivar:`bridges['down']. - """ - log.msg("Reconfiguring TorConfig with parameters %s failed" - % state) - bridges['down'].append(bridges['current']) - return state - - @defer.inlineCallbacks - def reconfigure_bridge(state, bridges): - """ - Rewrite the Bridge line in our torrc. If use of pluggable - transports was specified, rewrite the line as: - Bridge <transport_type> <IP>:<ORPort> - Otherwise, rewrite in the standard form: - Bridge <IP>:<ORPort> - - :param state: - A fully bootstrapped instance of - :class:`ooni.lib.txtorcon.TorState`. - :param bridges: - A dictionary of bridges containing the following keys: - - bridges['remaining'] :: A function returning and int for the - number of remaining bridges to test. - bridges['current'] :: A string containing the <IP>:<ORPort> - of the current bridge. - bridges['use_pt'] :: A boolean, True if we're testing - bridges with a pluggable transport; - False otherwise. - bridges['pt_type'] :: If :ivar:`bridges['use_pt'] is True, - this is a string containing the type - of pluggable transport to test. - :return: - :param:`state` - """ - log.msg("Current Bridge: %s" % bridges['current']) - log.msg("We now have %d bridges remaining to test..." - % bridges['remaining']()) - try: - if bridges['use_pt'] is False: - controller_response = yield state.protocol.set_conf( - 'Bridge', bridges['current']) - elif bridges['use_pt'] and bridges['pt_type'] is not None: - controller_reponse = yield state.protocol.set_conf( - 'Bridge', bridges['pt_type'] +' '+ bridges['current']) - else: - raise PTNotFoundException - - if controller_response == 'OK': - finish = yield reconfigure_done(state, bridges) - else: - log.err("SETCONF for %s responded with error:\n %s" - % (bridges['current'], controller_response)) - finish = yield reconfigure_fail(state, bridges) - - defer.returnValue(finish) - - except Exception, e: - log.err("Reconfiguring torrc with Bridge line %s failed:\n%s" - % (bridges['current'], e)) - defer.returnValue(None) - - def attacher_extend_circuit(attacher, deferred, router): - ## XXX todo write me - ## state.attacher.extend_circuit - raise NotImplemented - #attacher.extend_circuit - - def state_attach(state, path): - log.msg("Setting up custom circuit builder...") - attacher = CustomCircuit(state) - state.set_attacher(attacher, reactor) - state.add_circuit_listener(attacher) - return state - - ## OLD - #for circ in state.circuits.values(): - # for relay in circ.path: - # try: - # relay_list.remove(relay) - # except KeyError: - # continue - ## XXX how do we attach to circuits with bridges? - d = defer.Deferred() - attacher.request_circuit_build(d) - return d - - def state_attach_fail(state): - log.err("Attaching custom circuit builder failed: %s" % state) - - log.msg("Bridget: initiating test ... ") ## Start the experiment - - ## if we've at least one bridge, and our config has no 'Bridge' line - if self.bridges['remaining']() >= 1 \ - and not 'Bridge' in self.config.config: - - ## configure our first bridge line - self.bridges['current'] = self.bridges['all'][0] - self.config.Bridge = self.bridges['current'] - ## avoid starting several - self.config.save() ## processes - assert self.config.config.has_key('Bridge'), "No Bridge Line" - - ## start tor and remove bridges which are public relays - from ooni.utils.onion import start_tor_filter_nodes - state = start_tor_filter_nodes(reactor, self.config, - self.control_port, self.tor_binary, - self.data_directory, self.bridges) - #controller = defer.Deferred() - #controller.addCallback(singleton_semaphore, tor) - #controller.addErrback(setup_fail) - #bootstrap = defer.gatherResults([controller, filter_bridges], - # consumeErrors=True) - - if state is not None: - log.debug("state:\n%s" % state) - log.debug("Current callbacks on TorState():\n%s" - % state.callbacks) - - ## if we've got more bridges - if self.bridges['remaining']() >= 2: - #all = [] - for bridge in self.bridges['all'][1:]: - self.bridges['current'] = bridge - #new = defer.Deferred() - #new.addCallback(reconfigure_bridge, state, self.bridges) - #all.append(new) - #check_remaining = defer.DeferredList(all, consumeErrors=True) - #state.chainDeferred(check_remaining) - state.addCallback(reconfigure_bridge, self.bridges) - - if self.relays['remaining']() > 0: - while self.relays['remaining']() >= 3: - #path = list(self.relays.pop() for i in range(3)) - #log.msg("Trying