April 2014 - tor-commits - lists.torproject.org

[tor-launcher/master] Update translations.
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit eed30d03d66166b5e0bc4c38ede9df2b73c8254e Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri Apr 25 10:38:18 2014 -0700 Update translations. --- src/chrome/locale/bg/network-settings.dtd | 40 +++++++++++++-------------- src/chrome/locale/cy/torlauncher.properties | 2 +- src/chrome/locale/nl/torlauncher.properties | 2 +- src/chrome/locale/pl/torlauncher.properties | 2 +- 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/src/chrome/locale/bg/network-settings.dtd b/src/chrome/locale/bg/network-settings.dtd index a38b198..2ad9e78 100644 --- a/src/chrome/locale/bg/network-settings.dtd +++ b/src/chrome/locale/bg/network-settings.dtd @@ -2,27 +2,27 @@  -<!ENTITY torsettings.prompt "Before you connect to the Tor network, you need to provide information about this computer's Internet connection."> +<!ENTITY torsettings.prompt "Преди да се свържете към Tor мрежата,вие трябва да предоставите информация относно интернет връзката на този компютър"> <!ENTITY torSettings.yes "Да"> <!ENTITY torSettings.no "Не"> -<!ENTITY torSettings.firstQuestion "Which of the following best describes your situation?"> -<!ENTITY torSettings.configurePrompt1 "This computer's Internet connection is censored, filtered, or proxied."> +<!ENTITY torSettings.firstQuestion "Кое от следните описва най-добре вашата ситуация?"> +<!ENTITY torSettings.configurePrompt1 "Интернет връзката на този компютър е цензурирана,филтрирана или преминава през прокси."> <!ENTITY torSettings.configurePrompt2 "I need to configure bridge, firewall, or proxy settings."> -<!ENTITY torSettings.configure "Configure"> -<!ENTITY torSettings.connectPrompt2 "I would like to connect directly to the Tor network."> -<!ENTITY torSettings.connectPrompt3 "This will work in most situations."> +<!ENTITY torSettings.configure "Конфигурирай"> +<!ENTITY torSettings.connectPrompt2 "Бих искал да се свържа директно към Tor мрежата."> +<!ENTITY torSettings.connectPrompt3 "Това ще работи при повечето ситуации."> <!ENTITY torSettings.connect "Свържи се"> -<!ENTITY torSettings.proxyQuestion "Does this computer need to use a proxy to access the Internet?"> +<!ENTITY torSettings.proxyQuestion "Нуждае ли се този компютър от прокси за свързване към Интернет?">  -<!ENTITY torSettings.proxyHelp "If you are not sure how to answer this question, look at the Internet settings in another browser to see whether it is configured to use a proxy."> -<!ENTITY torSettings.enterProxy "Enter the proxy settings."> -<!ENTITY torSettings.firewallQuestion "Does this computer's Internet connection go through a firewall that only allows connections to certain ports?"> -<!ENTITY torSettings.firewallHelp "If you are not sure how to answer this question, choose No. If you encounter problems connecting to the Tor network, change this setting."> -<!ENTITY torSettings.enterFirewall "Enter a comma-separated list of ports that are allowed by the firewall."> -<!ENTITY torSettings.bridgeQuestion "Does your Internet Service Provider (ISP) block or otherwise censor connections to the Tor Network?"> +<!ENTITY torSettings.proxyHelp "Ако не сте сигурни как да отговорите на този въпрос проверете интернет настройките на друг браузър,за да видите дали е настроен да използва прокси."> +<!ENTITY torSettings.enterProxy "Въведете настройките за прокси."> +<!ENTITY torSettings.firewallQuestion "Интернет връзката на този компютър преминава ли през firewall,който позволява връзки към определени портове?"> +<!ENTITY torSettings.firewallHelp "Ако не сте сигурни как да отговорите на въпроса,изберете Не.Ако срещнете проблеми при свързване към Tor мрежата променете тези настройки."> +<!ENTITY torSettings.enterFirewall "Въведете списък с портове разделени със запетая,които са позволени от firewall."> +<!ENTITY torSettings.bridgeQuestion "Блокирани или цензурирани ли са връзките към Tor Мрежата от вашият Интернет Доставчик(ISP)?"> <!ENTITY torSettings.bridgeHelp "If you are not sure how to answer this question, choose No.&#160; If you choose Yes, you will be asked to configure Tor Bridges, which are unlisted relays that make it more difficult to block connections to the Tor Network."> <!ENTITY torSettings.bridgeSettingsPrompt "You may use the provided set of bridges or you may obtain and enter a custom set of bridges."> @@ -33,8 +33,8 @@ <!ENTITY torsettings.optional "Допълнителен"> -<!ENTITY torsettings.useProxy.checkbox "This computer needs to use a proxy to access the Internet"> -<!ENTITY torsettings.useProxy.type "Proxy Type:"> +<!ENTITY torsettings.useProxy.checkbox "Този компютър се нуждае от прокси за да се свърже към Интернет."