February 2018 - tor-commits - lists.torproject.org

[tor/master] Merge remote-tracking branch 'dgoulet/ticket24902_029_05'
by nickm＠torproject.org 09 Feb '18

09 Feb '18

commit abdf2a6f7f400bf7769b701c79b51e51f1cc9e55 Merge: d9826b0a3 1a4fc9cdd Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Feb 9 12:08:12 2018 -0500 Merge remote-tracking branch 'dgoulet/ticket24902_029_05' src/common/address.c | 22 ++++++ src/common/address.h | 2 + src/common/address_set.c | 129 ++++++++++++++++++++++++++++++++ src/common/address_set.h | 35 +++++++++ src/common/include.am | 2 + src/or/dos.c | 9 +++ src/or/nodelist.c | 78 ++++++++++++++++++++ src/or/nodelist.h | 3 + src/test/include.am | 1 + src/test/test.c | 1 + src/test/test.h | 1 + src/test/test_address_set.c | 174 ++++++++++++++++++++++++++++++++++++++++++++ src/test/test_dos.c | 103 ++++++++++++++++++++++++++ 13 files changed, 560 insertions(+) diff --cc src/common/include.am index 1777f33ad,cb307e9d5..694528510 --- a/src/common/include.am +++ b/src/common/include.am @@@ -80,8 -80,8 +80,9 @@@ src_common_libor_ctime_testing_a_CFLAG LIBOR_A_SRC = \ src/common/address.c \ + src/common/address_set.c \ src/common/backtrace.c \ + src/common/buffers.c \ src/common/compat.c \ src/common/compat_threads.c \ src/common/compat_time.c \ @@@ -145,9 -136,8 +146,10 @@@ src_common_libor_event_testing_a_CFLAG COMMONHEADERS = \ src/common/address.h \ + src/common/address_set.h \ src/common/backtrace.h \ + src/common/buffers.h \ + src/common/buffers_tls.h \ src/common/aes.h \ src/common/ciphers.inc \ src/common/compat.h \ diff --cc src/or/nodelist.c index 17a50ca86,5a02648c5..391b31d68 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@@ -10,38 -10,11 +10,39 @@@ * \brief Structures and functions for tracking what we know about the routers * on the Tor network, and correlating information from networkstatus, * routerinfo, and microdescs. + * + * The key structure here is node_t: that's the canonical way to refer + * to a Tor relay that we might want to build a circuit through. Every + * node_t has either a routerinfo_t, or a routerstatus_t from the current + * networkstatus consensus. If it has a routerstatus_t, it will also + * need to have a microdesc_t before you can use it for circuits. + * + * The nodelist_t is a global singleton that maps identities to node_t + * objects. Access them with the node_get_*() functions. The nodelist_t + * is maintained by calls throughout the codebase + * + * Generally, other code should not have to reach inside a node_t to + * see what information it has. Instead, you should call one of the + * many accessor functions that works on a generic node_t. If there + * isn't one that does what you need, it's better to make such a function, + * and then use it. + * + * For historical reasons, some of the functions that select a node_t + * from the list of all usable node_t objects are in the routerlist.c + * module, since they originally selected