July 2014 - tor-commits - lists.torproject.org

r26861: {website} add another mirror. (website/trunk/include)
by Andrew Lewman 11 Jul '14

11 Jul '14

Author: phobos Date: 2014-07-11 13:00:56 +0000 (Fri, 11 Jul 2014) New Revision: 26861 Modified: website/trunk/include/tor-mirrors.csv Log: add another mirror. Modified: website/trunk/include/tor-mirrors.csv =================================================================== --- website/trunk/include/tor-mirrors.csv 2014-07-11 12:59:53 UTC (rev 26860) +++ website/trunk/include/tor-mirrors.csv 2014-07-11 13:00:56 UTC (rev 26861) @@ -99,3 +99,4 @@ Sebastian, Maxanoo, NL, The Netherlands, Amsterdam, TRUE, FALSE, NO, http://tor.maxanoo.com/, , , , http://tor.maxanoo.com/dist/, , , , Sat Jun 21 01:23:19 2014 rorrim AT ayo DOT tl, Tor Supporter, IS, Iceland, Europe, TRUE, TRUE, No, http://ayo.tl/tor/, https://ayo.tl/tor/, , , http://ayo.tl/tor/dist/, https://ayo.tl/tor/dist/, , , , admin AT nuclear DASH weapons DOT net,Setec Administrator,US,Texas,Austin,TRUE,FALSE,No,http://tor.nuclear-weapons.net,…, +stefano.fenoglio AT gmail DOT com,Tor Supporter,IT,Italy,Europe,TRUE,FALSE,No,http://tor.stefanof.com,,,,,,http:/…,,,

1 0

r26860: {website} add a new mirror (website/trunk/include)
by Andrew Lewman 11 Jul '14

11 Jul '14

Author: phobos Date: 2014-07-11 12:59:53 +0000 (Fri, 11 Jul 2014) New Revision: 26860 Modified: website/trunk/include/tor-mirrors.csv Log: add a new mirror Modified: website/trunk/include/tor-mirrors.csv =================================================================== --- website/trunk/include/tor-mirrors.csv 2014-07-09 03:09:43 UTC (rev 26859) +++ website/trunk/include/tor-mirrors.csv 2014-07-11 12:59:53 UTC (rev 26860) @@ -98,3 +98,4 @@ tor(a)fodt.it // FoDT.it Webteam, FoDT.it, AT, Austria, Europe, TRUE, FALSE, No, http://tor.fodt.it, https://tor.fodt.it, , ftp://ftp.fodt.it/pub/mirrors/torproject.org/, http://tor.fodt.it/dist/, https://tor.fodt.it/dist/, , , Sat Jun 21 01:23:19 2014 Sebastian, Maxanoo, NL, The Netherlands, Amsterdam, TRUE, FALSE, NO, http://tor.maxanoo.com/, , , , http://tor.maxanoo.com/dist/, , , , Sat Jun 21 01:23:19 2014 rorrim AT ayo DOT tl, Tor Supporter, IS, Iceland, Europe, TRUE, TRUE, No, http://ayo.tl/tor/, https://ayo.tl/tor/, , , http://ayo.tl/tor/dist/, https://ayo.tl/tor/dist/, , , , +admin AT nuclear DASH weapons DOT net,Setec Administrator,US,Texas,Austin,TRUE,FALSE,No,http://tor.nuclear-weapons.net,…,

1 0

[translation/https_everywhere_completed] Update translations for https_everywhere_completed
by translation＠torproject.org 10 Jul '14

10 Jul '14

commit 4c69cfb2c9cd88390ec5ffb3d1d15fd4ab9aa31b Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jul 10 13:15:25 2014 +0000 Update translations for https_everywhere_completed --- sr/https-everywhere.dtd | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/sr/https-everywhere.dtd b/sr/https-everywhere.dtd index bfe7a8c..9677cb6 100644 --- a/sr/https-everywhere.dtd +++ b/sr/https-everywhere.dtd @@ -14,6 +14,7 @@ <!ENTITY https-everywhere.menu.observatory "SSL observatorij postavki"> <!ENTITY https-everywhere.menu.globalEnable "Omoguci HTTPS svuda"> <!ENTITY https-everywhere.menu.globalDisable "Onemoguci HTTPS svuda"> +<!ENTITY https-everywhere.menu.showCounter "Prikazi brojac"> <!ENTITY https-everywhere.prefs.title "HTTPS svuda - postavke"> <!ENTITY https-everywhere.prefs.enable_all "Omoguci sve"> @@ -34,4 +35,15 @@ <!ENTITY https-everywhere.source.filename "Imefajla"> <!ENTITY https-everywhere.source.unable_to_download "Ne moze se skinuti izvor."> +<!ENTITY https-everywhere.popup.title "HTTPS Everywhere 4.0, razvoj.11. obavestenje"> +<!ENTITY https-everywhere.popup.paragraph1 "Ups. Koristili ste stabilnu verziju HTTPS Everywhere, ali mozda smo slucajno nadogradili na razvojnu verziju u nasem poslednjem izdanju."> +<!ENTITY https-everywhere.popup.paragraph2 "Hocete li da se vratite na stabilnu verziju?"> +<!ENTITY https-everywhere.popup.paragraph3 "Voleli bi smo kad bi ste nastavili da koristite nase razvojno izdanje i pomogli nam da ucinimo +HTTPS Everywhere boljim! Mozda ce te otkriti da postoji par bugova koje mozete da prijavite na +https-everywhere(a)eff.org. Izvinite na neugodnosti i hvala sto koristite HTTPS Everywhere."> +<!ENTITY https-everywhere.popup.keep "Zadrzi me na razvojnoj verziji."> +<!ENTITY https-everywhere.popup.revert "Preuzmi poslednju stabilnu verziju"> +<!ENTITY https-everywhere.ruleset-tests.status_title "HTTPS Everywhere Ruleset Testovi"> +<!ENTITY https-everywhere.ruleset-tests.status_cancel_button "Откажи"> +<!ENTITY https-everywhere.ruleset-tests.status_start_button "Start">

1 0

[translation/https_everywhere] Update translations for https_everywhere
by translation＠torproject.org 10 Jul '14

10 Jul '14

commit e3d4621b94b24192d18ab5ccd4c8c820d383608c Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jul 10 13:15:21 2014 +0000 Update translations for https_everywhere --- sr/https-everywhere.dtd | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/sr/https-everywhere.dtd b/sr/https-everywhere.dtd index 1b89dbe..9677cb6 100644 --- a/sr/https-everywhere.dtd +++ b/sr/https-everywhere.dtd @@ -14,7 +14,7 @@ <!ENTITY https-everywhere.menu.observatory "SSL observatorij postavki"> <!ENTITY https-everywhere.menu.globalEnable "Omoguci HTTPS svuda"> <!ENTITY https-everywhere.menu.globalDisable "Onemoguci HTTPS svuda"> -<!ENTITY https-everywhere.menu.showCounter "Show Counter"> +<!ENTITY https-everywhere.menu.showCounter "Prikazi brojac"> <!ENTITY https-everywhere.prefs.title "HTTPS svuda - postavke"> <!ENTITY https-everywhere.prefs.enable_all "Omoguci sve"> @@ -35,13 +35,15 @@ <!ENTITY https-everywhere.source.filename "Imefajla"> <!ENTITY https-everywhere.source.unable_to_download "Ne moze se skinuti izvor."> -<!ENTITY https-everywhere.popup.title "HTTPS Everywhere 4.0development.11 notification"> -<!ENTITY https-everywhere.popup.paragraph1 "Oops. You were using the stable version of HTTPS Everywhere, but we might have accidentally upgraded you to the development version in our last release."> -<!ENTITY https-everywhere.popup.paragraph2 "Would you like to go back to stable?"> -<!ENTITY https-everywhere.popup.paragraph3 "We'd love it if you continued using our development release and helped us make HTTPS Everywhere better! You might find there are a few more bugs here and there, which you can report to https-everywhere(a)eff.org. Sorry about the inconvenience, and thank you for using HTTPS Everywhere."> -<!ENTITY https-everywhere.popup.keep "Keep me on the development version"> -<!ENTITY https-everywhere.popup.revert "Download the latest stable version"> +<!ENTITY https-everywhere.popup.title "HTTPS Everywhere 4.0, razvoj.11. obavestenje"> +<!ENTITY https-everywhere.popup.paragraph1 "Ups. Koristili ste stabilnu verziju HTTPS Everywhere, ali mozda smo slucajno nadogradili na razvojnu verziju u nasem poslednjem izdanju."> +<!ENTITY https-everywhere.popup.paragraph2 "Hocete li da se vratite na stabilnu verziju?"> +<!ENTITY https-everywhere.popup.paragraph3 "Voleli bi smo kad bi ste nastavili da koristite nase razvojno izdanje i pomogli nam da ucinimo +HTTPS Everywhere boljim! Mozda ce te otkriti da postoji par bugova koje mozete da prijavite na +https-everywhere(a)eff.org. Izvinite na neugodnosti i hvala sto koristite HTTPS Everywhere."> +<!ENTITY https-everywhere.popup.keep "Zadrzi me na razvojnoj verziji."> +<!ENTITY https-everywhere.popup.revert "Preuzmi poslednju stabilnu verziju"> -<!ENTITY https-everywhere.ruleset-tests.status_title "HTTPS Everywhere Ruleset Tests"> +<!ENTITY https-everywhere.ruleset-tests.status_title "HTTPS Everywhere Ruleset Testovi"> <!ENTITY https-everywhere.ruleset-tests.status_cancel_button "Откажи"> <!ENTITY https-everywhere.ruleset-tests.status_start_button "Start">

1 0

[translation/gettor_completed] Update translations for gettor_completed
by translation＠torproject.org 10 Jul '14

