May 2014 - tor-commits - lists.torproject.org

[bridgedb/develop] Merge branch 'hotfix/0.2.1-docstrings' into develop
by isis＠torproject.org 28 May '14

28 May '14

commit e2de6afb4332452664b8ff7dbc707c3384ae7bf6 Merge: 625cbe8 c053bff Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed May 28 21:18:43 2014 +0000 Merge branch 'hotfix/0.2.1-docstrings' into develop bridgedb.conf | 2 +- lib/bridgedb/email/server.py | 86 ++++++++++++++++++++++++++---------------- 2 files changed, 55 insertions(+), 33 deletions(-)

1 0

[bridgedb/develop] Call schedule.intervalStart() to get epoch for HTTPS bridge request.
by isis＠torproject.org 28 May '14

28 May '14

commit f73deeace636c2ce91d81fc16d9d0097708b35f0 Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed May 28 18:42:00 2014 +0000 Call schedule.intervalStart() to get epoch for HTTPS bridge request. The ``epoch`` of a request is a value that is supposed to be the interval of time which the request occurred within, i.e. a request at 14:18 is in the 10-minute interval of 14:10-14:20. This ``epoch`` is used to obtain bridges in response to a client's request, specifically, it's a parameter to the ``bridgedb.Dist.getBridgesForIP()`` method, which does all the real work. In implementation (up until a couple weeks ago), there was an odd thing in that a request's ``epoch`` was always hardcoded to be ``"1970"``. I changed the part which returns ``"1970"`` to return an ISO-8601 timestamp, under the assumtion that anything asking for an interval would use the ``intervalStart()`` or ``nextIntervalStarts()`` methods to compare the curr ent timestamp to the interval it should reside within. My assumption was wrong; in ``bridgedb.Dist.getBridgesForIP()``, in the first line of that method, ``schedule.getInterval()`` is called instead. I had even made an XXX note a long time ago stating that this was a dumb thing to do. I forgot to change it. Oops. The fix is to change the first line of ``bridgedb.Dist.getBridgesForIP()`` from ``self.schedule.getInterval()`` to ``self.schedule.intervalStarts()` `. This was also preventing the CAPTCHA expiration from functioning correctly. After making this change, it exhibits the correct behaviour, which is, first, to only respond after determining that we're within the 10-minute interval in which the CAPTCHA was issued, and second, determine if the solution to the CATPCHA is correct (and if so give the bridges that we would give to that IP address cluster, ignoring time intervals altogether). * FIXES #12147 * THANKS to arma for forwarding to the original bug report to tor-assistants(a)lists.torproject.org. * THANKS TO Francisco on IRC for discovering and reporting the issue. --- lib/bridgedb/HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 9d76e28..6ece4d6 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -676,7 +676,7 @@ class WebResourceBridges(resource.Resource): """ # XXX why are we getting the interval if our distributor might be # using bridgedb.schedule.Unscheduled? - interval = self.schedule.getInterval(time.time()) + interval = self.schedule.intervalStart(time.time()) bridges = ( ) ip = None countryCode = None

1 0

[bridgedb/master] Merge branch 'hotfix/11215_12147-intervalstart'
by isis＠torproject.org 28 May '14

28 May '14

commit b7cd297c85d11a00ee94d2b41b46ddd9762154d1 Merge: f848aa9 f73deea Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed May 28 21:01:37 2014 +0000 Merge branch 'hotfix/11215_12147-intervalstart' lib/bridgedb/HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

1 0

[bridgedb/master] Call schedule.intervalStart() to get epoch for HTTPS bridge request.
by isis＠torproject.org 28 May '14

28 May '14

commit f73deeace636c2ce91d81fc16d9d0097708b35f0 Author: Isis Lovecruft <isis(a)torproject.org> Date: Wed May 28 18:42:00 2014 +0000 Call schedule.intervalStart() to get epoch for HTTPS bridge request. The ``epoch`` of a request is a value that is supposed to be the interval of time which the request occurred within, i.e. a request at 14:18 is in the 10-minute interval of 14:10-14:20. This ``epoch`` is used to obtain bridges in response to a client's request, specifically, it's a parameter to the ``bridgedb.Dist.getBridgesForIP()`` method, which does all the real work. In implementation (up until a couple weeks ago), there was an odd thing in that a request's ``epoch`` was always hardcoded to be ``"1970"``. I changed the part which returns ``"1970"`` to return an ISO-8601 timestamp, under the assumtion that anything asking for an interval would use the ``intervalStart()`` or ``nextIntervalStarts()`` methods to compare the curr ent timestamp to the interval it should reside within. My assumption was wrong; in ``bridgedb.Dist.getBridgesForIP()``, in the first line of that method, ``schedule.getInterval()`` is called instead. I had even made an XXX note a long time ago stating that this was a dumb thing to do. I forgot to change it. Oops. The fix is to change the first line of ``bridgedb.Dist.getBridgesForIP()`` from ``self.schedule.getInterval()`` to ``self.schedule.intervalStarts()` `. This was also preventing the CAPTCHA expiration from functioning correctly. After making this change, it exhibits the correct behaviour, which is, first, to only respond after determining that we're within the 10-minute interval in which the CAPTCHA was issued, and second, determine if the solution to the CATPCHA is correct (and if so give the bridges that we would give to that IP address cluster, ignoring time intervals altogether). * FIXES #12147 * THANKS to arma for forwarding to the original bug report to tor-assistants(a)lists.torproject.org. * THANKS TO Francisco on IRC for discovering and reporting the issue. --- lib/bridgedb/HTTPServer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py index 9d76e28..6ece4d6 100644 --- a/lib/bridgedb/HTTPServer.py +++ b/lib/bridgedb/HTTPServer.py @@ -676,7 +676,7 @@ class WebResourceBridges(resource.Resource): """ # XXX why are we getting the interval if our distributor might be # using bridgedb.schedule.Unscheduled? - interval = self.schedule.getInterval(time.time()) + interval = self.schedule.intervalStart(time.time()) bridges = ( ) ip = None countryCode = None