a routerinfo_t. (TODO: They + * should move!) + * + * (TODO: Perhaps someday we should abstract the remaining ways of + * talking about a relay to also be node_t instances. Those would be + * routerstatus_t as used for directory requests, and dir_server_t as + * used for authorities and fallback directories.) */ +#define NODELIST_PRIVATE + #include "or.h" #include "address.h" + #include "address_set.h" #include "config.h" #include "control.h" #include "dirserv.h" @@@ -97,14 -64,9 +99,17 @@@ typedef struct nodelist_t smartlist_t *nodes; /* Hash table to map from node ID digest to node. */ HT_HEAD(nodelist_map, node_t) nodes_by_id; + /* Hash table to map from node Ed25519 ID to node. + * + * Whenever a node's routerinfo or microdescriptor is about to change, + * you should remove it from this map with node_remove_from_ed25519_map(). + * Whenever a node's routerinfo or microdescriptor has just chaned, + * you should add it to this map with node_add_to_ed25519_map(). + */ + HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id; + + /* Set of addresses that belong to nodes we believe in. */ + address_set_t *node_addrs; } nodelist_t; static inline unsigned int @@@ -423,14 -236,8 +472,16 @@@ nodelist_set_routerinfo(routerinfo_t *r dirserv_set_node_flags_from_authoritative_status(node, status); } + /* Setting the HSDir index requires the ed25519 identity key which can + * only be found either in the ri or md. This is why this is called here. + * Only nodes supporting HSDir=2 protocol version needs this index. */ + if (node->rs && node->rs->pv.supports_v3_hsdir) { + node_set_hsdir_index(node, + networkstatus_get_latest_consensus()); + } + + node_add_to_address_set(node); + return node; } @@@ -457,21 -264,14 +508,23 @@@ nodelist_add_microdesc(microdesc_t *md return NULL; node = node_get_mutable_by_id(rs->identity_digest); if (node) { + node_remove_from_ed25519_map(node); if (node->md) node->md->held_by_nodes--; + node->md = md; md->held_by_nodes++; + /* Setting the HSDir index requires the ed25519 identity key which can + * only be found either in the ri or md. This is why this is called here. + * Only nodes supporting HSDir=2 protocol version needs this index. */ + if (rs->pv.supports_v3_hsdir) { + node_set_hsdir_index(node, ns); + } + node_add_to_ed25519_map(node); } + node_add_to_address_set(node); + return node; } diff --cc src/or/nodelist.h index 0abdcd604,098f1d155..dc20eaf0a --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@@ -143,16 -125,7 +144,18 @@@ void router_dir_info_changed(void) const char *get_dir_info_status_string(void); int count_loading_descriptors_progress(void); +#ifdef NODELIST_PRIVATE + +#ifdef TOR_UNIT_TESTS + +STATIC void +node_set_hsdir_index(node_t *node, const networkstatus_t *ns); + +#endif /* defined(TOR_UNIT_TESTS) */ + +#endif /* defined(NODELIST_PRIVATE) */ + + MOCK_DECL(int, get_estimated_address_per_node, (void)); + -#endif +#endif /* !defined(TOR_NODELIST_H) */