10 Jul '14

commit 76c0e14d977489df2bb56858c8d2edb44c5333a3 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jul 10 13:15:12 2014 +0000 Update translations for gettor_completed --- sr/gettor.po | 508 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 508 insertions(+) diff --git a/sr/gettor.po b/sr/gettor.po new file mode 100644 index 0000000..e45b6fe --- /dev/null +++ b/sr/gettor.po @@ -0,0 +1,508 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Translators: +# tentaclewarrior <exterminator996(a)gmail.com>, 2014 +# krtislav <krtislav(a)gmail.com>, 2012 +# lajavi.krelac <lajavi.krelacc(a)gmail.com>, 2012 +# mahavidyas <mahavidyas(a)gmail.com>, 2012 +# Milos, 2014 +# pireaus <pireaus77(a)gmail.com>, 2013 +msgid "" +msgstr "" +"Project-Id-Version: The Tor Project\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2013-01-19 13:40+0100\n" +"PO-Revision-Date: 2014-07-10 12:51+0000\n" +"Last-Translator: tentaclewarrior <exterminator996(a)gmail.com>\n" +"Language-Team: Serbian (http://www.transifex.com/projects/p/torproject/language/sr/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: sr\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#: lib/gettor/i18n.py:27 +msgid "Hello, This is the \"GetTor\" robot." +msgstr "Ћао, ово је \"GetTor\" робот." + +#: lib/gettor/i18n.py:29 +msgid "Thank you for your request." +msgstr "Хвала Вам на захтеву." + +#: lib/gettor/i18n.py:31 +msgid "" +"Unfortunately, we won't answer you at this address. You should make\n" +"an account with GMAIL.COM, YAHOO.COM or YAHOO.CN and send the mail from\n" +"one of those." +msgstr "Нажалост, нећемо Вам одговорити на ову адресу. Требало би да направите\nналог на GMAIL.COM, YAHOO.COM или YAHOO.CN и пошаљете нам е-маил са\nједне од тих адреса." + +#: lib/gettor/i18n.py:35 +msgid "" +"We only process requests from email services that support \"DKIM\",\n" +"which is an email feature that lets us verify that the address in the\n" +"\"From\" line is actually the one who sent the mail." +msgstr "Излазимо у сусрет само захтевима преко е-поште која подржава „DKIM“,\nа то је могућност која нам омогућава да проверимо да ли нам је права особа послала поруку.\n\n " + +#: lib/gettor/i18n.py:39 +msgid "" +"(We apologize if you didn't ask for this mail. Since your email is from\n" +"a service that doesn't use DKIM, we're sending a short explanation,\n" +"and then we'll ignore this email address for the next day or so.)" +msgstr "(Извињавамо се ако нисте захтевали ову поруку. С обзиром на то да Ваша\nе-пошта\nне подржава DKIM, одлучили смо да Вам пошаљемо кратко објашњење,\nа тек онда занемаримо ову е-адресу.)\n\n " + +#: lib/gettor/i18n.py:43 lib/gettor/i18n.py:135 +msgid "" +"If you have any questions or it doesn't work, you can contact a\n" +"human at this support email address: help(a)rt.torproject.org" +msgstr "Ako imate pitanja ili ne funkcionise, mozete da kontaktirate \ncoveka na ovoj adresi podrske: help(a)rt.torproject.org" + +#: lib/gettor/i18n.py:46 +msgid "" +"I will mail you a Tor package, if you tell me which one you want.\n" +"Please select one of the following package names:\n" +"\n" +" windows\n" +" macos-i386\n" +" macos-ppc\n" +" linux-i386\n" +" linux-x86_64\n" +" obfs-windows\n" +" obfs-macos-i386\n" +" obfs-macos-x86_64\n" +" obfs-linux-i386\n" +" obfs-linux-x86_64\n" +" source" +msgstr "Poslacu vam Tor paket mail-om, ako mi kazete koji zelite.\nMolim vas odaberite jedno od sledecih imena paketa:\n\nwindows\nmacos-i386\nmacos-ppc\nlinux-i386\nlinux-x86_64\nobfs-windows\nobfs-macos-i386\nobfs-macos-x86_64\nobfs-linux-i386\nobfs-linux-x86_64\nsource" + +#: lib/gettor/i18n.py:61 +msgid "" +"Please reply to this mail, and tell me a single package name anywhere \n" +"in the body of your email." +msgstr "Молим одговорите на овај е-маил, и напишите име једног пакета било где\nу телу поруке Вашег е-маила" + +#: lib/gettor/i18n.py:64 +msgid "" +"OBTAINING LOCALIZED VERSIONS OF TOR\n" +"===================================" +msgstr "НАБАВКА ЛОКАЛИЗОВАНЕ ВЕРЗИЈЕ ТОР-а" + +#: lib/gettor/i18n.py:67 +msgid "" +"To get a version of Tor translated into your language, specify the\n" +"language you want in the address you send the mail to:\n" +"\n" +" gettor+fa(a)torproject.org" +msgstr "Да би сте набавили верзију ТОР-а на вашем језику, наведите\nјезик који желите у адреси у поруци коју треба да пошаљете на адресу:\n\n gettor+fa(a)torproject.org" + +#: lib/gettor/i18n.py:72 +msgid "" +"This example will give you the requested package in a localized\n" +"version for Farsi (Persian). Check below for a list of supported language\n" +"codes. " +msgstr "У овом примеру ћете добити захтевани пакет у локализованој \nверзији за Фарси (Персијски језик). Испод можете погледати\nлисту подржаних језичких кодова. " + +#: lib/gettor/i18n.py:76 +msgid " List of supported locales:" +msgstr "Списак подржаних локализација:" + +#: lib/gettor/i18n.py:78 +msgid "Here is a list of all available languages:" +msgstr "Списак свих расположивих језика:" + +#: lib/gettor/i18n.py:80 +msgid "" +" gettor+ar(a)torproject.org: Arabic\n" +" gettor+de(a)torproject.org: German\n" +" gettor+en(a)torproject.org: English\n" +" gettor+es(a)torproject.org: Spanish\n" +" gettor+fa(a)torproject.org: Farsi (Iran)\n" +" gettor+fr(a)torproject.org: French\n" +" gettor+it(a)torproject.org: Italian\n" +" gettor+nl(a)torproject.org: Dutch\n" +" gettor+pl(a)torproject.org: Polish\n" +" gettor+ru(a)torproject.org: Russian\n" +" gettor+zh(a)torproject.org: Chinese" +msgstr " gettor+ar(a)torproject.org: Арапски\n gettor+de(a)torproject.org: Немачки\n gettor+en(a)torproject.org: Енглески\n gettor+es(a)torproject.org: Шпански\n gettor+fa(a)torproject.org: Фарси (Иран)\n gettor+fr(a)torproject.org: Француски\n gettor+it(a)torproject.org: Италијански\n gettor+nl(a)torproject.org: Холандски\n gettor+pl(a)torproject.org: Пољски\n gettor+ru(a)torproject.org: Руски\n gettor+zh(a)torproject.org: Кинески" + +#: lib/gettor/i18n.py:92 +msgid "If you select no language, you will receive the English version." +msgstr "Ако не изаберете језик, примићете верзију на енглеском језику." + +#: lib/gettor/i18n.py:94 +msgid "" +"SMALLER SIZED PACKAGES\n" +"======================" +msgstr "ПАКЕТИ МАЊЕ ВЕЛИЧИНЕ\n======================" + +#: lib/gettor/i18n.py:97 +msgid "" +"If your bandwith is low or your provider doesn't allow you to\n" +"receive large attachments in your email, GetTor can send you several\n" +"small packages instead of one big one." +msgstr "Ako je vasa propusnost spora, ili vas provajder ne dozvoljava da\nprimate velike fajlove u vasem e-mailu, GetTor vam moze poslati vise manjih paketa umesto jednog velikog." + +#: lib/gettor/i18n.py:101 +msgid "" +"Simply include the keyword 'split' in a new line on its own (this part\n" +"is important!) like so: \n" +" \n" +" windows\n" +" split" +msgstr "Једноставно ставите реч 'split' саму (ово је битно!) у новом реду\nовако:\n\n windows\n split" + +#: lib/gettor/i18n.py:107 +msgid "" +"Sending this text in an email to GetTor will cause it to send you \n" +"the Tor Browser Bundle in a number of 1,4MB attachments." +msgstr "Слање овог текста на GetTor ће омогућити то да Вам пошаљемо \nTor Browser Bundle путем прилога од по 1,4 MB.\n\n " + +#: lib/gettor/i18n.py:110 +msgid "" +"After having received all parts, you need to re-assemble them to \n" +"one package again. This is done as follows:" +msgstr "Након што сте примили све делове, морате их поново спојити у један пакет. То можете урадити на следећи начин:\n\n " + +#: lib/gettor/i18n.py:113 +msgid "1.) Save all received attachments into one folder on your disk." +msgstr "1) Сачувајте све примљене прилоге у једну фасциклу на диску.\n\n " + +#: lib/gettor/i18n.py:115 +msgid "" +"2.) Unzip all files ending in \".z\". If you saved all attachments to\n" +"a fresh folder before, simply unzip all files in that folder. If you don't\n" +"know how to unzip the .z files, please see the UNPACKING THE FILES section." +msgstr "2.) Otpakujte sve fajlove koji zavrsavaju s extensijom \".z\". Ako ste snjimili sve fajlove u novi folder, jednostavno unzip-ujte sve fajlove u taj folder. Ako neznate kako otpakovat .z fajlove, onda niste dovoljno obrazovani za koristenje ovog software-a." + +#: lib/gettor/i18n.py:119 +msgid "" +"3.) Verify all files as described in the mail you received with \n" +"each package. (gpg --verify)" +msgstr "3) Проверите да ли имате све датотеке које су наведене у поруци \nса сваким пакетом. (gpg --verify)\n\n " + +#: lib/gettor/i18n.py:122 +msgid "" +"4.) Now unpack the multi-volume archive into one file by double-\n" +"clicking the file ending in \"..split.part01.exe\". This should start the \n" +"process automatically." +msgstr "4) Sada otpakujte visedelnu arhivu u jedan fajl duplim \nklikom na fajl koji se zavrsava sa \"..split.part01.exe\". Ovo bi trebalo da\npokrene proces automatski." + +#: lib/gettor/i18n.py:126 +msgid "" +"5.) After unpacking is finished, you should find a newly created \n" +"\".exe\" file in your destination folder. Simply doubleclick\n" +"that and Tor Browser Bundle should start within a few seconds." +msgstr "5) Након што се отпакивање заврши, видећете новонаправљену \n„.exe“ датотеку у свом одредишном директоријуму. Двокликните на ту датотеку\nи Tor Browser Bundle би требало да се покрене за неколико тренутака.\n\n " + +#: lib/gettor/i18n.py:130 +msgid "6.) That's it. You're done. Thanks for using Tor and have fun!" +msgstr "6.) И то је то!. Завршили сте. Хвала Вам што користите ТОР!" + +#: lib/gettor/i18n.py:132 +msgid "" +"SUPPORT\n" +"=======" +msgstr "ПОДРШКА\n=========" + +#: lib/gettor/i18n.py:138 +msgid "" +"Here's your requested software as a zip file. Please unzip the\n" +"package and verify the signature." +msgstr "Ovde je trazeni softver kao zip fajl. Molim vas da otpakujete paket i proverite potpise." + +#: lib/gettor/i18n.py:141 +msgid "" +"VERIFY SIGNATURE\n" +"================\n" +"If your computer has GnuPG installed, use the gpg commandline \n" +"tool as follows after unpacking the zip file:\n" +"\n" +" gpg --verify tor-browser-1.3.24_en-US.exe.asc tor-browser-1.3.24_en-US.exe" +msgstr "PROVERITE POTPIS\n================\nAko vas kompjuter ima GnuPG instaliran, koristite gpg commanline\nalat kada otpakujete zip fajl:\n\n gpg --verify tor-browser-1.3.24_en-US.exe.asc tor-browser-1.3.24_en-US.exe" + +#: lib/gettor/i18n.py:148 +msgid "" +"The output should look somewhat like this:\n" +"\n" +" gpg: Good signature from 'Erinn Clark <...>'" +msgstr "Izlaz bi trebao izgledati ovako\n\n 'gpg: Good signature from 'Erinn Clark <...>'" + +#: lib/gettor/i18n.py:152 +msgid "" +"If you're not familiar with commandline tools, try looking for\n" +"a graphical user interface for GnuPG on this website:\n" +"\n" +" http://www.gnupg.org/related_software/frontends.html" +msgstr "Ako niste upoznati sa commandline alatom, probajte naci graficko korisnicko sucelje za GnuPG na ovom sajtu:\n\n http://www.gnupg.org/related_software/frontends.html" + +#: lib/gettor/i18n.py:157 +msgid "" +"BLOCKED ACCESS / CENSORSHIP\n" +"===========================" +msgstr "BLOKIRAN PRISTUP / CENZURA\n=======================" + +#: lib/gettor/i18n.py:160 +msgid "" +"If your Internet connection blocks access to the Tor network, you\n" +"may need a bridge relay. Bridge relays (or \"bridges\" for short)\n" +"are Tor relays that aren't listed in the main directory. Since there\n" +"is no complete public list of them, even if your ISP is filtering\n" +"connections to all the known Tor relays, they probably won't be able\n" +"to block all the bridges." +msgstr "Ако Ваша интернет веза блокира приступ Tor мрежи, требаће Вам\nбриџ релеј. Бриџ релеји\nјесу Tor релеји који нису сврстани у главном директоријуму. С обзиром на то\nда\nне постоји њихов комплетан списак, иако Ваш ISP филтрира\nвезе за све познате Tor релеје, вероватно неће бити у могућности да\nблокира баш све бриџеве.