May 2016 - tor-commits - lists.torproject.org

[webwml/master] remove our postal address from two pages
by arma＠torproject.org 23 May '16

23 May '16

commit 7086384121abe10e348c409a18efc1bd5b849a2d Author: Roger Dingledine <arma(a)torproject.org> Date: Mon May 23 14:44:23 2016 -0400 remove our postal address from two pages now it's easier to change it --- about/en/corepeople.wml | 9 ++------- donate/en/donor-faq.wml | 6 +++--- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/about/en/corepeople.wml b/about/en/corepeople.wml index ec0afbd..b9ff1f4 100644 --- a/about/en/corepeople.wml +++ b/about/en/corepeople.wml @@ -10,15 +10,10 @@ </div> <div id="maincol"> The Tor Project is a 501(c)(3) non-profit based in - the United States. The official address of the organization is: + the United States. The official address of the organization is + listed on the <a href="<page about/contact>#mail">contact page</a>. - <address> - The Tor Project - 7 Temple Street, Suite A - Cambridge, MA 02139-2403 USA - </address> - The organization consists of many volunteers and a few employees. Please don't contact us individually about Tor topics — if you have a problem or question, please look through the <a href="<page diff --git a/donate/en/donor-faq.wml b/donate/en/donor-faq.wml index c6816ad..0b95e8c 100644 --- a/donate/en/donor-faq.wml +++ b/donate/en/donor-faq.wml @@ -258,9 +258,9 @@ <li> If I want my donation to be anonymous, what is the best way for me to donate? - You can donate by mailing cash to the Tor Project. Our - address is The Tor Project, Inc., 7 Temple Street Suite A, - Cambridge MA 02139-2403 USA. You can donate via bitcoin + You can donate by <a href="<page + donate/donate-options>#cash">mailing cash</a>. + You can donate via bitcoin if you have bitcoin set up in a way that preserves your anonymity. You can buy cash gift cards and mail them to us. There are probably other ways to donate anonymously that

1 0

[tor/master] Do not ignore files that are being tracked by git
by nickm＠torproject.org 23 May '16

23 May '16

commit 87134db57cc7cbbd801e5992ce6ca6a71e2ebfc8 Author: cypherpunks <cypherpunks(a)torproject.org> Date: Wed Apr 6 12:16:04 2016 +0000 Do not ignore files that are being tracked by git --- .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitignore b/.gitignore index b141e80..f304a32 100644 --- a/.gitignore +++ b/.gitignore @@ -189,9 +189,6 @@ uptime-*.json /src/test/test-memwipe.exe /src/test/test-switch-id.exe /src/test/test_workqueue.exe -/src/test/test_zero_length_keys.sh -/src/test/test_ntor.sh -/src/test/test_bt.sh # /src/tools/ /src/tools/tor-checkkey

1 0

[tor/release-0.2.8] Do not ignore files that are being tracked by git
by nickm＠torproject.org 23 May '16

23 May '16

commit 87134db57cc7cbbd801e5992ce6ca6a71e2ebfc8 Author: cypherpunks <cypherpunks(a)torproject.org> Date: Wed Apr 6 12:16:04 2016 +0000 Do not ignore files that are being tracked by git --- .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitignore b/.gitignore index b141e80..f304a32 100644 --- a/.gitignore +++ b/.gitignore @@ -189,9 +189,6 @@ uptime-*.json /src/test/test-memwipe.exe /src/test/test-switch-id.exe /src/test/test_workqueue.exe -/src/test/test_zero_length_keys.sh -/src/test/test_ntor.sh -/src/test/test_bt.sh # /src/tools/ /src/tools/tor-checkkey

1 0

[tor/master] Merge branch 'maint-0.2.8'
by nickm＠torproject.org 23 May '16

23 May '16

commit 5b7d4b0ceaf4ed3a3e9476cbae0defb9b2e13dea Merge: b53a205 87134db Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 23 11:06:32 2016 -0400 Merge branch 'maint-0.2.8' .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --cc .gitignore index 670bca5,f304a32..2f94254 --- a/.gitignore +++ b/.gitignore @@@ -192,11 -188,7 +192,8 @@@ uptime-*.jso /src/test/test-ntor-cl.exe /src/test/test-memwipe.exe /src/test/test-switch-id.exe +/src/test/test-timers.exe /src/test/test_workqueue.exe - /src/test/test_zero_length_keys.sh - /src/test/test_ntor.sh - /src/test/test_bt.sh # /src/tools/ /src/tools/tor-checkkey

1 0

[tor/release-0.2.8] Merge branch 'maint-0.2.8' into release-0.2.8
by nickm＠torproject.org 23 May '16

23 May '16

commit 0f80dd2a26333ee78a9698b4d3cf8079736f34b5 Merge: fd34049 87134db Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 23 11:06:22 2016 -0400 Merge branch 'maint-0.2.8' into release-0.2.8 .gitignore | 3 --- 1 file changed, 3 deletions(-)

1 0

[tor/maint-0.2.8] Do not ignore files that are being tracked by git
by nickm＠torproject.org 23 May '16

23 May '16

commit 87134db57cc7cbbd801e5992ce6ca6a71e2ebfc8 Author: cypherpunks <cypherpunks(a)torproject.org> Date: Wed Apr 6 12:16:04 2016 +0000 Do not ignore files that are being tracked by git --- .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitignore b/.gitignore index b141e80..f304a32 100644 --- a/.gitignore +++ b/.gitignore @@ -189,9 +189,6 @@ uptime-*.json /src/test/test-memwipe.exe /src/test/test-switch-id.exe /src/test/test_workqueue.exe -/src/test/test_zero_length_keys.sh -/src/test/test_ntor.sh -/src/test/test_bt.sh # /src/tools/ /src/tools/tor-checkkey