> +<!ENTITY torsettings.useProxy.type "Прокси Тип:"> <!ENTITY torsettings.useProxy.address "Адрес:"> <!ENTITY torsettings.useProxy.address.placeholder "IP адрес или хост"> <!ENTITY torsettings.useProxy.port "Порт:"> @@ -43,21 +43,21 @@ <!ENTITY torsettings.useProxy.type.socks4 "SOCKS 4"> <!ENTITY torsettings.useProxy.type.socks5 "SOCKS 5"> <!ENTITY torsettings.useProxy.type.http "HTTP / HTTPS"> -<!ENTITY torsettings.firewall.checkbox "This computer goes through a firewall that only allows connections to certain ports"> +<!ENTITY torsettings.firewall.checkbox "Този компютър се свързва през firewall,който позволява връзки само към определени портове."> <!ENTITY torsettings.firewall.allowedPorts "Позволени портове:"> -<!ENTITY torsettings.useBridges.checkbox "My Internet Service Provider (ISP) blocks connections to the Tor network"> +<!ENTITY torsettings.useBridges.checkbox "Моят Интернет Доставчик (ISP) блокира връзките към Tor мрежата"> <!ENTITY torsettings.useBridges.default "Connect with provided bridges"> <!ENTITY torsettings.useBridges.type "Transport type:"> <!ENTITY torsettings.useBridges.custom "Enter custom bridges"> <!ENTITY torsettings.useBridges.label "Enter one or more bridge relays (one per line)."> -<!ENTITY torsettings.useBridges.placeholder "type address:port"> +<!ENTITY torsettings.useBridges.placeholder "въведете адрес:порт"> <!ENTITY torsettings.copyLog "Копирай Tor лога в клипборда"> <!ENTITY torsettings.bridgeHelpTitle "Bridge Relay Help"> <!ENTITY torsettings.bridgeHelp1 "If you are unable to connect to the Tor network, it could be that your Internet Service Provider (ISP) or another agency is blocking Tor.&#160; Often, you can work around this problem by using Tor Bridges, which are unlisted relays that are more difficult to block."> <!ENTITY torsettings.bridgeHelp1B "You may use the preconfigured, provided set of bridge addresses or you may obtain a custom set of addresses by using one of these three methods:"> -<!ENTITY torsettings.bridgeHelp2Heading "Through the Web"> -<!ENTITY torsettings.bridgeHelp2 "Use a web browser to visit https://bridges.torproject.org"> +<!ENTITY torsettings.bridgeHelp2Heading "През Web"> +<!ENTITY torsettings.bridgeHelp2 "Използвайте уеб браузър за да посетите https://bridges.torproject.org"> <!ENTITY torsettings.bridgeHelp3Heading "Through the Email Autoresponder"> <!ENTITY torsettings.bridgeHelp3 "Send email to bridges(a)torproject.org with the line 'get bridges' by itself in the body of the message.&#160; However, to make it harder for an attacker to learn a lot of bridge addresses, you must send this request from a gmail.com or yahoo.com email address."> <!ENTITY torsettings.bridgeHelp4Heading "Through the Help Desk"> diff --git a/src/chrome/locale/cy/torlauncher.properties b/src/chrome/locale/cy/torlauncher.properties index 97c0389..f26cdfa 100644 --- a/src/chrome/locale/cy/torlauncher.properties +++ b/src/chrome/locale/cy/torlauncher.properties @@ -55,4 +55,4 @@ torlauncher.bootstrapWarning.identity=anghysondeb hunaniaeth torlauncher.bootstrapWarning.timeout=cysylltiad goramser torlauncher.bootstrapWarning.noroute=ddim llwybr i'r cad torlauncher.bootstrapWarning.ioerror=camgymeriad darllen/sgwennu -torlauncher.bootstrapWarning.pt_missing=missing pluggable transport +torlauncher.bootstrapWarning.pt_missing=trafnyddiaeth plygadwy ar goll diff --git a/src/chrome/locale/nl/torlauncher.properties b/src/chrome/locale/nl/torlauncher.properties index c4b2760..f104345 100644 --- a/src/chrome/locale/nl/torlauncher.properties +++ b/src/chrome/locale/nl/torlauncher.properties @@ -55,4 +55,4 @@ torlauncher.bootstrapWarning.identity=identiteitsfout torlauncher.bootstrapWarning.timeout=verbindingstimeout torlauncher.bootstrapWarning.noroute=geen route naar de server torlauncher.bootstrapWarning.ioerror=lees/schrijffout -torlauncher.bootstrapWarning.pt_missing=missing pluggable transport +torlauncher.bootstrapWarning.pt_missing=ontbrekend plugbaar vervoer diff --git a/src/chrome/locale/pl/torlauncher.properties b/src/chrome/locale/pl/torlauncher.properties index 7651ef2..32feaa8 100644 --- a/src/chrome/locale/pl/torlauncher.properties +++ b/src/chrome/locale/pl/torlauncher.properties @@ -55,4 +55,4 @@ torlauncher.bootstrapWarning.identity=niezgodność tożsamości torlauncher.bootstrapWarning.timeout=upłynął czas połączenia torlauncher.bootstrapWarning.noroute=brak trasy do hosta torlauncher.bootstrapWarning.ioerror=błąd zapisu/odczytu -torlauncher.bootstrapWarning.pt_missing=missing pluggable transport +torlauncher.bootstrapWarning.pt_missing=brak podłączanego transportu