path %s" % '->'.join(map(lambda node: - # node, path))) - self.relays['current'] = self.relays['all'].pop() - for circ in state.circuits.values(): - for node in circ.path: - if node == self.relays['current']: - self.relays['up'].append(self.relays['current']) - if len(circ.path) < 3: - try: - ext = attacher_extend_circuit(state.attacher, circ, - self.relays['current']) - ext.addCallback(attacher_extend_circuit_done, - state.attacher, circ, - self.relays['current']) - except Exception, e: - log.err("Extend circuit failed: %s" % e) - else: - continue - - #state.callback(all) - #self.reactor.run() - return state - - def disabled_startTest(self, args): - """ - Local override of :meth:`OONITest.startTest` to bypass calling - self.control. - - :param args: - The current line of :class:`Asset`, not used but kept for - compatibility reasons. - :return: - A fired deferred which callbacks :meth:`experiment` and - :meth:`OONITest.finished`. - """ - self.start_time = date.now() - self.d = self.experiment(args) - self.d.addErrback(log.err) - self.d.addCallbacks(self.finished, log.err) - return self.d - -## ISIS' NOTES -## ----------- -## TODO: -## x cleanup documentation -## x add DataDirectory option -## x check if bridges are public relays -## o take bridge_desc file as input, also be able to give same -## format as output -## x Add asynchronous timeout for deferred, so that we don't wait -## o Add assychronous timout for deferred, so that we don't wait -## forever for bridges that don't work. diff --git a/nettests/core/dnstamper.py b/nettests/core/dnstamper.py index b25167f..8a59709 100644 --- a/nettests/core/dnstamper.py +++ b/nettests/core/dnstamper.py @@ -17,6 +17,8 @@ import pdb +from twisted.python import usage + from twisted.internet import defer from twisted.names import client, dns from twisted.names.client import Resolver @@ -57,10 +59,9 @@ class DNSTamperTest(nettest.NetTestCase): self.test_reverse = {} if not self.localOptions['testresolvers']: - log.msg("You did not specify a file of DNS servers to test!", - "See the '--testresolvers' option.") self.test_resolvers = ['8.8.8.8'] - return + raise usage.UsageError("You did not specify a file of DNS servers to test!" + "See the '--testresolvers' option.") try: fp = open(self.localOptions['testresolvers']) diff --git a/nettests/echo.py b/nettests/echo.py deleted file mode 100644 index 611970e..0000000 --- a/nettests/echo.py +++ /dev/null @@ -1,196 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# -# +---------+ -# | echo.py | -# +---------+ -# A simple ICMP-8 ping test. -# -# :author: Isis Lovecruft -# :version: 0.0.1-pre-alpha -# :license: (c) 2012 Isis Lovecruft -# see attached LICENCE file -# - -import os -import sys - -from pprint import pprint - -from twisted.internet import reactor -from twisted.plugin import IPlugin -from twisted.python import usage -from ooni.nettest import NetTestCase -from ooni.utils import log, Storage -from ooni.utils.net import PermissionsError, IfaceError - -try: - from scapy.all import sr1, IP, ICMP ## XXX v4/v6? - from ooni.lib import txscapy - from ooni.lib.txscapy import txsr, txsend - from ooni.templates.scapyt import ScapyTest -except: - log.msg("This test requires scapy, see www.secdev.org/projects/scapy") - -## xxx TODO: move these to a utility function for determining OSes -LINUX=sys.platform.startswith("linux") -OPENBSD=sys.platform.startswith("openbsd") -FREEBSD=sys.platform.startswith("freebsd") -NETBSD=sys.platform.startswith("netbsd") -DARWIN=sys.platform.startswith("darwin") -SOLARIS=sys.platform.startswith("sunos") -WINDOWS=sys.platform.startswith("win32") - -class EchoTest(ScapyTest): - """ - xxx fill me in - """ - name = 'echo' - author = 'Isis Lovecruft <isis(a)torproject.org>' - description = 'A simple ICMP-8 test to see if a host is reachable.' - version = '0.0.1' - inputFile = ['file', 'f', None, 'File of list of IPs to ping'] - requirements = None - #report = Storage() - - optParameters = [ - ['interface', 'i', None, 'Network interface to use'], - ['count', 'c', 5, 'Number of packets to send', int], - ['size', 's', 56, 'Number of bytes to send in ICMP data field', int], - ['ttl', 'l', 25, 'Set the IP Time to Live', int], - ['timeout', 't', 2, 'Seconds until timeout if no response', int], - ['pcap', 'p', None, 'Save pcap to this file'], - ['receive', 'r', True, 'Receive response packets'] - ] - - def setUp(self, *a, **kw): - ''' - :ivar ifaces: - Struct returned from getifaddrs(3) and turned into a tuple in the - form (*ifa_name, AF_FAMILY, *ifa_addr) - ''' - - if self.localOptions: - log.debug("%s: local_options found" % self.name) - for key, value in self.localOptions.items(): - log.debug("%s: setting self.