tor-commits July 2017

tor-commits@lists.torproject.org

14 participants
1743 discussions

[webwml/master] Add Taylor
by atagar＠torproject.org 14 Jul '17

14 Jul '17

commit 9128bd80b4c16e91e1b0cc2892d2abfea99a0bc6 Author: Damian Johnson <atagar(a)torproject.org> Date: Fri Jul 14 14:35:31 2017 -0700 Add Taylor --- about/en/corepeople_alternate.wml | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 6f6b244..63004ad 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -660,6 +660,18 @@ table.people tr td:first-child { </td> <td> + <a id="catalyst"></a> + <div class="photo"><img src="$(IMGROOT)/people/no_photo.png" alt="no photo" /></div> + <div class="icon"><a href="https://twitter.com/argonblue"><img src="$(IMGROOT)/twitter-small.png" alt="twitter" /></a></div> + <div class="icon"><a href="https://db.torproject.org/fetchkey.cgi?fingerprint=2C732B1C0DBEF678AB3AF606…"><img src="$(IMGROOT)/pgp-key.png" alt="pgp key" /></a></div> + <div class="name"><a href="#catalyst">Taylor Yu</a></div> + <div class="field"><b>IRC:</b> catalyst</div> + <div class="description">Software archaeologist and keeper of C language arcana. Works with applied cryptography, protocol design, software security, and technical debt restructuring.</div> + </td> + </tr> + + <tr> + <td> <a id="teor"></a> <div class="photo"><img src="$(IMGROOT)/people/no_photo.png" alt="no photo" /></div> <div class="icon"><a href="https://db.torproject.org/fetchkey.cgi?fingerprint=C8556CED5D90A0C529F64D43…"><img src="$(IMGROOT)/pgp-key.png" alt="pgp key" /></a></div> @@ -667,9 +679,7 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> teor</div> <div class="description">Onion services developer, and core member of Tor dev team. Researches Tor network measurement and onion service scalability.</div> </td> - </tr> - <tr> <td> <a id="tjr"></a> <div class="photo"><img src="$(IMGROOT)/people/tjr.png" alt="tjr" /></div> @@ -679,7 +689,9 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> tjr</div> <div class="description">Maintains <a href="https://consensus-health.torproject.org/">Consensus Health </a>, runs one of the bandwidth authorities, and contributes to Tor Browser.</div> </td> + </tr> + <tr> <td> <a id="t0mmy"></a> <div class="photo"><img src="$(IMGROOT)/people/t0mmy.png" alt="t0mmy" /></div> @@ -688,9 +700,6 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> t0mmy</div> <div class="description">Writes and edits grant proposals, one-pagers, blogposts, etc.</div> </td> - </tr> - - <tr> <td> <a id="wseltzer"></a> <div class="photo"><img src="$(IMGROOT)/people/wseltzer.png" alt="wseltzer" /></div>

1 0

[stem/master] Ensure port used by process tests is unused
by atagar＠torproject.org 14 Jul '17

14 Jul '17

commit d37810010f4f587dbb848e9ac69ab9f9472e47dd Author: Damian Johnson <atagar(a)torproject.org> Date: Fri Jul 14 12:40:47 2017 -0700 Ensure port used by process tests is unused When running in a loop catalyst occasionally runs into... OSError: Process terminated: Failed to bind one of the listener ports. https://trac.torproject.org/projects/tor/ticket/22902 First guess is that maybe multiple tests pick the same random port, or something that's coincidently being used by the system. Tried to use socket's connect_ex() for this... https://stackoverflow.com/questions/19196105/python-how-to-check-if-a-netwo… But doing so causes exactly the binding failures we're attempting to avoid (even with a sleep after closing). Weird. Just checking for process instead. --- test/integ/process.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/test/integ/process.py b/test/integ/process.py index 70f414c..dea0b4c 100644 --- a/test/integ/process.py +++ b/test/integ/process.py @@ -2,6 +2,8 @@ Tests the stem.process functions with various use cases. """ +from __future__ import absolute_import + import binascii import hashlib import os @@ -45,7 +47,11 @@ DataDirectory %s def random_port(): - return str(random.randint(1024, 65535)) + while True: + port = random.randint(1024, 65535) + + if stem.util.system.pid_by_port(port) is None: + return str(port) @contextmanager @@ -552,8 +558,8 @@ class TestProcess(unittest.TestCase): except OSError: runtime = time.time() - start_time - if not (runtime > 0.05 and runtime < 1): - raise AssertionError('Test should have taken 0.05-1 seconds, took %0.1f instead' % runtime) + if not (runtime > 0.05 and runtime < 3): + raise AssertionError('Test should have taken 0.05-3 seconds, took %0.1f instead' % runtime) @asynchronous def test_take_ownership_via_pid(tor_cmd):

