August 2014 - tor-commits - lists.torproject.org

[translation/bridgedb] Update translations for bridgedb
by translation＠torproject.org 16 Aug '14

16 Aug '14

commit 951be3c6f40facaa9afd36328f9d0e6e4bf36cbc Author: Translation commit bot <translation(a)torproject.org> Date: Fri Aug 15 21:45:03 2014 +0000 Update translations for bridgedb --- zh_CN/LC_MESSAGES/bridgedb.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/zh_CN/LC_MESSAGES/bridgedb.po b/zh_CN/LC_MESSAGES/bridgedb.po index 8b546f9..f688b80 100644 --- a/zh_CN/LC_MESSAGES/bridgedb.po +++ b/zh_CN/LC_MESSAGES/bridgedb.po @@ -17,7 +17,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'\n" "POT-Creation-Date: 2014-07-26 02:11+0000\n" -"PO-Revision-Date: 2014-08-07 04:20+0000\n" +"PO-Revision-Date: 2014-08-15 21:40+0000\n" "Last-Translator: Wu Ming Shi\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/torproject/language/zh_CN/)\n" "MIME-Version: 1.0\n" @@ -40,7 +40,7 @@ msgstr "" #. "Tor Browser" #: lib/bridgedb/HTTPServer.py:121 msgid "Sorry! Something went wrong with your request." -msgstr "抱歉，你的邮件请求存在问题。" +msgstr "抱歉，你的邮件请求出现问题。" #: lib/bridgedb/strings.py:18 msgid "[This is an automated message; please do not reply.]"

1 0

[tor/master] Restore functionality for CookieAuthFileGroupReadable.
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 0808ed83f9cf312abe229d0956f0b0132a79962d Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 08:30:44 2014 -0400 Restore functionality for CookieAuthFileGroupReadable. When we merged the cookieauthfile creation logic in 33c3e60a37, we accidentally took out this feature. Fixes bug 12864, bugfix on 0.2.5.1-alpha. Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no reason not to. --- changes/bug12864 | 7 +++++++ doc/tor.1.txt | 7 +++++++ src/or/config.c | 11 ++++++++++- src/or/config.h | 2 +- src/or/control.c | 1 + src/or/ext_orport.c | 1 + src/or/or.h | 2 ++ 7 files changed, 29 insertions(+), 2 deletions(-) diff --git a/changes/bug12864 b/changes/bug12864 new file mode 100644 index 0000000..79e751f --- /dev/null +++ b/changes/bug12864 @@ -0,0 +1,7 @@ + o Minor bugfixes: + - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug + 12864; bugfix on 0.2.5.1-alpha. + + o Minor features: + - Add an ExtORPortCookieAuthFileGroupReadable option to make the + cookie file for the ExtORPort g+r by default. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 93d302e..a85bc34 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -224,6 +224,13 @@ GENERAL OPTIONS for the Extended ORPort's cookie file -- the cookie file is needed for pluggable transports to communicate through the Extended ORPort. +[[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: + If this option is set to 0, don't allow the filesystem group to read the + Extende OR Port cookie file. If the option is set to 1, make the cookie + file readable by the default GID. [Making the file readable by other + groups is not yet implemented; let us know if you need this for some + reason.] (Default: 0) + [[ConnLimit]] **ConnLimit** __NUM__:: The minimum number of file descriptors that must be available to the Tor process before it will start. Tor will ask the OS for as many file diff --git a/src/or/config.c b/src/or/config.c index 2661ce3..20fde3b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -238,6 +238,7 @@ static config_var_t option_vars_[] = { V(ExtendAllowPrivateAddresses, BOOL, "0"), VPORT(ExtORPort, LINELIST, NULL), V(ExtORPortCookieAuthFile, STRING, NULL), + V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), V(FallbackDir, LINELIST, NULL), @@ -6828,7 +6829,7 @@ config_maybe_load_geoip_files_(const or_options_t *options, * cookie_is_set_out to True. */ int init_cookie_authentication(const char *fname, const char *header, - int cookie_len, + int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out) { char cookie_file_str_len = strlen(header) + cookie_len; @@ -6861,6 +6862,14 @@ init_cookie_authentication(const char *fname, const char *header, goto done; } +#ifndef _WIN32 + if (group_readable) { + if (chmod(fname, 0640)) { + log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname)); + } + } +#endif + /* Success! */ log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname)); *cookie_is_set_out = 1; diff --git a/src/or/config.h b/src/or/config.h index bf38613..8a1919c 100644 --- a/src/or/config.h +++ b/src/or/config.h @@ -97,7 +97,7 @@ uint32_t get_effective_bwburst(const or_options_t *options); char *get_transport_bindaddr_from_config(const char *transport); int init_cookie_authentication(const char *fname, const char *header, - int cookie_len, + int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out); or_options_t *options_new(void); diff --git a/src/or/control.c b/src/or/control.c index 9285fc5..ec63506 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -4666,6 +4666,7 @@ init_control_cookie_authentication(int enabled) fname = get_controller_cookie_file_name(); retval = init_cookie_authentication(fname, "", /* no header */ AUTHENTICATION_COOKIE_LEN, + get_options()->CookieAuthFileGroupReadable, &authentication_cookie, &authentication_cookie_is_set); tor_free(fname); diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c index 0d28a91..9b550ee 100644 --- a/src/or/ext_orport.c +++ b/src/or/ext_orport.c @@ -143,6 +143,7 @@ init_ext_or_cookie_authentication(int is_enabled) fname = get_ext_or_auth_cookie_file_name(); retval = init_cookie_authentication(fname, EXT_OR_PORT_AUTH_COOKIE_HEADER, EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN, + get_options()->ExtORPortCookieAuthFileGroupReadable, &ext_or_auth_cookie, &ext_or_auth_cookie_is_set); tor_free(fname); diff --git a/src/or/or.h b/src/or/or.h index 131bce3..0f1457f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3801,6 +3801,8 @@ typedef struct { char *ExtORPortCookieAuthFile; /**< Filesystem location of Extended * ORPort authentication cookie. */ int CookieAuthFileGroupReadable; /**< Boolean: Is the CookieAuthFile g+r? */ + int ExtORPortCookieAuthFileGroupReadable; /**< Boolean: Is the + * ExtORPortCookieAuthFile g+r? */ int LeaveStreamsUnattached; /**< Boolean: Does Tor attach new streams to * circuits itself (0), or does it expect a controller * to cope? (1) */

