May 2015 - tor-commits - lists.torproject.org

[tor/master] Merge remote-tracking branch 'yawning/ticket16140'
by nickm＠torproject.org 21 May '15

21 May '15

commit 45a90573e69d12dc6fece4c6bab15a1268e90778 Merge: 9fee289 452cebc Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu May 21 13:20:24 2015 -0400 Merge remote-tracking branch 'yawning/ticket16140' changes/ticket16140 | 6 ++++++ src/common/tortls.c | 34 +++++++++++++++++++++++++++++----- src/common/tortls.h | 2 ++ src/or/config.c | 3 +++ src/test/bench.c | 7 ------- 5 files changed, 40 insertions(+), 12 deletions(-)

1 0

[tor/master] Remove support for OpenSSL without ECC.
by nickm＠torproject.org 21 May '15

21 May '15

commit 452cebc4a41bdba41d4a8ce3c16e73d585bb53f4 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Thu May 21 17:07:30 2015 +0000 Remove support for OpenSSL without ECC. As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory. The group has to be validated at runtime, because of RedHat lawyers (P224 support is entirely missing in the OpenSSL RPM, but P256 is present and is the default). Resolves ticket #16140. --- changes/ticket16140 | 6 ++++++ src/common/tortls.c | 34 +++++++++++++++++++++++++++++----- src/common/tortls.h | 2 ++ src/or/config.c | 3 +++ src/test/bench.c | 7 ------- 5 files changed, 40 insertions(+), 12 deletions(-) diff --git a/changes/ticket16140 b/changes/ticket16140 new file mode 100644 index 0000000..00c19f1 --- /dev/null +++ b/changes/ticket16140 @@ -0,0 +1,6 @@ + o Removed features: + + - Tor no longer supports copies of OpenSSL that are missing support for + Elliptic Curve Cryptography. In particular support for at least one of + P256 or P224 is now required, with manual configuration needed if only + P224 is available. diff --git a/src/common/tortls.c b/src/common/tortls.c index ca7b15f..57d5408 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -49,6 +49,9 @@ #if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) #error "We require OpenSSL >= 1.0.0" #endif +#ifdef OPENSSL_NO_EC +#error "We require OpenSSL with ECC support" +#endif #include <openssl/ssl.h> #include <openssl/ssl3.h> @@ -475,7 +478,6 @@ tor_tls_init(void) SSL_load_error_strings(); #if (SIZEOF_VOID_P >= 8 && \ - !defined(OPENSSL_NO_EC) && \ OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1)) long version = SSLeay(); @@ -1327,7 +1329,6 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, SSL_CTX_set_tmp_dh(result->ctx, crypto_dh_get_dh_(dh)); crypto_dh_free(dh); } -#if !defined(OPENSSL_NO_EC) if (! is_client) { int nid; EC_KEY *ec_key; @@ -1343,9 +1344,6 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, SSL_CTX_set_tmp_ecdh(result->ctx, ec_key); EC_KEY_free(ec_key); } -#else - (void)flags; -#endif SSL_CTX_set_verify(result->ctx, SSL_VERIFY_PEER, always_accept_verify_cb); /* let us realloc bufs that we're writing from */ @@ -2933,3 +2931,29 @@ tor_tls_init_bufferevent(tor_tls_t *tls, struct bufferevent *bufev_in, } #endif +/** Check whether the ECC group requested is supported by the current OpenSSL + * library instance. Return 1 if the group is supported, and 0 if not. + */ +int +evaluate_ecgroup_for_tls(const char *ecgroup) +{ + EC_KEY *ec_key; + int nid; + int ret; + + if (!ecgroup) + nid = NID_tor_default_ecdhe_group; + else if (!strcasecmp(ecgroup, "P256")) + nid = NID_X9_62_prime256v1; + else if (!strcasecmp(ecgroup, "P224")) + nid = NID_secp224r1; + else + return 0; + + ec_key = EC_KEY_new_by_curve_name(nid); + ret = (ec_key != NULL); + EC_KEY_free(ec_key); + + return ret; +} + diff --git a/src/common/tortls.h b/src/common/tortls.h index 083052f..9216e83 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -139,5 +139,7 @@ int tor_tls_cert_is_valid(int severity, int check_rsa_1024); const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls); +int evaluate_ecgroup_for_tls(const char *ecgroup); + #endif diff --git a/src/or/config.c b/src/or/config.c index 1c04578..e4a2d1c 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -2806,6 +2806,9 @@ options_validate(or_options_t *old_options, or_options_t *options, COMPLAIN("Unrecognized TLSECGroup: Falling back to the default."); tor_free(options->TLSECGroup); } + if (!evaluate_ecgroup_for_tls(options->TLSECGroup)) { + REJECT("Unsupported TLSECGroup."); + } if (options->ExcludeNodes && options->StrictNodes) { COMPLAIN("You have asked to exclude certain relays from all positions " diff --git a/src/test/bench.c b/src/test/bench.c index a74fc77..bc2b1f0 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -19,11 +19,9 @@ const char tor_git_revision[] = ""; #include "relay.h" #include <openssl/opensslv.h> #include <openssl/evp.h> -#ifndef OPENSSL_NO_EC #include <openssl/ec.h> #include <openssl/ecdh.h> #include <openssl/obj_mac.h> -#endif #include "config.h" #include "crypto_curve25519.h" @@ -502,8 +500,6 @@ bench_dh(void) " %f millisec each.\n", NANOCOUNT(start, end, iters)/1e6); } -#if !defined(OPENSSL_NO_EC) -#define HAVE_EC_BENCHMARKS static void bench_ecdh_impl(int nid, const char *name) { @@ -553,7 +549,6 @@ bench_ecdh_p224(void) { bench_ecdh_impl(NID_secp224r1, "P-224"); } -#endif typedef void (*bench_fn)(void); @@ -576,10 +571,8 @@ static struct benchmark_t benchmarks[] = { ENT(cell_aes), ENT(cell_ops), ENT(dh), -#ifdef HAVE_EC_BENCHMARKS ENT(ecdh_p256), ENT(ecdh_p224), -#endif {NULL,NULL,0} };