1 0

[webwml/master] Add Sina
by atagar＠torproject.org 14 Jul '17

14 Jul '17

commit 454fed2db86a288bb44e82d48f3d9643c671e824 Author: Damian Johnson <atagar(a)torproject.org> Date: Fri Jul 14 13:40:22 2017 -0700 Add Sina --- about/en/corepeople_alternate.wml | 24 ++++++++++++++++++------ images/people/inf0.png | Bin 0 -> 18667 bytes images/people/orig/inf0.jpg | Bin 0 -> 21090 bytes 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index a8c4361..6f6b244 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -617,6 +617,18 @@ table.people tr td:first-child { </td> <td> + <a id="inf0"></a> + <div class="photo"><img src="$(IMGROOT)/people/inf0.png" alt="inf0" /></div> + <div class="icon"><a href="https://twitter.com/wwwiretap"><img src="$(IMGROOT)/twitter-small.png" alt="twitter" /></a></div> + <div class="icon"><a href="https://s3.amazonaws.com/sina-publickeys/0B47D56D.asc"><img src="$(IMGROOT)/pgp-key.png" alt="pgp key" /></a></div> + <div class="name"><a href="#inf0">Sina Rabbani</a></div> + <div class="field"><b>IRC:</b> inf0</div> + <div class="description">Directory authority operator, outreach and trains human rights activists. System's Engineer at Team Cymru and co-Founder of accessnow.org.</div> + </td> + </tr> + + <tr> + <td> <a id="stephw"></a> <div class="photo"><img src="$(IMGROOT)/people/stephw.png" alt="stephw" /></div> <div class="icon"><a href="https://twitter.com/walnutwordsalad"><img src="$(IMGROOT)/twitter-small.png" alt="twitter" /></a></div> @@ -625,9 +637,7 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> stephw</div> <div class="description">Directs communications to consistently articulate and promote the Tor Project's mission.</div> </td> - </tr> - <tr> <td> <a id="sjmurdoch"></a> <div class="photo"><img src="$(IMGROOT)/people/sjmurdoch.png" alt="sjmurdoch" /></div> @@ -637,7 +647,9 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> sjmurdoch</div> <div class="description"><a href="http://www.cs.ucl.ac.uk/staff/s.murdoch/">Principal Research Fellow</a> at University College London and original creator of the <a href="https://www.torproject.org/projects/torbrowser.html.en">Tor Browser</a>.</div> </td> + </tr> + <tr> <td> <a id="sukhe"></a> <div class="photo"><img src="$(IMGROOT)/people/no_photo.png" alt="no photo" /></div> @@ -646,9 +658,7 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> sukhe</div> <div class="description"><a href="https://trac.torproject.org/projects/tor/wiki/torbirdy">TorBirdy</a> and <a href="https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger">Tor Messenger</a> developer. Volunteer on the <a href="https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam">Community Team</a>.</div> </td> - </tr> - <tr> <td> <a id="teor"></a> <div class="photo"><img src="$(IMGROOT)/people/no_photo.png" alt="no photo" /></div> @@ -657,7 +667,9 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> teor</div> <div class="description">Onion services developer, and core member of Tor dev team. Researches Tor network measurement and onion service scalability.</div> </td> + </tr> + <tr> <td> <a id="tjr"></a> <div class="photo"><img src="$(IMGROOT)/people/tjr.png" alt="tjr" /></div> @@ -667,9 +679,7 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> tjr</div> <div class="description">Maintains <a href="https://consensus-health.torproject.org/">Consensus Health </a>, runs one of the bandwidth authorities, and contributes to Tor Browser.</div> </td> - </tr> - <tr> <td> <a id="t0mmy"></a> <div class="photo"><img src="$(IMGROOT)/people/t0mmy.png" alt="t0mmy" /></div> @@ -678,7 +688,9 @@ table.people tr td:first-child { <div class="field"><b>IRC:</b> t0mmy</div> <div class="description">Writes and edits grant proposals, one-pagers, blogposts, etc.</div> </td> + </tr> + <tr> <td> <a id="wseltzer"></a> <div class="photo"><img src="$(IMGROOT)/people/wseltzer.png" alt="wseltzer" /></div> diff --git a/images/people/inf0.png b/images/people/inf0.png new file mode 100644 index 0000000..5b8fc9c Binary files /dev/null and b/images/people/inf0.png differ diff --git a/images/people/orig/inf0.jpg b/images/people/orig/inf0.jpg new file mode 100644 index 0000000..cbd6032 Binary files /dev/null and b/images/people/orig/inf0.jpg differ