1 0

[tor-browser/tor-browser-24.5.0esr-1] fixup! fix #9308 and #11433: don't leak user install path of TBB
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit 0806951f373ae1b0223229605ca6cca62f7464bd Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri Apr 25 14:46:39 2014 +0200 fixup! fix #9308 and #11433: don't leak user install path of TBB Fix a memory leak, and add a couple length checks for extra safety. The length checks appear to be redundant to internal nsCString checks, but the string classes are such a mess of indirection, size, length, and char type templates that we might as well double-check first. --- js/xpconnect/src/XPCException.cpp | 1 + xpcom/build/Omnijar.cpp | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/js/xpconnect/src/XPCException.cpp b/js/xpconnect/src/XPCException.cpp index 1e42662..bb4064a 100644 --- a/js/xpconnect/src/XPCException.cpp +++ b/js/xpconnect/src/XPCException.cpp @@ -298,6 +298,7 @@ nsXPCException::Initialize(const char *aMessage, nsresult aResult, const char *a nsAutoCString resourceFilename; mozilla::Omnijar::ConvertToResourceFilename(nsCString(rawFilename), resourceFilename); mFilename = (char *) nsMemory::Clone(resourceFilename.get(), resourceFilename.Length()+1); + nsMemory::Free(rawFileName); // allocated by GetFilename if (NS_FAILED(rc = aLocation->GetLineNumber(&mLineNumber))) return rc; } else { diff --git a/xpcom/build/Omnijar.cpp b/xpcom/build/Omnijar.cpp index 79fa163..36602a7 100644 --- a/xpcom/build/Omnijar.cpp +++ b/xpcom/build/Omnijar.cpp @@ -167,9 +167,10 @@ Omnijar::GetURIString(Type aType, nsACString &result) bool Omnijar::RebaseFilename(const nsCString& filename, const nsCString& oldBase, const nsCString& newBase, nsACString &result) { PRInt32 pos = filename.Find(oldBase); - if (pos > -1) { + PRInt32 pathLen = filename.Length() - pos - oldBase.Length(); + if (pos > -1 && pathLen > -1 && pathLen <= filename.Length()) { nsAutoCString path; - filename.Right(path, filename.Length() - pos - oldBase.Length()); + filename.Right(path, pathLen); result = newBase + path; return true; }