1 0

[tor/master] Revert the broken part of 548b4be
by nickm＠torproject.org 21 May '15

21 May '15

commit 9fee289d2406e8d018409e22f48cd853860177a1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu May 21 13:18:51 2015 -0400 Revert the broken part of 548b4be Fixes 16152. --- changes/bug16152 | 3 +++ contrib/dist/tor.service.in | 14 ++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/changes/bug16152 b/changes/bug16152 new file mode 100644 index 0000000..8b93a60 --- /dev/null +++ b/changes/bug16152 @@ -0,0 +1,3 @@ + o Minor bugfixes (systemd): + - Fix an accidental formatting error that broke the systemd + configuration file. Fixes bug 16152; bugfix on 0.2.7.1-alpha. diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in index 8ed5ad2..ae339ff 100644 --- a/contrib/dist/tor.service.in +++ b/contrib/dist/tor.service.in @@ -8,10 +8,16 @@ Description = Anonymizing overlay network for TCP After = syslog.target network.target nss-lookup.target -[Service] Type = notify NotifyAccess = all ExecStartPre = @BINDIR@/tor --f @CONFDIR@/torrc --verify-config ExecStart = @BINDIR@/tor -f -@CONFDIR@/torrc ExecReload = /bin/kill -HUP ${MAINPID} KillSignal = -SIGINT TimeoutSec = 30 Restart = on-failure WatchdogSec = 1m +[Service] +Type = notify +NotifyAccess = all +ExecStartPre = @BINDIR@/tor -f @CONFDIR@/torrc --verify-config +ExecStart = @BINDIR@/tor -f @CONFDIR@/torrc +ExecReload = /bin/kill -HUP ${MAINPID} +KillSignal = SIGINT +TimeoutSec = 30 +Restart = on-failure +WatchdogSec = 1m LimitNOFILE = 32768 # Hardening

1 0

[stem/master] Connecting to both 9051 and 9151 by default
by atagar＠torproject.org 21 May '15