1 0

[tor/master] Fix a signed integer overflow in dir/download_status_random_backoff
by nickm＠torproject.org 14 Jul '17

14 Jul '17

commit b7566d465f0299e97b46f40d746a1203257245d4 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jul 14 13:56:40 2017 -0400 Fix a signed integer overflow in dir/download_status_random_backoff Fix for 22924. Bugfix on 0.2.9.1-alpha when the test was introducd -- though it couldn't actually overflow until we fixed 17750. Additionally, this only seems to overflow on 32-bit, and only when the compiler doesn't re-order the (possibly dead) assignment out of the way. We ran into it on a 32-bit ubuntu trusty builder. --- changes/bug22924 | 4 ++++ src/test/test_dir.c | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/changes/bug22924 b/changes/bug22924 new file mode 100644 index 0000000..e59fc72 --- /dev/null +++ b/changes/bug22924 @@ -0,0 +1,4 @@ + o Minor bugfies (tests): + - Fix a signed-integer overflow in the unit tests for + dir/download_status_random_backoff, which was untriggered until we + fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha. diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 53911e8..729ae64 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -3657,12 +3657,14 @@ download_status_random_backoff_helper(int min_delay, int max_delay) } /* Advance */ - current_time += increment; ++(dls_random.n_download_attempts); ++(dls_random.n_download_failures); /* Try another maybe */ old_increment = increment; + if (increment >= max_delay) + current_time += increment; + } while (increment < max_delay); done:

1 0

[tor/master] Merge branch 'bug17750_029_squashed'
by nickm＠torproject.org 14 Jul '17

14 Jul '17

commit 0ccdf2f31e52bde1dc9556a4c938c494e784c79c Merge: 9a1338d b7566d4 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jul 14 15:07:09 2017 -0400 Merge branch 'bug17750_029_squashed' changes/bug22924 | 4 ++++ src/test/test_dir.c | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-)

1 0

[webwml/master] Add iwakeh's key
by atagar＠torproject.org 14 Jul '17

14 Jul '17

commit 270e16da0933336c699f0b781030fae5f361f93e Author: Damian Johnson <atagar(a)torproject.org> Date: Fri Jul 14 11:24:40 2017 -0700 Add iwakeh's key Received permission to link to their key. --- about/en/corepeople_alternate.wml | 1 + 1 file changed, 1 insertion(+) diff --git a/about/en/corepeople_alternate.wml b/about/en/corepeople_alternate.wml index 2936a7c..a8c4361 100644 --- a/about/en/corepeople_alternate.wml +++ b/about/en/corepeople_alternate.wml @@ -307,6 +307,7 @@ table.people tr td:first-child { <td> <a id="iwakeh"></a> <div class="photo"><img src="$(IMGROOT)/people/no_photo.png" alt="no photo" /></div> + <div class="icon"><a href="https://db.torproject.org/fetchkey.cgi?fingerprint=B788B36768B69B4DD8E1F69E…"><img src="$(IMGROOT)/pgp-key.png" alt="pgp key" /></a></div> <div class="name"><a href="#iwakeh">iwakeh</a></div> <div class="description">Speaks Java and other languages, streamlines build processes, and scrutinizes mathematical concepts behind aggregating tons of Tor network data.</div> </td>

1 0

[sandboxed-tor-browser/master] Bug 22899: Force disable the "Get Addons" pane via a pref.
by yawning＠torproject.org 14 Jul '17