1 0

[translation/tor-messenger-prefsdtd] Update translations for tor-messenger-prefsdtd
by translation＠torproject.org 09 Feb '18

09 Feb '18

commit c331b189dabf501c832ff607074e7555f35631de Author: Translation commit bot <translation(a)torproject.org> Date: Fri Feb 9 16:49:52 2018 +0000 Update translations for tor-messenger-prefsdtd --- ti/prefs.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ti/prefs.dtd b/ti/prefs.dtd index 2ae9c9c59..83e42d6f9 100644 --- a/ti/prefs.dtd +++ b/ti/prefs.dtd @@ -15,7 +15,7 @@ <!ENTITY prefs.generate "Generate"> <!ENTITY prefs.coniksConnection "Connection"> <!ENTITY prefs.coniksServerAddress "Server Address"> -<!ENTITY prefs.coniksServerPort "Port"> +<!ENTITY prefs.coniksServerPort "ፖርት"> <!ENTITY prefs.coniksAccountPolicy "Account Policy"> <!ENTITY prefs.coniksPoliciesForAccount "Policies for account:"> <!ENTITY prefs.coniksPrivateLookups "Private lookups">

1 0

[translation/tails-iuk] Update translations for tails-iuk
by translation＠torproject.org 09 Feb '18

09 Feb '18

commit f012463f37ae29e7ce532d01b0a6d8a823e1e08f Author: Translation commit bot <translation(a)torproject.org> Date: Fri Feb 9 16:17:58 2018 +0000 Update translations for tails-iuk --- ti.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ti.po b/ti.po index 6f1a4f0b7..b1d2ee08d 100644 --- a/ti.po +++ b/ti.po @@ -7,8 +7,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers <tails(a)boum.org>\n" -"POT-Creation-Date: 2016-05-25 16:55+0200\n" -"PO-Revision-Date: 2016-05-26 08:49+0000\n" +"POT-Creation-Date: 2017-04-18 12:13+0200\n" +"PO-Revision-Date: 2018-02-09 16:17+0000\n" "Last-Translator: carolyn <carolyn(a)anhalt.org>\n" "Language-Team: Tigrinya (http://www.transifex.com/otf/torproject/language/ti/)\n" "MIME-Version: 1.0\n" @@ -201,7 +201,7 @@ msgstr "" #: ../lib/Tails/IUK/Frontend.pm:614 msgid "Restart now" -msgstr "" +msgstr "ከም ሓዲሽ ጀምር" #: ../lib/Tails/IUK/Frontend.pm:615 msgid "Restart later"

1 0

[atlas/master] Hides the Guard and HSDir flags for bridges (Fixes: #24885)
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit 547380626fbb3831570b35e9ada7facbdcea7877 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu Feb 8 12:51:16 2018 +0000 Hides the Guard and HSDir flags for bridges (Fixes: #24885) --- js/models/relay.js | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/js/models/relay.js b/js/models/relay.js index 70cef1c..63ac0bf 100644 --- a/js/models/relay.js +++ b/js/models/relay.js @@ -10,7 +10,7 @@ define([ var relayModel = Backbone.Model.extend({ baseurl: 'https://onionoo.torproject.org', fingerprint: '', - parseflags: function(flags) { + parseflags: function(flags, is_bridge) { var output = []; var model = this; _.each(flags, function(flag) { @@ -25,10 +25,14 @@ define([ output.push([flag, "fast", "This relay is suitable for high-bandwidth circuits."]); } if (flag == "Guard") { - output.push([flag, "guard", "This relay is suitable for use as an entry guard."]); + if (!is_bridge) { + output.push([flag, "guard", "This relay is suitable for use as an entry guard."]); + } } if (flag == "HSDir") { - output.push([flag, "hsdir", "This relay is considered a v2 hidden service directory."]); + if (!is_bridge) { + output.push([flag, "hsdir", "This relay is considered a v2 hidden service directory."]); + } } if (flag == "NoEdConsensus") { output.push([flag, "noedconensus", "An Ed25519 key in the relay's descriptor or microdesriptor does not reflect authority consensus."]); @@ -230,7 +234,7 @@ define([ relay.transports = relay.transports ? relay.transports : null; relay.fingerprint = relay.hashed_fingerprint ? relay.hashed_fingerprint : relay.fingerprint; model.set({badexit: false}); - relay.flags = model.parseflags(relay.flags); + relay.flags = model.parseflags(relay.flags, relay.is_bridge); /* Synthetic Additional Flags */ var additional_flags = []

1 0

[atlas/master] Drop the cookiebar, it's been there a while
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit 44401665251830c95a7a2887c00e835f5c29fd48 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu Feb 8 12:58:30 2018 +0000 Drop the cookiebar, it's been there a while --- index.html | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/index.html b/index.html index 35760ac..9720c99 100644 --- a/index.html +++ b/index.html @@ -22,7 +22,6 @@  <script src="https://metrics.torproject.org/js/jquery-3.2.1.min.js"></script> - <script src="js/jquery.cookieBar.js"></script>  <link rel="stylesheet" href="css/bootstrap.min.css"> @@ -51,13 +50,6 @@ <div id="wrapper" style="display:none;"> - <div class="fixed-top cookie-message pt-1" style="background-color: #333; color: #eee;"> - <div style="padding: 10px;"> - Relay Search is the new name for Atlas. This rebranding is part of work aiming to merge this tool into the Tor Metrics website. No URLs have been changed at this time and we will implement redirects when the change does occur. Technical details may be found on the <a href="https://trac.torproject.org/projects/tor/ticket/23518">Tor Project bug tracker</a>. Hiding this message will result in a cookie being stored on your computer to prevent this message being shown again in the future. - <a class="btn btn-sm btn-warning cbc" style="color:black;" href="#">Hide</a> - </div> - </div> -  <nav class="navbar navbar-default navbar-secondary"> <div class="container-fluid"> @@ -163,9 +155,6 @@ </div>  <script> -$('.cookie-message').cookieBar({ closeButton: '.cbc' }); -</script> -<script> var require = { urlArgs: "v26" };