21 May '15

commit 8e5313a2017599f616fc4bd518a5d1950100b920 Author: Damian Johnson <atagar(a)torproject.org> Date: Thu May 21 09:20:15 2015 -0700 Connecting to both 9051 and 9151 by default Tor Browser's control connection is on 9151 by default to avoid conflicting with relays (which default to 9051). Changing our methods for making a controller to check both by default... https://trac.torproject.org/projects/tor/ticket/16075 --- docs/change_log.rst | 1 + stem/connection.py | 38 +++++++++++++++++++++++++++++++++--- stem/control.py | 22 +++++++++++++++++---- stem/interpreter/__init__.py | 4 +++- stem/interpreter/arguments.py | 2 +- stem/response/events.py | 2 +- test/unit/interpreter/arguments.py | 2 +- 7 files changed, 60 insertions(+), 11 deletions(-) diff --git a/docs/change_log.rst b/docs/change_log.rst index 1486391..f3bbc13 100644 --- a/docs/change_log.rst +++ b/docs/change_log.rst @@ -44,6 +44,7 @@ The following are only available within Stem's `git repository * **Controller** + * :func:`~stem.connection.connect` and :func:`~stem.control.Controller.from_port` now connect to both port 9051 (relay's default) and 9151 (Tor Browser's default) (:trac:`16075`) * Added `support for NETWORK_LIVENESS events <api/response.html#stem.response.events.NetworkLivenessEvent>`_ (:spec:`44aac63`) .. _version_1.4: diff --git a/stem/connection.py b/stem/connection.py index fb85225..30d7b41 100644 --- a/stem/connection.py +++ b/stem/connection.py @@ -199,7 +199,7 @@ CONNECT_MESSAGES = { } -def connect(control_port = ('127.0.0.1', 9051), control_socket = '/var/run/tor/control', password = None, password_prompt = False, chroot_path = None, controller = stem.control.Controller): +def connect(control_port = ('127.0.0.1', 'default'), control_socket = '/var/run/tor/control', password = None, password_prompt = False, chroot_path = None, controller = stem.control.Controller): """ Convenience function for quickly getting a control connection. This is very handy for debugging or CLI setup, handling setup and prompting for a password @@ -214,8 +214,15 @@ def connect(control_port = ('127.0.0.1', 9051), control_socket = '/var/run/tor/c details of how this works. Messages and details of this function's behavior could change in the future. + If the **port** is **'default'** then this checks on both 9051 (default for + relays) and 9151 (default for the Tor Browser). This default may change in + the future. + .. versionadded:: 1.2.0 + .. versionchanged:: 1.5.0 + Use both port 9051 and 9151 by default. + :param tuple contol_port: address and port tuple, for instance **('127.0.0.1', 9051)** :param str path: path where the control socket is located :param str password: passphrase to authenticate to the socket @@ -238,7 +245,7 @@ def connect(control_port = ('127.0.0.1', 9051), control_socket = '/var/run/tor/c raise ValueError('The control_port argument for connect() should be an (address, port) tuple.') elif not stem.util.connection.is_valid_ipv4_address(control_port[0]): raise ValueError("'%s' isn't a vaid IPv4 address" % control_port[0]) - elif not stem.util.connection.is_valid_port(control_port[1]): + elif control_port[1] != 'default' and not stem.util.connection.is_valid_port(control_port[1]): raise ValueError("'%s' isn't a valid port" % control_port[1]) control_connection, error_msg = None, '' @@ -256,7 +263,10 @@ def connect(control_port = ('127.0.0.1', 9051), control_socket = '/var/run/tor/c address, port = control_port try: - control_connection = stem.socket.ControlPort(address, port) + if port == 'default': + control_connection = _connection_for_default_port(address) + else: + control_connection = stem.socket.ControlPort(address, port) except stem.SocketError as exc: error_msg = CONNECT_MESSAGES['unable_to_use_port'].format(address = address, port = port, error = exc) @@ -1045,6 +1055,28 @@ def _msg(controller, message): return controller.msg(message) +def _connection_for_default_port(address): + """ + Attempts to provide a controller connection for either port 9051 (default for + relays) or 9151 (default for Tor Browser). If both fail then this raises the + exception for port 9051. + + :param str address: address to connect to + + :returns: :class:`~stem.socket.ControlPort` for the controller conneciton + + :raises: :class:`stem.SocketError` if we're unable to establish a connection + """ + + try: + return stem.socket.ControlPort(address, 9051) + except stem.SocketError as exc: + try: + return stem.socket.ControlPort(address, 9151) + except stem.SocketError: + raise exc + + def _read_cookie(cookie_path, is_safecookie): """ Provides the contents of a given cookie file. diff --git a/stem/control.py b/stem/control.py index a903e4d..efc0d18 100644 --- a/stem/control.py +++ b/stem/control.py @@ -897,10 +897,17 @@ class Controller(BaseController): """ @staticmethod - def from_port(address = '127.0.0.1', port = 9051): + def from_port(address = '127.0.0.1', port = 'default'): """ Constructs a :class:`~stem.socket.ControlPort` based Controller. + If the **port** is **'default'** then this checks on both 9051 (default + for relays) and 9151 (default for the Tor Browser). This default may change + in the future. + + .. versionchanged:: 1.5.0 + Use both port 9051 and 9151 by default. + :param str address: ip address of the controller :param int port: port number of the controller @@ -914,7 +921,11 @@ class Controller(BaseController): elif not stem.util.connection.is_valid_port(port): raise ValueError('Invalid port: %s' % port) - control_port = stem.socket.ControlPort(address, port) + if port == 'default': + control_port = stem.connection._connection_for_default_port(address) + else: + control_port = stem.socket.ControlPort(address, port) + return Controller(control_port) @staticmethod @@ -989,7 +1000,6 @@ class Controller(BaseController): pass-through to :func:`stem.connection.authenticate`. """ - import stem.connection stem.connection.authenticate(self, *args, **kwargs) @with_default() @@ -1391,7 +1401,6 @@ class Controller(BaseController): An exception is only raised if we weren't provided a default response. """ - import stem.connection return stem.connection.get_protocolinfo(self) @with_default() @@ -3631,3 +3640,8 @@ def _case_insensitive_lookup(entries, key, default = UNDEFINED): return entry raise ValueError("key '%s' doesn't exist in dict: %s" % (key, entries)) + + +# importing at the end to avoid circular dependency + +import stem.connection diff --git a/stem/interpreter/__init__.py b/stem/interpreter/__init__.py index cf69d63..980e3ba 100644 --- a/stem/interpreter/__init__.py +++ b/stem/interpreter/__init__.py @@ -78,10 +78,12 @@ def main(): else: print(format(msg('msg.starting_tor'), *HEADER_OUTPUT)) + control_port = '9051' if args.control_port == 'default' else str(args.control_port) + stem.process.launch_tor_with_config( config = { 'SocksPort': '0', - 'ControlPort': str(args.control_port), + 'ControlPort': control_port, 'CookieAuthentication': '1', 'ExitPolicy': 'reject *:*', }, diff --git a/stem/interpreter/arguments.py b/stem/interpreter/arguments.py index eadd043..eeae504 100644 --- a/stem/interpreter/arguments.py +++ b/stem/interpreter/arguments.py @@ -13,7 +13,7 @@ import stem.util.connection DEFAULT_ARGS = { 'control_address': '127.0.0.1', - 'control_port': 9051, + 'control_port': 'default', 'user_provided_port': False, 'control_socket': '/var/run/tor/control', 'user_provided_socket': False, diff --git a/stem/response/events.py b/stem/response/events.py index 2ae01be..464dd61 100644 --- a/stem/response/events.py +++ b/stem/response/events.py @@ -163,7 +163,7 @@ class AddrMapEvent(Event): Added the cached attribute. :var str hostname: address being resolved - :var str destination: destionation of the resolution, this is usually an ip, + :var str destination: destination of the resolution, this is usually an ip, but could be a hostname if TrackHostExits is enabled or **NONE** if the resolution failed :var datetime expiry: expiration time of the resolution in local time diff --git a/test/unit/interpreter/arguments.py b/test/unit/interpreter/arguments.py index 60fda3d..6a765b1 100644 --- a/test/unit/interpreter/arguments.py +++ b/test/unit/interpreter/arguments.py @@ -54,4 +54,4 @@ class TestArgumentParsing(unittest.TestCase): def test_get_help(self): help_text = get_help() self.assertTrue('Interactive interpreter for Tor.' in help_text) - self.assertTrue('change control interface from 127.0.0.1:9051' in help_text) + self.assertTrue('change control interface from 127.0.0.1:default' in help_text)