14 Jul '17

commit 7da173ec3f91a88a4470b07cffc1b102f7e00f4a Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Fri Jul 14 16:45:09 2017 +0000 Bug 22899: Force disable the "Get Addons" pane via a pref. This seems to be the solution that the Tor Browser devs are going for, which is sensible. --- data/installer/mozilla.cfg | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/data/installer/mozilla.cfg b/data/installer/mozilla.cfg index 7139e68..3aeed7a 100644 --- a/data/installer/mozilla.cfg +++ b/data/installer/mozilla.cfg @@ -25,3 +25,7 @@ lockPref("toolkit.startup.max_resumed_crashes", -1); // Set the security slider to "High" by default, if the fucking `defaultPref` // directive worked as advertised. But it doesn't appear to actually take. // defaultPref("extensions.torbutton.security_slider", 1); + +// Disable the `about:addons`->"Get Addons" pane because it is unsafe, and +// Mozilla gets "telemetery" using Google Analytics. +lockPref("extensions.getAddons.showPane", false);

1 0

[sandboxed-tor-browser/master] Bug 22910: Deprecate the volatile extension dir option.
by yawning＠torproject.org 14 Jul '17

14 Jul '17

commit 701c0656be16440203147eb0ea6104486bb77096 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Fri Jul 14 17:18:24 2017 +0000 Bug 22910: Deprecate the volatile extension dir option. Foot + gun options are bad, the "Get Addons" pane is force disabled via a locked pref by virtue of being Mozilla + Google botnet bullshit, and this commit also switches to an extension whitelist. --- ChangeLog | 1 + README.md | 2 +- data/installer/mozilla.cfg | 5 +-- data/ui/gtkui.ui | 42 ++-------------------- .../internal/sandbox/application.go | 22 +++++++++--- .../internal/sandbox/hugbox.go | 4 +++ .../internal/tor/surrogate.go | 16 --------- .../internal/ui/config/config.go | 14 -------- .../internal/ui/gtk/config.go | 25 ++++++------- 9 files changed, 39 insertions(+), 92 deletions(-) diff --git a/ChangeLog b/ChangeLog index c281169..2d7ee1a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,5 @@ Changes in version 0.0.11 - UNRELEASED: + * Bug 22910: Deprecate the volatile extension dir option. Changes in version 0.0.10 - 2017-07-12: * Bug 22829: Remove default obfs4 bridge riemann. diff --git a/README.md b/README.md index 6cad572..f5013d0 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Things that the sandbox breaks: * Audio (Unless allowed via the config) * DRI * X11 input methods (IBus requires access to the host D-Bus) - * Installing addons via the browser UI (Unless allowed via the config) + * Installing addons (Addons are whitelisted) * Tor Browser's updater (launcher handles keeping the bundle up to date) Places where the sandbox could be better: diff --git a/data/installer/mozilla.cfg b/data/installer/mozilla.cfg index 3aeed7a..64f0e60 100644 --- a/data/installer/mozilla.cfg +++ b/data/installer/mozilla.cfg @@ -26,6 +26,7 @@ lockPref("toolkit.startup.max_resumed_crashes", -1); // directive worked as advertised. But it doesn't appear to actually take. // defaultPref("extensions.torbutton.security_slider", 1); -// Disable the `about:addons`->"Get Addons" pane because it is unsafe, and -// Mozilla gets "telemetery" using Google Analytics. +// Disable the `about:addons`->"Get Addons" pane because it is unsafe, Mozilla +// gets "telemetery" using Google Analytics, and extensions are individually +// read-only bind mounted in, so it will not work at all. lockPref("extensions.getAddons.showPane", false); diff --git a/data/ui/gtkui.ui b/data/ui/gtkui.ui index c6cefb7..728fccb 100644 --- a/data/ui/gtkui.ui +++ b/data/ui/gtkui.ui @@ -628,42 +628,6 @@ </packing> </child> <child> - <object class="GtkBox"> - <property name="visible">True</property> - <property name="can_focus">False</property> - <property name="margin_bottom">6</property> - <child> - <object class="GtkLabel"> - <property name="visible">True</property> - <property name="can_focus">False</property> - <property name="halign">start</property> - <property name="label" translatable="yes">Modifiable Extensions (UNSAFE: Security, Anonymity)</property> - </object> - <packing> - <property name="expand">True</property> - <property name="fill">True</property> - <property name="position">0</property> - </packing> - </child> - <child> - <object class="GtkSwitch" id="volatileExtensionsSwitch"> - <property name="visible">True</property> - <property name="can_focus">True</property> - </object> - <packing> - <property name="expand">False</property> - <property name="fill">True</property> - <property name="position">1</property> - </packing> - </child> - </object> - <packing> - <property