1 0

[tor/master] Documentation fix on arguments to CookieAuthFileGroupReadable
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 0ee1be0c698fa330a2ee2e4f2818e2118f459517 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 08:32:54 2014 -0400 Documentation fix on arguments to CookieAuthFileGroupReadable We don't actually allow a group name, but the documentation implied that we did. --- doc/tor.1.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index a85bc34..900e588 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -319,7 +319,7 @@ GENERAL OPTIONS If set, this option overrides the default location and file name for Tor's cookie file. (See CookieAuthentication above.) -[[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**|__Groupname__:: +[[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet

1 0

[tor/master] Some documentation fixes for #12864.
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 112c984f9242699d273f3096d669eb1024d7f64b Author: George Kadianakis <desnacked(a)riseup.net> Date: Fri Aug 15 23:12:06 2014 +0300 Some documentation fixes for #12864. --- doc/tor.1.txt | 2 +- src/or/config.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 900e588..04d13fb 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -226,7 +226,7 @@ GENERAL OPTIONS [[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the - Extende OR Port cookie file. If the option is set to 1, make the cookie + Extended OR Port cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet implemented; let us know if you need this for some reason.] (Default: 0) diff --git a/src/or/config.c b/src/or/config.c index 20fde3b..f53186a 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6825,6 +6825,9 @@ config_maybe_load_geoip_files_(const or_options_t *options, * in cookie_out. * Then write it down to fname and prepend it with header. * + * If group_readable is set, set fname to be readable + * by the default GID. + * * If the whole procedure was successful, set * cookie_is_set_out to True. */ int