1 0

[stem/master] Changing Fedora link
by atagar＠torproject.org 28 May '14

28 May '14

commit 90843e507b381fef2579afee01e2b507a4fd505f Author: Damian Johnson <atagar(a)torproject.org> Date: Wed May 28 08:35:20 2014 -0700 Changing Fedora link For a while now our Fedora page has been getting an error response... https://github.com/fedora-infra/fedora-packages/issues/76 Juan suggested using this link instead until it gets sorted out. --- docs/download.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/download.rst b/docs/download.rst index f049da1..f46e644 100644 --- a/docs/download.rst +++ b/docs/download.rst @@ -98,10 +98,10 @@ Download % apt-get install python-stem * - .. image:: /_static/section/download/fedora.png - :target: https://apps.fedoraproject.org/packages/python-stem + :target: https://admin.fedoraproject.org/pkgdb/package/python-stem/ - .. image:: /_static/label/fedora.png - :target: https://apps.fedoraproject.org/packages/python-stem + :target: https://admin.fedoraproject.org/pkgdb/package/python-stem/ Packages maintained by Juan for Fedora. These include **python-stem** (Stem for Python 2.x), **python3-stem** (Stem for Python 3.x), and

1 0

[stem/master] Adding DROPGUARDS support
by atagar＠torproject.org 28 May '14

28 May '14

commit 8ca253a974c7e6eec9038c2d39a98a245a1ff024 Author: Damian Johnson <atagar(a)torproject.org> Date: Wed May 28 09:18:31 2014 -0700 Adding DROPGUARDS support Adding a Controller method for tor's DROPGUARDS function... https://trac.torproject.org/projects/tor/ticket/10032 https://gitweb.torproject.org/torspec.git/commitdiff/7c6c7fc --- docs/change_log.rst | 1 + stem/control.py | 22 +++++++++++++++++++--- stem/version.py | 2 ++ test/unit/control/controller.py | 13 +++++++++++++ 4 files changed, 35 insertions(+), 3 deletions(-) diff --git a/docs/change_log.rst b/docs/change_log.rst index 0bff1b5..ac892d1 100644 --- a/docs/change_log.rst +++ b/docs/change_log.rst @@ -44,6 +44,7 @@ The following are only available within Stem's `git repository * New, better :func:`~stem.connection.connect` function that deprecates :func:`~stem.connection.connect_port` and :func:`~stem.connection.connect_socket_file` * Added :func:`~stem.control.Controller.is_newnym_available` and :func:`~stem.control.Controller.get_newnym_wait` methods to the :class:`~stem.control.Controller` * Added :func:`~stem.control.Controller.get_ports` and :func:`~stem.control.Controller.get_listeners` methods to the :class:`~stem.control.Controller` + * Added :func:`~stem.control.Controller.drop_guards` (:trac:`10032`, :spec:`7c6c7fc`) * Added the id attribute to the :class:`~stem.response.events.ORConnEvent` (:spec:`6f2919a`) * Added `support for CONN_BW events <api/response.html#stem.response.events.ConnectionBandwidthEvent>`_ (:spec:`6f2919a`) * Added `support for CIRC_BW events <api/response.html#stem.response.events.CircuitBandwidthEvent>`_ (:spec:`6f2919a`) diff --git a/stem/control.py b/stem/control.py index 27cce01..78e949c 100644 --- a/stem/control.py +++ b/stem/control.py @@ -122,7 +122,8 @@ If you're fine with allowing your script to raise exceptions then this can be mo |- is_newnym_available - true if tor would presently accept a NEWNYM signal |- get_newnym_wait - seconds until tor would accept a NEWNYM signal |- is_geoip_unavailable - true if we've discovered our geoip db to be unavailable - +- map_address - maps one address to another such that connections to the original are replaced with the other + |- map_address - maps one address to another such that connections to the original are replaced with the other + +- drop_guards - drops our set of guard relays and picks a new set BaseController - Base controller class asynchronous message handling |- msg - communicates with the tor process @@ -2450,8 +2451,9 @@ class Controller(BaseController): :param stem.RelayEndReason reason: reason the stream is closing :param str flag: not currently used - :raises: :class:`stem.InvalidArguments` if the stream or reason are not recognized - :raises: :class:`stem.InvalidRequest` if the stream and/or reason are missing + :raises: + * :class:`stem.InvalidArguments` if the stream or reason are not recognized + * :class:`stem.InvalidRequest` if the stream and/or reason are missing """ # there's a single value offset between RelayEndReason.index_of() and the @@ -2560,6 +2562,20 @@ class Controller(BaseController): return response.entries + def drop_guards(self): + """ + Drops our present guard nodes and picks a new set. + + .. versionadded:: 1.2.0 + + :raises: :class:`stem.ControllerError` if Tor couldn't fulfill the request + """ + + if self.get_version() < stem.version.Requirement.DROPGUARDS: + raise stem.UnsatisfiableRequest('DROPGUARDS was added in tor version %s' % stem.version.Requirement.DROPGUARDS) + + self.msg('DROPGUARDS') + def _post_authentication(self): super(Controller, self)._post_authentication() diff --git a/stem/version.py b/stem/version.py index e3ba69b..791ce7b 100644 --- a/stem/version.py +++ b/stem/version.py @@ -30,6 +30,7 @@ easily parsed and compared, for instance... Requirement Description ===================================== =========== **AUTH_SAFECOOKIE** SAFECOOKIE authentication method + **DROPGUARDS** DROPGUARDS requests **EVENT_AUTHDIR_NEWDESCS** AUTHDIR_NEWDESC events **EVENT_BUILDTIMEOUT_SET** BUILDTIMEOUT_SET events **EVENT_CIRC_MINOR** CIRC_MINOR events @@ -333,6 +334,7 @@ safecookie_req.greater_than(Version("0.2.3.13")) Requirement = stem.util.enum.Enum( ("AUTH_SAFECOOKIE", safecookie_req), + ("DROPGUARDS", Version('0.2.5.1-alpha')), ("EVENT_AUTHDIR_NEWDESCS", Version('0.1.1.10-alpha')), ("EVENT_BUILDTIMEOUT_SET", Version('0.2.2.7-alpha')), ("EVENT_CIRC_MINOR", Version('0.2.3.11-alpha')), diff --git a/test/unit/control/controller.py b/test/unit/control/controller.py index 7422430..bc6711b 100644 --- a/test/unit/control/controller.py +++ b/test/unit/control/controller.py @@ -525,3 +525,16 @@ class TestControl(unittest.TestCase): for test_input in malformed_inputs: self.assertRaises(ProtocolError, _parse_circ_path, test_input) + + @patch('stem.control.Controller.get_version') + def test_drop_guards(self, get_version_mock): + """ + Exercises the drop_guards() method. + """ + + get_version_mock.return_value = stem.version.Version('0.1.0.14') + self.assertRaises(UnsatisfiableRequest, self.controller.drop_guards) + + with patch('stem.control.Controller.msg', Mock(return_value = None)): + get_version_mock.return_value = stem.version.Version('0.2.5.2') + self.controller.drop_guards()