\n\n " + +#: lib/gettor/i18n.py:167 +msgid "" +"You can acquire a bridge by sending an email that contains \"get bridges\"\n" +"in the body of the email to the following email address:\n" +"\n" +" bridges(a)torproject.org" +msgstr "Можете набавити бриџ слањем е-маила који садржи \"get bridges\"\nу телу поруке коју ћете послати на адресу:\n\n bridges(a)torproject.org" + +#: lib/gettor/i18n.py:172 +msgid "" +"It is also possible to fetch bridges with a web browser at the following\n" +"url: https://bridges.torproject.org/" +msgstr "Могуће је и да учитате бриџеве веб прегледачем преко следеће\nадресе: https://bridges.torproject.org/\n\n " + +#: lib/gettor/i18n.py:175 +msgid "" +"Another censorship circumvention tool you can request from GetTor is\n" +"the Tor Obfsproxy Browser Bundle. Please read the package descriptions for\n" +"which package you should request to receive this." +msgstr "Jos jedan alat za zaobilazenje cenzure koji mozete da zahtevate od GetTor je\nTor Obfsproxy Browser Bundle. Molimo vas, procitajte opise paketa da bi znali\nza koji paket da zahtevate ovo." + +#: lib/gettor/i18n.py:179 +msgid "" +"IMPORTANT NOTE:\n" +"Since this is part of a split-file request, you need to wait for\n" +"all split files to be received by you before you can save them all\n" +"into the same directory and unpack them by double-clicking the\n" +"first file." +msgstr "ВАЖНА НАПОМЕНА:\nС обзиром на то да је ово део захтева за дељење датотека, мораћете да\nсачекате \nсве подељене датотеке пре него што их можете сачувати\nу исти директоријум и отпаковати.\n\n " + +#: lib/gettor/i18n.py:185 +msgid "" +"Packages might arrive out of order! Please make sure you received\n" +"all packages before you attempt to unpack them!" +msgstr "Пакети се могу измешати! Уверите се да сте примили\nсве пакете пре него што пробате да их отпакујете!\n\n " + +#: lib/gettor/i18n.py:188 +#, python-format +msgid "" +"It was successfully understood. Your request is currently being processed.\n" +"Your package (%s) should arrive within the next ten minutes." +msgstr "Uspesno je razumljeno. Vas zahtev se trenutacno obraduje.\nVas paket (%s) bi trebao stici u sledecih deset minuta" + +#: lib/gettor/i18n.py:191 +msgid "" +"If it doesn't arrive, the package might be too big for your mail provider.\n" +"Try resending the mail from a GMAIL.COM, YAHOO.CN or YAHOO.COM account." +msgstr "Ako ne stigne, paket je mozda prevelik za vaseg mail provajdera.\nProbajte ponovo poslati mail od gmail.com, yahoo.cn ili yahoo.com racuna." + +#: lib/gettor/i18n.py:194 +msgid "" +"Unfortunately we are currently experiencing problems and we can't fulfill\n" +"your request right now. Please be patient as we try to resolve this issue." +msgstr "Нажалост, тренутно се сусрећемо с проблемима и не можемо услишити\nВаш захтев у овом тренутку. Будите стрпљиви док не решимо овај проблем.\n\n " + +#: lib/gettor/i18n.py:197 +msgid "" +"Unfortunately there is no split package available for the package you\n" +"requested. Please send us another package name or request the same package \n" +"again, but remove the 'split' keyword. In that case we'll send you the whole \n" +"package. Make sure this is what you want." +msgstr "Нажалост немамо пакет који сте захтевали.\nМолимо Вас да нам још једном пошаљете име пакета \nили захтевајте исти пакет још једном, али изоставите реч 'split'. У том случају послаћемо Вам цео пакет.\nБудите сигурни да је то оно што желите" + +#: lib/gettor/i18n.py:202 +msgid "" +"UNPACKING THE FILES\n" +"===================" +msgstr "PODACI SE OTPAKUJU\n=================" + +#: lib/gettor/i18n.py:205 +msgid "" +"The easiest way to unpack the files you received is to install 7-Zip,\n" +"a free file compression/uncompression tool. If it isn't installed on\n" +"your computer yet, you can download it here:\n" +"\n" +" http://www.7-zip.org/" +msgstr "Najlaksi nacin da otpakujete vase fajlove koje ste primili je da instalirate 7-Zip, besplatan fajl compresor/dekompresor alat. Ako nije vec instaliran na vasem kompjuteru, mozete ga skinuti ovde:\n\n http://www.7-zip.org/" + +#: lib/gettor/i18n.py:211 +msgid "" +"When 7-Zip is installed, you can open the .z archive you received from\n" +"us by double-clicking on it." +msgstr "Када је 7-Zip инсталиран, можете отворити .z архиву коју сте примили од\nнас простим двокликом на њу." + +#: lib/gettor/i18n.py:214 +msgid "" +"An alternative way to get the .z files extraced is to rename them to\n" +".zip. For example, if you recevied a file called \"windows.z\", rename it to \n" +"\"windows.zip\". You should then be able to extract the archive with common \n" +"file archiver programs that probably are already installed on your computer." +msgstr "Alternativni nacin za otpakivanje .z fajlova je da ih\npreimenujete u .zip. Na primer, ako ste primili fajl sa imenom \"windows.z\" \npreimenujte ga u \"windows.zip\". Onda bi trebalo da budete u mogucnosti da\nga otvorite standardnim programima za rad sa arhivama koji su verovatno\nvec instalirani na vasem kompjuteru." + +#: lib/gettor/i18n.py:219 +msgid "" +"Please reply to this mail, and tell me a single package name anywhere\n" +"in your reply. Here's a short explanation of what these packages are:" +msgstr "Molim vas, odgovorite na ovaj mail, i recite mi ime jednog paketa\nbilo gde u vasem odgovoru. Evo kratkog objasnjenja sta su ovi paketi:" + +#: lib/gettor/i18n.py:222 +msgid "" +"windows:\n" +"The Tor Browser Bundle package for Windows operating systems. If you're \n" +"running some version of Windows, like Windows XP, Windows Vista or \n" +"Windows 7, this is the package you should get." +msgstr "windows:\nTor Browser Bundle пакет за Windows оперативне системе Ако \nкористите верзије Windows система, као Windows XP, Windows Vista или \nWindows 7, ово је пакет који треба да преузмете." + +#: lib/gettor/i18n.py:227 +msgid "" +"macos-i386:\n" +"The Tor Browser Bundle package for OS X, Intel CPU architecture. In \n" +"general, newer Mac hardware will require you to use this package." +msgstr "macos-i386:\nTor Browser paket za OS X, intel CPU arhitekturu. Vecina\nnovog Mac harvdera ce zahtevati da koristite ovaj paket." + +#: lib/gettor/i18n.py:231 +msgid "" +"macos-ppc:\n" +"This is an older installer (the \"Vidalia bundle\") for older Macs running\n" +"OS X on PowerPC CPUs. Note that this package will be deprecated soon." +msgstr "macos-ppc:\nOvo je stariji instalator('Vidalia paket\") za starije Mac-ove koji \nkoriste PowerPC procesore. Ovaj paket ce uskoro postati zastareo." + +#: lib/gettor/i18n.py:235 +msgid "" +"linux-i386:\n" +"The Tor Browser Bundle package for Linux, 32bit versions." +msgstr "linux-i386:\nTor Browser paket za Linux, 32-bitne verzije." + +#: lib/gettor/i18n.py:238 +msgid "" +"Note that this package is rather large and needs your email provider to \n" +"allow for attachments of about 30MB in size." +msgstr "Imajte u vidu da je ovaj paket relativno velik i potrebno je da vas email \nprovajder dozvoljava priloge velicine oko 30MB." + +#: lib/gettor/i18n.py:241 +msgid "" +"linux-x86_64:\n" +"The Tor Browser Bundle package for Linux, 64bit versions." +msgstr "inux-x86_64:\nTor Browser paket za Linux, 64-bitne verzije." + +#: lib/gettor/i18n.py:244 +msgid "" +"obfs-windows:\n" +"The Tor Obfsproxy Browser Bundle for Windows operating systems. If you need\n" +"strong censorship circumvention and you are running some version of the \n" +"Windows, like Windows XP, Windows Vista or Windows 7, this is the package\n" +"you should get." +msgstr "obfs-windows:\nTor Obfsproxy Browser Bundle za Windows operativne sisteme. Ako vam je \npotrebno jako zaobilazenje cenzure i koristite neko verziju Windows-a kao sto\nje Windows XP, Windows Vista ili Windows 7, ovo ke paket koji treba da nabavite." + +#: lib/gettor/i18n.py:250 +msgid "" +"obfs-macos-i386:\n" +"The Tor Obfsproxy Browser Bundle package for OS X, 32bit Intel CPU \n" +"architecture." +msgstr "obfs-macos-i386:\nTor Obfsproxy Browser Bundle paket za OS X, 32bitnu Intel CPU arhitekturu" + +#: lib/gettor/i18n.py:254 +msgid "" +"obfs-macos-x86_64:\n" +"The Tor Obfsproxy Browser Bundle package for OS X, 64bit Intel CPU \n" +"architecture." +msgstr "obfs-macos-x86_64:\nTor Obfsproxy Browser Bundle paket za OS X, 64bitnu Intel CPU\narhitekturu" + +#: lib/gettor/i18n.py:258 +msgid "" +"obfs-linux-i386:\n" +"The Tor Obfsproxy Browser Bundle package for Linux, 32bit Intel CPU \n" +"architecture." +msgstr "obfs-linux-i386:\nTor Obfsproxy Browser Bundle paket za Linux, 32bitnu Intel CPU\narhitekturu." + +#: lib/gettor/i18n.py:262 +msgid "" +"obfs-linux-x86_64:\n" +"The Tor Obfsproxy Browser Bundle package for Linux, 64bit Intel CPU \n" +"architecture." +msgstr "obfs-linux-x86_64:\nTor Obfsproxy Browser Bundle paket za Linux, 64bitnu Intel CPU\narhitekturu" + +#: lib/gettor/i18n.py:266 +msgid "" +"source:\n" +"The Tor source code, for experts. Most users do not want this package." +msgstr "izvor:\nTor izvorni kod, za ekpserte. Vecina korisnika ne zeli ovaj paket." + +#: lib/gettor/i18n.py:269 +msgid "" +"FREQUENTLY ASKED QUESTIONS\n" +"==========================" +msgstr "Cesto postavljana pitanja:" + +#: lib/gettor/i18n.py:272 +msgid "What is Tor?" +msgstr "Šta je TOR?" + +#: lib/gettor/i18n.py:274 +msgid "The name \"Tor\" can refer to several different components." +msgstr "Ime \"Tor\" predstavlja nekoliko različitih komponenti." + +#: lib/gettor/i18n.py:276 +msgid "" +"The Tor software is a program you can run on your computer that helps \n" +"keep you safe on the Internet. Tor protects you by bouncing your \n" +"communications around a distributed network of relays run by volunteers \n" +"all around the world: it prevents somebody watching your Internet connection \n" +"from learning what sites you visit, and it prevents the sites you visit from \n" +"learning your physical location. This set of volunteer relays is called the \n" +"Tor network. You can read more about how Tor works here:\n" +"\n" +" https://www.torproject.org/about/overview.html.en" +msgstr "Tor software je program koji možete pokrenuti na vašem računaru i koji vam pomaže da budete helps \nkeep you safe on the Internet. Tor protects you by bouncing your \ncommunications around a distributed network of relays run by volunteers \nall around the world: it prevents somebody watching your Internet connection \nfrom learning what sites you visit, and it prevents the sites you visit from \nlearning your physical location. This set of volunteer relays is called the \nTor network. Kako TOR radi možete pročitati više na adresi:\n\n https://www.torproject.org/about/overview.html.en" + +#: lib/gettor/i18n.py:286 +msgid "What is the Tor Browser Bundle?" +msgstr "Шта је Tor Browser Bundle?" + +#: lib/gettor/i18n.py:288 +msgid "" +"The Browser Bundle (TBB) is the package we recommend to most users. \n" +"The bundle comes with everything you need to safely browse the Internet.\n" +"Just extract it and run." +msgstr "Tor Browser Bundle(TBB) je paket preporucen za vecinu korisnika.\nPaket sadrzi sve sto je potrebno za bezbedno pretrazivanje interneta.\nSamo ga otpakujte i pokrenite." + +#: lib/gettor/i18n.py:292 +msgid "What package should I request?" +msgstr "Који пакет треба да тражим?" + +#: lib/gettor/i18n.py:294 +msgid "" +"This depends on the operating system you use. For instance, if your\n" +"operating system is Microsoft Windows, you should request \"windows\". Here\n" +"is a short explanation of all packages to request and what operating \n" +"systems there are suitable for:" +msgstr "Ovo zavisi od operativnog sistema koji koristite. Na primer, ako je vas \noperativni sistem Microsoft Windows, treba da zahtevate \"windows\". Evp\nkratkog objasnjenja koje pakete treba zahtevati i za koje operativne sisteme\nsu pogodni:" + +#: lib/gettor/i18n.py:299 +msgid "How do I extract the file(s) you sent me?" +msgstr "Kako da otpakujem fajl(ove) koje ste mi poslali?" + +#: lib/gettor/i18n.py:301 +msgid "QUESTION:" +msgstr "PITANJE:" + +#: lib/gettor/i18n.py:303 +msgid "ANSWER:" +msgstr "ODGOVOR:" + +#: lib/gettor/i18n.py:305 +#, python-format +msgid "" +"Sorry, but the package you requested (%s) is too large for your \n" +"provider to accept as an attachment. Try using another provider that allows \n" +"for larger email attachments. Or try one of the following mirrors:\n" +"\n" +" https://www.oignon.net/dist/torbrowser/\n" +" https://tor.beme-it.de/dist/torbrowser/\n" +" https://www.torservers.net/mirrors/torproject.org/dist/torbrowser/" +msgstr "Zao nam je, ali paket koji ste zahtevali(%s) je preveliki da bi ga\nvas provajder prihvatio kao prilog. Pokusajte da koristite drugog \nprovajdera koji dozvoljava vece email priloge. Ili probajte jedno od ovih ogledala:\n\nhttps://www.oignon.net/dist/torbrowser/\nhttps://tor.beme-it.d…"