1 0

[tor/master] dirauth: don't use hardcoded length when parsing digests
by nickm＠torproject.org 23 May '16

23 May '16

commit 50ff24e27652b4781a127d5dea81c4de96a6fdef Author: David Goulet <dgoulet(a)torproject.org> Date: Mon May 16 11:18:51 2016 -0400 dirauth: don't use hardcoded length when parsing digests When parsing detached signature, we make sure that we use the length of the digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid comparing bytes out of bound with a smaller digest length such as SHA1. Fixes #19066 Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- changes/bug19066 | 5 +++++ src/or/routerparse.c | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/changes/bug19066 b/changes/bug19066 new file mode 100644 index 0000000..c3d1fc7 --- /dev/null +++ b/changes/bug19066 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory authority): + - When parsing detached signature, make sure we use the length of the + digest algorithm instead of an hardcoded DIGEST256_LEN in order to + avoid comparing bytes out of bound with a smaller digest length such + as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha. diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 600d552..e44899f 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3505,7 +3505,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos) digest_algorithm_t alg; const char *flavor; const char *hexdigest; - size_t expected_length; + size_t expected_length, digest_length; tok = _tok; @@ -3530,6 +3530,8 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos) expected_length = (alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN; + digest_length = + (alg == DIGEST_SHA1) ? DIGEST_LEN : DIGEST256_LEN; if (strlen(hexdigest) != expected_length) { log_warn(LD_DIR, "Wrong length on consensus-digest in detached " @@ -3538,12 +3540,12 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos) } digests = detached_get_digests(sigs, flavor); tor_assert(digests); - if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) { + if (!tor_mem_is_zero(digests->d[alg], digest_length)) { log_warn(LD_DIR, "Multiple digests for %s with %s on detached " "signatures document", flavor, algname); continue; } - if (base16_decode(digests->d[alg], DIGEST256_LEN, + if (base16_decode(digests->d[alg], digest_length, hexdigest, strlen(hexdigest)) < 0) { log_warn(LD_DIR, "Bad encoding on consensus-digest in detached " "networkstatus signatures");

1 0

[tor/master] Merge remote-tracking branch 'dgoulet/bug19066_029_01'
by nickm＠torproject.org 23 May '16

23 May '16

commit 2a884926c04959b11c39e656099f19a55c3a8e95 Merge: 9c7edb0 50ff24e Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 23 10:45:13 2016 -0400 Merge remote-tracking branch 'dgoulet/bug19066_029_01' changes/bug19066 | 5 +++++ src/or/routerparse.c | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-)

1 0

[tor/master] Expose crypto_digest_algorithm_get_length from crypto.c
by nickm＠torproject.org 23 May '16

23 May '16

commit b53a2059c4495946d1bb27f8be1f6fadb7af69f1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 23 10:58:27 2016 -0400 Expose crypto_digest_algorithm_get_length from crypto.c Also, use it in routerparse.c --- src/common/crypto.c | 2 +- src/common/crypto.h | 1 + src/or/routerparse.c | 6 ++---- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/common/crypto.c b/src/common/crypto.c index fb5dd06..4ed8bfa 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1727,7 +1727,7 @@ crypto_digest_algorithm_parse_name(const char *name) } /** Given an algorithm, return the digest length in bytes. */ -static inline size_t +size_t crypto_digest_algorithm_get_length(digest_algorithm_t alg) { switch (alg) { diff --git a/src/common/crypto.h b/src/common/crypto.h index 017c849..ff38cca 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -233,6 +233,7 @@ void crypto_digest_smartlist(char *digest_out, size_t len_out, const struct smartlist_t *lst, const char *append, digest_algorithm_t alg); const char *crypto_digest_algorithm_get_name(digest_algorithm_t alg); +size_t crypto_digest_algorithm_get_length(digest_algorithm_t alg); int crypto_digest_algorithm_parse_name(const char *name); crypto_digest_t *crypto_digest_new(void); crypto_digest_t *crypto_digest256_new(digest_algorithm_t algorithm); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 42b0583..6ab042e 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3531,10 +3531,8 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos) continue; } - expected_length = - (alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN; - digest_length = - (alg == DIGEST_SHA1) ? DIGEST_LEN : DIGEST256_LEN; + digest_length = crypto_digest_algorithm_get_length(alg); + expected_length = digest_length * 2; /* hex encoding */ if (strlen(hexdigest) != expected_length) { log_warn(LD_DIR, "Wrong length on consensus-digest in detached "

1 0

[webwml/master] remove the non-functioning press phone number
by arma＠torproject.org 23 May '16

23 May '16

commit 1764f63e9ac2d69419f67ec3f05db14b867ba195 Author: Roger Dingledine <arma(a)torproject.org> Date: Mon May 23 09:41:45 2016 -0400 remove the non-functioning press phone number also obfuscate the address a little bit --- press/en/info.wmi | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/press/en/info.wmi b/press/en/info.wmi index 6f5cee6..fb76932 100644 --- a/press/en/info.wmi +++ b/press/en/info.wmi @@ -7,15 +7,13 @@ <h2 class="media">Press Contact</h2> Tor Press Team - press(a)torproject.org - +1-617-902-0208 + press at torproject dot org Please Note: - If you need technical help with Tor, please visit our - <a href="https://www.torproject.org/docs/faq.html.en">FAQ page</a> or - <a href="https://www.torproject.org/about/contact.html.en#support"> - contact the help desk</a>. This number is for press inquiries only. + If you need technical help with Tor, please use one of our + <a href="<page about/contact>#support">support options</a>. + This address is for press inquiries only. </div>

1 0