1 0

[tor-browser-bundle/master] Remove scamblesuit bridges for now.
by mikeperry＠torproject.org 28 May '14

28 May '14

commit 429309ce162a0e1c36c9d3ed9c5bd89ca4879fd8 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Wed May 28 09:14:02 2014 -0700 Remove scamblesuit bridges for now. They require Tor 0.2.5.x. Postpone adding them until we can branch off a maint-3.6 branch for TBB 3.6. --- Bundle-Data/PTConfigs/bridge_prefs.js | 6 +++--- Bundle-Data/PTConfigs/linux/torrc-defaults-appendix | 2 +- Bundle-Data/PTConfigs/mac/torrc-defaults-appendix | 2 +- Bundle-Data/PTConfigs/windows/torrc-defaults-appendix | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Bundle-Data/PTConfigs/bridge_prefs.js b/Bundle-Data/PTConfigs/bridge_prefs.js index 8d2afed..6d8ac38 100644 --- a/Bundle-Data/PTConfigs/bridge_prefs.js +++ b/Bundle-Data/PTConfigs/bridge_prefs.js @@ -22,6 +22,6 @@ pref("extensions.torlauncher.default_bridge.fte.3", "fte 128.105.214.163:8080 A1 pref("extensions.torlauncher.default_bridge.fte.4", "fte 131.252.210.150:8080 0E858AC201BF0F3FA3C462F64844CBFFC7297A42"); pref("extensions.torlauncher.default_bridge.fte.5", "fte 79.125.3.12:8080 272465348803EE2546A9BB8EE37D462915531F09"); -pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.40.121.112:39707 5DE8D363D8F150C99E1A2D7237368D614838132C password=L5POGQONBPS2HZUR6GXBIDS4CMIYYOTI"); -pref("extensions.torlauncher.default_bridge.scramblesuit.2", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T"); -pref("extensions.torlauncher.default_bridge.scramblesuit.3", "scramblesuit 83.212.101.3:443 A09D536DD1752D542E1FBB3C9CE4449D51298239 password=XTCXLG2JAMJKZW2POLBAOWOQETQSMASH"); +//pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.40.121.112:39707 5DE8D363D8F150C99E1A2D7237368D614838132C password=L5POGQONBPS2HZUR6GXBIDS4CMIYYOTI"); +//pref("extensions.torlauncher.default_bridge.scramblesuit.2", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T"); +//pref("extensions.torlauncher.default_bridge.scramblesuit.3", "scramblesuit 83.212.101.3:443 A09D536DD1752D542E1FBB3C9CE4449D51298239 password=XTCXLG2JAMJKZW2POLBAOWOQETQSMASH"); diff --git a/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix b/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix index 8327587..87108bd 100644 --- a/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/linux/torrc-defaults-appendix @@ -2,7 +2,7 @@ ClientTransportPlugin fte exec ./Tor/PluggableTransports/fteproxy.bin --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec ./Tor/PluggableTransports/obfsproxy.bin managed +ClientTransportPlugin obfs2,obfs3 exec ./Tor/PluggableTransports/obfsproxy.bin managed ## flash proxy configuration # # Change the second number here (9000) to the number of a port that can diff --git a/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix b/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix index 19fc8e0..7c6e6a5 100644 --- a/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/mac/torrc-defaults-appendix @@ -2,7 +2,7 @@ ClientTransportPlugin fte exec PluggableTransports/fteproxy.bin --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec PluggableTransports/obfsproxy.bin managed +ClientTransportPlugin obfs2,obfs3 exec PluggableTransports/obfsproxy.bin managed ## flash proxy configuration # diff --git a/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix b/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix index bc1399d..049d2ff 100644 --- a/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix +++ b/Bundle-Data/PTConfigs/windows/torrc-defaults-appendix @@ -2,7 +2,7 @@ ClientTransportPlugin fte exec Tor\PluggableTransports\fteproxy --managed ## obfsproxy configuration -ClientTransportPlugin obfs2,obfs3,scramblesuit exec Tor\PluggableTransports\obfsproxy managed +ClientTransportPlugin obfs2,obfs3 exec Tor\PluggableTransports\obfsproxy managed ## flash proxy configuration #

