October 2014 - tor-commits - lists.torproject.org

[translation/torcheck] Update translations for torcheck
by translation＠torproject.org 09 Oct '14

09 Oct '14

commit 5fdf396e1daf6960d34d50100a760df38ed7209c Author: Translation commit bot <translation(a)torproject.org> Date: Thu Oct 9 20:15:24 2014 +0000 Update translations for torcheck --- cs/torcheck.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cs/torcheck.po b/cs/torcheck.po index 64f6dc4..74bf883 100644 --- a/cs/torcheck.po +++ b/cs/torcheck.po @@ -11,7 +11,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2014-10-06 00:00+0000\n" +"PO-Revision-Date: 2014-10-09 20:07+0000\n" "Last-Translator: A5h8d0wf0x <littleslyfoxie28(a)gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/torproject/language/cs/)\n" "MIME-Version: 1.0\n"

1 0

[translation/gettor_completed] Update translations for gettor_completed
by translation＠torproject.org 09 Oct '14

09 Oct '14

commit 4d07806b85832110ccedc5ad6380ae579c7a8a01 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Oct 9 20:15:17 2014 +0000 Update translations for gettor_completed --- cs/gettor.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cs/gettor.po b/cs/gettor.po index e0fd3da..da7e874 100644 --- a/cs/gettor.po +++ b/cs/gettor.po @@ -14,8 +14,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2013-01-19 13:40+0100\n" -"PO-Revision-Date: 2014-10-03 23:11+0000\n" -"Last-Translator: Michal Várady <miko.vaji(a)gmail.com>\n" +"PO-Revision-Date: 2014-10-09 20:04+0000\n" +"Last-Translator: A5h8d0wf0x <littleslyfoxie28(a)gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/torproject/language/cs/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n"

1 0

[translation/gettor] Update translations for gettor
by translation＠torproject.org 09 Oct '14

09 Oct '14

commit 136b648dd4aedf5ec8bdc22befd6109e169cb140 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Oct 9 20:15:12 2014 +0000 Update translations for gettor --- cs/gettor.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cs/gettor.po b/cs/gettor.po index e0fd3da..da7e874 100644 --- a/cs/gettor.po +++ b/cs/gettor.po @@ -14,8 +14,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2013-01-19 13:40+0100\n" -"PO-Revision-Date: 2014-10-03 23:11+0000\n" -"Last-Translator: Michal Várady <miko.vaji(a)gmail.com>\n" +"PO-Revision-Date: 2014-10-09 20:04+0000\n" +"Last-Translator: A5h8d0wf0x <littleslyfoxie28(a)gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/torproject/language/cs/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n"

1 0

[translation/bridgedb_completed] Update translations for bridgedb_completed
by translation＠torproject.org 09 Oct '14

09 Oct '14

commit 9c04c99eb9f6dc907b80ee68ace759fb3a6d18cd Author: Translation commit bot <translation(a)torproject.org> Date: Thu Oct 9 20:15:08 2014 +0000 Update translations for bridgedb_completed --- cs/LC_MESSAGES/bridgedb.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cs/LC_MESSAGES/bridgedb.po b/cs/LC_MESSAGES/bridgedb.po index f82de5e..455f868 100644 --- a/cs/LC_MESSAGES/bridgedb.po +++ b/cs/LC_MESSAGES/bridgedb.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'\n" "POT-Creation-Date: 2014-07-26 02:11+0000\n" -"PO-Revision-Date: 2014-10-06 14:11+0000\n" +"PO-Revision-Date: 2014-10-09 20:04+0000\n" "Last-Translator: A5h8d0wf0x <littleslyfoxie28(a)gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/torproject/language/cs/)\n" "MIME-Version: 1.0\n"

1 0

[translation/bridgedb] Update translations for bridgedb
by translation＠torproject.org 09 Oct '14

09 Oct '14

commit 1d717543d3b9aeda3681c12615906e965a83c42b Author: Translation commit bot <translation(a)torproject.org> Date: Thu Oct 9 20:15:02 2014 +0000 Update translations for bridgedb --- cs/LC_MESSAGES/bridgedb.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cs/LC_MESSAGES/bridgedb.po b/cs/LC_MESSAGES/bridgedb.po index f82de5e..455f868 100644 --- a/cs/LC_MESSAGES/bridgedb.po +++ b/cs/LC_MESSAGES/bridgedb.po @@ -15,7 +15,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'\n" "POT-Creation-Date: 2014-07-26 02:11+0000\n" -"PO-Revision-Date: 2014-10-06 14:11+0000\n" +"PO-Revision-Date: 2014-10-09 20:04+0000\n" "Last-Translator: A5h8d0wf0x <littleslyfoxie28(a)gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/torproject/language/cs/)\n" "MIME-Version: 1.0\n"