name="expand">False</property> - <property name="fill">True</property> - <property name="position">3</property> - </packing> - </child> - <child> <object class="GtkBox" id="downloadsDirBox"> <property name="visible">True</property> <property name="can_focus">False</property> @@ -698,7 +662,7 @@ <packing> <property name="expand">False</property> <property name="fill">True</property> - <property name="position">4</property> + <property name="position">3</property> </packing> </child> <child> @@ -736,7 +700,7 @@ <packing> <property name="expand">False</property> <property name="fill">True</property> - <property name="position">5</property> + <property name="position">4</property> </packing> </child> <child> @@ -773,7 +737,7 @@ <packing> <property name="expand">False</property> <property name="fill">True</property> - <property name="position">6</property> + <property name="position">5</property> </packing> </child> </object> diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go index 969c6af..4057b21 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go @@ -102,6 +102,7 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (pr realCachesDir := filepath.Join(realBrowserHome, cachesSubDir) realDesktopDir := filepath.Join(realBrowserHome, "Desktop") realDownloadsDir := filepath.Join(realBrowserHome, "Downloads") + realExtensionsDir := filepath.Join(realProfileDir, "extensions") // Ensure that the `Caches`, `Downloads` and `Desktop` mount points exist. if err = os.MkdirAll(realCachesDir, DirMode); err != nil { @@ -126,6 +127,7 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (pr cachesDir := filepath.Join(browserHome, cachesSubDir) downloadsDir := filepath.Join(browserHome, "Downloads") desktopDir := filepath.Join(browserHome, "Desktop") + extensionsDir := filepath.Join(profileDir, "extensions") // Filesystem stuff. h.roBind(cfg.BundleInstallDir, filepath.Join(h.homeDir, "sandboxed-tor-browser", "tor-browser"), false) @@ -135,10 +137,20 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (pr h.bind(realCachesDir, cachesDir, false) // XXX: Do I need this? h.roBind(filepath.Join(realProfileDir, "preferences"), filepath.Join(profileDir, "preferences"), false) h.chdir = browserHome - if !cfg.Sandbox.VolatileExtensionsDir { - // Unless overridden, the extensions directory should be mounted - // read-only. - h.roBind(filepath.Join(realProfileDir, "extensions"), filepath.Join(profileDir, "extensions"), false) + + // Explicitly bind mount the expected extensions in. + // + // If the Tor Browser developers ever decide to do something sensible like + // sign their XPI files, then the whitelist could be public key based, till + // then this may be somewhat fragile. + h.tmpfs(extensionsDir) + for _, extName := range []string{ + "{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi", // NoScript + "torbutton(a)torproject.org.xpi", + "https-everywhere-eff(a)eff.org.xpi", + "tor-launcher(a)torproject.org.xpi", + } { + h.roBind(filepath.Join(realExtensionsDir, extName), filepath.Join(extensionsDir, extName), false) } // Env vars taken from start-tor-browser. @@ -787,7 +799,7 @@ func (h *hugbox) appendRestrictedGtk2(hasAdwaita bool) ([]string, string, error) // and will warn if said subsystem is inaccessible. As the host D-Bus // is not, and likely will never be accesible from within the container, // attempt to suppress the warnings. - h.setenv("NO_AT_BRIDGE", "yes"); + h.setenv("NO_AT_BRIDGE", "yes") return gtkLibs, gtkLibPath, nil } diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go index dd2e51a..127af77 100644 --- a/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go +++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/hugbox.go @@ -157,6 +157,10 @@ func (h *hugbox) assetFile(dest, asset string) { h.file(dest, b) } +func (h *hugbox) tmpfs(dest string) { + h.args = append(h.args, "--tmpfs", dest) +} + func (h *hugbox) run() (*Process, error) { // Create the command struct for the sandbox. cmd := &exec.Cmd{ diff --git a/src/cmd/sandboxed-tor-browser/internal/tor/surrogate.go b/src/cmd/sandboxed-tor-browser/internal/tor/surrogate.go index 1d99431..546e8ab 100644 --- a/src/cmd/sandboxed-tor-browser/internal/tor/surrogate.go +++ b/src/cmd/sandboxed-tor-browser/internal/tor/surrogate.go @@ -35,7 +35,6 @@ import ( "cmd/sandboxed-tor-browser/internal/socks5" "cmd/sandboxed-tor-browser/internal/ui/config" - . "cmd/sandboxed-tor-browser/internal/utils" ) const ( @@ -140,8 +139,6 @@ type socksProxy struct { sNet, sAddr string tag string - allowAboutAddons bool - l