1 0

[translation/gettor] Update translations for gettor
by translation＠torproject.org 10 Jul '14

10 Jul '14

commit d2a7b24e6f01659196cfd1e6ed79d4455093346e Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jul 10 13:15:08 2014 +0000 Update translations for gettor --- sr/gettor.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sr/gettor.po b/sr/gettor.po index 55d3c10..e45b6fe 100644 --- a/sr/gettor.po +++ b/sr/gettor.po @@ -14,7 +14,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2013-01-19 13:40+0100\n" -"PO-Revision-Date: 2014-07-10 12:44+0000\n" +"PO-Revision-Date: 2014-07-10 12:51+0000\n" "Last-Translator: tentaclewarrior <exterminator996(a)gmail.com>\n" "Language-Team: Serbian (http://www.transifex.com/projects/p/torproject/language/sr/)\n" "MIME-Version: 1.0\n" @@ -425,7 +425,7 @@ msgid "" "obfs-linux-x86_64:\n" "The Tor Obfsproxy Browser Bundle package for Linux, 64bit Intel CPU \n" "architecture." -msgstr "" +msgstr "obfs-linux-x86_64:\nTor Obfsproxy Browser Bundle paket za Linux, 64bitnu Intel CPU\narhitekturu" #: lib/gettor/i18n.py:266 msgid ""

1 0

[translation/gettor] Update translations for gettor
by translation＠torproject.org 10 Jul '14

10 Jul '14

commit 4920a3dd0e0b687e269eb45565217c0df0deffed Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jul 10 12:45:05 2014 +0000 Update translations for gettor --- sr/gettor.po | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/sr/gettor.po b/sr/gettor.po index 7deadbd..55d3c10 100644 --- a/sr/gettor.po +++ b/sr/gettor.po @@ -14,7 +14,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2013-01-19 13:40+0100\n" -"PO-Revision-Date: 2014-07-09 17:30+0000\n" +"PO-Revision-Date: 2014-07-10 12:44+0000\n" "Last-Translator: tentaclewarrior <exterminator996(a)gmail.com>\n" "Language-Team: Serbian (http://www.transifex.com/projects/p/torproject/language/sr/)\n" "MIME-Version: 1.0\n" @@ -56,7 +56,7 @@ msgstr "(Извињавамо се ако нисте захтевали ову msgid "" "If you have any questions or it doesn't work, you can contact a\n" "human at this support email address: help(a)rt.torproject.org" -msgstr "" +msgstr "Ako imate pitanja ili ne funkcionise, mozete da kontaktirate \ncoveka na ovoj adresi podrske: help(a)rt.torproject.org" #: lib/gettor/i18n.py:46 msgid "" @@ -74,7 +74,7 @@ msgid "" " obfs-linux-i386\n" " obfs-linux-x86_64\n" " source" -msgstr "" +msgstr "Poslacu vam Tor paket mail-om, ako mi kazete koji zelite.\nMolim vas odaberite jedno od sledecih imena paketa:\n\nwindows\nmacos-i386\nmacos-ppc\nlinux-i386\nlinux-x86_64\nobfs-windows\nobfs-macos-i386\nobfs-macos-x86_64\nobfs-linux-i386\nobfs-linux-x86_64\nsource" #: lib/gettor/i18n.py:61 msgid "" @@ -271,7 +271,7 @@ msgid "" "Another censorship circumvention tool you can request from GetTor is\n" "the Tor Obfsproxy Browser Bundle. Please read the package descriptions for\n" "which package you should request to receive this." -msgstr "" +msgstr "Jos jedan alat za zaobilazenje cenzure koji mozete da zahtevate od GetTor je\nTor Obfsproxy Browser Bundle. Molimo vas, procitajte opise paketa da bi znali\nza koji paket da zahtevate ovo." #: lib/gettor/i18n.py:179 msgid "" @@ -397,28 +397,28 @@ msgid "" "strong censorship circumvention and you are running some version of the \n" "Windows, like Windows XP, Windows Vista or Windows 7, this is the package\n" "you should get." -msgstr "" +msgstr "obfs-windows:\nTor Obfsproxy Browser Bundle za Windows operativne sisteme. Ako vam je \npotrebno jako zaobilazenje cenzure i koristite neko verziju Windows-a kao sto\nje Windows XP, Windows Vista ili Windows 7, ovo ke paket koji treba da nabavite." #: lib/gettor/i18n.py:250 msgid "" "obfs-macos-i386:\n" "The Tor Obfsproxy Browser Bundle package for OS X, 32bit Intel CPU \n" "architecture." -msgstr "" +msgstr "obfs-macos-i386:\nTor Obfsproxy Browser Bundle paket za OS X, 32bitnu Intel CPU arhitekturu" #: lib/gettor/i18n.py:254 msgid "" "obfs-macos-x86_64:\n" "The Tor Obfsproxy Browser Bundle package for OS X, 64bit Intel CPU \n" "architecture." -msgstr "" +msgstr "obfs-macos-x86_64:\nTor Obfsproxy Browser Bundle paket za OS X, 64bitnu Intel CPU\narhitekturu" #: lib/gettor/i18n.py:258 msgid "" "obfs-linux-i386:\n" "The Tor Obfsproxy Browser Bundle package for Linux, 32bit Intel CPU \n" "architecture." -msgstr "" +msgstr "obfs-linux-i386:\nTor Obfsproxy Browser Bundle paket za Linux, 32bitnu Intel CPU\narhitekturu." #: lib/gettor/i18n.py:262 msgid "" @@ -431,13 +431,13 @@ msgstr "" msgid "" "source:\n" "The Tor source code, for experts. Most users do not want this package." -msgstr "" +msgstr "izvor:\nTor izvorni kod, za ekpserte. Vecina korisnika ne zeli ovaj paket." #: lib/gettor/i18n.py:269 msgid "" "FREQUENTLY ASKED QUESTIONS\n" "==========================" -msgstr "" +msgstr "Cesto postavljana pitanja:" #: lib/gettor/i18n.py:272 msgid "What is Tor?" @@ -469,7 +469,7 @@ msgid "" "The Browser Bundle (TBB) is the package we recommend to most users. \n" "The bundle comes with everything you need to safely browse the Internet.\n" "Just extract it and run." -msgstr "" +msgstr "Tor Browser Bundle(TBB) je paket preporucen za vecinu korisnika.\nPaket sadrzi sve sto je potrebno za bezbedno pretrazivanje interneta.\nSamo ga otpakujte i pokrenite." #: lib/gettor/i18n.py:292 msgid "What package should I request?" @@ -481,11 +481,11 @@ msgid "" "operating system is Microsoft Windows, you should request \"windows\". Here\n" "is a short explanation of all packages to request and what operating \n" "systems there are suitable for:" -msgstr "" +msgstr "Ovo zavisi od operativnog sistema koji koristite. Na primer, ako je vas \noperativni sistem Microsoft Windows, treba da zahtevate \"windows\". Evp\nkratkog objasnjenja koje pakete treba zahtevati i za koje operativne sisteme\nsu pogodni:" #: lib/gettor/i18n.py:299 msgid "How do I extract the file(s) you sent me?" -msgstr "" +msgstr "Kako da otpakujem fajl(ove) koje ste mi poslali?" #: lib/gettor/i18n.py:301 msgid "QUESTION:" @@ -505,4 +505,4 @@ msgid "" " https://www.oignon.net/dist/torbrowser/\n" " https://tor.beme-it.de/dist/torbrowser/\n" " https://www.torservers.net/mirrors/torproject.org/dist/torbrowser/" -msgstr "" +msgstr "Zao nam je, ali paket koji ste zahtevali(%s) je preveliki da bi ga\nvas provajder prihvatio kao prilog. Pokusajte da koristite drugog \nprovajdera koji dozvoljava vece email priloge. Ili probajte jedno od ovih ogledala:\n\nhttps://www.oignon.net/dist/torbrowser/\nhttps://tor.beme-it.d…"

1 0

[torspec/master] Apply Yawning's pt-spec.txt improvements.
by asn＠torproject.org 10 Jul '14