1 0

[tor-browser/tor-browser-24.5.0esr-1] fix #9308 and #11433: don't leak user install path of TBB
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit 7ac088b732719d6e69466e583b7eb31767759d22 Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Apr 23 16:05:48 2014 -0700 fix #9308 and #11433: don't leak user install path of TBB --- js/xpconnect/src/XPCConvert.cpp | 5 ++++- js/xpconnect/src/XPCException.cpp | 7 ++++++- js/xpconnect/src/XPCStack.cpp | 7 +++++-- xpcom/build/Omnijar.cpp | 29 +++++++++++++++++++++++++++++ xpcom/build/Omnijar.h | 13 +++++++++++++ 5 files changed, 57 insertions(+), 4 deletions(-) diff --git a/js/xpconnect/src/XPCConvert.cpp b/js/xpconnect/src/XPCConvert.cpp index a94a519..dd8c8f4 100644 --- a/js/xpconnect/src/XPCConvert.cpp +++ b/js/xpconnect/src/XPCConvert.cpp @@ -8,6 +8,7 @@ /* Data conversion between native and JavaScript types. */ #include "mozilla/Util.h" +#include "mozilla/Omnijar.h" #include "xpcprivate.h" #include "nsString.h" @@ -1319,9 +1320,11 @@ XPCConvert::JSErrorToXPCException(const char* message, static_cast<const PRUnichar*>(report->uclinebuf); data = new nsScriptError(); + nsAutoCString resourceFilename; + Omnijar::ConvertToResourceFilename(nsCString(report->filename), resourceFilename); data->InitWithWindowID( bestMessage, - NS_ConvertASCIItoUTF16(report->filename), + NS_ConvertASCIItoUTF16(resourceFilename.get()), uclinebuf ? nsDependentString(uclinebuf) : EmptyString(), report->lineno, report->uctokenptr - report->uclinebuf, report->flags, diff --git a/js/xpconnect/src/XPCException.cpp b/js/xpconnect/src/XPCException.cpp index a0b48c2..1e42662 100644 --- a/js/xpconnect/src/XPCException.cpp +++ b/js/xpconnect/src/XPCException.cpp @@ -9,6 +9,7 @@ #include "xpcprivate.h" #include "nsError.h" #include "nsIUnicodeDecoder.h" +#include "mozilla/Omnijar.h" /***************************************************************************/ /* Quick and dirty mapping of well known result codes to strings. We only @@ -291,8 +292,12 @@ nsXPCException::Initialize(const char *aMessage, nsresult aResult, const char *a // For now, fill in our location details from our stack frame. // Later we may allow other locations? nsresult rc; - if (NS_FAILED(rc = aLocation->GetFilename(&mFilename))) + char* rawFilename = nullptr; + if (NS_FAILED(rc = aLocation->GetFilename(&rawFilename))) return rc; + nsAutoCString resourceFilename; + mozilla::Omnijar::ConvertToResourceFilename(nsCString(rawFilename), resourceFilename); + mFilename = (char *) nsMemory::Clone(resourceFilename.get(), resourceFilename.Length()+1); if (NS_FAILED(rc = aLocation->GetLineNumber(&mLineNumber))) return rc; } else { diff --git a/js/xpconnect/src/XPCStack.cpp b/js/xpconnect/src/XPCStack.cpp index db30556..adfd456 100644 --- a/js/xpconnect/src/XPCStack.cpp +++ b/js/xpconnect/src/XPCStack.cpp @@ -7,6 +7,7 @@ /* Implements nsIStackFrame. */ #include "xpcprivate.h" +#include "mozilla/Omnijar.h" class XPCJSStackFrame : public nsIStackFrame { @@ -107,9 +108,11 @@ XPCJSStackFrame::CreateStack(JSContext* cx, XPCJSStackFrame** stack) JSAutoCompartment ac(cx, desc->frames[i].script); const char* filename = JS_GetScriptFilename(cx, desc->frames[i].script); if (filename) { + nsAutoCString resourceFilename; + mozilla::Omnijar::ConvertToResourceFilename(nsCString(filename), resourceFilename); self->mFilename = (char*) - nsMemory::Clone(filename, - sizeof(char)*(strlen(filename)+1)); + nsMemory::Clone(resourceFilename.get(), + sizeof(char)*(resourceFilename.Length()+1)); } self->mLineno = desc->frames[i].lineno; diff --git a/xpcom/build/Omnijar.cpp b/xpcom/build/Omnijar.cpp index 4d75c7e..79fa163 100644 --- a/xpcom/build/Omnijar.cpp +++ b/xpcom/build/Omnijar.cpp @@ -164,4 +164,33 @@ Omnijar::GetURIString(Type aType, nsACString &result) return NS_OK; } +bool +Omnijar::RebaseFilename(const nsCString& filename, const nsCString& oldBase, const nsCString& newBase, nsACString &result) { + PRInt32 pos = filename.Find(oldBase); + if (pos > -1) { + nsAutoCString path; + filename.Right(path, filename.Length() - pos - oldBase.Length()); + result = newBase + path; + return true; + } + result = filename; + return false; +} + +void +Omnijar::ConvertToResourceFilename(const nsCString& filename, nsACString &result) { + if (StringBeginsWith(filename, NS_LITERAL_CSTRING("file://")) + || StringBeginsWith(filename, NS_LITERAL_CSTRING("jar:"))) { + if (RebaseFilename(filename, NS_LITERAL_CSTRING("/browser/omni.ja!/"), + NS_LITERAL_CSTRING("resource://app/"), result)) { + return; + } + if (RebaseFilename(filename, NS_LITERAL_CSTRING("/omni.ja!/"), + NS_LITERAL_CSTRING("resource://gre/"), result)) { + return; + } + } + result = filename; +} + } /* namespace mozilla */ diff --git a/xpcom/build/Omnijar.h b/xpcom/build/Omnijar.h index a261e35..4ba49a7 100644 --- a/xpcom/build/Omnijar.h +++ b/xpcom/build/Omnijar.h @@ -117,12 +117,25 @@ static already_AddRefed<nsZipArchive> GetReader(nsIFile *aPath); */ static nsresult GetURIString(Type aType, nsACString &result); +/** + * If the filename contains a "file://" URI, which is an absolute path, + * attempts to convert to a "resource://" URI. Otherwise returns the + * filename unchanged. + */ +static void ConvertToResourceFilename(const nsCString& filename, nsACString &result); + private: /** * Used internally, respectively by Init() and CleanUp() */ static void InitOne(nsIFile *aPath, Type aType); static void CleanUpOne(Type aType); +/** + * Rebases a filename, given a (possibly internal) base directory, and a new + * base directory name. E.g.: RebaseFilename("a/b/c","b","d",result) -> result = "d/c". + */ +static bool RebaseFilename(const nsCString& filename, const nsCString& oldBase, const nsCString& newBase, nsACString &result); + }; /* class Omnijar */

1 0

[tor-browser-bundle/master] Update fteproxy fingerprints, post heartbleed
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit 409a2634d95b0c0882f251cbb4b3e7b6002eb58f Author: Kevin P. Dyer <kpdyer(a)gmail.com> Date: Fri Apr 25 09:17:23 2014 -0700 Update fteproxy fingerprints, post heartbleed --- Bundle-Data/PTConfigs/bridge_prefs.js | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Bundle-Data/PTConfigs/bridge_prefs.js b/Bundle-Data/PTConfigs/bridge_prefs.js index bb000cd..f14cf07 100644 --- a/Bundle-Data/PTConfigs/bridge_prefs.js +++ b/Bundle-Data/PTConfigs/bridge_prefs.js @@ -19,7 +19,5 @@ pref("extensions.torlauncher.default_bridge.flashproxy.5", "flashproxy 0.0.1.0:5 pref("extensions.torlauncher.default_bridge.fte.1", "fte 128.105.214.161:8080 1E326AAFB3FCB515015250D8FCCC8E37F91A153B"); pref("extensions.torlauncher.default_bridge.fte.2", "fte 128.105.214.162:8080 FC562097E1951DCC41B7D7F324D88157119BB56D"); pref("extensions.torlauncher.default_bridge.fte.3", "fte 128.105.214.163:8080 A17A40775FBD2CA1184BF80BFC330A77ECF9D0E9"); -// XXX: Fingerprints changed: -//pref("extensions.torlauncher.default_bridge.fte.4", "fte 131.252.210.150:8080 271EC1874E40FE65C145C6397AA34FFF7008E50E"); -//pref("extensions.torlauncher.default_bridge.fte.5", "fte 79.125.3.12:8080 17AF9F9F4E57614A060B7221DCCEDB8BB546DD73"); - +pref("extensions.torlauncher.default_bridge.fte.4", "fte 131.252.210.150:8080 0E858AC201BF0F3FA3C462F64844CBFFC7297A42"); +pref("extensions.torlauncher.default_bridge.fte.5", "fte 79.125.3.12:8080 272465348803EE2546A9BB8EE37D462915531F09");