net.Listener } @@ -193,18 +190,6 @@ func (p *socksProxy) handleConn(conn net.Conn) { return } - // Disallow `about:addons` unless the extensions directory is volatile, - // because regardless of what Mozilla PR says about respecting privacy, - // loading Google Analytics in a page that gets loaded as an IFRAME as - // part of an `about:` internal page, is anything but. - if host, _ := req.Addr.HostPort(); strings.ToLower(host) == aboutAddonsUnsafeHost { - if !p.allowAboutAddons { - Debugf("sandbox: Rejecting request to `%s`", aboutAddonsUnsafeHost) - req.Reply(socks5.ReplyConnectionNotAllowed) - return - } - } - // Append our isolation tag. if err := p.rewriteTag(conn, req); err != nil { req.Reply(socks5.ReplyGeneralFailure) @@ -262,7 +247,6 @@ func launchSocksProxy(cfg *config.Config, tor *Tor) (*socksProxy, error) { if err != nil { return nil, err } - p.allowAboutAddons = cfg.Sandbox.VolatileExtensionsDir go p.acceptLoop() diff --git a/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go b/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go index 332c4b5..6ab7749 100644 --- a/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go +++ b/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go @@ -200,11 +200,6 @@ type Sandbox struct { // host system DISPLAY from the env var will be used. Display string `json:"display,omitEmpty"` - // VolatileExtensionsDir mounts the extensions directorey read/write to - // allow the installation of addons. The addon auto-update mechanism is - // still left disabled. - VolatileExtensionsDir bool `json:"volatileExtensionsDir"` - // EnablePulseAudio enables access to the host PulseAudio daemon inside the // sandbox. EnablePulseAudio bool `json:"enablePulseAudio"` @@ -260,15 +255,6 @@ func (sb *Sandbox) SetEnableCircuitDisplay(b bool) { } } -// SetVolatileExtensionsDir sets the sandbox extension directory write enable -// and marks the config dirty. -func (sb *Sandbox) SetVolatileExtensionsDir(b bool) { - if sb.VolatileExtensionsDir != b { - sb.VolatileExtensionsDir = b - sb.cfg.isDirty = true - } -} - // SetDownloadsDir sets the sandbox `~/Downloads` bind mount source and marks // the config dirty. func (sb *Sandbox) SetDownloadsDir(s string) { diff --git a/src/cmd/sandboxed-tor-browser/internal/ui/gtk/config.go b/src/cmd/sandboxed-tor-browser/internal/ui/gtk/config.go index 36799e8..8a66706 100644 --- a/src/cmd/sandboxed-tor-browser/internal/ui/gtk/config.go +++ b/src/cmd/sandboxed-tor-browser/internal/ui/gtk/config.go @@ -60,16 +60,15 @@ type configDialog struct { torSystemIndicator *gtk3.Box // Sandbox config elements. - pulseAudioSwitch *gtk3.Switch - avCodecSwitch *gtk3.Switch - circuitDisplaySwitch *gtk3.Switch - volatileExtensionsSwitch *gtk3.Switch - displayBox *gtk3.Box - displayEntry *gtk3.Entry - downloadsDirBox *gtk3.Box - downloadsDirChooser *gtk3.FileChooserButton - desktopDirBox *gtk3.Box - desktopDirChooser *gtk3.FileChooserButton + pulseAudioSwitch *gtk3.Switch + avCodecSwitch *gtk3.Switch + circuitDisplaySwitch *gtk3.Switch + displayBox *gtk3.Box + displayEntry *gtk3.Entry + downloadsDirBox *gtk3.Box + downloadsDirChooser *gtk3.FileChooserButton + desktopDirBox *gtk3.Box + desktopDirChooser *gtk3.FileChooserButton } const proxySOCKS4 = "SOCKS 4" @@ -112,9 +111,9 @@ func (d *configDialog) loadFromConfig() { d.pulseAudioSwitch.SetActive(d.ui.Cfg.Sandbox.EnablePulseAudio) d.avCodecSwitch.SetActive(d.ui.Cfg.Sandbox.EnableAVCodec) d.circuitDisplaySwitch.SetActive(d.ui.Cfg.Sandbox.EnableCircuitDisplay) - d.volatileExtensionsSwitch.SetActive(d.ui.Cfg.Sandbox.VolatileExtensionsDir) if d.ui.Cfg.Sandbox.Display != "" { d.displayEntry.SetText(d.ui.Cfg.Sandbox.Display) + forceAdv = true } if d.ui.Cfg.Sandbox.DownloadsDir != "" { d.downloadsDirChooser.SetCurrentFolder(d.ui.Cfg.Sandbox.DownloadsDir) @@ -194,7 +193,6 @@ func (d *configDialog) onOk() error { d.ui.Cfg.Sandbox.SetEnablePulseAudio(d.pulseAudioSwitch.GetActive()) d.ui.Cfg.Sandbox.SetEnableAVCodec(d.avCodecSwitch.GetActive()) d.ui.Cfg.Sandbox.SetEnableCircuitDisplay(d.circuitDisplaySwitch.GetActive()) - d.ui.Cfg.Sandbox.SetVolatileExtensionsDir(d.volatileExtensionsSwitch.GetActive()) if s, err := d.displayEntry.GetText(); err != nil { return err } else { @@ -382,9 +380,6 @@ func (ui *gtkUI) initConfigDialog(b *gtk3.Builder) error { if d.circuitDisplaySwitch, err = getSwitch(b, "circuitDisplaySwitch"); err != nil { return err } - if d.volatileExtensionsSwitch, err = getSwitch(b, "volatileExtensionsSwitch"); err != nil { - return err - } if d.displayBox, err = getBox(b, "displayBox"); err != nil { return err }