%s = %s" % (key, value)) - setattr(self, key, value) - - ## xxx is this now .subOptions? - #self.inputFile = self.localOptions['file'] - self.timeout *= 1000 ## convert to milliseconds - - if not self.interface: - log.msg("No network interface specified!") - log.debug("OS detected: %s" % sys.platform) - if LINUX or OPENBSD or NETBSD or FREEBSD or DARWIN or SOLARIS: - from twisted.internet.test import _posixifaces - log.msg("Attempting to discover network interfaces...") - ifaces = _posixifaces._interfaces() - elif WINDOWS: - from twisted.internet.test import _win32ifaces - log.msg("Attempting to discover network interfaces...") - ifaces = _win32ifaces._interfaces() - else: - log.debug("Client OS %s not accounted for!" % sys.platform) - log.debug("Unable to discover network interfaces...") - ifaces = [('lo', '')] - - ## found = {'eth0': '1.1.1.1'} - found = [{i[0]: i[2]} for i in ifaces if i[0] != 'lo'] - log.info("Found interfaces:\n%s" % pprint(found)) - self.interfaces = self.tryInterfaces(found) - else: - ## xxx need a way to check that iface exists, is up, and - ## we have permissions on it - log.debug("Our interface has been set to %s" % self.interface) - - if self.pcap: - try: - self.pcapfile = open(self.pcap, 'a+') - except: - log.msg("Unable to write to pcap file %s" % self.pcap) - self.pcapfile = None - - try: - assert os.path.isfile(self.file) - fp = open(self.file, 'r') - except Exception, e: - hosts = ['8.8.8.8', '38.229.72.14'] - log.err(e) - else: - self.inputs = self.inputProcessor(fp) - self.removePorts(hosts) - - log.debug("Initialization of %s test completed with:\n%s" - % (self.name, ''.join(self.__dict__))) - - @staticmethod - def inputParser(inputs): - log.debug("Removing possible ports from host addresses...") - log.debug("Initial inputs:\n%s" % pprint(inputs)) - - assert isinstance(inputs, list) - hosts = [h.rsplit(':', 1)[0] for h in inputs] - log.debug("Inputs converted to:\n%s" % hosts) - - return hosts - - def tryInterfaces(self, ifaces): - try: - from scapy.all import sr1 ## we want this check to be blocking - except: - log.msg("This test requires scapy: www.secdev.org/projects/scapy") - raise SystemExit - - ifup = {} - while ifaces: - for ifname, ifaddr in ifaces: - log.debug("Currently testing network capabilities of interface" - + "%s by sending a packet to our address %s" - % (ifname, ifaddr)) - try: - pkt = IP(dst=ifaddr)/ICMP() - ans, unans = sr(pkt, iface=ifname, timeout=self.timeout) - except Exception, e: - raise PermissionsError if e.find("Errno 1") else log.err(e) - else: - ## xxx i think this logic might be wrong - log.debug("Interface test packet\n%s\n\n%s" - % (pkt.summary(), pkt.show2())) - if ans.summary(): - log.info("Received answer for test packet on interface" - +"%s :\n%s" % (ifname, ans.summary())) - ifup.update(ifname, ifaddr) - else: - log.info("Our interface test packet was unanswered:\n%s" - % unans.summary()) - - if len(ifup) > 0: - log.msg("Discovered the following working network interfaces: %s" - % ifup) - return ifup - else: - raise IfaceError("Could not find a working network interface.") - - def buildPackets(self): - log.debug("self.input is %s" % self.input) - log.debug("self.hosts is %s" % self.hosts) - for addr in self.input: - packet = IP(dst=self.input)/ICMP() - self.request.append(packet) - return packet - - def test_icmp(self): - if self.recieve: - self.buildPackets() - all = [] - for packet in self.request: - d = self.sendReceivePackets(packets=packet) - all.append(d) - self.response.update({packet: d}) - d_list = defer.DeferredList(all) - return d_list - else: - d = self.sendPackets() - return d diff --git a/ooni/utils/log.py b/ooni/utils/log.py index d1f308e..57e5d61 100644 --- a/ooni/utils/log.py +++ b/ooni/utils/log.py @@ -48,7 +48,7 @@ def debug(msg, *arg, **kw): txlog.msg(msg, logLevel=logging.DEBUG, *arg, **kw) def err(msg, *arg, **kw): - txlog.err("Error: " + msg, logLevel=logging.ERROR, *arg, **kw) + txlog.err("Error: " + str(msg), logLevel=logging.ERROR, *arg, **kw) def exception(*msg): logging.exception(msg)