1 0

[torspec/master] Remove an obsolete 220 question, spotted by George
by nickm＠torproject.org 28 May '14

28 May '14

commit 790f670db11ee4eab906bcc554bb1ec403242db7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed May 28 09:42:48 2014 -0400 Remove an obsolete 220 question, spotted by George --- proposals/220-ecc-id-keys.txt | 3 --- 1 file changed, 3 deletions(-) diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt index 6f60ca5..d4ed4e8 100644 --- a/proposals/220-ecc-id-keys.txt +++ b/proposals/220-ecc-id-keys.txt @@ -309,9 +309,6 @@ Status: Draft a microdescriptor, a lack of "id" line means that the node has no ed25519 identity.) - [XXXX Should the id entries in consensuses go into microdescriptors - instead? I think perhaps so. -NM] - A vote or consensus document is ill-formed if it includes the same ed25519 identity key twice.

1 0

[torspec/master] tweak proposal 220 based on comments from george, nick hopper
by nickm＠torproject.org 28 May '14

28 May '14

commit 3762272611aca1ffd0c5896d713c94ecf98b8f47 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed May 28 09:21:29 2014 -0400 tweak proposal 220 based on comments from george, nick hopper --- proposals/220-ecc-id-keys.txt | 42 ++++++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 19 deletions(-) diff --git a/proposals/220-ecc-id-keys.txt b/proposals/220-ecc-id-keys.txt index 94ec9a3..6f60ca5 100644 --- a/proposals/220-ecc-id-keys.txt +++ b/proposals/220-ecc-id-keys.txt @@ -78,8 +78,8 @@ Status: Draft EXPIRATION_DATE [3 Bytes] CERT_KEY_TYPE [1 byte] CERTIFIED_KEY [32 Bytes] - EXTENSIONS [variable length, up to length of certificate - minus 64 bytes.] + N_EXTENSIONS [1 byte] + EXTENSIONS [N_EXTENSIONS times] SIGNATURE [64 Bytes] The "VERSION" field holds the value [01]. The "CERT_TYPE" field @@ -94,14 +94,19 @@ Status: Draft The EXTENSIONS field contains zero or more extensions, each of the format: - ExtLength [1 or 2 bytes] - ExtType [1 or 2 bytes] + ExtLength [2 bytes] + ExtType [1 byte] + ExtFlags [1 byte] ExtData [Length bytes] - The ExtLength and ExtType fields can represent values between 0 - and 2^15-1, representing values under 128 as "0xxxxxxx" and - values over 128 as "1xxxxxxx yyyyyyyy". The meaning of the - ExtData field in an extension is type-dependent. + The meaning of the ExtData field in an extension is type-dependent. + + The ExtFlags field holds flags; this flag is currently defined: + + 1 -- AFFECTS_VALIDATION. If this flag is present, then the + extension affects whether the certificate is valid; clients + must not accept the certificate as valid unless they + understand the extension. It is an error for an extension to be truncated; such a certificate is invalid. @@ -142,8 +147,10 @@ Status: Draft SIGNATURE [64 Bytes] FIXED_PREFIX is "REVOKEID" or "REVOKESK". VERSION is [01]. KEYTYPE is - [01] for revoking a signing key or [02] for revoking an identity key. - REVOKED_KEY is the key being revoked; IDENTITY_KEY is the node's + [01] for revoking a signing key, [02] for revoking an identity key, + or [03] for revoking an RSA identity key. + REVOKED_KEY is the key being revoked or a SHA256 hash of the key if + it is an RSA identity key; IDENTITY_KEY is the node's Ed25519 identity key. PUBLISHED is the time that the document was generated, in seconds since the epoch. REV_EXTENSIONS is left for a future version of this document. The SIGNATURE is generated with @@ -194,10 +201,11 @@ Status: Draft When an identity-ed25519 element is present, there must also be a "router-signature-ed25519" element. It MUST be the next-to-last element in the descriptor, appearing immediately before the RSA - signature. It MUST contain an ed25519 signature of the entire - document, from the first character up to but not including the - "router-signature-ed25519" element, prefixed with the string "Tor - router descriptor signature v1". Its format is: + signature. (In future versions of the descriptor format that do not + require an RSA identity key, it MUST be last.) It MUST contain an + ed25519 signature of the entire document, from the first character up + to but not including the "router-signature-ed25519" element, prefixed + with the string "Tor router descriptor signature v1". Its format is: "router-signature-ed25519" SP signature NL @@ -285,10 +293,6 @@ Status: Draft 0.2.4 without being de-listed from the consensus. - [XXX I could specify a way to do a signed "I'm downgrading for a - while!" statement, and kludge some code back into 0.2.4.x to better - support that?] - 3.2. Formats Vote and microdescriptor documents now contain an optional "id" @@ -404,7 +408,7 @@ Status: Draft certificate, and an authentication certificate signed with the identity key. The AUTHENTICATE cell contains a signature of various fields, including the contents of the AUTH_CHALLENGE - which the server sent cell, using the client's authentication + which the server sent, using the client's authentication key. These cells allow the client to authenticate to the server.