1 0

[translation/torbutton-torbuttondtd] Update translations for torbutton-torbuttondtd
by translation＠torproject.org 21 May '15

21 May '15

commit 5aee5620159b29142177917698159863a1b490ec Author: Translation commit bot <translation(a)torproject.org> Date: Thu May 21 16:16:00 2015 +0000 Update translations for torbutton-torbuttondtd --- id/torbutton.dtd | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/id/torbutton.dtd b/id/torbutton.dtd index a95a6fa..959aec0 100644 --- a/id/torbutton.dtd +++ b/id/torbutton.dtd @@ -52,17 +52,17 @@ <!ENTITY torbutton.prefs.block_nthread "Blokir pembacaan riwayat selama sesi Non-Tor (opsional)"> <!ENTITY torbutton.prefs.block_nthwrite "Blokir penulisan riwayat selama sesi Non-Tor (opsional)"> <!ENTITY torbutton.prefs.clear_history "Bersihkan riwayat pada saat peralihan status Tor (opsional)"> -<!ENTITY torbutton.prefs.clear_cache "Blokir disk cache dan bersihkan semua cache pada saat peralihan status Tor"> -<!ENTITY torbutton.prefs.block_cache "Blokir akses cache memori dan disk selama sesi Tor"> -<!ENTITY torbutton.prefs.cookie_jars "Simpan cookie Non-Tor dalam jar terproteksi"> -<!ENTITY torbutton.prefs.cookie_protection "Use the Cookie Protections Dialog to choose"> +<!ENTITY torbutton.prefs.clear_cache "Blokir proses cache ke harddisk dan bersihkan semua cache pada saat peralihan status Tor"> +<!ENTITY torbutton.prefs.block_cache "Blokir pengaksesan cache ke harddisk dan RAM selama sesi Tor"> +<!ENTITY torbutton.prefs.cookie_jars "Simpan cookie Non-Tor ke dalam tempat terproteksi"> +<!ENTITY torbutton.prefs.cookie_protection "Gunakan jendela Perlindungan Cookie untuk memilih"> <!ENTITY torbutton.prefs.mmm_cookies "Saya akan mengelola cookie saya secara manual (berbahaya)"> <!ENTITY torbutton.prefs.clear_cookies "Bersihkan cookie pada saat peralihan status Tor"> -<!ENTITY torbutton.prefs.disable_plugins "Nonaktifkan plugin selama menggunakan Tor (krusial)"> -<!ENTITY torbutton.prefs.kill_bad_js "Tahan javascript yang berbahaya (krusial)"> -<!ENTITY torbutton.prefs.isolate_content "Isolasi konten dinamis pada kondisi Tor (krusial)"> -<!ENTITY torbutton.prefs.no_updates "Nonaktifkan update selama penggunaan Tor"> -<!ENTITY torbutton.prefs.set_uagent "Tetapkan agen pengguna untuk penggunaan Tor (krusial)"> +<!ENTITY torbutton.prefs.disable_plugins "Nonaktifkan pengaya selama menggunakan Tor (sangat penting)"> +<!ENTITY torbutton.prefs.kill_bad_js "Tahan javascript yang berbahaya (sangat penting)"> +<!ENTITY torbutton.prefs.isolate_content "Isolasi konten dinamis pada kondisi Tor (sangat penting)"> +<!ENTITY torbutton.prefs.no_updates "Nonaktifkan pembaharuan selama menggunakan Tor"> +<!ENTITY torbutton.prefs.set_uagent "Tetapkan user agent untuk penggunaan Tor (sangat penting)"> <!ENTITY torbutton.prefs.dynamic "Konten Dinamis"> <!ENTITY torbutton.prefs.cookies "Cookie"> <!ENTITY torbutton.prefs.cache "Cache">

1 0

[translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
by translation＠torproject.org 21 May '15