1 0

[tor/master] two changelog tweaks suggested by Andrea
by nickm＠torproject.org 25 Apr '14

25 Apr '14

commit 95517279326babde5adece22da1867097fb68100 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Apr 25 12:03:15 2014 -0400 two changelog tweaks suggested by Andrea --- ChangeLog | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index ac12886..e57ad2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -165,7 +165,7 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 DisableNetwork enabled. Fixes bug 11200 and bug 10405; bugfix on 0.2.3.9-alpha. - o Minor bugfixes (closing channels): + o Minor bugfixes (closing OR connections): - If write_to_buf() in connection_write_to_buf_impl_() ever fails, check if it's an or_connection_t and correctly call connection_or_close_for_error() rather than @@ -237,10 +237,11 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 Some of these are programming style issues; some of them are false positives that indicated awkward code; some are undefined behavior cases related to constructing (but not using) invalid pointers; - some are assumptions about API behavior; some are using - sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are - genuine bugs that weren't reachable from the rest of the program. - Fixes bug 8793; bugfixes on many, many tor versions. + some are assumptions about API behavior; some are (harmlessly) + logging sizeof(ptr) bytes from a token when sizeof(*ptr) would be + correct; and one or two are genuine bugs that weren't reachable + from the rest of the program. Fixes bug 8793; bugfixes on many, + many tor versions. o Documentation: - Build the torify.1 manpage again. Previously, we were only trying

1 0

[tor/master] Write a release blurb
by nickm＠torproject.org 25 Apr '14

25 Apr '14

commit 4641086a1f863e895ee817934d6c466c60ef0334 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Apr 25 11:37:38 2014 -0400 Write a release blurb --- ChangeLog | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 200ba40..ac12886 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,15 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 - This release includes several security and performance improvements - for clients and relays, including blacklisting authority signing keys - that were used while susceptible to the OpenSSL "heartbleed" bug, + Tor 0.2.5.4-alpha includes several security and performance + improvements for clients and relays, including blacklisting authority + signing keys that were used while susceptible to the OpenSSL + "heartbleed" bug, fixing two expensive functions on busy relays, + improved TLS ciphersuite preference lists, support run-time hardening + on compilers that support AddressSanitizer, and more work on the Linux + sandbox code. + + There are also several usability fixes for clients (especially clients + that use bridges), two new TransPort protocols supported (one on + OpenBSD, one on FreeBSD), and various other bugfixes. This release marks end-of-line for Tor 0.2.2.x; those Tor versions have accumulated many known flaws; everyone should upgrade.

1 0

[tor/master] Integrate another entry to the changelog; twiddle changelog more
by nickm＠torproject.org 25 Apr '14