1 0

[user-manual/master] Restore compatibility with yelp-tools 3.4
by lunar＠torproject.org 28 May '14

28 May '14

commit 298acf26d0fdb323caf44355b332e1c2144f60ac Author: Lunar <lunar(a)torproject.org> Date: Wed May 28 14:44:00 2014 +0200 Restore compatibility with yelp-tools 3.4 Unfortunately, this requires us to add a en-US lingua (because we can't create a C directory without breaking out-of-tree builds). --- Makefile.am | 14 +- en-US/en-US.po | 451 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 460 insertions(+), 5 deletions(-) diff --git a/Makefile.am b/Makefile.am index 9f11906..a45aac7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -9,16 +9,20 @@ HELP_ID = tor-browser-user-manual HELP_FILES = $(shell cd $(srcdir)/C && git ls-files '*.page') HELP_MEDIA = $(shell cd $(srcdir)/C && git ls-files 'media') HELP_PLATFORMS = windows macosx linux -HELP_LINGUAS = @TOR_BROWSER_BUNDLE_LOCALES@ +HELP_LINGUAS = en-US @TOR_BROWSER_BUNDLE_LOCALES@ .PHONY: html html: all media-symlinks.stamp set -e && \ - for lc in C $(HELP_LINGUAS); do \ + for lc in $(HELP_LINGUAS); do \ + includes="$$(find include -maxdepth 1 -type f)" ; \ + for file in $$includes; do \ + mkdir -p $$(dirname $$file); \ + ln -nsf ../$$file $$lc/$$(basename $$file); \ + done; \ for platform in $(HELP_PLATFORMS); do \ mkdir -p html/$$platform/$$lc; \ - yelp-build html -p include \ - -x $(srcdir)/platform-$$platform.xslt \ + yelp-build html -x $(srcdir)/platform-$$platform.xslt \ -o html/$$platform/$$lc $$lc; \ for ttf in $$lc/media/*.ttf; do \ cp --preserve=timestamps $$ttf html/$$platform/$$lc/media; \ @@ -29,7 +33,7 @@ html: all media-symlinks.stamp .PHONY: pdf pdf: all media-symlinks.stamp set -e && \ - for lc in C $(HELP_LINGUAS); do \ + for lc in $(HELP_LINGUAS); do \ for platform in $(HELP_PLATFORMS); do \ PDF_DIR=pdf/$$platform/$$lc; \ LATEX_FILE=$(HELP_ID)-$$lc.latex; \ diff --git a/en-US/en-US.po b/en-US/en-US.po new file mode 100644 index 0000000..12ef3eb --- /dev/null +++ b/en-US/en-US.po @@ -0,0 +1,451 @@ +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"POT-Creation-Date: 2014-05-27 18:03+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL(a)li.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Put one translator per line, in the form NAME <EMAIL>, YEAR1, YEAR2 +msgctxt "_" +msgid "translator-credits" +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/bridges.page:143(media) +msgctxt "_" +msgid "external ref='media/tor-launcher-custom-bridges_en-US.png' md5='93365c2aa3fb4d627497e83f28a39b7e'" +msgstr "" + +#: C/bridges.page:7(info/desc) +msgid "What bridges are and how to use them." +msgstr "" + +#: C/bridges.page:11(page/title) +msgid "Bridges" +msgstr "" + +#: C/bridges.page:13(page/p) +msgid "Bridges are quiet gateways into the Tor Network. Like Tor relays, they are run by volunteers. Unlike relays, they are not listed publicly. Using bridges disguise the fact that one is using Tor." +msgstr "" + +#: C/bridges.page:19(page/p) +msgid "Currently there are five bridge types, or transports, available. More are being developed." +msgstr "" + +#: C/bridges.page:26(td/p) +msgid "ORPort" +msgstr "" + +#: C/bridges.page:31(td/p) +msgid "Requesting 'bridges' without specifying the bridge type, will return ORPort bridges, also called Vanilla bridges. ORPort bridges are NOT reliable for circumventing censorship or national firewalls. ORPort bridges can be useful as trusted entry points into the Tor network." +msgstr "" + +#: C/bridges.page:41(td/p) +msgid "obfs2" +msgstr "" + +#: C/bridges.page:46(td/p) +msgid "Censors have learned how to identify obfs2 bridges. This transport is being deprecated." +msgstr "" + +#: C/bridges.page:54(td/p) +msgid "obfs3" +msgstr "" + +#: C/bridges.page:59(td/p) +msgid "Obfsproxy disguises Tor traffic as random noise. obfs3 bridges work almost everywhere. A few obfs3 bridges have been blocked." +msgstr "" + +#: C/bridges.page:67(td/p) +msgid "Scramblesuit" +msgstr "" + +#: C/bridges.page:72(td/p) +msgid "Scramblesuit is an additional tool for the obfsproxy transport. Scramblesuit bridges are designed to be hard to identify and hard to block." +msgstr "" + +#: C/bridges.page:81(td/p) +msgid "FTE" +msgstr "" + +#: C/bridges.page:86(td/p) +msgid "Format-Transforming Encryption disguises Tor traffic as web (HTTP) traffic or other types of internet traffic. FTE bridges are effective, but in limited supply." +msgstr "" + +#: C/bridges.page:95(page/p) +msgid "(Note that flashproxy is a Pluggable