1 0

[tor/master] Merge remote-tracking branch 'asn/nickm-bug12864_025' into maint-0.2.5
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 967b4e7c54b53391e1a0b67e0a5bf70bc2e6a896 Merge: 0cb028b 112c984 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 17:40:13 2014 -0400 Merge remote-tracking branch 'asn/nickm-bug12864_025' into maint-0.2.5 changes/bug12864 | 7 +++++++ doc/tor.1.txt | 9 ++++++++- src/or/config.c | 14 +++++++++++++- src/or/config.h | 2 +- src/or/control.c | 1 + src/or/ext_orport.c | 1 + src/or/or.h | 2 ++ 7 files changed, 33 insertions(+), 3 deletions(-)

1 0

[tor/master] Merge remote-tracking branch 'origin/maint-0.2.5'
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 1f35fd0017240a82ae48475a989819aa81a297dc Merge: be231b0 967b4e7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 17:41:13 2014 -0400 Merge remote-tracking branch 'origin/maint-0.2.5' changes/bug12864 | 7 +++++++ doc/tor.1.txt | 9 ++++++++- src/or/config.c | 14 +++++++++++++- src/or/config.h | 2 +- src/or/control.c | 1 + src/or/ext_orport.c | 1 + src/or/or.h | 2 ++ 7 files changed, 33 insertions(+), 3 deletions(-)

1 0

[tor/maint-0.2.5] Documentation fix on arguments to CookieAuthFileGroupReadable
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 0ee1be0c698fa330a2ee2e4f2818e2118f459517 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 08:32:54 2014 -0400 Documentation fix on arguments to CookieAuthFileGroupReadable We don't actually allow a group name, but the documentation implied that we did. --- doc/tor.1.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index a85bc34..900e588 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -319,7 +319,7 @@ GENERAL OPTIONS If set, this option overrides the default location and file name for Tor's cookie file. (See CookieAuthentication above.) -[[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**|__Groupname__:: +[[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet

1 0

[tor/maint-0.2.5] Some documentation fixes for #12864.
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 112c984f9242699d273f3096d669eb1024d7f64b Author: George Kadianakis <desnacked(a)riseup.net> Date: Fri Aug 15 23:12:06 2014 +0300 Some documentation fixes for #12864. --- doc/tor.1.txt | 2 +- src/or/config.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 900e588..04d13fb 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -226,7 +226,7 @@ GENERAL OPTIONS [[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the - Extende OR Port cookie file. If the option is set to 1, make the cookie + Extended OR Port cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet implemented; let us know if you need this for some reason.] (Default: 0) diff --git a/src/or/config.c b/src/or/config.c index 20fde3b..f53186a 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6825,6 +6825,9 @@ config_maybe_load_geoip_files_(const or_options_t *options, * in cookie_out. * Then write it down to fname and prepend it with header. * + * If group_readable is set, set fname to be readable + * by the default GID. + * * If the whole procedure was successful, set * cookie_is_set_out to True. */ int

1 0

[tor/maint-0.2.5] Merge remote-tracking branch 'asn/nickm-bug12864_025' into maint-0.2.5
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 967b4e7c54b53391e1a0b67e0a5bf70bc2e6a896 Merge: 0cb028b 112c984 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 17:40:13 2014 -0400 Merge remote-tracking branch 'asn/nickm-bug12864_025' into maint-0.2.5 changes/bug12864 | 7 +++++++ doc/tor.1.txt | 9 ++++++++- src/or/config.c | 14 +++++++++++++- src/or/config.h | 2 +- src/or/control.c | 1 + src/or/ext_orport.c | 1 + src/or/or.h | 2 ++ 7 files changed, 33 insertions(+), 3 deletions(-)

1 0

[tor/maint-0.2.5] Restore functionality for CookieAuthFileGroupReadable.
by nickm＠torproject.org 16 Aug '14