10 Jul '14

commit c6c7404547e0e431232dd1674ff11023a2d6f6bf Author: George Kadianakis <desnacked(a)riseup.net> Date: Thu Jul 10 15:01:39 2014 +0300 Apply Yawning's pt-spec.txt improvements. --- pt-spec.txt | 298 +++++++++++++++++++++++++++++------------------------------ 1 file changed, 149 insertions(+), 149 deletions(-) diff --git a/pt-spec.txt b/pt-spec.txt index 132fb0f..aea7fd5 100644 --- a/pt-spec.txt +++ b/pt-spec.txt @@ -10,9 +10,9 @@ A Table of Contents: 2.0. Pluggable Transport names 2.1. Tor Configuration 2.1.0. Client Configuration - 2.1.0.0. ClientTransportPlugin lines - 2.1.0.1. Bridge lines - 2.1.0.2. Connecting to a bridge through a client PT proxy + 2.1.0.0. ClientTransportPlugin torrc lines + 2.1.0.1. Bridge torrc lines + 2.1.0.2. Connecting to a bridge via a client PT proxy 2.1.0.3. Passing PT-specific parameters to a client PT 2.1.1. Server (bridge) Configuration 2.1.1.0. ServerTransportPlugin lines @@ -28,28 +28,28 @@ A Table of Contents: +---- Extended ORPort | connection v - +-----------+ +-----------+ - SOCKS -> +-----| PT client |------------| PT server |-----+ -connection | +-----------+ ^ +-----------+ | - | | | - +------------+ Obfuscated +--------------+ - | Tor Client | traffic | Tor Bridge | - +------------+ +--------------+ + +-----------+ +------------+ + SOCKS -> +-----| PT client |------------| PT server |----+ +connection | +-----------+ ^ +------------+ | + | | | + +------------+ Obfuscated +--------------+ + | Tor Client | traffic | Tor Bridge | + +------------+ +--------------+ 0. Motivation - This proposal describes how Tor uses Pluggable Transports (PTs). + This specification describes how Tor uses Pluggable Transports (PTs). This document is different from pt-spec.txt because it contains Tor-specific information, whereas the pt-spec.txt aims to be system-independent. 1. Tor PT interface overview - Pluggable Transports need to implement a specific interface to be - able to harmoniously coordinate with Tor. This article attempts to - document this interface. + Pluggable Transports must implement a specific interface to be able to + harmoniously coordinate with Tor. This article attempts to document + this interface. TODO: Make this section more useful (SOCKS, ExtORport, etc.) @@ -57,28 +57,29 @@ connection | +-----------+ ^ +-----------+ | 2.0. Pluggable Transport names - Tor treats Pluggable Transport names as unique identifiers. No two - PTs should have the same name. + Tor treats Pluggable Transport names as unique identifiers. Every PT + MUST have a unique name. - Furthermore, PT names MUST be C identifiers. That is, PT names must - begin with a letter or underscore and the rest of the characters can - be letters, numbers or underscores. No length limit is imposed. The - relevant regular expression is "[a-zA-Z_][a-zA-Z0-9_]*". + Furthermore, PT names MUST be C identifiers. That is, PT names MUST + begin with a letter or underscore and the rest of the characters be + letters, numbers or underscores. No length limit is imposed. + + PT names MUST satisfy the regular expression "[a-zA-Z_][a-zA-Z0-9_]*". 2.1. Tor Configuration 2.1.0. Client Configuration - Users use the Tor configuration file (torrc) to specify whether and - how Pluggable Transports should be used. Specifically, a user is - expected to use the Bridge and ClientTransportPlugin torrc lines to - configure their PTs. + Users use the Tor configuration file (torrc) to specify if and how + Pluggable Transports should be used. Specifically, a user is expected + to use the Bridge and ClientTransportPlugin torrc lines to configure + their PTs. -2.1.0.0. ClientTransportPlugin lines +2.1.0.0. ClientTransportPlugin torrc lines - ClientTranportPlugin lines are used to tell Tor about pluggable - transports. They specify where a PT can be found if it's needed by - Tor to connect to a bridge. + ClientTranportPlugin torrc lines are used by Tor to configure + Pluggable Transports. They specify the location of the PT executable, + and which PT protocols the executable is able to perform. The standard format of a ClientTransportPlugin line is: @@ -86,87 +87,86 @@ connection | +-----------+ ^ +-----------+ | where <transports> are the (comma-separated) names of the PTs that this line specifies. <path> is a filesystem path pointing to an - executable that can "perform" this PT. <options> are command-line - arguments and switches that should be used when calling the - executable. + executable that can "perform" this PT. <options> are (optional) + command-line arguments and switches that should be used when + invoking the executable. - As an example: + For example: ClientTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy --managed - This line tells Tor to launch the executable at /usr/bin/obfsproxy - with the command-line switch "--managed". That executable should be - able to perform two PTs: obfs2 and obfs3. + This line tells Tor to launch the executable "/usr/bin/obfsproxy" with + the command-line switch "--managed". That executable should be able to + perform two PTs: obfs2 and obfs3. - If two ClientTransportPlugin lines specify the same PT, Tor SHOULD - use whichever one is listed first. + If two ClientTransportPlugin lines specify the same PT, Tor SHOULD use + whichever one is listed first. TODO: Document external mode TODO: Document '*' transport -2.1.0.1. Bridge lines +2.1.0.1. Bridge torrc lines Bridge lines specify how Tor should connect to a bridge. The Bridge line format is: Bridge [<transport>] <address>:<port> [<id-fingerprint>] [<k>=<v>] [<k>=<v>] [<k>=<v>] - the PT-specific parts of this format is [transport] and the [k=v] + The PT-specific parts of this format are the [transport] and [k=v] values. - <transport> is the name of the PT that should be used for connecting - to that bridge, and the <k>=<v> values are PT-specific parameters that - should be passed to the PT when connecting to this bridge (this - might include keys, passwords or just PT configuration options) as + <transport> is the name of the PT that MUST be used when connecting to + the bridge, and the <k>=<v> values are PT-specific parameters that + MUST be passed to the PT when connecting to the bridge (this MAY + include keys, passwords or other PT configuration options) as specified in [CLIENTPARAMS]. - Upon encountering such a torrc line, Tor walks through its - ClientTransportPlugin lines and checks whether there is a line that + Upon encountering such a Bridge line in the torrc, Tor iterates over + the ClientTransportPlugin lines and checks if there is a line that specifies how <transport> is performed. If a corresponding ClientTransportPlugin line is found, Tor is - expected to execute and enable that PT (more on that in [MANAGEDPROXY]). - If no such line could be found, Tor SHOULD warn the user that there - is no way to perform that PT. + expected to execute and enable that PT via the process specified in + [MANAGEDPROXY]. If no such line could be found, Tor SHOULD warn the + user that there is no way to perform that PT. When a PT-supporting bridge needs to be used in a Tor circuit, Tor - uses the PT as a proxy as specified in the paragraph below. + uses the PT as a proxy as specified in 2.1.0.2. -2.1.0.2. Connecting to a bridge through a client PT proxy +2.1.0.2. Connecting to a bridge via a client PT proxy + + Consider a fictitious example of the torrc lines: - Let's consider a fictitious example of the torrc lines: -ni ClientTransportPlugin btc,ltc exec /usr/bin/btcproxy Bridge btc 192.0.2.1:6612 tx_size=0.2 - In this case, to connect to the bridge at 192.0.2.1:6612, Tor is - expected to use the PT "btc" through the PT proxy at /usr/bin/btcproxy. + In this example, to connect to the bridge at 192.0.2.1:6612, Tor is + expected to use the PT "btc" via the PT proxy at /usr/bin/btcproxy. - Using the managed proxy protocol (specified in [MANAGEDPROXY]), the - PT proxy exposes a SOCKS listener and tells Tor its address. Tor - connects to the SOCKS listener, asks it to connect to 192.0.2.1:6612 - and then sends regular Tor traffic through that SOCKS - connection. The PT proxy is expected to obfuscate that traffic - before forwarding it to the bridge. + Using the managed proxy protocol (specified in [MANAGEDPROXY]), the PT + proxy exposes a SOCKS proxy server and informs Tor of the address. + Tor connects to 192.0.2.1:6612 via the PT SOCKS proxy and routes + regular Tor traffic through the SOCKS connection. The PT proxy is + expected to transform the Tor traffic to and from the bridge. - Furthermore, since "tx_size=0.2" was specified as a PT-specific - parameter, Tor needs to pass that to the PT proxy with the method - specified in [CLIENTPARAMS]. + Furthermore, as "tx_size=0.2" was specified as a PT-specific + parameter, Tor will pass that to the PT proxy via the method specified + in [CLIENTPARAMS]. 2.1.0.3. Passing PT-specific parameters to a client PT [CLIENTPARAMS] - If PT-specific parameters are specified in a Bridge line, Tor needs - to pass them to the PT proxy every time a connection is done to that + If PT-specific parameters are specified in a Bridge line, Tor MUST + pass them to the PT proxy every time a connection is made to that bridge. - To do so, we (ab)use the authentication of the SOCKS - protocol. Specifically, if any <k>=<v> values are specified in a + To do so, the authentication mechanism of the SOCKS protocol is + (ab)used. Specifically, if any <k>=<v> values are specified in a Bridge line, Tor should join them with semicolons and place them in the user and password fields of the SOCKS handshake (splitting them across the fields if needed). If a key or value contains a semicolon or a backslash, it is escaped with a backslash. - As an example, if we have: + For example: Bridge trebuchet 192.0.2.1:6612 rocks=20 height=5.6m @@ -251,26 +251,27 @@ ni ServerTransportPlugin line. This can be done using execve(2) or any other process-spawning API. - After Tor has launched the PT, it needs to coordinate with it to - make sure that the right transports will be used, that it will bind - in the proper address/port, etc. + After Tor has launched the PT, the PT must be configured to ensure + that the right transports will be used, that it will bind in the + proper address/port, etc. - To achieve this, Tor uses the "managed proxy protocol". This is a - communication protocol where Tor speaks to the PT using environment - variables, and the PT replies by printing lines to its stdout. + To achieve this, Tor and the PT use the "managed proxy protocol". This + is a communication protocol where Tor speaks to the PT using + environment variables, and the PT replies by printing lines to its + stdout. 