21 May '15

commit 6f8fbff4e2c1cb6c10e993ee40351b725a29a405 Author: Translation commit bot <translation(a)torproject.org> Date: Thu May 21 16:15:56 2015 +0000 Update translations for torbutton-torbuttonproperties --- id/torbutton.properties | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/id/torbutton.properties b/id/torbutton.properties index fa5e012..ad4a1ee 100644 --- a/id/torbutton.properties +++ b/id/torbutton.properties @@ -1,12 +1,12 @@ torbutton.button.tooltip.disabled = Aktifkan Tor torbutton.button.tooltip.enabled = Nonaktifkan Tor torbutton.circuit_display.internet = Internet -torbutton.circuit_display.ip_unknown = IP diketahui -torbutton.circuit_display.onion_site = Onion site -torbutton.circuit_display.this_browser = This browser +torbutton.circuit_display.ip_unknown = IP tidak diketahui +torbutton.circuit_display.onion_site = Situs onion +torbutton.circuit_display.this_browser = Peramban ini torbutton.circuit_display.relay = menyampaikan -torbutton.circuit_display.tor_bridge = Bridge -torbutton.circuit_display.unknown_country = Unknown country +torbutton.circuit_display.tor_bridge = Jembatan +torbutton.circuit_display.unknown_country = Negara tidak diketahui torbutton.content_sizer.margin_tooltip = Tor Browser adds this margin to make the width and height of your window less distinctive, and thus reduces the ability of people to track you online. torbutton.panel.tooltip.disabled = Klik untuk mengaktifkan Tor torbutton.panel.tooltip.enabled = Klik untuk menonaktifkan Tor @@ -28,7 +28,7 @@ torbutton.panel.label.verified = Tor Terverifikasi torbutton.popup.test.auto_failed = Pengujian proxy Tor otomatis gagal menggunakan Tor.\n\nApakah Anda yakin ingin mengaktifkannya? torbutton.prefs.recommended = (disarankan) torbutton.prefs.optional = (opsional) -torbutton.prefs.crucial = (krusial) +torbutton.prefs.crucial = (sangat penting) torbutton.popup.external.title = Unduh sebuah tipe file eksternal? torbutton.popup.external.app = Browser Tor tidak dapat menampilkan file ini. Anda butuh aplikasi lain untuk membukanya\n torbutton.popup.external.note = Beberapa tipe file dapat menyebabkan aplikasi terkoneksi ke internet tanpa menggunakan Tor\n\n @@ -53,17 +53,17 @@ torbutton.popup.prompt_torbrowser = Torbutton works differently now: you can't t torbutton.popup.short_torbrowser = Important Torbutton Information!\n\nTorbutton is now always enabled.\n\nClick on the Torbutton for more information. torbutton.popup.confirm_plugins = Plugins such as Flash can harm your privacy and anonymity.\n\nThey can also bypass Tor to reveal your current location and IP address.\n\nAre you sure you want to enable plugins?\n\n -torbutton.popup.never_ask_again = Never ask me again -torbutton.popup.confirm_newnym = Tor Browser will close all windows and tabs. All website sessions will be lost.\n\nRestart Tor Browser now to reset your identity?\n\n +torbutton.popup.never_ask_again = Jangan pernah ditanyakan kembali +torbutton.popup.confirm_newnym = Peramban Tor akan menutup semua jendela dan tab. Semua sesi website akan terhapus.\n\nJalankan ulang peramban Tor untuk torbutton.slider_notification = The green onion menu now has a security slider which lets you adjust your security level. Check it out! -torbutton.slider_notification_button = Open security settings +torbutton.slider_notification_button = Buka pengaturan keamanan torbutton.maximize_warning = Maximizing Tor Browser can allow websites to determine your monitor size, which can be used to track you. We recommend that you leave Tor Browser windows in their original default size. # Canvas permission prompt. Strings are kept here for ease of translation. canvas.siteprompt=Situs ini (%S) butuh untuk mengekstrak data gambar HTML5 , yang mungkin akan mengetahui identitas komputer anda.\n\nApakah anda mengizinkan peramban Tor untuk mengekstrak data gambar HTML5 -canvas.notNow=Tidak untuk sekarang +canvas.notNow=Tidak untuk Sekarang canvas.notNowAccessKey=N canvas.allow=Izinkan kedepannya canvas.allowAccessKey=A

1 0

[tor/master] Generate error ASAP if building with too-old openssl
by nickm＠torproject.org 21 May '15