1 0

[translation/exoneratorproperties] Update translations for exoneratorproperties
by translation＠torproject.org 14 Jul '17

14 Jul '17

commit a5431f516bfb11f884d9004c082c42718608c88a Author: Translation commit bot <translation(a)torproject.org> Date: Fri Jul 14 17:18:30 2017 +0000 Update translations for exoneratorproperties --- pl/exonerator.properties | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pl/exonerator.properties b/pl/exonerator.properties index 69636d8..7cb14e1 100644 --- a/pl/exonerator.properties +++ b/pl/exonerator.properties @@ -1,13 +1,13 @@ -form.explanation=Podaj adres IP oraz date, aby sprawdzić, czy dany adres został użyty jako jako przekaźnik przeglądarki Tor\: +form.explanation=Podaj adres IP oraz date, aby sprawdzić, czy dany adres został użyty jako jako przekaźnik przeglądarki Tor: form.ip.label=Adres IP form.timestamp.label=Data form.search.label=Szukaj summary.heading=Podsumowanie summary.serverproblem.dbnoconnect.title=Problem z serwerem -summary.serverproblem.dbnoconnect.body.text=Nie można połączyć się z bazą danych. Spróbuj ponownie później. Jeśli problem się utrzymuje, prosimy %s\! +summary.serverproblem.dbnoconnect.body.text=Nie można połączyć się z bazą danych. Spróbuj ponownie później. Jeśli problem się utrzymuje, prosimy %s! summary.serverproblem.dbnoconnect.body.link=powiadom nas summary.serverproblem.dbempty.title=Problem z serwerem -summary.serverproblem.dbempty.body.text=Baza danych zdaje się być pusta. Spróbuj ponownie później. Jeśli problem się pojawia się ponownie, prosimy %s\! +summary.serverproblem.dbempty.body.text=Baza danych zdaje się być pusta. Spróbuj ponownie później. Jeśli problem się pojawia się ponownie, prosimy %s! summary.serverproblem.dbempty.body.link=powiadom nas summary.invalidparams.notimestamp.title=Brak daty summary.invalidparams.notimestamp.body=Przepraszamy, musisz podać datę. @@ -20,10 +20,10 @@ summary.invalidparams.invalidip.body=Przepraszamy, adres IP %s jest błędny. Pr summary.invalidparams.invalidtimestamp.title=Niewłaściwa data summary.invalidparams.invalidtimestamp.body=Przepraszamy, data %s jest błędna. Prawidłowy format daty to %s. summary.serverproblem.nodata.title=Problem z serwerem -summary.serverproblem.nodata.body.text=Baza danych nie zawiera informacji z wybranego dnia. Spróbuj ponownie później. Jeśli problem się utrzymuje, prosimy %s\! +summary.serverproblem.nodata.body.text=Baza danych nie zawiera informacji z wybranego dnia. Spróbuj ponownie później. Jeśli problem się utrzymuje, prosimy %s! summary.serverproblem.nodata.body.link=powiadom nas summary.negativesamenetwork.title=Brak wyników -summary.negativesamenetwork.body=Nie odnaleziono adresu IP %s z przedziału do 24 godzin od %s, choć odnaleziono inne adresy IP będące przekaźnikami przeglądarki Tor w tej samej sieci /%d około tego przedziału\: +summary.negativesamenetwork.body=Nie odnaleziono adresu IP %s z przedziału do 24 godzin od %s, choć odnaleziono inne adresy IP będące przekaźnikami przeglądarki Tor w tej samej sieci /%d około tego przedziału: summary.positive.title=Wyniki summary.positive.body=Odnaleziono jeden lub więcej przekaźników przeglądarki Tor pod adresem IP %s w przedziale do 24 godzin od %s, o których użytkownicy przeglądarki prawdopodobnie wiedzieli. summary.negative.title=Brak wyników @@ -50,5 +50,5 @@ footer.aboutexonerator.body=The ExoneraTor service maintains a database of IP ad footer.trademark.text="Tor" i "Logo Onion" są %s Projektu Tor S.A. footer.trademark.link=Znaki towarowe. footer.language.name=English -footer.language.text=This page is also available in the following languages\: +footer.language.text=Ta strona jest także dostępna w poniższych językach:

1 0

[translation/tails-persistence-setup_completed] Update translations for tails-persistence-setup_completed
by translation＠torproject.org 14 Jul '17

14 Jul '17

commit 0e113e4dc6164b59ab73cfee96b3a95191c2fe58 Author: Translation commit bot <translation(a)torproject.org> Date: Fri Jul 14 17:15:47 2017 +0000 Update translations for tails-persistence-setup_completed --- pl/pl.po | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/pl/pl.po b/pl/pl.po index e2e8481..81df315 100644 --- a/pl/pl.po +++ b/pl/pl.po @@ -6,20 +6,21 @@ # Aron <aron.plotnikowski(a)cryptolab.net>, 2014 # bogdrozd <bog.d(a)gazeta.pl>, 2013 # Jakobus Buntownikus <buntownix(a)gmail.com>, 2016 +# No Ne, 2017 # sebx, 2013-2015 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers <tails(a)boum.org>\n" -"POT-Creation-Date: 2016-05-25 02:27+0200\n" -"PO-Revision-Date: 2016-06-06 08:15+0000\n" -"Last-Translator: carolyn <carolyn(a)anhalt.org>\n" +"POT-Creation-Date: 2017-05-15 13:51+0200\n" +"PO-Revision-Date: 2017-07-14 16:53+0000\n" +"Last-Translator: No Ne\n" "Language-Team: Polish (http://www.transifex.com/otf/torproject/language/pl/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Language: pl\n" -"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" +"Plural-Forms: nplurals=4; plural=(n==1 ? 0 : (n%10>=2 && n%10<=4) && (n%100<12 || n%100>14) ? 1 : n!=1 && (n%10>=0 && n%10<=1) || (n%10>=5 && n%10<=9) || (n%100>=12 && n%100<=14) ? 2 : 3);\n" #: ../lib/Tails/Persistence/Configuration/Presets.pm:48 msgid "Personal Data" @@ -54,12 +55,12 @@ msgid "Pidgin profiles and OTR keyring" msgstr "Zestaw kluczy OTR i profile Pidgina" #: ../lib/Tails/Persistence/Configuration/Presets.pm:88 -msgid "Icedove" -msgstr "Icedove" +msgid "Thunderbird" +msgstr "Thunderbird" #: ../lib/Tails/Persistence/Configuration/Presets.pm:90 -msgid "Icedove profiles and locally stored email" -msgstr "Profile Icedove oraz lokalnie trzymana poczta" +msgid "Thunderbird profiles and locally stored email" +msgstr "Profile Thunderbirda oraz lokalnie trzymana poczta" #: ../lib/Tails/Persistence/Configuration/Presets.pm:98 msgid "GNOME Keyring"

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits July 2017