November 2013 - tor-commits - lists.torproject.org

[tlsdate/master] Mention the recent FreeBSD-specific changes in the CHANGELOG
by ioerror＠torproject.org 21 Nov '13

21 Nov '13

commit add30296600ed6e1d2d3738b3dc879cb5d6c5723 Author: Fabian Keil <fk(a)fabiankeil.de> Date: Thu Nov 21 14:55:22 2013 +0100 Mention the recent FreeBSD-specific changes in the CHANGELOG --- CHANGELOG | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG b/CHANGELOG index 2708a9f..e7d5287 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +0.0.8 TBD + Fix build on FreeBSD 10 and 11. + Add FreeBSD 9.2 support for tlsdate and tlsdate-helper. 0.0.7 Sat 2 Nov, … [View More]

1 0

[tlsdate/master] Use the strchrnul() replacement on FreeBSD versions that need it
by ioerror＠torproject.org 21 Nov '13

21 Nov '13

commit bf91ea96c63e885c0800bbc856459052a4f69207 Author: Fabian Keil <fk(a)fabiankeil.de> Date: Thu Nov 21 14:05:54 2013 +0100 Use the strchrnul() replacement on FreeBSD versions that need it This gets tlsdate and tlsdate-helper working on FreeBSD 9.2-RELEASE. --- configure.ac | 3 +++ src/conf.c | 6 ++++++ src/include.am | 6 ++++++ 3 files changed, 15 insertions(+) diff --git a/configure.ac b/configure.ac index 04ea89a..cdecdd5 100644 --- a/configure.ac +… [View More]

1 0

[tlsdate/master] Mention in INSTALL that tlsdate is expected to work on FreeBSD 9.2 and 11 as well
by ioerror＠torproject.org 21 Nov '13

21 Nov '13

commit 44fa3b79128df9cd1738a66ae80a5a0bde6d4603 Author: Fabian Keil <fk(a)fabiankeil.de> Date: Thu Nov 21 14:49:28 2013 +0100 Mention in INSTALL that tlsdate is expected to work on FreeBSD 9.2 and 11 as well --- INSTALL | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL b/INSTALL index 285e147..768bc2d 100644 --- a/INSTALL +++ b/INSTALL @@ -6,7 +6,7 @@ tlsdate should build and work on the following Operating Systems: Fedora 17, 18 RedHat … [View More]

1 0

[flashproxy/master] Remove the README section on using a public flashproxy-client.
by dcf＠torproject.org 21 Nov '13

21 Nov '13

commit 3406eb1884f8032deb2ecafa49cc44b7f24a384e Author: David Fifield <david(a)bamsoftware.com> Date: Thu Nov 21 13:54:12 2013 -0800 Remove the README section on using a public flashproxy-client. This is less necessary than it was in the early days, when no one wanted to bother to download the client software. I probably won't run a public flashproxy-client on the next facilitator I set up. --- README | 10 ---------- 1 file changed, 10 deletions(-) diff --git … [View More]

1 0

[tor-browser-bundle/master] Conceal useragent during downloads.
by mikeperry＠torproject.org 21 Nov '13

21 Nov '13

commit d423a3ed4163b4cdac53a21fcb2bed5914393ad9 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Nov 21 13:26:15 2013 -0800 Conceal useragent during downloads. --- gitian/fetch-inputs.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh index 19b3509..82a0b50 100755 --- a/gitian/fetch-inputs.sh +++ b/gitian/fetch-inputs.sh @@ -72,7 +72,7 @@ get() { local file="$1"; shift local url="$… [View More]

1 0

[tor-browser-bundle/master] Fix quoting and signature downloads during build comparison.
by mikeperry＠torproject.org 21 Nov '13

21 Nov '13

commit ef049610ab06af6942ee83026f2e887144904b7b Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Nov 21 13:24:45 2013 -0800 Fix quoting and signature downloads during build comparison. --- gitian/check-match.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gitian/check-match.sh b/gitian/check-match.sh index 1958e4a..907fbfe 100755 --- a/gitian/check-match.sh +++ b/gitian/check-match.sh @@ -35,8 +35,8 @@ do mkdir -p $TORBROWSER_VERSION/… [View More]

1 0

[flashproxy/master] email-poller: move main loop inside a main() function
by infinity0＠torproject.org 21 Nov '13