21 May '15

commit 0b7bf3585a378bca4fc5bb551af3c37d517fdf28 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu May 21 11:54:13 2015 -0400 Generate error ASAP if building with too-old openssl --- src/common/aes.c | 7 ++++++- src/common/crypto.c | 16 +++++++++------- src/common/tortls.c | 13 +++++++------ 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/src/common/aes.c b/src/common/aes.c index 201cadc..dbc12dc 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -25,13 +25,18 @@ #endif #include <openssl/opensslv.h> +#include "crypto.h" + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) +#error "We require OpenSSL >= 1.0.0" +#endif + #include <assert.h> #include <stdlib.h> #include <string.h> #include <openssl/aes.h> #include <openssl/evp.h> #include <openssl/engine.h> -#include "crypto.h" #include <openssl/modes.h> #include "compat.h" #include "aes.h" diff --git a/src/common/crypto.c b/src/common/crypto.c index 28963f5..fcd862f 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -24,13 +24,21 @@ #undef OCSP_RESPONSE #endif +#include <openssl/opensslv.h> + +#define CRYPTO_PRIVATE +#include "crypto.h" + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) +#error "We require OpenSSL >= 1.0.0" +#endif + #include <openssl/err.h> #include <openssl/rsa.h> #include <openssl/pem.h> #include <openssl/evp.h> #include <openssl/engine.h> #include <openssl/rand.h> -#include <openssl/opensslv.h> #include <openssl/bn.h> #include <openssl/dh.h> #include <openssl/conf.h> @@ -49,8 +57,6 @@ #include <sys/fcntl.h> #endif -#define CRYPTO_PRIVATE -#include "crypto.h" #include "torlog.h" #include "aes.h" #include "util.h" @@ -58,10 +64,6 @@ #include "compat.h" #include "sandbox.h" -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) -#error "We require OpenSSL >= 1.0.0" -#endif - #ifdef ANDROID /* Android's OpenSSL seems to have removed all of its Engine support. */ #define DISABLE_ENGINES diff --git a/src/common/tortls.c b/src/common/tortls.c index ca3291b..ca7b15f 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -43,13 +43,19 @@ #pragma GCC diagnostic ignored "-Wredundant-decls" #endif +#include <openssl/opensslv.h> +#include "crypto.h" + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) +#error "We require OpenSSL >= 1.0.0" +#endif + #include <openssl/ssl.h> #include <openssl/ssl3.h> #include <openssl/err.h> #include <openssl/tls1.h> #include <openssl/asn1.h> #include <openssl/bio.h> -#include <openssl/opensslv.h> #include <openssl/bn.h> #include <openssl/rsa.h> @@ -68,17 +74,12 @@ #include "compat_libevent.h" #endif -#include "crypto.h" #include "tortls.h" #include "util.h" #include "torlog.h" #include "container.h" #include <string.h> -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) -#error "We require OpenSSL >= 1.0.0" -#endif - /* Enable the "v2" TLS handshake. */ #define V2_HANDSHAKE_SERVER

1 0

[translation/torbutton-abouttorproperties_completed] Update translations for torbutton-abouttorproperties_completed
by translation＠torproject.org 21 May '15

21 May '15

commit fcc0f856a4cf1ccd3041f9b2256b7f16a154f291 Author: Translation commit bot <translation(a)torproject.org> Date: Thu May 21 15:46:37 2015 +0000 Update translations for torbutton-abouttorproperties_completed --- id/abouttor.properties | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/id/abouttor.properties b/id/abouttor.properties new file mode 100644 index 0000000..a3d7ab7 --- /dev/null +++ b/id/abouttor.properties @@ -0,0 +1,21 @@ +# Copyright (c) 2014, The Tor Project, Inc. +# See LICENSE for licensing information. +# vim: set sw=2 sts=2 ts=8 et: + +aboutTor.searchSP.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">Halaman Awal</a>. +# The following string is a link which replaces %1$S above. +aboutTor.searchSP.privacy.link=https://halamanawal.com/ind/lindungi-privasi.html +# The following string is a link which replaces %2$S above. +aboutTor.searchSP.search.link=https://halamanawal.com/ + +aboutTor.searchDDG.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">DuckDuckGo</a>. +# The following string is a link which replaces %1$S above. +aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privasi.html +# The following string is a link which replaces %2$S above. +aboutTor.searchDDG.search.link=https://duckduckgo.com/ + +aboutTor.searchDC.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">Disconnect.me</a>. +# The following string is a link which replaces %1$S above. +aboutTor.searchDC.privacy.link=https://disconnect.me/privasi +# The following string is a link which replaces %2$S above. +aboutTor.searchDC.search.link=https://cari.disconnect.me/