1 0

[tor/master] Remove is_router_version_good_for_possible_guard()
by nickm＠torproject.org 09 Oct '14

09 Oct '14

commit cd678ae790b3bd7d5b278405e7690ea0f6f27346 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Oct 9 15:12:36 2014 -0400 Remove is_router_version_good_for_possible_guard() The versions which this function would keep from getting the guard flag are already blocked by the minimum version check. Closes 13152. --- changes/bug13152 | 5 ++++ src/or/dirserv.c | 72 +----------------------------------------------------- 2 files changed, 6 insertions(+), 71 deletions(-) diff --git a/changes/bug13152 b/changes/bug13152 new file mode 100644 index 0000000..c6f3d61 --- /dev/null +++ b/changes/bug13152 @@ -0,0 +1,5 @@ + o Removed features (directory authority): + - Remove code that prevented authorities from listing Tor servers + affected by CVE-2011-2769 as guards. These servers are already + rejected altogether due to the minimum version requirement of + 0.2.3.16-alpha. Closes ticket 13152. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index c8f47e6..9bc016f 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2028,75 +2028,6 @@ get_possible_sybil_list(const smartlist_t *routers) return omit_as_sybil; } -/** Return non-zero iff a relay running the Tor version specified in - * platform is suitable for use as a potential entry guard. */ -static int -is_router_version_good_for_possible_guard(const char *platform) -{ - static int parsed_versions_initialized = 0; - static tor_version_t first_good_0_2_1_guard_version; - static tor_version_t first_good_0_2_2_guard_version; - static tor_version_t first_good_later_guard_version; - - tor_version_t router_version; - - /* XXX024 This block should be extracted into its own function. */ - /* XXXX Begin code copied from tor_version_as_new_as (in routerparse.c) */ - { - char *s, *s2, *start; - char tmp[128]; - - tor_assert(platform); - - /* nonstandard Tor; be safe and say yes */ - if (strcmpstart(platform,"Tor ")) - return 1; - - start = (char *)eat_whitespace(platform+3); - if (!*start) return 0; - s = (char *)find_whitespace(start); /* also finds '\0', which is fine */ - s2 = (char*)eat_whitespace(s); - if (!strcmpstart(s2, "(r") || !strcmpstart(s2, "(git-")) - s = (char*)find_whitespace(s2); - - if ((size_t)(s-start+1) >= sizeof(tmp)) /* too big, no */ - return 0; - strlcpy(tmp, start, s-start+1); - - if (tor_version_parse(tmp, &router_version)<0) { - log_info(LD_DIR,"Router version '%s' unparseable.",tmp); - return 1; /* be safe and say yes */ - } - } - /* XXXX End code copied from tor_version_as_new_as (in routerparse.c) */ - - if (!parsed_versions_initialized) { - /* CVE-2011-2769 was fixed on the relay side in Tor versions - * 0.2.1.31, 0.2.2.34, and 0.2.3.6-alpha. */ - tor_assert(tor_version_parse("0.2.1.31", - &first_good_0_2_1_guard_version)>=0); - tor_assert(tor_version_parse("0.2.2.34", - &first_good_0_2_2_guard_version)>=0); - tor_assert(tor_version_parse("0.2.3.6-alpha", - &first_good_later_guard_version)>=0); - - /* Don't parse these constant version strings once for every relay - * for every vote. */ - parsed_versions_initialized = 1; - } - - return ((tor_version_same_series(&first_good_0_2_1_guard_version, - &router_version) && - tor_version_compare(&first_good_0_2_1_guard_version, - &router_version) <= 0) || - (tor_version_same_series(&first_good_0_2_2_guard_version, - &router_version) && - tor_version_compare(&first_good_0_2_2_guard_version, - &router_version) <= 0) || - (tor_version_compare(&first_good_later_guard_version, - &router_version) <= 0)); -} - /** Extract status information from ri and from other authority * functions and store it in rs>. * @@ -2135,8 +2066,7 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs, ((options->AuthDirGuardBWGuarantee && routerbw_kb >= options->AuthDirGuardBWGuarantee/1000) || routerbw_kb >= MIN(guard_bandwidth_including_exits_kb, - guard_bandwidth_excluding_exits_kb)) && - is_router_version_good_for_possible_guard(ri->platform)) { + guard_bandwidth_excluding_exits_kb))) { long tk = rep_hist_get_weighted_time_known( node->identity, now); double wfu = rep_hist_get_weighted_fractional_uptime(

1 0

[tor-browser-bundle/master] Actually, we want to hash all *.zip files as well.
by gk＠torproject.org 09 Oct '14