21 Nov '13

commit 26db40e275804d75ecb86b0c1922f0af2a53aa2f Author: Ximin Luo <infinity0(a)gmx.com> Date: Thu Nov 21 21:19:26 2013 +0000 email-poller: move main loop inside a main() function - so we can import it without running it, useful for the upcoming help2man stuff --- facilitator/facilitator-email-poller | 254 +++++++++++++++++----------------- 1 file changed, 129 insertions(+), 125 deletions(-) diff --git a/facilitator/facilitator-email-poller b/facilitator/facilitator-email-… [View More]poller index 8a5c972..b3b9b14 100755 --- a/facilitator/facilitator-email-poller +++ b/facilitator/facilitator-email-poller @@ -125,110 +125,136 @@ def log(msg): print >> options.log_file, (u"%s %s" % (time.strftime(LOG_DATE_FORMAT), msg)).encode("UTF-8") options.log_file.flush() -opts, args = getopt.gnu_getopt(sys.argv[1:], "de:hi:l:p:", [ - "debug", - "disable-pin", - "email=", - "help", - "imap=", - "imaplib-debug", - "log=", - "pass=", - "pidfile=", - "privdrop-user=", - "unsafe-logging", -]) -for o, a in opts: - if o == "-d" or o == "--debug": - options.daemonize = False - options.log_filename = None - elif o == "--disable-pin": - options.use_certificate_pin = False - elif o == "-h" or o == "--help": - usage() - sys.exit() - if o == "--imaplib-debug": - options.imaplib_debug = True - elif o == "-l" or o == "--log": - options.log_filename = a - elif o == "-p" or o == "--pass": - options.password_filename = a - elif o == "--pidfile": - options.pid_filename = a - elif o == "--privdrop-user": - options.privdrop_username = a - elif o == "--unsafe-logging": - options.safe_logging = False - -if len(args) != 0: - usage(sys.stderr) - sys.exit(1) - -# Load the email password. -if options.password_filename is None: - print >> sys.stderr, "The --pass option is required." - sys.exit(1) -try: - password_file = open(options.password_filename) -except Exception, e: - print >> sys.stderr, """\ -Failed to open password file "%s": %s.\ -""" % (options.password_filename, str(e)) - sys.exit(1) -try: - if not proc.check_perms(password_file.fileno()): - print >> sys.stderr, "Refusing to run with group- or world-readable password file. Try" - print >> sys.stderr, "\tchmod 600 %s" % options.password_filename +def main(): + opts, args = getopt.gnu_getopt(sys.argv[1:], "de:hi:l:p:", [ + "debug", + "disable-pin", + "email=", + "help", + "imap=", + "imaplib-debug", + "log=", + "pass=", + "pidfile=", + "privdrop-user=", + "unsafe-logging", + ]) + for o, a in opts: + if o == "-d" or o == "--debug": + options.daemonize = False + options.log_filename = None + elif o == "--disable-pin": + options.use_certificate_pin = False + elif o == "-h" or o == "--help": + usage() + sys.exit() + if o == "--imaplib-debug": + options.imaplib_debug = True + elif o == "-l" or o == "--log": + options.log_filename = a + elif o == "-p" or o == "--pass": + options.password_filename = a + elif o == "--pidfile": + options.pid_filename = a + elif o == "--privdrop-user": + options.privdrop_username = a + elif o == "--unsafe-logging": + options.safe_logging = False + + if len(args) != 0: + usage(sys.stderr) + sys.exit(1) + + # Load the email password. + if options.password_filename is None: + print >> sys.stderr, "The --pass option is required." + sys.exit(1) + try: + password_file = open(options.password_filename) + except Exception, e: + print >> sys.stderr, """\ + Failed to open password file "%s": %s.\ + """ % (options.password_filename, str(e)) sys.exit(1) - for (lineno0, line) in enumerate(password_file.readlines()): - line = line.strip("\n") - if not line or line.startswith('#'): continue - # we do this stricter regex match because passwords might have spaces in - res = re.match(r"(?:(\S+)\s)?(\S+@\S+)\s(.+)", line) - if not res: - raise ValueError("could not find email or password on line %s" % (lineno0+1)) - (imap_addr_spec, email_addr, email_password) = res.groups() - imap_addr = parse_addr_spec( - imap_addr_spec or "", DEFAULT_IMAP_HOST, DEFAULT_IMAP_PORT) - break - else: - raise ValueError("no email line found") -except Exception, e: - print >> sys.stderr, """\ -Failed to parse password file "%s": %s. -Syntax is [<imap_host>] <email> <password>. -""" % (options.password_filename, str(e)) - sys.exit(1) -finally: - password_file.close() - -if options.log_filename: - options.log_file = open(options.log_filename, "a") - # Send error tracebacks to the log. - sys.stderr = options.log_file -else: - options.log_file = sys.stdout - -if options.daemonize: - log(u"daemonizing") - pid = os.fork() - if pid != 0: - if options.pid_filename: - f = open(options.pid_filename, "w") - print >> f, pid - f.close() - sys.exit(0) - -if options.privdrop_username is not None: - log(u"dropping privileges to those of user %s" % options.privdrop_username) try: - proc.drop_privs(options.privdrop_username) - except BaseException, e: - print >> sys.stderr, "Can't drop privileges:", str(e) + if not proc.check_perms(password_file.fileno()): + print >> sys.stderr, "Refusing to run with group- or world-readable password file. Try" + print >> sys.stderr, "\tchmod 600 %s" % options.password_filename + sys.exit(1) + for (lineno0, line) in enumerate(password_file.readlines()): + line = line.strip("\n") + if not line or line.startswith('#'): continue + # we do this stricter regex match because passwords might have spaces in + res = re.match(r"(?:(\S+)\s)?(\S+@\S+)\s(.+)", line) + if not res: + raise ValueError("could not find email or password on line %s" % (lineno0+1)) + (imap_addr_spec, email_addr, email_password) = res.groups() + imap_addr = parse_addr_spec( + imap_addr_spec or "", DEFAULT_IMAP_HOST, DEFAULT_IMAP_PORT) + break + else: + raise ValueError("no email line found") + except Exception, e: + print >> sys.stderr, """\ + Failed to parse password file "%s": %s. + Syntax is [<imap_host>] <email> <password>. + """ % (options.password_filename, str(e)) sys.exit(1) + finally: + password_file.close() -if options.imaplib_debug: - imaplib.Debug = 4 + if options.log_filename: + options.log_file = open(options.log_filename, "a") + # Send error tracebacks to the log. + sys.stderr = options.log_file + else: + options.log_file = sys.stdout + + if options.daemonize: + log(u"daemonizing") + pid = os.fork() + if pid != 0: + if options.pid_filename: + f = open(options.pid_filename, "w") + print >> f, pid + f.close() + sys.exit(0) + + if options.privdrop_username is not None: + log(u"dropping privileges to those of user %s" % options.privdrop_username) + try: + proc.drop_privs(options.privdrop_username) + except BaseException, e: + print >> sys.stderr, "Can't drop privileges:", str(e) + sys.exit(1) + + if options.imaplib_debug: + imaplib.Debug = 4 + + login_limit = RateLimit() + while True: + try: + imap = imap_login(imap_addr, email_addr, email_password) + try: + imap_loop(imap) + except imaplib.IMAP4.error: + imap.close() + imap.logout() + except (imaplib.IMAP4.error, ssl.SSLError, SSL.SSLError, socket.error), e: + # Try again after a disconnection. + log(u"lost server connection: %s" % str(e)) + except KeyboardInterrupt: + break + + # Don't reconnect too fast. + t = login_limit.time_to_wait() + if t > 0: + log(u"waiting %.2f seconds before logging in again" % t) + time.sleep(t) + + log(u"closing") + imap.close() + imap.logout() def message_get_date(msg): """Get the datetime when the message was received by reading the X-Received @@ -342,7 +368,7 @@ def imap_loop(imap): time.sleep(POLL_INTERVAL) -def imap_login(): +def imap_login(imap_addr, email_addr, email_password): """Make an IMAP connection, check the certificate and public key, and log in.""" with keys.temp_cert(keys.PIN_GOOGLE_CA_CERT) as ca_certs_file: imap = IMAP4_SSL_REQUIRED( @@ -375,27 +401,5 @@ class RateLimit(object): self.interval = self.interval * math.exp(-self.DECAY * delta) * self.MULTIPLIER return wait -login_limit = RateLimit() -while True: - try: - imap = imap_login() - try: - imap_loop(imap) - except imaplib.IMAP4.error: - imap.close() - imap.logout() - except (imaplib.IMAP4.error, ssl.SSLError, SSL.SSLError, socket.error), e: - # Try again after a disconnection. - log(u"lost server connection: %s" % str(e)) - except KeyboardInterrupt: - break - - # Don't reconnect too fast. - t = login_limit.time_to_wait() - if t > 0: - log(u"waiting %.2f seconds before logging in again" % t) - time.sleep(t) - -log(u"closing") -imap.close() -imap.logout() +if __name__ == "__main__": + main() [View Less]