Transport, but does not rely on bridges.)" +msgstr "" + +#: C/bridges.page:99(page/p) +msgid "There are four ways to get a bridge." +msgstr "" + +#: C/bridges.page:105(item/p) +msgid "Visit <link href=\"https://bridges.torproject.org/\">https://bridges.torproject.org/</link> and follow the instructions." +msgstr "" + +#: C/bridges.page:110(item/p) +msgid "Email bridges(a)bridges.torproject.org from a gmail or yahoo email address. Put <cmd>get bridges</cmd> in the body for ORPort bridges or <cmd>transport=obfs3</cmd> for obfs3 bridges." +msgstr "" + +#: C/bridges.page:117(item/p) +msgid "Politely ask a human at help(a)rt.torproject.org if you cannot access either of the first two methods." +msgstr "" + +#: C/bridges.page:123(item/p) +msgid "Install and configure a Tor instance to be bridge for yourself. The computer acting as a bridge must have uncensored internet access to the Tor network. A full installation guide can be found at <link href=\"https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en\">https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en</link>" +msgstr "" + +#: C/bridges.page:132(page/p) +msgid "Enter the bridge information you get from any of the above steps in Tor-launcher." +msgstr "" + +#: C/bridges.page:137(page/p) +msgid "Choose yes when asked if your Internet Service Provider blocks connections to the Tor network. Select 'Use custom bridges' and enter each bridge identifier on its own line." +msgstr "" + +#: C/bridges.page:145(page/p) +msgid "Click Connect. Using bridges slow down the connection. If the connection fails, the bridges you received may be down. Get more and try again." +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/circumvention.page:20(media) +msgctxt "_" +msgid "external ref='media/tor-launcher-configure_en-US.png' md5='966f4bafcb829e59b2b84d08144d885e'" +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/circumvention.page:27(media) +msgctxt "_" +msgid "external ref='media/tor-launcher-wizard_en-US.png' md5='21f80fc3f4e34359bfdc44684d7da09d'" +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/circumvention.page:35(media) +msgctxt "_" +msgid "external ref='media/tor-launcher-provided-bridges_en-US.png' md5='70524dccb698a21bb1d20223461e3272'" +msgstr "" + +#: C/circumvention.page:7(info/desc) +msgid "What to do if the Tor network is blocked." +msgstr "" + +#: C/circumvention.page:11(page/title) +msgid "Circumvention" +msgstr "" + +#: C/circumvention.page:13(page/p) +msgid "Some firewalls can detect and block connections to Tor. The Tor Browser includes some circumvention tools for getting around blocking firewalls. These circumvention tools are called Pluggable Transports. To turn them on, click \"Configure\" in the Tor launcher window." +msgstr "" + +#: C/circumvention.page:22(page/p) +msgid "Select yes when asked if your internet service provider blocks connections to Tor.\"" +msgstr "" + +#: C/circumvention.page:29(page/p) +msgid "Select \"Connect with provided bridges\". Tor Browser has three Pluggable Transports to choose from. If one fails to get you online, try selecting a different transport." +msgstr "" + +#: C/circumvention.page:37(page/p) +msgid "If you try all three transports, and none of them get you online, select \"Enter custom bridges\", and enter bridges manually. Read the <link xref=\"bridges\">Getting Bridges</link> section for instructions on getting custom bridges." +msgstr "" + +#: C/index.page:6(page/title) +msgid "Tor Browser User Manual" +msgstr "" + +#. will be replaced by current Tor Browser version +#: C/index.page:7(page/p) +msgid "Version: <_:span-1/>" +msgstr "" + +#: C/known-issues.page:7(info/desc) +msgid "A list of known issues." +msgstr "" + +#: C/known-issues.page:11(page/title) +msgid "Known Issues" +msgstr "" + +#: C/known-issues.page:15(item/p) +msgid "Tor needs your system clock (and your time zone) set to the correct time." +msgstr "" + +#: C/known-issues.page:20(item/p) +msgid "The following firewall software have been known to interfere with Tor and may need to be temporarily disabled:" +msgstr "" + +#: C/known-issues.page:24(item/p) +msgid "Webroot SecureAnywhere" +msgstr "" + +#: C/known-issues.page:27(item/p) +msgid "Kaspersky Internet Security 2012" +msgstr "" + +#: C/known-issues.page:30(item/p) +msgid "Sophos Antivirus for Mac" +msgstr "" + +#: C/known-issues.page:33(item/p) +msgid "Microsoft Security Essentials" +msgstr "" + +#: C/known-issues.page:38(item/p) +msgid "Videos that require Adobe