2.2.0. Tor -> PT communication (environment variables) When the Tor client or relay launches a managed proxy, it communicates - via environment variables. At a minimum, it sets (in addition to the - normal environment variables inherited from Tor): + via environment variables. At a minimum, TOR MUST set the following + enviornment variables: {Both client and server} "TOR_PT_STATE_LOCATION" -- A filesystem directory path where the - PT should store permanent state if it wants to. This directory - is not required to exist, but the proxy SHOULD be able to - create it if it doesn't. The proxy MUST NOT store state + PT is allowed to store permanent state if required. This + directory is not required to exist, but the proxy SHOULD be able + to create it if it does not. The proxy MUST NOT store state elsewhere. Example: TOR_PT_STATE_LOCATION=/var/lib/tor/pt_state/ @@ -278,7 +279,7 @@ ni versions of this configuration protocol Tor supports. Clients MUST accept comma-separated lists containing any version that they recognise, and MUST work correctly even if some of the - versions they don't recognise are non-numeric. Valid version + versions they do not recognise are non-numeric. Valid version characters are non-space, non-comma printable ASCII characters. Example: TOR_PT_MANAGED_TRANSPORT_VER=1,1a,2,4B @@ -290,17 +291,17 @@ ni Example: TOR_PT_CLIENT_TRANSPORTS=trebuchet,battering_ram,ballista "TOR_PT_PROXY" -- This is the address of an outgoing proxy that - the pluggable transport proxy should use (see proposal 232 for - more details). It is in the format: + the pluggable transport proxy MUST use (see proposal 232 for more + details). It is of the format: <proxy_type>://[<user_name>][:<password>][@]<ip>:<port> - The TOR_PT_PROXY is optional and can be omitted if there is no - need to connect to an outgoing proxy. + The TOR_PT_PROXY is optional and MAY be omitted if there is no + need to connect via an outgoing proxy. Example: socks5://tor:test1234@198.51.100.1:8000 socks4a://198.51.100.2:8001 {Server only} - "TOR_PT_EXTENDED_SERVER_PORT" -- An <address>:<port> where tor + "TOR_PT_EXTENDED_SERVER_PORT" -- An <address>:<port> where Tor should be listening for connections speaking the extended ORPort protocol (as specified in [EXTORPORT]). If Tor does not support the extended ORPort protocol, it MUST use the empty @@ -316,16 +317,16 @@ ni <key>-<value> pairs, where <key> is a transport name and <value> is the adress:port on which it should listen for client proxy connections. - The keys holding transport names MUST appear on the same order - as they appear on TOR_PT_SERVER_TRANSPORTS. - This might be the advertised address, or might be a local - address that Tor will forward ports to. It MUST be an address - that will work with bind(). + The keys holding transport names MUST be in the same order as + they are in TOR_PT_SERVER_TRANSPORTS. This might be the + advertised address, or might be a local address that Tor will + forward ports to. It MUST be an address that will work with + bind(). Example: TOR_PT_SERVER_BINDADDR=trebuchet-127.0.0.1:1984,ballista-127.0.0.1:4891 "TOR_PT_SERVER_TRANSPORTS" -- A comma-separated list of server - transports that the proxy should support. The proxy SHOULD + transports that the proxy should support. The proxy SHOULD ignore transport names that it doesn't recognise. Example: TOR_PT_SERVER_TRANSPORTS=trebuchet,ballista @@ -338,12 +339,11 @@ ni "TOR_PT_SERVER_TRANSPORT_OPTIONS" -- A semicolon-separated list of <key>:<value> pairs, where <key> is a transport name and - <value> is a k=v string value with options that are to be - passed to the transport. Colons, semicolons, equal signs and - backslashes must be escaped with a backslash. - The TOR_PT_SERVER_TRANSPORT_OPTIONS is optional and might not - be present in the environment of the proxy if no options need - to be passed to transports. + <value> is a k=v string value with options that are to be passed + to the transport. Colons, semicolons, equal signs and backslashes + MUST be escaped with a backslash. TOR_PT_SERVER_TRANSPORT_OPTIONS + is optional and might not be present in the environment of the + proxy if no options are need to be passed to transports. Example: TOR_PT_SERVER_TRANSPORT_OPTIONS=scramblesuit:key=banana;automata:rule=110;automata:depth=3 will pass to 'scramblesuit' the parameter 'key=banana' and to @@ -352,7 +352,7 @@ ni 2.2.1. PT -> Tor communication (stdout) The transport proxy replies by writing NL-terminated lines to - stdout. The line metaformat is: + stdout. The line metaformat is: <Line> ::= <Keyword> <OptArgs> <NL> <Keyword> ::= <KeywordChar> | <Keyword> <KeywordChar> @@ -363,40 +363,42 @@ ni <SP> ::= <US-ASCII whitespace symbol (32)> <NL> ::= <US-ASCII newline (line feed) character (10)> - Tor MUST ignore lines with keywords that it doesn't recognize. + Tor MUST ignore lines with keywords that it does not recognize. - First, if there's an error parsing the environment variables, the - proxy should write: + If there is an error parsing the environment variables, the proxy + SHOULD write: ENV-ERROR <errormessage> and exit. If the environment variables were correctly formatted, the proxy should write: VERSION <configuration protocol version> - to say that it supports this configuration protocol version (example - "VERSION 1"). It must either pick a version that Tor told it about - in TOR_PT_MANAGED_TRANSPORT_VER, or pick no version at all, say: + to announce the supported configuration protocol version (eg: + "VERSION 1"). It MUST either pick a version among those listed in the + TOR_PT_MANAGED_TRANSPORT_VER enviornment variable. If no supported + versions are listed in the enviornment variable the proxy SHOULD + write: VERSION-ERROR no-version and exit. - The proxy should then open its ports. If running as a client - proxy, it should not use fixed ports; instead it should autoselect - ports to avoid conflicts. A client proxy should by default only - listen on localhost for connections. + The proxy should then open its ports. If running as a client + proxy, it SHOULD NOT use fixed ports; instead it SHOULD autoselect + ports to avoid conflicts. A client proxy SHOULD only listen on the + loopback interface for connections by default. - A client PT should then tell which transports it has made available - and how. It does this by printing zero or more CMETHOD or SMETHOD - lines to its stdout. + A PT should then tell which transports it has made available and how. + It does this by printing zero or more CMETHOD (client) or SMETHOD + (server) lines to its stdout. 2.2.1.0. Client PT behaviour 2.2.1.0.0. Client PT outgoing proxy (PROXY lines) - If the client PT is provided with a TOR_PT_PROXY environment - variable, it MUST make all outgoing network connections via the - supplied proxy. If it is unable to do so for any reason (eg: - malformed value, unsupported proxy type, unreachable proxy - address), it MUST return a `PROXY_ERROR` and terminate. + If the client PT is provided with a TOR_PT_PROXY environment variable, + it MUST make all outgoing network connections via the supplied proxy. + If it is unable to do so for any reason (eg: malformed value, + unsupported proxy type, unreachable proxy address), it MUST return a + `PROXY_ERROR` and terminate. If the value of the TOR_PT_PROXY environment variable is a proxy URL usable by the pluggable transport plugin (as specified by proposal @@ -408,39 +410,35 @@ ni 2.2.1.0.1. Client PT configuration (CMETHOD lines) - Now it's time for the pluggable transport proxy to open its ports. - A client PT should not use fixed ports; instead it should autoselect - ports to avoid conflicts. A client proxy should by default only - listen on localhost for connections. - - Client PTs report their transports with CMETHOD lines that look like - this: + Client PTs report their transports via zero or more CMETHOD lines, + with the following format: CMETHOD <transport> socks4/socks5 <address:port> - as in + For example: CMETHOD trebuchet socks5 127.0.0.1:19999 - The <address:port> is the IP address and TCP port of the SOCKS - listener that the client PT has exposed. + The 'address:port' component of a CMETHOD line is the IP address and + TCP port of the SOCKS proxy server the client PT has exposed. - If the PT tries to supply a client method but can't for some reason, - it should say: + If the PT tries to supply a client method but can not for some + reason, it MUST write: CMETHOD-ERROR <methodname> <errormessage> - as in - CMETHOD-ERROR mesh_pt could not find hardware module + For example: + CMETHOD-ERROR trebuchet no rocks available - After it is finished telling Tor about the client methods it - provides, the proxy should print a single "CMETHODS DONE" line. + After it is finished communicating all of the client methods it + provides, the proxy MUST print a single "CMETHODS DONE" line. At this + point the managed proxy configuration is complete. 2.2.1.1. Server PT behaviour (SMETHOD lines) - A PT tells Tor about the server transports it is providing by - printing zero or more SMETHOD lines. These lines look like: + Server PTs report their transports via zero or more SMETHOD lines, + with the following format: SMETHOD <methodname> <address:port> [options] - The 'address:port' part of an SMETHOD line is the address where the - server PT is listening for incoming client connections. The - optional options part is a list of space-separated K:V flags that - Tor should know about. Recognised options are: + The 'address:port' component of a SMETHOD line is the IP address and + port where the server PT is listening for incoming client connections. + The optional 'options' component is a list of space-separated K:V + flags that Tor should know about. Recognised options are: - ARGS:K=V,K=V,K=V @@ -448,21 +446,23 @@ ni extrainfo document. Equal signs and commas must be escaped with a backslash. - If there's an error setting up a configured server method, the - proxy should say: + If the PT tries to supply a server method but can not for some + reason, it MUST write: SMETHOD-ERROR <methodname> <errormessage> - After the final SMETHOD line, the proxy says "SMETHODS DONE". + After it is finished communicating all of the server methods it + provides, the PT should print a single "SMETHODS DONE" line. At + this point the server PT configuration is complete. 2.2.2. Managed proxy protocol behaviour - This section specifies some behaviours that Tor and PTs should abide + This section specifies some behaviours that Tor and PTs SHOULD abide too while performing the managed proxy protocol: SMETHOD and CMETHOD lines may be interspersed, to allow the proxies to report methods as they become available, even when some methods may - require probing your network, connecting to some kind of peers, etc - before they are set up. + require probing the network, connecting to external peers, etc before + they are set up. The proxy SHOULD NOT tell Tor about a server or client method unless it is actually open and ready to use. @@ -480,12 +480,12 @@ ni 2.3. Extended ORPort [EXTORPORT] - Server-side PTs SHOULD pass additional information about their - clients to Tor for statistics gathering. This is done using the - Extended ORPort protocol, which is a variant of the ORPort with an - extra metadata channel. + Server-side PTs SHOULD pass additional information about their clients + to Tor for statistics gathering. This is done using the Extended + ORPort protocol, which is a variant of the ORPort with an extra + metadata channel. - As an example, PTs are expected to use the Extended ORPort metadata + For example, PTs are expected to use the Extended ORPort metadata channel to inform Tor about the PT used in each connection, so that Tor can keep track on the number of connections per PT.