25 Apr '14

commit 67703aa49e8f5fe010b35488e76b37c875481e7c Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Apr 25 11:13:25 2014 -0400 Integrate another entry to the changelog; twiddle changelog more Work on style, add some sentences to blurb, explain that 10468 is more general than had been described, etc etc --- ChangeLog | 47 +++++++++++++++++++++++++++++------------------ changes/bug8793 | 9 --------- 2 files changed, 29 insertions(+), 27 deletions(-) diff --git a/ChangeLog b/ChangeLog index fc99575..096f018 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ -Changes in version 0.2.5.4-alpha - 2014-04-?? +Changes in version 0.2.5.4-alpha - 2014-04-25 This release includes several security and performance improvements - for clients and relays, including XXX + for clients and relays, including blacklisting authority signing keys + that were used while susceptible to the OpenSSL "heartbleed" bug, This release marks end-of-line for Tor 0.2.2.x; those Tor versions have accumulated many known flaws; everyone should upgrade. @@ -17,29 +18,30 @@ Changes in version 0.2.5.4-alpha - 2014-04-?? functions previously accounted between 3 and 7% of CPU usage on some busy relays. Resolves ticket 9841. - Avoid wasting CPU when extending a circuit over a channel that is - nearly out of circuit IDs. Previously, we would in the worst case - do a linear scan over all possible circuit IDs before deciding - that we had exhausted our possibilities. Now, we try at most 64 - random circuit IDs before deciding that we probably won't succeed. - Fix for a possible root cause of ticket #11553. + nearly out of circuit IDs. Previously, we would do a linear scan + over possible circuit IDs before finding one or deciding that we + had exhausted our possibilities. Now, we try at most 64 random + circuit IDs before deciding that we probably won't succeed. Fix + for a possible root cause of ticket #11553. o Major features (seccomp2 sandbox, Linux only): - The seccomp2 sandbox can now run a test network for multiple hours without crashing. The sandbox is still experimental, and more bugs will probably turn up. To try it, enable "Sandbox 1" on a Linux - host. + host. Resolves ticket 11351. - Strengthen sandbox code: the sandbox can now test the arguments - for rename(), and blocks _sysctl() entirely. + for rename(), and blocks _sysctl() entirely. Resolves part of + ticket 11351. - When the sandbox blocks a system call, it now tries to log a stack trace before exiting. Resolves ticket 11465. o Major bugfixes (TLS cipher selection): - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with - acceptable strength and forward secrecy. Previously, we had - omitted some perfectly fine ciphersuites. Resolves bugs #11513, - #11492, #11498, #11499. Bugs reported by 'cypherpunks'. Bugfix on - 0.2.4.8-alpha. + acceptable strength and forward secrecy. Previously, we had left + some perfectly fine ciphersuites unsupported due to omission or + typo. Resolves bugs #11513, #11492, #11498, #11499. Bugs reported + by 'cypherpunks'. Bugfix on 0.2.4.8-alpha. - Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others. (Thanks to #11513, the relay list is now well-considered, whereas the client list has @@ -49,9 +51,9 @@ Changes in version 0.2.5.4-alpha - 2014-04-?? Resolves ticket 11528. - Clients now try to advertise the same list of ciphersuites as Firefox 28. This change enables selection of (fast) GCM - ciphersuites, disables some strange old ciphers, and disables the - ECDH (not to be confused with ECDHE) ciphersuites. Resolves ticket - 11438. + ciphersuites, disables some strange old ciphers, and stops + advertising the ECDH (not to be confused with ECDHE) ciphersuites. + Resolves ticket 11438. o Major bugfixes (undefined behavior): - Fix various instances of undefined behavior in channeltls.c, @@ -119,6 +121,14 @@ Changes in version 0.2.5.4-alpha - 2014-04-?? check strftime return values more often. In some cases all we can do is report a warning, but this may help prevent deeper bugs from going unnoticed. Closes ticket 8787. + - Fix numerous warnings from the clang "scan-build" static analyzer. + Some of these are programming style issues; some of them are false + positives that indicated awkward code; some are undefined behavior + cases related to constructing (but not using) invalid pointers; + some are assumptions about API behavior; some are using + sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are + genuine bugs that weren't reachable from the rest of the program. + Fixes bug 8793; bugfixes on many, many tor versions. o Minor features (bridge client): - Report a more useful failure message when we can't connect to a @@ -227,8 +237,9 @@ Changes in version 0.2.5.4-alpha - 2014-04-?? Fixes bug 11437; bugfix on 0.2.4.7-alpha. o Minor bugfixes (IPv6): - - When using DNSPort and AutomapHostsOnResolve, respond to AAAA - requests with AAAA automapped answers. Fixes bug 10468; bugfix on + - When using DNSPort, try to respond to AAAA requests with AAAA + answers. Previously, we hadn't looked at the request type when + deciding which answer type to prefer. Fixes bug 10468; bugfix on 0.2.4.7-alpha. o Documentation: diff --git a/changes/bug8793 b/changes/bug8793 deleted file mode 100644 index f22c474..0000000 --- a/changes/bug8793 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Fix numerous warnings from the clang "scan-build" static analyzer. - Some of these are programming style issues; some of them are false - positives that indicated awkward code; some are undefined behavior - cases related to constructing (but not using) invalid pointers; - some are assumptions about API behavior; some are using - sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are - genuine bugs that weren't reachable from the rest of the - program. Fixes bug 8793; bugfixes on many, many tor versions.

1 0

[tor/master] Re-order and combine changelog sections
by nickm＠torproject.org 25 Apr '14