1 0

[translation/torbutton-abouttorproperties] Update translations for torbutton-abouttorproperties
by translation＠torproject.org 21 May '15

21 May '15

commit c426a251c05acdcae9bf056fa901ced470a6b388 Author: Translation commit bot <translation(a)torproject.org> Date: Thu May 21 15:46:33 2015 +0000 Update translations for torbutton-abouttorproperties --- id/abouttor.properties | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/id/abouttor.properties b/id/abouttor.properties index d607324..a3d7ab7 100644 --- a/id/abouttor.properties +++ b/id/abouttor.properties @@ -2,20 +2,20 @@ # See LICENSE for licensing information. # vim: set sw=2 sts=2 ts=8 et: -aboutTor.searchSP.privacy=Search <a href="%1$S">securely</a> with <a href="%2$S">Startpage</a>. +aboutTor.searchSP.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">Halaman Awal</a>. # The following string is a link which replaces %1$S above. -aboutTor.searchSP.privacy.link=https://startpage.com/eng/protect-privacy.html +aboutTor.searchSP.privacy.link=https://halamanawal.com/ind/lindungi-privasi.html # The following string is a link which replaces %2$S above. -aboutTor.searchSP.search.link=https://startpage.com/ +aboutTor.searchSP.search.link=https://halamanawal.com/ -aboutTor.searchDDG.privacy=Search <a href="%1$S">securely</a> with <a href="%2$S">DuckDuckGo</a>. +aboutTor.searchDDG.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">DuckDuckGo</a>. # The following string is a link which replaces %1$S above. -aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privacy.html +aboutTor.searchDDG.privacy.link=https://duckduckgo.com/privasi.html # The following string is a link which replaces %2$S above. aboutTor.searchDDG.search.link=https://duckduckgo.com/ -aboutTor.searchDC.privacy=Search <a href="%1$S">securely</a> with <a href="%2$S">Disconnect.me</a>. +aboutTor.searchDC.privacy=Cari <a href="%1$S">secara aman</a> dengan <a href="%2$S">Disconnect.me</a>. # The following string is a link which replaces %1$S above. -aboutTor.searchDC.privacy.link=https://disconnect.me/privacy +aboutTor.searchDC.privacy.link=https://disconnect.me/privasi # The following string is a link which replaces %2$S above. -aboutTor.searchDC.search.link=https://search.disconnect.me/ +aboutTor.searchDC.search.link=https://cari.disconnect.me/

1 0

[translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed
by translation＠torproject.org 21 May '15

21 May '15

commit e25b8062757dc4c117e016136dc326e0e2062d26 Author: Translation commit bot <translation(a)torproject.org> Date: Thu May 21 15:46:30 2015 +0000 Update translations for torbutton-aboutdialogdtd_completed --- id/aboutdialog.dtd | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/id/aboutdialog.dtd b/id/aboutdialog.dtd new file mode 100644 index 0000000..e3ae1af --- /dev/null +++ b/id/aboutdialog.dtd @@ -0,0 +1,19 @@ +<!ENTITY project.start "&brandShortName; dibuat oleh"> + +<!ENTITY project.tpoLink "&vendorShortName;"> +<!ENTITY project.end ", sebuah perusahaan nirlaba yang bekerja untuk melindungi privasi dan kebebasan penjelajahan Anda."> + +<!ENTITY help.start "Ingin membantu?"> + +<!ENTITY help.donateLink "Donasi"> +<!ENTITY help.or "atau"> + +<!ENTITY help.getInvolvedLink "ikut terlibat"> +<!ENTITY help.end "!"> + +<!ENTITY bottomLinks.questions "Pertanyaan?"> + +<!ENTITY bottomLinks.grow "Bantu kembangkan jaringan Tor!"> + +<!ENTITY bottomLinks.license "Informasi Lisensi"> +<!ENTITY tor.TrademarkStatement "'Tor' dan 'Logo Onion' adalah merek dagang Tor Project, Inc yang teregistrasi.">

1 0