1 0

[torspec/master] Replace the old pt-spec.txt with a new better one.
by asn＠torproject.org 10 Jul '14

10 Jul '14

commit 4dcd7e94f17c072e771119ec90d7cbce4a4788a4 Author: George Kadianakis <desnacked(a)riseup.net> Date: Wed Jul 9 15:28:45 2014 +0300 Replace the old pt-spec.txt with a new better one. --- pt-spec.txt | 603 +++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 362 insertions(+), 241 deletions(-) diff --git a/pt-spec.txt b/pt-spec.txt index a8f6174..132fb0f 100644 --- a/pt-spec.txt +++ b/pt-spec.txt @@ -1,223 +1,322 @@ + Tor Pluggable Transport Specification - Pluggable Transport Specification - - Jacob Appelbaum - Nick Mathewson - - - -Overview - - This proposal describes a way to decouple protocol-level obfuscation - from the core Tor protocol in order to better resist client-bridge - censorship. Our approach is to specify a means to add pluggable - transport implementations to Tor clients and bridges so that they can - negotiate a superencipherment for the Tor protocol. - - It is based on Proposal 180: see that document and its discussion for - more background and motivation issue, and a discussion of issues in - writing pluggable transpots. - -Specifications: Client behavior - - We extend the bridge line format to allow you to say which method - to use to connect to a bridge. - - The new format is: - Bridge method address:port [id-fingerprint] [k=v] [k=v] [k=v] - - To connect to such a bridge, the Tor program needs to know which - SOCKS proxy will support the transport called "method". It - then connects to this proxy, and asks it to connect to - address:port. If [id-fingerprint] is provided, Tor should expect - the public identity key on the TLS connection to match the digest - provided in [id-fingerprint]. If any [k=v] items are provided, - they are configuration parameters for the proxy: Tor should - separate them with semicolons and put them in the user and - password fields of the request, splitting them across the fields - as necessary. If a key or value value must contain a semicolon or - a backslash, it is escaped with a backslash. - Example of SOCKS parameters encoding: - shared-secret=rahasia;secrets-file=/tmp/blob - - Method names MUST be C identifiers. That is, method names must begin - with a letter or underscore and the rest of the characters can be - letters, numbers or underscores. No length limit is imposed. The - relevant regular expression is: "[a-zA-Z_][a-zA-Z0-9_]*". - - For reference, the old bridge format was - Bridge address[:port] [id-fingerprint] - where port defaults to 443 and the id-fingerprint is optional. The - new format can be distinguished from the old one by checking if the - first argument has any non-C-identifier characters. (Looking for a - period should be a simple way.) Also, while the id-fingerprint could - optionally include whitespace in the old format, whitespace in the - id-fingerprint is not permitted in the new format. - - Example: if the bridge line is "bridge trebuchet www.example.com:3333 - 09F911029D74E35BD84156C5635688C009F909F9 rocks=20 height=5.6m" - AND if the Tor client knows that the 'trebuchet' method is supported, - the client should connect to the proxy that provides the 'trebuchet' - method, ask it to connect to www.example.com, and provide the string - "rocks=20;height=5.6m" as the username, the password, or split - across the username and password. - - There are two ways to tell Tor clients about protocol proxies: - external proxies and managed proxies. An external proxy is configured - with - ClientTransportPlugin <method> socks4 <address:port> [auth=X] - or - ClientTransportPlugin <method> socks5 <address:port> [username=X] [password=Y] - as in - "ClientTransportPlugin trebuchet socks5 127.0.0.1:9999". - This example tells Tor that another program is already running to handle - 'trubuchet' connections, and Tor doesn't need to worry about it. + The Tor PT team - A managed proxy is configured with - ClientTransportPlugin <methods> exec <path> [options] - as in - "ClientTransportPlugin trebuchet exec /usr/libexec/trebuchet --managed". - This example tells Tor to launch an external program to provide a - socks proxy for 'trebuchet' connections. The Tor client only - launches one instance of each external program with a given set of - options, even if the same executable and options are listed for - more than one method. - - In managed proxies, <methods> can be a comma-separated list of - pluggable transport method names, as in: - "ClientTransportPlugin pawn,bishop,rook exec /bin/ptproxy --managed". - - If instead of a transport method, the torrc lists "*" for a managed - proxy, Tor uses that proxy for all transport methods that the plugin - supports. So "ClientTransportPlugin * exec /usr/libexec/tor/foobar" - tells Tor that Tor should use the foobar plugin for every method that - the proxy supports. See the "Managed proxy interface" section below - for details on how Tor learns which methods a plugin supports. - - If two plugins support the same method, Tor should use whichever - one is listed first. - - The same program can implement a managed or an external proxy: it just - needs to take an argument saying which one to be. - -Server behavior - - Server proxies are configured similarly to client proxies. When - launching a proxy, the server must tell it what ORPort it has - configured, and what address (if any) it can listen on. The - server must tell the proxy which (if any) methods it should - provide if it can; the proxy needs to tell the server which - methods it is actually providing, and on what ports. - - When a client connects to the proxy, the proxy may need a way to - tell the server some identifier for the client address. It does - this in-band. - - As before, the server lists proxies in its torrc. These can be - external proxies that run on their own, or managed proxies that Tor - launches. - - An external server proxy is configured as - ServerTransportPlugin <method> proxy <address:port> <param=val> ... - as in - "ServerTransportPlugin trebuchet proxy 127.0.0.1:999 rocks=heavy". - The param=val pairs and the address are used to make the bridge - configuration information that we'll tell users. +A Table of Contents: + + 0. Motivation + 1. Tor PT interface overview + 2. Specification + 2.0. Pluggable Transport names + 2.1. Tor Configuration + 2.1.0. Client Configuration + 2.1.0.0. ClientTransportPlugin lines + 2.1.0.1. Bridge lines + 2.1.0.2. Connecting to a bridge through a client PT proxy + 2.1.0.3. Passing PT-specific parameters to a client PT + 2.1.1. Server (bridge) Configuration + 2.1.1.0. ServerTransportPlugin lines + 2.1.1.1. Passing PT-specific parameters to a server PT + 2.1.1.2. Specify the bind address of a server PT + 2.2. Managed proxy interface + 2.2.0. Tor -> PT communication (environment variables) + 2.2.1. PT -> Tor communication (stdout) + 2.2.1.0. Client PT behaviour (CMETHOD lines) + 2.2.1.1. Server PT behaviour (SMETHOD lines) + 2.2.2. Managed proxy protocol behaviour + + +---- Extended ORPort + | connection + v + +-----------+ +-----------+ + SOCKS -> +-----| PT client |------------| PT server |-----+ +connection | +-----------+ ^ +-----------+ | + | | | + +------------+ Obfuscated +--------------+ + | Tor Client | traffic | Tor Bridge | + +------------+ +--------------+ + + + +0. Motivation + + This proposal describes how Tor uses Pluggable Transports (PTs). + This document is different from pt-spec.txt because it contains + Tor-specific information, whereas the pt-spec.txt aims to be + system-independent. + +1. Tor PT interface overview + + Pluggable Transports need to implement a specific interface to be + able to harmoniously coordinate with Tor. This article attempts to + document this interface. + + TODO: Make this section more useful (SOCKS, ExtORport, etc.) + +2. Specification + +2.0. Pluggable Transport names + + Tor treats Pluggable Transport names as unique identifiers. No two + PTs should have the same name. + + Furthermore, PT names MUST be C identifiers. That is, PT names must + begin with a letter or underscore and the rest of the characters can + be letters, numbers or underscores. No length limit is imposed. The + relevant regular expression is "[a-zA-Z_][a-zA-Z0-9_]*". + +2.1. Tor Configuration + +2.1.0. Client Configuration + + Users use the Tor configuration file (torrc) to specify whether and + how Pluggable Transports should be used. Specifically, a user is + expected to use the Bridge and ClientTransportPlugin torrc lines to + configure their PTs. + +2.1.0.0. ClientTransportPlugin lines + + ClientTranportPlugin lines are used to tell Tor about pluggable + transports. They specify where a PT can be found if it's needed by + Tor to connect to a bridge. + + The standard format of a ClientTransportPlugin line is: + + ClientTransportPlugin <transports> exec <path> [<options>] + + where <transports> are the (comma-separated) names of the PTs that + this line specifies. <path> is a filesystem path pointing to an + executable that can "perform" this PT. <options> are command-line + arguments and switches that should be used when calling the + executable. + + As an example: + + ClientTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy --managed + + This line tells Tor to launch the executable at /usr/bin/obfsproxy + with the command-line switch "--managed". That executable should be + able to perform two PTs: obfs2 and obfs3. + + If two ClientTransportPlugin lines specify the same PT, Tor SHOULD + use whichever one is listed first. + + TODO: Document external mode + TODO: Document '*' transport + +2.1.0.1. Bridge lines + + Bridge lines specify how Tor should connect to a bridge. The Bridge + line format is: + + Bridge [<transport>] <address>:<port> [<id-fingerprint>] [<k>=<v>] [<k>=<v>] [<k>=<v>] + + the PT-specific parts of this format is [transport] and the [k=v] + values. + + <transport> is the name of the PT that should be used for connecting + to that bridge, and the <k>=<v> values are PT-specific parameters that + should be passed to the PT when connecting to this bridge (this + might include keys, passwords or just PT configuration options) as + specified in [CLIENTPARAMS]. + + Upon encountering such a torrc line, Tor walks through its + ClientTransportPlugin lines and checks whether there is a line that + specifies how <transport> is performed. + + If a corresponding ClientTransportPlugin line is found, Tor is + expected to execute and enable that PT (more on that in [MANAGEDPROXY]). + If no such line could be found, Tor SHOULD warn the user that there + is no way to perform that PT. + + When a PT-supporting bridge needs to be used in a Tor circuit, Tor + uses the PT as a proxy as specified in the paragraph below. + +2.1.0.2. Connecting to a bridge through a client PT proxy + + Let's consider a fictitious example of the torrc lines: +ni + ClientTransportPlugin btc,ltc exec /usr/bin/btcproxy + Bridge btc 192.0.2.1:6612 tx_size=0.2 + + In this case, to connect to the bridge at 192.0.2.1:6612, Tor is + expected to use the PT "btc" through the PT proxy at /usr/bin/btcproxy. + + Using the managed proxy protocol (specified in [MANAGEDPROXY]), the + PT proxy exposes a SOCKS listener and tells Tor its address. Tor + connects to the SOCKS listener, asks it to connect to 192.0.2.1:6612 + and then sends regular Tor traffic through that SOCKS + connection. The PT proxy is expected to obfuscate that traffic + before forwarding it to the bridge. + + Furthermore, since "tx_size=0.2" was specified as a PT-specific + parameter, Tor needs to pass that to the PT proxy with the method + specified in [CLIENTPARAMS]. + +2.1.0.3. Passing PT-specific parameters to a client PT [CLIENTPARAMS] - A managed proxy is configured as - ServerTransportPlugin <methods> exec </path/to/binary> [options] - or - ServerTransportPlugin * exec </path/to/binary> [options] + If PT-specific parameters are specified in a Bridge line, Tor needs + to pass them to the PT proxy every time a connection is done to that + bridge. - When possible, Tor should launch only one binary of each binary/option - pair configured. So if the torrc contains + To do so, we (ab)use the authentication of the SOCKS + protocol. Specifically, if any <k>=<v> values are specified in a + Bridge line, Tor should join them with semicolons and place them in + the user and password fields of the SOCKS handshake (splitting them + across the fields if needed). If a key or value contains a semicolon + or a backslash, it is escaped with a backslash. - ClientTransportPlugin foo exec /usr/bin/megaproxy --foo - ClientTransportPlugin bar exec /usr/bin/megaproxy --bar - ServerTransportPlugin * exec /usr/bin/megaproxy --foo + As an example, if we have: - then Tor will launch the megaproxy binary twice: once with the option - --foo and once with the option --bar. + Bridge trebuchet 192.0.2.1:6612 rocks=20 height=5.6m - Specify bind address + when connecting to that bridge, Tor is expected to encode the PT + parameters in the SOCKS handshake as the following string: - The address that a managed proxy will use to bind can be configured with: - ServerTransportListenAddr <method> <address:port> + rocks=20;height=5.6m - For example, a valid configuration would be: - ServerTransportPlugin obfs2,obfs3,stegotorus exec /usr/bin/obfsproxy --managed - ServerTransportListenAddr obfs2 0.0.0.0:4200 - ServerTransportListenAddr stegotorus 98.23.4.45:6559 +2.1.1. Server (bridge) Configuration - If no ServerTransportListenAddr is specified and it's the first time - that Tor encounters that transport, Tor will instruct the managed - proxy to bind to a random TCP port on 0.0.0.0. If Tor has seen the - trasport before, it will instruct the managed proxy to bind to the - same TCP port that the transport used last time. + Server-side PTs are configured similarly to client proxies. Bridge + operators use ServerTransportPlugin lines to configure their PTs. - Specify additional configuration parameters + If a server-side PT requires additional parameters, they need to be + specified using the ServerTransportOptions torrc parameter. - Further configuration parameters (like the k=v values passed to - client-transports using the Bridge line) can be passed to - server-transports using the ServerTransportOptions option. + Also, instead of using the ORPort, server PTs SHOULD use the + Extended ORPort to pass data to Tor. The Extended ORPort protocol is + an ORPort enhanced with an additional metadata channel to carry + various metadata about client connections (which PT was used, what + was the actual IP of the client, etc.). The Extended ORPort is + specified in [EXTORPORT]. - The format of the ServerTransportOptions line is: - ServerTransportOptions <method> <k=v> ... +2.1.1.0. ServerTransportPlugin lines - For example, a valid instance of this line would be: - ServerTransportOptions trebuchet secret=nou cache=/tmp/cache + ServerTransportPlugin lines are used to tell Tor about pluggable + transports. They specify where a PT can be found if it needs to + provide service for a Tor bridge. -Managed proxy interface + The standard format of a ServerTransportPlugin line is: + + ServerTransportPlugin <transports> exec <path> [<options>] + + with the same format as ClientTransportPlugin lines.That is, + <transports> are the (comma-separated) names of the PTs that this + line specifies. <path> is a filesystem path pointing to an + executable that can "perform" this PT. <options> are command-line + arguments and switches that should be used when calling the + executable. + + Upon encountering a