1 0

[ooni-probe/master] Add basic unittest for testing of DNS
by art＠torproject.org 06 Nov '12

06 Nov '12

commit 1d106f36b15960a63fc09fbf737ef98586645856 Author: Arturo Filastò <arturo(a)filasto.net> Date: Tue Nov 6 19:10:34 2012 +0100 Add basic unittest for testing of DNS --- tests/test_dns.py | 24 ++++++++++++++++++++++++ 1 files changed, 24 insertions(+), 0 deletions(-) diff --git a/tests/test_dns.py b/tests/test_dns.py new file mode 100644 index 0000000..e9bb524 --- /dev/null +++ b/tests/test_dns.py @@ -0,0 +1,24 @@ +# +# This unittest is to verify that our usage of the twisted DNS resolver does +# not break with new versions of twisted. + +import pdb +from twisted.trial import unittest + +from twisted.internet import reactor + +from twisted.names import dns +from twisted.names.client import Resolver + +class DNSTest(unittest.TestCase): + def test_a_lookup_ooni_query(self): + def done_query(message, *arg): + answer = message.answers[0] + self.assertEqual(answer.type, 1) + + dns_query = [dns.Query('ooni.nu', type=dns.A)] + resolver = Resolver(servers=[('8.8.8.8', 53)]) + d = resolver.queryUDP(dns_query) + d.addCallback(done_query) + return d +

1 0

[translation/vidalia] Update translations for vidalia
by translation＠torproject.org 06 Nov '12

06 Nov '12

commit 52a29a395b437ce2ea806151918c66a3d310baa5 Author: Translation commit bot <translation(a)torproject.org> Date: Tue Nov 6 20:45:14 2012 +0000 Update translations for vidalia --- ja/vidalia_ja.po | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ja/vidalia_ja.po b/ja/vidalia_ja.po index 141335b..338490b 100644 --- a/ja/vidalia_ja.po +++ b/ja/vidalia_ja.po @@ -14,7 +14,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2012-03-21 17:52+0000\n" -"PO-Revision-Date: 2012-11-06 20:14+0000\n" +"PO-Revision-Date: 2012-11-06 20:21+0000\n" "Last-Translator: 9g0Z3it0gjbxzope <doutrafr(a)fakeinbox.com>\n" "Language-Team: translations(a)vidalia-project.net\n" "MIME-Version: 1.0\n" @@ -3338,18 +3338,18 @@ msgid "" "One of your applications tried to establish a connection through Tor using a" " protocol that Tor does not understand. Please ensure you configure your " "applications to use only SOCKS4a or SOCKS5 with remote hostname resolution." -msgstr "あなたのアプリケーションの一つがTorが理解できないプロトコルを使い接続を確立しようとしました。" +msgstr "あなたのアプリケーションの一つがTorが理解できないプロトコルを使用して接続を確立しようとしました。あなたのアプリケーションがSOCKS4aまたはSOCKS5を使いホスト名の解決を行うよう設定してください。" msgctxt "StatusEventWidget" msgid "Invalid Destination Hostname" -msgstr "" +msgstr "接続先のホスト名が不正です" msgctxt "StatusEventWidget" msgid "" "One of your applications tried to establish a connection through Tor to " "\"%1\", which Tor does not recognize as a valid hostname. Please check your " "application's configuration." -msgstr "" +msgstr "あなたのアプリケーションの一つがTorを通し\"%1\"に接続を確立しようとしましたが、Torは正しいホスト名と認識しませんでした。アプリケーションの設定を確認してください。" msgctxt "StatusEventWidget" msgid "External IP Address Changed" @@ -3360,7 +3360,7 @@ msgid "" "Tor has determined your relay's public IP address is currently %1%2. If that" " is not correct, please consider setting the 'Address' option in your " "relay's configuration." -msgstr "" +msgstr "TorはあなたのリレーのパブリックIPアドレスを%1%2と判断しました。これが正しくない場合は、リレーの設定で'アドレス'オプションを設定することを検討してください。" msgctxt "StatusEventWidget" msgid "DNS Hijacking Detected"