Flash are unavailable. Flash is disabled for security reasons. Most YouTube videos can be played with HTML5 by visiting the video's \"Embed\" → \"Share\" link." +msgstr "" + +#: C/known-issues.page:45(item/p) +msgid "Tor can not use a bridge if a proxy is set." +msgstr "" + +#: C/known-issues.page:50(item/p) +msgid "The Tor Browser package is dated January 1, 2000 00:00:00 UTC. This is to ensure that each software build is exactly reproducible." +msgstr "" + +#: C/known-issues.page:56(item/p) +msgid "To run Tor Browser on Ubuntu, users need to execute a shell script. Open \"Files\" (Unity's explorer), open Preferences → Behavior Tab → Set \"Run executable text files when they are opened\" to \"Ask every time\", then OK. Tor Browser can also be started from the command line by running" +msgstr "" + +#: C/known-issues.page:62(item/code) +#, no-wrap +msgid "" +"\n" +" ./start-tor-browser\n" +" " +msgstr "" + +#: C/known-issues.page:65(item/p) +msgid "from inside the Tor Browser directory." +msgstr "" + +#: C/known-issues.page:70(page/p) +msgid "If you have an issue with Tor Browser that isn't on this list, feel free to email help(a)rt.torproject.org." +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/tor.page:120(media) +msgctxt "_" +msgid "external ref='media/how-tor-works.png' md5='6fe4151a88b7a518466f0582e40ccc8c'" +msgstr "" + +#: C/tor.page:9(info/desc) +msgid "Learn what Tor can do to protect your privacy and anonymity." +msgstr "" + +#: C/tor.page:12(page/title) +msgid "Tor" +msgstr "" + +#: C/tor.page:15(section/title) +msgid "What Tor will do" +msgstr "" + +#: C/tor.page:17(section/p) +msgid "The <_:app-1/> uses the <_:app-2/> network to protect your privacy and anonymity. Using the <_:app-3/> network has two main properties:" +msgstr "" + +#: C/tor.page:26(item/p) +msgid "The Internet access provider will not be able to learn the sites being visited and will not be able to monitor the content of the communication." +msgstr "" + +#: C/tor.page:33(item/p) +msgid "The sites will see a connection coming from the <_:app-1/> network and will not learn the actual Internet connection used to visit them." +msgstr "" + +#: C/tor.page:41(section/p) +msgid "On top of that, the <_:app-1/> is designed to minimize the ability of websites to fingerprint the browser." +msgstr "" + +#: C/tor.page:45(section/p) +msgid "The Tor Browser does not keep any browsing history. Cookies are only valid for a single session: until the <_:app-1/> is exited or a <gui>New Identity</gui> is requested." +msgstr "" + +#: C/tor.page:57(section/title) +msgid "What Tor will not do" +msgstr "" + +#: C/tor.page:59(section/p) +msgid "<_:app-1/> and the <_:app-2/> will protect your privacy and anonymity only if used appropriately." +msgstr "" + +#: C/tor.page:67(item/p) +msgid "<_:app-1/> will not encrypt the whole communication. What is sent to the <_:app-2/> network is what leaves the <_:app-3/> network. For web browsing, this means that any confidential information should be sent using the HTTPS protocol." +msgstr "" + +#: C/tor.page:79(item/p) +msgid "If you give a website identifying information (e.g. a name, a login), you will no longer be an anonymous visitor of this website." +msgstr "" + +#: C/tor.page:86(item/p) +msgid "If you transfer files, they can contain identifying information in their metadata, like the camera serial number." +msgstr "" + +#: C/tor.page:92(item/p) +msgid "Only connections made through the <_:app-1/> will go through the <_:app-2/> network. Unless specific steps are taken, other applications on your computer will continue to do direct Internet connections and can reveal your location." +msgstr "" + +#: C/tor.page:104(section/p) +msgid "If loosing control over some information might have problematic consequences, it is sometimes better to leave it off computers entirely." +msgstr "" + +#: C/tor.page:111(section/title) +msgid "How Tor works" +msgstr "" + +#: C/tor.page:113(section/p) +msgid "Tor is a network of virtual tunnels that allows you to improve your privacy and security on the Internet. Tor works by sending your traffic through three random servers (also known as relays) in the Tor network, before the traffic is sent out onto the public Internet" +msgstr "" + +#: C/tor.page:121(section/p) +msgid "The image above illustrates a user browsing to different websites over Tor. The green monitors represent relays in the Tor network, while the three keys represent the layers of encryption between the user and