25 Apr '14

commit 4af83dc37744e2b3b4e62f6efe8993806d57fe42 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Apr 25 11:27:04 2014 -0400 Re-order and combine changelog sections --- ChangeLog | 126 +++++++++++++++++++++++++++++-------------------------------- 1 file changed, 59 insertions(+), 67 deletions(-) diff --git a/ChangeLog b/ChangeLog index 096f018..200ba40 100644 --- a/ChangeLog +++ b/ChangeLog @@ -55,18 +55,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 advertising the ECDH (not to be confused with ECDHE) ciphersuites. Resolves ticket 11438. - o Major bugfixes (undefined behavior): - - Fix various instances of undefined behavior in channeltls.c, - tor_memmem(), and eventdns.c, that would cause us to construct - pointers to memory outside an allocated object. (These invalid - pointers were not accessed, but C does not even allow them to - exist.) Fixes bug #10363; bugfixes on 0.2.0.10-alpha, - 0.2.3.6-alpha, 0.1.1.1-alpha, and 0.1.2.1-alpha. Reported by - "bobnomnom". - - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to - fix some miscellaneous errors in our tests and codebase. Fix for - bug 11232. Bugfixes on versions back as far as 0.2.1.11-alpha. - o Minor features (Transparent proxy, *BSD): - Support FreeBSD's ipfw firewall interface for TransPort ports. on FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket @@ -84,10 +72,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 memory. Right now, this includes AddressSanitizer and UbSan, which are supported in newer versions of GCC and Clang. Closes ticket 11477. - - If you don't specify MaxMemInQueues yourself, Tor now tries to - pick a good value based on your total system memory. Previously, - the default was always 8 GB. You can still override the default by - setting MaxMemInQueues yourself. Resolves ticket 11396. o Minor features (log verbosity): - Demote the message that we give when a flushing connection times @@ -99,6 +83,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 at every 5% of progress. Fixes bug 9963. o Minor features (relay): + - If you don't specify MaxMemInQueues yourself, Tor now tries to + pick a good value based on your total system memory. Previously, + the default was always 8 GB. You can still override the default by + setting MaxMemInQueues yourself. Resolves ticket 11396. - If a circuit timed out for at least 3 minutes, check if we have a new external IP address, and publish a new descriptor with the new IP address if it changed. Resolves ticket 2454. @@ -116,20 +104,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 usage may no longer match the configured MaxMemInQueues value. The real limit is now exposed via GETINFO limits/max-mem-in-queues. - o Minor features (misc): - - Always check return values for unlink, munmap, UnmapViewOfFile; - check strftime return values more often. In some cases all we can - do is report a warning, but this may help prevent deeper bugs from - going unnoticed. Closes ticket 8787. - - Fix numerous warnings from the clang "scan-build" static analyzer. - Some of these are programming style issues; some of them are false - positives that indicated awkward code; some are undefined behavior - cases related to constructing (but not using) invalid pointers; - some are assumptions about API behavior; some are using - sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are - genuine bugs that weren't reachable from the rest of the program. - Fixes bug 8793; bugfixes on many, many tor versions. - o Minor features (bridge client): - Report a more useful failure message when we can't connect to a bridge because we don't have the right pluggable transport @@ -142,13 +116,36 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 might be cleaning a microdescriptor for being too old if it's still referenced by a live node_t object. - o Minor bugfixes (logging): + o Minor bugfixes (client, DNSPort): + - When using DNSPort, try to respond to AAAA requests with AAAA + answers. Previously, we hadn't looked at the request type when + deciding which answer type to prefer. Fixes bug 10468; bugfix on + 0.2.4.7-alpha. + - When receiving a DNS query for an unsupported record type, reply + with no answer rather than with a NOTIMPL error. This behavior + isn't correct either, but it will break fewer client programs, we + hope. Fixes bug 10268; bugfix on 0.2.0.1-alpha. Original patch + from "epoch". + + o Minor bugfixes (exit): + - Stop leaking memory when we successfully resolve a PTR record. + Fixes bug 11437; bugfix on 0.2.4.7-alpha. + + o Minor bugfixes (bridge client): + - Stop accepting bridge lines containing hostnames. Doing so would + cause clients to perform DNS requests on the hostnames, which was + not sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha. + - Avoid a 60-second delay in the bootstrapping process when a Tor + client with pluggable transports re-reads its configuration at + just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha. + - Avoid 60-second delays in the bootstrapping process when Tor is + launching for a second time while using bridges. Fixes bug 9229; + bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (client, logging during bootstrap): - Warn only once we start logging in an unsafe way. Previously, we complain as many times we had problems. Fix for #9870; bugfix on 0.2.5.1-alpha. - - Using the Linux seccomp2 sandbox no longer prevents stack-trace - logging on crashes or errors. Fixes part 11465; bugfix on - 0.2.5.1-alpha. - Only report the first fatal bootstrap error on a given OR connection. This stops us from telling the controller bogus error messages like "DONE". Fixes bug 10431; bugfix on 0.2.1.1-alpha. @@ -184,12 +181,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 side managed proxy with ORPort or ExtORPort temporarily disabled. Fixes bug 9650; bugfix on 0.2.3.16-alpha. - o Minor bugfixes (misc): - - Don't re-initialize a second set of OpenSSL mutexes when starting - up. Previously, we'd make one set of mutexes, and then immediately - replace them with another. Fixes bug 11726; bugfix on - 0.2.5.3-alpha. - o Minor bugfixes (platform-specific): - Fix compilation on Solaris, which does not have <endian.h>. Fixes bug 11426; bugfix on 0.2.5.3-alpha. @@ -205,6 +196,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 11275; bugfix on 0.2.4.13-alpha. - Free placeholder entries in our circuit table at exit; fixes a harmless memory leak. Fixes bug 11278; bugfix on 0.2.5.1-alpha. + - Don't re-initialize a second set of OpenSSL mutexes when starting + up. Previously, we'd make one set of mutexes, and then immediately + replace them with another. Fixes bug 11726; bugfix on + 0.2.5.3-alpha. - Resolve some memory leaks found by coverity in the unit tests, on exit in tor-gencert, and on a failure to compute digests for our own keys when generating a v3 networkstatus vote. These leaks @@ -214,33 +209,30 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 - Only retry attempts to connect to a chosen rendezvous point 8 times, not 30. Fixes bug #4241; bugfix on 0.1.0.1-rc. - o Minor bugfixes (bridge client): - - Stop accepting bridge lines containing hostnames. Doing so would - cause clients to perform DNS requests on the hostnames, which was - not sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha. - - Avoid a 60-second delay in the bootstrapping process when a Tor - client with pluggable transports re-reads its configuration at - just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha. - - Avoid 60-second delays in the bootstrapping process when Tor is - launching for a second time while using bridges. Fixes bug 9229; - bugfix on 0.2.0.3-alpha. - - o Minor bugfixes (DNS): - - When receiving a DNS query for an unsupported record type, reply - with no answer rather than with a NOTIMPL error. This behavior - isn't correct either, but it will break fewer client programs, we - hope. Fixes bug 10268; bugfix on 0.2.0.1-alpha. Original patch - from "epoch". - - o Minor bugfixes (exit): - - Stop leaking memory when we successfully resolve a PTR record. - Fixes bug 11437; bugfix on 0.2.4.7-alpha. - - o Minor bugfixes (IPv6): - - When using DNSPort, try to respond to AAAA requests with AAAA - answers. Previously, we hadn't looked at the request type when - deciding which answer type to prefer. Fixes bug 10468; bugfix on - 0.2.4.7-alpha. + o Minor bugfixes (misc correctness): + - Fix various instances of undefined behavior in channeltls.c, + tor_memmem(), and eventdns.c, that would cause us to construct + pointers to memory outside an allocated object. (These invalid + pointers were not accessed, but C does not even allow them to + exist.) Fixes bug #10363; bugfixes on 0.2.0.10-alpha, + 0.2.3.6-alpha, 0.1.1.1-alpha, and 0.1.2.1-alpha. Reported by + "bobnomnom". + - Use the AddressSanitizer and Ubsan sanitizers (in clang-3.4) to + fix some miscellaneous errors in our tests and codebase. Fix for + bug 11232. Bugfixes on versions back as far as 0.2.1.11-alpha. + - Always check return values for unlink, munmap, UnmapViewOfFile; + check strftime return values more often. In some cases all we can + do is report a warning, but this may help prevent deeper bugs from + going unnoticed. Closes ticket 8787; bugfixes on many, many tor + versions. + - Fix numerous warnings from the clang "scan-build" static analyzer. + Some of these are programming style issues; some of them are false + positives that indicated awkward code; some are undefined behavior + cases related to constructing (but not using) invalid pointers; + some are assumptions about API behavior; some are using + sizeof(ptr) when sizeof(*ptr) would be correct; and one or two are + genuine bugs that weren't reachable from the rest of the program. + Fixes bug 8793; bugfixes on many, many tor versions. o Documentation: - Build the torify.1 manpage again. Previously, we were only trying