1 0

[translation/vidalia] Update translations for vidalia
by translation＠torproject.org 06 Nov '12

06 Nov '12

commit 6039dc91b7515b66d445cd962bd4030572e57b33 Author: Translation commit bot <translation(a)torproject.org> Date: Tue Nov 6 20:15:15 2012 +0000 Update translations for vidalia --- ja/vidalia_ja.po | 40 ++++++++++++++++++++-------------------- 1 files changed, 20 insertions(+), 20 deletions(-) diff --git a/ja/vidalia_ja.po b/ja/vidalia_ja.po index dbe23db..141335b 100644 --- a/ja/vidalia_ja.po +++ b/ja/vidalia_ja.po @@ -14,7 +14,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2012-03-21 17:52+0000\n" -"PO-Revision-Date: 2012-11-05 23:17+0000\n" +"PO-Revision-Date: 2012-11-06 20:14+0000\n" "Last-Translator: 9g0Z3it0gjbxzope <doutrafr(a)fakeinbox.com>\n" "Language-Team: translations(a)vidalia-project.net\n" "MIME-Version: 1.0\n" @@ -1782,11 +1782,11 @@ msgstr "Torネットワークに接続しました!" msgctxt "MainWindow" msgid "miscellaneous" -msgstr "" +msgstr "その他" msgctxt "MainWindow" msgid "identity mismatch" -msgstr "" +msgstr "識別子の不一致" msgctxt "MainWindow" msgid "done" @@ -2050,7 +2050,7 @@ msgstr "インストールのため新しいパッケージをチェックする msgctxt "MainWindow" msgid "Potentially Unsafe Connection" -msgstr "" +msgstr "安全でない接続の可能性があります" msgctxt "MainWindow" msgid "" @@ -3117,7 +3117,7 @@ msgstr "<a href=\"#bridgeHelp\">これは何？</a>" msgctxt "ServerPage" msgid "Automatically distribute my bridge address" -msgstr "" +msgstr "ブリッジのアドレスを自動的に配信する" msgctxt "ServerPage" msgid "Relay traffic for the Tor network (exit relay)" @@ -3135,7 +3135,7 @@ msgctxt "ServerPage" msgid "" "Email address at which you may be reached if there is a\n" "problem with your relay. You might also include your PGP or GPG fingerprint." -msgstr "" +msgstr "あなたのリレーに問題がある場合の連絡先電子メールアドレス。\nPGPやGPGの鍵の指紋を含むこともできます。" msgctxt "ServicePage" msgid "Error while trying to unpublish all services" @@ -3165,7 +3165,7 @@ msgstr "仮想ポートは有効なポート番号[1..65535]のみを含む必 msgctxt "ServicePage" msgid "Target may only contain address:port, address, or port." -msgstr "" +msgstr "ターゲットはアドレス:ポート番号、アドレス、もしくはポート番号のみを含むことができます。" msgctxt "ServicePage" msgid "Directory already in use by another service." @@ -3240,7 +3240,7 @@ msgid "" "Click \"Start Tor\" in the Vidalia Control Panel to restart the Tor " "software. If Tor exited unexpectedly, select the \"Advanced\" tab above for " "details about any errors encountered." -msgstr "" +msgstr "Torソフトウェアを再起動するためVidaliaコントロールパネルの\"Torを実行する\"をクリックしてください。Torが予期せず終了した場合は、発生したエラーの詳細のため\"詳細\"タブを選びます。" msgctxt "StatusEventWidget" msgid "" @@ -3260,7 +3260,7 @@ msgstr "現在Torソフトウェアのバージョン \"%1\" を実行中です msgctxt "StatusEventWidget" msgid "Your Tor Software is Out-of-date" -msgstr "" +msgstr "あなたのTorソフトウェアは古すぎます" msgctxt "StatusEventWidget" msgid "Connected to the Tor Network" @@ -3270,7 +3270,7 @@ msgctxt "StatusEventWidget" msgid "" "We were able to successfully establish a connection to the Tor network. You " "can now configure your applications to use the Internet anonymously." -msgstr "" +msgstr "Torネットワークへの接続が確立できました。