1 0

[flashproxy/master] match facilitator version with rest of package.
by infinity0＠torproject.org 21 Nov '13

21 Nov '13

commit 324da7ea4263249a57e5085043ba447122b665cb Author: Ximin Luo <infinity0(a)gmx.com> Date: Thu Nov 21 19:11:22 2013 +0000 match facilitator version with rest of package. --- facilitator/configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/facilitator/configure.ac b/facilitator/configure.ac index 9ed50bc..e5184a2 100644 --- a/facilitator/configure.ac +++ b/facilitator/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ([2.68]) -AC_INIT([flashproxy-facilitator],… [View More]

1 0

[tor-browser-bundle/master] Fix signature generation issues.
by mikeperry＠torproject.org 21 Nov '13

21 Nov '13

commit bd182fcc4ad77fe9ec3f8995dfdf4f1675e2b748 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Nov 21 12:52:47 2013 -0800 Fix signature generation issues. --- gitian/check-match.sh | 2 +- gitian/hash-bundles.sh | 5 ++++- gitian/upload-signature.sh | 6 ++++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/gitian/check-match.sh b/gitian/check-match.sh index 90f2025..1958e4a 100755 --- a/gitian/check-match.sh +++ b/gitian/check-… [View More]

1 0

[tor-browser-bundle/master] Signature directory creation should do mkdir -p.
by mikeperry＠torproject.org 21 Nov '13

21 Nov '13

commit 4c88a419f3103c6f73e32afceb9c10e837cf34ea Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Nov 21 12:26:10 2013 -0800 Signature directory creation should do mkdir -p. --- gitian/upload-signature.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/upload-signature.sh b/gitian/upload-signature.sh index 87bd05d..bdfa7db 100755 --- a/gitian/upload-signature.sh +++ b/gitian/upload-signature.sh @@ -27,6 +27,6 @@ then cd $… [View More]

1 0