ServerTransportPlugin line, Tor needs to launch + and configure the corresponding PT using the managed proxy protocol + (as specified in [MANAGEDPROXY]). + +2.1.1.1. Passing PT-specific parameters to a server PT + + Further configuration parameters (like the <k>=<v> values passed to + client PTs using Bridge lines) can be passed to server PTs using the + ServerTransportOptions option. + + The format of the ServerTransportOptions line is: + ServerTransportOptions <transport> <k=v> ... + + For example, a valid instance of this line would be: + ServerTransportOptions hieroglyphics locale=egypt + which would pass the parameter "locale=egypt" to the hieroglyphics PT. + + In contrast to the client PT parameters, the server PT parameters + are valid for the whole runtime of the PT, instead of only being + used per-connection. They are passed to the PT proxy using the + managed proxy protocol (as specified in [MANAGEDPROXY]). + +2.1.1.2. Specify the bind address of a server PT + + By default, server PTs will bind to IPADDR_ANY and to a random TCP + port the first time they get launched and will attempt to bind to + the same port in subsequent runs. + + A bridge operator that wants to specify a different address or port + should use the ServerTransportListenAddr torrc line. The format of + such a line is: + ServerTransportListenAddr <transport> <address:port> + + For example, some valid instances of this line would be: + ServerTransportListenAddr rot26 98.23.4.45:4200 + ServerTransportListenAddr sound_pt [::]:1025 + +2.2. Launching PT proxies (managed proxy protocol) [MANAGEDPROXY] + + When Tor is instructed to enable a PT, it launches the executable + file specified in the ClientTransportPlugin line or the + ServerTransportPlugin line. This can be done using execve(2) or any + other process-spawning API. + + After Tor has launched the PT, it needs to coordinate with it to + make sure that the right transports will be used, that it will bind + in the proper address/port, etc. + + To achieve this, Tor uses the "managed proxy protocol". This is a + communication protocol where Tor speaks to the PT using environment + variables, and the PT replies by printing lines to its stdout. + +2.2.0. Tor -> PT communication (environment variables) When the Tor client or relay launches a managed proxy, it communicates via environment variables. At a minimum, it sets (in addition to the normal environment variables inherited from Tor): - {Client and server} + {Both client and server} "TOR_PT_STATE_LOCATION" -- A filesystem directory path where the - proxy should store state if it wants to. This directory is not - required to exist, but the proxy SHOULD be able to create it if - it doesn't. The proxy MUST NOT store state elsewhere. + PT should store permanent state if it wants to. This directory + is not required to exist, but the proxy SHOULD be able to + create it if it doesn't. The proxy MUST NOT store state + elsewhere. Example: TOR_PT_STATE_LOCATION=/var/lib/tor/pt_state/ - "TOR_PT_MANAGED_TRANSPORT_VER" -- To tell the proxy which - versions of this configuration protocol Tor supports. Future - versions will give a comma-separated list. Clients MUST accept - comma-separated lists containing any version that they - recognize, and MUST work correctly even if some of the versions - they don't recognize are non-numeric. Valid version characters - are non-space, non-comma printing ASCII characters. + "TOR_PT_MANAGED_TRANSPORT_VER" -- Used to tell the proxy which + versions of this configuration protocol Tor supports. Clients + MUST accept comma-separated lists containing any version that + they recognise, and MUST work correctly even if some of the + versions they don't recognise are non-numeric. Valid version + characters are non-space, non-comma printable ASCII characters. Example: TOR_PT_MANAGED_TRANSPORT_VER=1,1a,2,4B - {Client only} + {Client only} - "TOR_PT_CLIENT_TRANSPORTS" -- A comma-separated list of which - methods this client should enable, or * if all methods should - be enabled. The proxy SHOULD ignore methods that it doesn't - recognize. + "TOR_PT_CLIENT_TRANSPORTS" -- A comma-separated list of the PTs + this client should enable. The proxy SHOULD ignore transport + names that it doesn't recognise. Example: TOR_PT_CLIENT_TRANSPORTS=trebuchet,battering_ram,ballista - {Server only} + "TOR_PT_PROXY" -- This is the address of an outgoing proxy that + the pluggable transport proxy should use (see proposal 232 for + more details). It is in the format: + <proxy_type>://[<user_name>][:<password>][@]<ip>:<port> + The TOR_PT_PROXY is optional and can be omitted if there is no + need to connect to an outgoing proxy. + Example: socks5://tor:test1234@198.51.100.1:8000 + socks4a://198.51.100.2:8001 + + {Server only} "TOR_PT_EXTENDED_SERVER_PORT" -- An <address>:<port> where tor should be listening for connections speaking the extended - ORPort protocol (See the "The extended ORPort protocol" section - below). If tor does not support the extended ORPort protocol, - it MUST use the empty string as the value of this environment - variable. + ORPort protocol (as specified in [EXTORPORT]). If Tor does not + support the extended ORPort protocol, it MUST use the empty + string as the value of this environment variable. Example: TOR_PT_EXTENDED_SERVER_PORT=127.0.0.1:4200 - "TOR_PT_ORPORT" -- Our regular ORPort in a form suitable - for local connections, i.e. connections from the proxy to - the ORPort. + "TOR_PT_ORPORT" -- The <address>:<port> of the ORPort of the + bridge where the PT is supposed to send the deobfuscated + traffic. Example: TOR_PT_ORPORT=127.0.0.1:9001 - "TOR_PT_SERVER_BINDADDR" -- A comma seperated list of + "TOR_PT_SERVER_BINDADDR" -- A comma separated list of <key>-<value> pairs, where <key> is a transport name and <value> is the adress:port on which it should listen for client proxy connections. - The keys holding transport names must appear on the same order + The keys holding transport names MUST appear on the same order as they appear on TOR_PT_SERVER_TRANSPORTS. This might be the advertised address, or might be a local address that Tor will forward ports to. It MUST be an address @@ -226,16 +325,16 @@ Managed proxy interface TOR_PT_SERVER_BINDADDR=trebuchet-127.0.0.1:1984,ballista-127.0.0.1:4891 "TOR_PT_SERVER_TRANSPORTS" -- A comma-separated list of server - methods that the proxy should support, or * if all methods - should be enabled. The proxy SHOULD ignore methods that it - doesn't recognize. + transports that the proxy should support. The proxy SHOULD + ignore transport names that it doesn't recognise. Example: TOR_PT_SERVER_TRANSPORTS=trebuchet,ballista "TOR_PT_AUTH_COOKIE_FILE" -- A filesystem path where the proxy - should expect to find the authentication cookie to be able to - communicate with the Extended ORPort and TransportControlPort. - TOR_PT_AUTH_COOKIE_FILE is optional and might not be present in - the environment of the proxy. + should expect to find the authentication cookie to be able to + communicate with the Extended ORPort and TransportControlPort. + TOR_PT_AUTH_COOKIE_FILE is optional and might not be present in + the environment of the proxy. + Example: TOR_PT_AUTH_COOKIE_FILE=/var/lib/tor/extended_orport_auth_cookie "TOR_PT_SERVER_TRANSPORT_OPTIONS" -- A semicolon-separated list of <key>:<value> pairs, where <key> is a transport name and @@ -246,13 +345,14 @@ Managed proxy interface be present in the environment of the proxy if no options need to be passed to transports. Example: - TOR_PT_SERVER_TRANSPORT_OPTIONS=trebuchet:secret=nou;trebuchet:cache=/tmp/cache;ballista:secret=yes - will pass to 'trebuchet' the arguments "secret=nou" and - "cache=/tmp/cache" and will pass to 'ballista' the argument - "secret=yes". + TOR_PT_SERVER_TRANSPORT_OPTIONS=scramblesuit:key=banana;automata:rule=110;automata:depth=3 + will pass to 'scramblesuit' the parameter 'key=banana' and to + 'automata' the arguments 'rule=110' and 'depth=3'. + +2.2.1. PT -> Tor communication (stdout) The transport proxy replies by writing NL-terminated lines to - stdout. The line metaformat is + stdout. The line metaformat is: <Line> ::= <Keyword> <OptArgs> <NL> <Keyword> ::= <KeywordChar> | <Keyword> <KeywordChar> @@ -284,47 +384,63 @@ Managed proxy interface ports to avoid conflicts. A client proxy should by default only listen on localhost for connections. - A server proxy SHOULD try to listen at a consistent port, though it - SHOULD pick a different one if the port it last used is now allocated. + A client PT should then tell which transports it has made available + and how. It does this by printing zero or more CMETHOD or SMETHOD + lines to its stdout. - A client or server proxy then should tell which methods it has - made available and how. It does this by printing zero or more - CMETHOD and SMETHOD lines to its stdout. These lines look like: +2.2.1.0. Client PT behaviour - CMETHOD <methodname> socks4/socks5 <address:port> [ARGS=arglist] \ - [OPT-ARGS=arglist] +2.2.1.0.0. Client PT outgoing proxy (PROXY lines) - as in + If the client PT is provided with a TOR_PT_PROXY environment + variable, it MUST make all outgoing network connections via the + supplied proxy. If it is unable to do so for any reason (eg: + malformed value, unsupported proxy type, unreachable proxy + address), it MUST return a `PROXY_ERROR` and terminate. - CMETHOD trebuchet socks5 127.0.0.1:19999 ARGS=rocks,height \ - OPT-ARGS=tensile-strength + If the value of the TOR_PT_PROXY environment variable is a proxy URL + usable by the pluggable transport plugin (as specified by proposal + 232-pluggable-transports-through-proxy.txt), the plugin writes to + stdout: + PROXY DONE + On failure it writes: + PROXY-ERROR <errormessage> - The ARGS field lists mandatory parameters that must appear in - every bridge line for this method. The OPT-ARGS field lists - optional parameters. If no ARGS or OPT-ARGS field is provided, - Tor should not check the parameters in bridge lines for this - method. +2.2.1.0.1. Client PT configuration (CMETHOD lines) - The proxy should print a single "CMETHODS DONE" line after it is - finished telling Tor about the client methods it provides. If it - tries to supply a client method but can't for some reason, it - should say: - CMETHOD-ERROR <methodname> <errormessage> + Now it's time for the pluggable transport proxy to open its ports. + A client PT should not use fixed ports; instead it should autoselect + ports to avoid conflicts. A client proxy should by default only + listen on localhost for connections. - A proxy should also tell Tor about the server methods it is providing - by printing zero or more SMETHOD lines. These lines look like: + Client PTs report their transports with CMETHOD lines that look like + this: + CMETHOD <transport> socks4/socks5 <address:port> + as in + CMETHOD trebuchet socks5 127.0.0.1:19999 - SMETHOD <methodname> <address:port> [options] + The <address:port> is the IP address and TCP port of the SOCKS + listener that the client PT has exposed. - If there's an error setting up a configured server method, the - proxy should say: - SMETHOD-ERROR <methodname> <errormessage> + If the PT tries to supply a client method but can't for some reason, + it should say: + CMETHOD-ERROR <methodname> <errormessage> as in - SMETHOD-ERROR trebuchet could not setup 'trebuchet' method + CMETHOD-ERROR mesh_pt could not find hardware module + + After it is finished telling Tor about the client methods it + provides, the proxy should print a single "CMETHODS DONE" line. - The 'address:port' part of an SMETHOD line is the address to put - in the bridge line. The Options part is a list of space-separated - K:V flags that Tor should know about. Recognized options are: +2.2.1.1. Server PT behaviour (SMETHOD lines) + + A PT tells Tor about the server transports it is providing by + printing zero or more SMETHOD lines. These lines look like: + SMETHOD <methodname> <address:port> [options] + + The 'address:port' part of an SMETHOD line is the address where the + server PT is listening for incoming client connections. The + optional options part is a list of space-separated K:V flags that + Tor should know about. Recognised options are: - ARGS:K=V,K=V,K=V @@ -332,11 +448,21 @@ Managed proxy interface extrainfo document. Equal signs and commas must be escaped with a backslash. + If there's an error setting up a configured server method, the + proxy should say: + SMETHOD-ERROR <methodname> <errormessage> + + After the final SMETHOD line, the proxy says "SMETHODS DONE". + +2.2.2. Managed proxy protocol behaviour + + This section specifies some behaviours that Tor and PTs should abide + too while performing the managed proxy protocol: + SMETHOD and CMETHOD lines may be interspersed, to allow the proxies to report methods as they become available, even when some methods may require probing your network, connecting to some kind of peers, etc - before they are set up. After the final SMETHOD line, the proxy says - "SMETHODS DONE". + before they are set up. The proxy SHOULD NOT tell Tor about a server or client method unless it is actually open and ready to use. @@ -346,29 +472,24 @@ Managed proxy interface possible method for that proxy in torrc, and it is listed by the proxy as a method it supports. - Proxies should respond to a single INT signal by closing their - listener ports and not accepting any new connections, but keeping - all connections open, then terminating when connections are all - closed. Proxies should respond to a second INT signal by shutting - down cleanly. - The managed proxy configuration protocol version defined in this section is "1". So, for example, if tor supports this configuration protocol it should set the environment variable: TOR_PT_MANAGED_TRANSPORT_VER=1 -Advertising bridge methods - - Bridges use transport lines in their extra-info documents to - advertise their pluggable transports: +2.3. Extended ORPort [EXTORPORT] - transport SP <transportname> SP <address:port> [SP arglist] NL + Server-side PTs SHOULD pass additional information about their + clients to Tor for statistics gathering. This is done using the + Extended ORPort protocol, which is a variant of the ORPort with an + extra metadata channel. - The address:port are as returned from an SMETHOD line (unless they - are replaced by the FORWARD: directive). + As an example, PTs are expected to use the Extended ORPort metadata + channel to inform Tor about the PT used in each connection, so that + Tor can keep track on the number of connections per PT. - The arglist is a K=V,... list as returned in the ARGS: part of the - SMETHOD line's Options component (commas and equal signs are escaped - with a backslash). + The Extended ORPort protocol is specified in proposal + 196-transport-control-ports.txt. +TODO: Managed proxy protocol test vectors

1 0

[translation/torcheck_completed] Update translations for torcheck_completed
by translation＠torproject.org 09 Jul '14

09 Jul '14

commit 18dcaa093912cdba699af35ad8c1ac57ba800f2a Author: Translation commit bot <translation(a)torproject.org> Date: Wed Jul 9 19:45:51 2014 +0000 Update translations for torcheck_completed --- bg/torcheck.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bg/torcheck.po b/bg/torcheck.po index e68beda..7135cbb 100644 --- a/bg/torcheck.po +++ b/bg/torcheck.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2014-07-09 19:11+0000\n" +"PO-Revision-Date: 2014-07-09 19:22+0000\n" "Last-Translator: Ivo\n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/torproject/language/bg/)\n" "MIME-Version: 1.0\n"

1 0