each relay." +msgstr "" + +#: C/tor.page:130(section/title) +msgid "Tor and HTTPS" +msgstr "" + +#: C/tor.page:132(section/p) +msgid "The following visualization helps understanding what data are visible to eavesdroppers with or without the <_:app-1/> and when encrypted connections (HTTPS) or not:" +msgstr "" + +#: C/tor.page:142(item/p) +msgid "Click the <gui>Tor</gui> button to see what data is visible to eavesdroppers when you're using Tor. The button will turn green to indicate that Tor is on." +msgstr "" + +#: C/tor.page:149(item/p) +msgid "Click the <gui>HTTPS</gui> button to see what data is visible to eavesdroppers when you're using HTTPS. The button will turn green to indicate that HTTPS is on." +msgstr "" + +#: C/tor.page:156(item/p) +msgid "When both buttons are green, you see the data that is visible to eavesdroppers when you are using both tools." +msgstr "" + +#: C/tor.page:162(item/p) +msgid "When both buttons are grey, you see the data that is visible to eavesdroppers when you don't use either tool." +msgstr "" + +#: C/tor.page:169(terms/title) +msgid "Potentially visible data" +msgstr "" + +#: C/tor.page:177(item/p) +msgid "The site being visited." +msgstr "" + +#: C/tor.page:188(item/p) +msgid "Username and password used for authentication." +msgstr "" + +#: C/tor.page:199(item/p) +msgid "Data being transmited." +msgstr "" + +#: C/tor.page:210(item/p) +msgid "Network location of the computer used to visit the website (the public IP address)." +msgstr "" + +#: C/tor.page:222(item/p) +msgid "Whether or not Tor is being used." +msgstr "" + +#. This is a reference to an external file such as an image or video. When +#. the file changes, the md5 hash will change to let you know you need to +#. update your localized copy. The msgstr is not used at all. Set it to +#. whatever you like once you have updated your copy of the file. +#: C/troubleshooting.page:18(media) +msgctxt "_" +msgid "external ref='media/tor-launcher-connect_en-US.png' md5='03118f523f4cbc7c001da1ddacc9e394'" +msgstr "" + +#: C/troubleshooting.page:7(info/desc) +msgid "What to do if Tor Browser doesn't work." +msgstr "" + +#: C/troubleshooting.page:11(page/title) +msgid "Troubleshooting" +msgstr "" + +#: C/troubleshooting.page:13(page/p) +msgid "The Tor Browser should get you online automatically after clicking the \"Connect\" button on the start up screen." +msgstr "" + +#: C/troubleshooting.page:20(page/p) +msgid "If it doesn't connect, there may be a simple fix. Try each of the following:" +msgstr "" + +#: C/troubleshooting.page:26(item/p) +msgid "Make sure another Tor Browser is not already running. If you're not sure if Tor Browser is running, restart your computer." +msgstr "" + +#: C/troubleshooting.page:30(item/p) +msgid "'Allow' Tor in your antivirus program." +msgstr "" + +#: C/troubleshooting.page:33(item/p) +msgid "Temporarily disable your firewall." +msgstr "" + +#: C/troubleshooting.page:36(item/p) +msgid "Delete Tor Browser and install it again. If updating, do not overwrite your previous Tor Browser files." +msgstr "" + +#: C/troubleshooting.page:41(page/p) +msgid "If you still can't connect, your internet service provider might be censoring connections to Tor. Follow the instructions in the <link xref=\"circumvention\">Circumvention</link> section." +msgstr "" + +#: C/troubleshooting.page:47(page/p) +msgid "If the above steps do not address your problem, email help(a)rt.torproject.org with your operating system, the details of your problem, and what you've already tried." +msgstr "" + +#: C/uninstalling.page:7(info/desc) +msgid "How to remove Tor Browser from your system." +msgstr "" + +#: C/uninstalling.page:11(page/title) +msgid "Uninstalling" +msgstr "" + +#: C/uninstalling.page:13(page/p) +msgid "The Tor Browser does not affect any of the existing software or settings on your computer. Uninstalling Tor Browser will not affect your system's software or settings either." +msgstr "" + +#: C/uninstalling.page:19(page/p) +msgid "Removing the Tor Browser from your system is simple:" +msgstr "" + +#: C/uninstalling.page:25(item/p) +msgid "Locate your Tor Browser folder. The default location is your Desktop." +msgstr "" + +#: C/uninstalling.page:28(item/p) +msgid "Delete the Tor Browser folder." +msgstr "" + +#: C/uninstalling.page:31(item/p) +msgid "Empty your Trash" +msgstr "" + +#: C/uninstalling.page:35(page/p) +msgid "Note that your operating system's standard \"Uninstall\" utility is not used." +msgstr "" +

1 0