16 Aug '14

commit 0808ed83f9cf312abe229d0956f0b0132a79962d Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Aug 15 08:30:44 2014 -0400 Restore functionality for CookieAuthFileGroupReadable. When we merged the cookieauthfile creation logic in 33c3e60a37, we accidentally took out this feature. Fixes bug 12864, bugfix on 0.2.5.1-alpha. Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no reason not to. --- changes/bug12864 | 7 +++++++ doc/tor.1.txt | 7 +++++++ src/or/config.c | 11 ++++++++++- src/or/config.h | 2 +- src/or/control.c | 1 + src/or/ext_orport.c | 1 + src/or/or.h | 2 ++ 7 files changed, 29 insertions(+), 2 deletions(-) diff --git a/changes/bug12864 b/changes/bug12864 new file mode 100644 index 0000000..79e751f --- /dev/null +++ b/changes/bug12864 @@ -0,0 +1,7 @@ + o Minor bugfixes: + - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug + 12864; bugfix on 0.2.5.1-alpha. + + o Minor features: + - Add an ExtORPortCookieAuthFileGroupReadable option to make the + cookie file for the ExtORPort g+r by default. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 93d302e..a85bc34 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -224,6 +224,13 @@ GENERAL OPTIONS for the Extended ORPort's cookie file -- the cookie file is needed for pluggable transports to communicate through the Extended ORPort. +[[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: + If this option is set to 0, don't allow the filesystem group to read the + Extende OR Port cookie file. If the option is set to 1, make the cookie + file readable by the default GID. [Making the file readable by other + groups is not yet implemented; let us know if you need this for some + reason.] (Default: 0) + [[ConnLimit]] **ConnLimit** __NUM__:: The minimum number of file descriptors that must be available to the Tor process before it will start. Tor will ask the OS for as many file diff --git a/src/or/config.c b/src/or/config.c index 2661ce3..20fde3b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -238,6 +238,7 @@ static config_var_t option_vars_[] = { V(ExtendAllowPrivateAddresses, BOOL, "0"), VPORT(ExtORPort, LINELIST, NULL), V(ExtORPortCookieAuthFile, STRING, NULL), + V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), V(FallbackDir, LINELIST, NULL), @@ -6828,7 +6829,7 @@ config_maybe_load_geoip_files_(const or_options_t *options, * cookie_is_set_out to True. */ int init_cookie_authentication(const char *fname, const char *header, - int cookie_len, + int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out) { char cookie_file_str_len = strlen(header) + cookie_len; @@ -6861,6 +6862,14 @@ init_cookie_authentication(const char *fname, const char *header, goto done; } +#ifndef _WIN32 + if (group_readable) { + if (chmod(fname, 0640)) { + log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname)); + } + } +#endif + /* Success! */ log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname)); *cookie_is_set_out = 1; diff --git a/src/or/config.h b/src/or/config.h index bf38613..8a1919c 100644 --- a/src/or/config.h +++ b/src/or/config.h @@ -97,7 +97,7 @@ uint32_t get_effective_bwburst(const or_options_t *options); char *get_transport_bindaddr_from_config(const char *transport); int init_cookie_authentication(const char *fname, const char *header, - int cookie_len, + int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out); or_options_t *options_new(void); diff --git a/src/or/control.c b/src/or/control.c index 9285fc5..ec63506 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -4666,6 +4666,7 @@ init_control_cookie_authentication(int enabled) fname = get_controller_cookie_file_name(); retval = init_cookie_authentication(fname, "", /* no header */ AUTHENTICATION_COOKIE_LEN, + get_options()->CookieAuthFileGroupReadable, &authentication_cookie, &authentication_cookie_is_set); tor_free(fname); diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c index 0d28a91..9b550ee 100644 --- a/src/or/ext_orport.c +++ b/src/or/ext_orport.c @@ -143,6 +143,7 @@ init_ext_or_cookie_authentication(int is_enabled) fname = get_ext_or_auth_cookie_file_name(); retval = init_cookie_authentication(fname, EXT_OR_PORT_AUTH_COOKIE_HEADER, EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN, + get_options()->ExtORPortCookieAuthFileGroupReadable, &ext_or_auth_cookie, &ext_or_auth_cookie_is_set); tor_free(fname); diff --git a/src/or/or.h b/src/or/or.h index 131bce3..0f1457f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3801,6 +3801,8 @@ typedef struct { char *ExtORPortCookieAuthFile; /**< Filesystem location of Extended * ORPort authentication cookie. */ int CookieAuthFileGroupReadable; /**< Boolean: Is the CookieAuthFile g+r? */ + int ExtORPortCookieAuthFileGroupReadable; /**< Boolean: Is the + * ExtORPortCookieAuthFile g+r? */ int LeaveStreamsUnattached; /**< Boolean: Does Tor attach new streams to * circuits itself (0), or does it expect a controller * to cope? (1) */

1 0