インターネットを匿名で利用するためアプリケーションを設定できます。" msgctxt "StatusEventWidget" msgid "Tor Software Error" @@ -3280,7 +3280,7 @@ msgctxt "StatusEventWidget" msgid "" "The Tor software encountered an internal bug. Please report the following " "error message to the Tor developers at bugs.torproject.org: \"%1\"" -msgstr "" +msgstr "Torソフトウェアは内部でバグに遭遇しました。以下のエラーメッセージをbugs.torproject.orgのTorの開発者に報告してください: \"%1\"" msgctxt "StatusEventWidget" msgid "" @@ -3288,7 +3288,7 @@ msgid "" "the past compared to the source \"%2\". If your clock is not correct, Tor " "will not be able to function. Please verify your computer displays the " "correct time." -msgstr "" +msgstr "Torはあなたのコンピューターのクロックがソース\"%2\"より%1秒遅れていると測定しました。クロックが正しくない場合、Torは機能しません。コンピューターが正しい時間を表示しているか確認してください。" msgctxt "StatusEventWidget" msgid "" @@ -3296,11 +3296,11 @@ msgid "" "the future compared to the source \"%2\". If your clock is not correct, Tor " "will not be able to function. Please verify your computer displays the " "correct time." -msgstr "" +msgstr "Torはあなたのコンピューターのクロックがソース\"%2\"より%1秒進んでいると測定しました。クロックが正しくない場合、Torは機能しません。コンピューターが正しい時間を表示しているか確認してください。" msgctxt "StatusEventWidget" msgid "Your Computer's Clock is Potentially Incorrect" -msgstr "" +msgstr "コンピューターのクロックが正しくない可能性があります" msgctxt "StatusEventWidget" msgid "" @@ -3308,18 +3308,18 @@ msgid "" "unencrypted connection through Tor to port %1. Sending unencrypted " "information over the Tor network is dangerous and not recommended. For your " "protection, Tor has automatically closed this connection." -msgstr "" +msgstr "あなたのコンピューター上のアプリケーションの一つがTorを通しポート%1に暗号化されていない接続を作ろうとました。Torネットワークを通して暗号化されていない情報を送ることは危険であり推奨されません。あなたを保護するため、Torは自動的に接続を閉じました。" msgctxt "StatusEventWidget" msgid "" "One of the applications on your computer may have attempted to make an " "unencrypted connection through Tor to port %1. Sending unencrypted " "information over the Tor network is dangerous and not recommended." -msgstr "" +msgstr "あなたのコンピューター上のアプリケーションの一つがTorを通しポート%1に暗号化されていない接続を作ろうとました。Torネットワークを通して暗号化されていない情報を送ることは危険であり推奨されません。" msgctxt "StatusEventWidget" msgid "Potentially Dangerous Connection!" -msgstr "" +msgstr "危険な接続の可能性があります！" msgctxt "StatusEventWidget" msgid "" @@ -3327,18 +3327,18 @@ msgid "" "using a protocol that may leak information about your destination. Please " "ensure you configure your applications to use only SOCKS4a or SOCKS5 with " "remote hostname resolution." -msgstr "" +msgstr "あなたのアプリケーションの一つが、接続先に関する情報を漏らす可能性のあるプロトコルを使って、Torを通し\"%1\"に接続を確立しました。あなたのアプリケーションがSOCKS4aまたはSOCKS5を使いホスト名の解決を行うよう設定してください。" msgctxt "StatusEventWidget" msgid "Unknown SOCKS Protocol" -msgstr "" +msgstr "不明なSOCKSプロトコルです" msgctxt "StatusEventWidget" msgid "" "One of your applications tried to establish a connection through Tor using a" " protocol that Tor does not understand. Please ensure you configure your " "applications to use only SOCKS4a or SOCKS5 with remote hostname resolution." -msgstr "" +msgstr "あなたのアプリケーションの一つがTorが理解できないプロトコルを使い接続を確立しようとしました。" msgctxt "StatusEventWidget" msgid "Invalid Destination Hostname"

1 0