09 Oct '14

commit 6f53d746c45e1b60b8a4027666af16345e6eaf29 Author: Georg Koppen <gk(a)torproject.org> Date: Thu Oct 9 19:40:05 2014 +0000 Actually, we want to hash all *.zip files as well. --- tools/continuous-builds/build-tbb.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/continuous-builds/build-tbb.sh b/tools/continuous-builds/build-tbb.sh index 5153c9b..010b41d 100755 --- a/tools/continuous-builds/build-tbb.sh +++ b/tools/continuous-builds/build-tbb.sh @@ -44,7 +44,7 @@ if [ $status = done ]; then echo "$0: renaming $DESTDIR -> $NEWDESTDIR" | tee -a $logfile mv $DESTDIR $NEWDESTDIR cd $NEWDESTDIR || exit 3 - sha256sum *.tar.xz *.dmg *.exe > sha256sums.txt + sha256sum *.tar.xz *.zip *.dmg *.exe > sha256sums.txt gpg -a --clearsign --local-user $PGPKEYID sha256sums.txt || exit 2 cd .. D=$(basename $NEWDESTDIR)

1 0

[tor/master] Drop check for NTE_BAD_KEYSET error
by nickm＠torproject.org 09 Oct '14

09 Oct '14

commit 42350968a9d7afb1259dfdfb4d4ec5f9aa806711 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 29 13:24:29 2014 -0400 Drop check for NTE_BAD_KEYSET error Any error when acquiring the CryptoAPI context should get treated as bad. Also, this one can't happen for the arguments we're giving. Fixes bug 10816; bugfix on 0.0.2pre26. --- changes/bug10816 | 6 ++++++ src/common/crypto.c | 6 ++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/changes/bug10816 b/changes/bug10816 new file mode 100644 index 0000000..1185f3c --- /dev/null +++ b/changes/bug10816 @@ -0,0 +1,6 @@ + o Minor bugfixes (windows): + - Remove code to special-case handling of NTE_BAD_KEYSET when + acquiring windows CryptoAPI context. This error can't actually + occur for the parameters we're providing. Fixes bug 10816; + bugfix on 0.0.2pre26. + diff --git a/src/common/crypto.c b/src/common/crypto.c index a247a87..03a7491 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -2456,10 +2456,8 @@ crypto_strongest_rand(uint8_t *out, size_t out_len) if (!provider_set) { if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - if ((unsigned long)GetLastError() != (unsigned long)NTE_BAD_KEYSET) { - log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]"); - return -1; - } + log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]"); + return -1; } provider_set = 1; }

1 0

[tor/master] Merge remote-tracking branch 'public/bug10816'
by nickm＠torproject.org 09 Oct '14

09 Oct '14

commit 90bce702ba61c3339e55cfedb4cc6f355b3049c7 Merge: e5f9f28 4235096 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Oct 9 10:57:19 2014 -0400 Merge remote-tracking branch 'public/bug10816' changes/bug10816 | 6 ++++++ src/common/crypto.c | 6 ++---- 2 files changed, 8 insertions(+), 4 deletions(-)

1 0

[tor/master] Stop using default authorities with both Alternate Dir and Bridge Authority
by nickm＠torproject.org 09 Oct '14

09 Oct '14

commit c1dd43d823c74f59f8ba0eff90f6ddab6763f408 Author: teor <teor2345(a)gmail.com> Date: Wed Oct 1 18:37:19 2014 +1000 Stop using default authorities with both Alternate Dir and Bridge Authority Stop using the default authorities in networks which provide both AlternateDirAuthority and AlternateBridgeAuthority. This bug occurred due to an ambiguity around the use of NO_DIRINFO. (Does it mean "any" or "none"?) Partially fixes bug 13163. --- ...163-stop-AlternateAuthorities-always-using-default-authorities | 4 ++++ src/or/config.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/changes/bug13163-stop-AlternateAuthorities-always-using-default-authorities b/changes/bug13163-stop-AlternateAuthorities-always-using-default-authorities new file mode 100644 index 0000000..eeaca92 --- /dev/null +++ b/changes/bug13163-stop-AlternateAuthorities-always-using-default-authorities @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Stop using the default authorities in networks which provide both + AlternateDirAuthority and AlternateBridgeAuthority. + Partially fixes bug 13163. diff --git a/src/or/config.c b/src/or/config.c index 921d032..493cfcd 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -959,7 +959,10 @@ consider_adding_dir_servers(const or_options_t *options, type |= BRIDGE_DIRINFO; if (!options->AlternateDirAuthority) type |= V3_DIRINFO | EXTRAINFO_DIRINFO | MICRODESC_DIRINFO; - add_default_trusted_dir_authorities(type); + /* if type == NO_DIRINFO, we don't want to add any of the + * default authorities, because we've replaced them all */ + if (type != NO_DIRINFO) + add_default_trusted_dir_authorities(type); } if (!options->FallbackDir) add_default_fallback_dir_servers();

1 0