1 0

[tor-browser-bundle/master] Update the gitian branch we recommend people clone from.
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit a97d04ef46c7ea6b35b9cfa961be3ce4db25a338 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri Apr 25 15:45:27 2014 +0200 Update the gitian branch we recommend people clone from. --- gitian/check-prerequisites.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/check-prerequisites.sh b/gitian/check-prerequisites.sh index b4df5a3..e470b84 100755 --- a/gitian/check-prerequisites.sh +++ b/gitian/check-prerequisites.sh @@ -27,7 +27,7 @@ then echo echo "Please run:" echo " cd ../../ " - echo " torsocks git clone -b tor-browser-builder-2 https://git.torproject.org/builders/gitian-builder.git" + echo " torsocks git clone -b tor-browser-builder-3 https://git.torproject.org/builders/gitian-builder.git" echo " cd -" exit 1 fi

1 0

[tor-browser-bundle/master] Also clean the bundle marker files if any stages get cleaned.
by mikeperry＠torproject.org 25 Apr '14

25 Apr '14

commit bc96dc6dfdd3be3872783dd68794fbb5a6023565 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri Apr 25 15:39:27 2014 +0200 Also clean the bundle marker files if any stages get cleaned. If someone cleans a stage and then does 'make build', they probably also want to repackage everything after building that stage. --- gitian/Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gitian/Makefile b/gitian/Makefile index b24ec53..c81e32c 100644 --- a/gitian/Makefile +++ b/gitian/Makefile @@ -77,20 +77,20 @@ clean: clean-utils clean-tor clean-browser clean-pt clean-bundle rm -f ../../gitian-builder/inputs/bundle.inputs rm -f ../../gitian-builder/inputs/versions* -clean-utils: +clean-utils: clean-bundle rm -f ../../gitian-builder/inputs/*utils.zip -clean-tor: +clean-tor: clean-bundle rm -f ../../gitian-builder/inputs/tor-linux* rm -f ../../gitian-builder/inputs/tor-mac* rm -f ../../gitian-builder/inputs/tor-win* -clean-browser: +clean-browser: clean-bundle rm -f ../../gitian-builder/inputs/tor-browser-linux* rm -f ../../gitian-builder/inputs/tor-browser-mac* rm -f ../../gitian-builder/inputs/tor-browser-win* -clean-pt: +clean-pt: clean-bundle rm -f ../../gitian-builder/inputs/pluggable-transports* clean-bundle:

1 0