1 0

[atlas/master] Remove redundant checks for required fields (See: #24494)
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit fecc21244ba36ea233615bc601c222d4313d6913 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Fri Feb 9 15:46:04 2018 +0000 Remove redundant checks for required fields (See: #24494) --- js/models/relay.js | 3 --- 1 file changed, 3 deletions(-) diff --git a/js/models/relay.js b/js/models/relay.js index 63ac0bf..4984d65 100644 --- a/js/models/relay.js +++ b/js/models/relay.js @@ -187,7 +187,6 @@ define([ processRelay: function(options, model, relay) { relay.contact = relay.contact ? relay.contact : 'undefined'; relay.platform = relay.platform ? relay.platform : null; - relay.nickname = relay.nickname ? relay.nickname : "Unnamed"; relay.dir_address = relay.dir_address ? relay.dir_address : null; relay.exit_policy = relay.exit_policy ? relay.exit_policy : null; relay.exit_policy_summary = relay.exit_policy_summary ? relay.exit_policy_summary : null; @@ -219,7 +218,6 @@ define([ relay.host_name = relay.host_name ? relay.host_name : null; relay.country = relay.country ? relay.country.toLowerCase() : null; relay.countryname = relay.country ? CountryCodes[relay.country] : null; - relay.first_seen = relay.first_seen ? relay.first_seen : null; relay.age = relay.first_seen ? model.parsedate(relay.first_seen).hrfull : null; relay.new_relay = relay.first_seen ? model.is_new(relay.first_seen) : null; relay.uptime = relay.last_restarted ? model.parsedate(relay.last_restarted) : null; @@ -227,7 +225,6 @@ define([ relay.uptime_hrfull = relay.last_restarted ? relay.uptime.hrfull : null; relay.uptime = relay.last_restarted ? relay.uptime.millisecs : null; relay.last_restarted = relay.last_restarted ? relay.last_restarted : null; - relay.last_seen = relay.last_seen ? relay.last_seen : null; relay.downtime = relay.last_seen ? model.parsedate(relay.last_seen).hrfull : null; relay.as_number = relay.as_number ? relay.as_number : null; relay.as_name = relay.as_name ? relay.as_name : null;

1 0

[atlas/master] Bump cache breaker
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit 3237c627b09ce9bd76e126548a09866657aa952e Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Fri Feb 9 16:04:31 2018 +0000 Bump cache breaker --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 9720c99..70eb245 100644 --- a/index.html +++ b/index.html @@ -40,7 +40,7 @@ <script src="https://metrics.torproject.org/js/script.js"></script>  - <link rel="stylesheet" href="css/atlas.css?v26"> + <link rel="stylesheet" href="css/atlas.css?v27"> </head> @@ -156,7 +156,7 @@ <script> var require = { - urlArgs: "v26" + urlArgs: "v27" }; </script> <script data-main="js/main" src="js/libs/require/require.js"></script>

1 0

[atlas/master] Clarify bandwidth in search results is adv bw (Fixes: #25086)
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit 963d0f18921605c3f8789e14993957747927bf8c Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Fri Feb 9 15:47:50 2018 +0000 Clarify bandwidth in search results is adv bw (Fixes: #25086) --- templates/search/do.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/search/do.html b/templates/search/do.html index 5908e80..62aa19e 100644 --- a/templates/search/do.html +++ b/templates/search/do.html @@ -56,7 +56,7 @@ <tr> <th></th> <th>Nickname<sup>&dagger;</sup></th> - <th>Bandwidth</th> + <th>Advertised Bandwidth</th> <th>Uptime</th> <th>Country</th> <th>IPv4</th>

1 0

[atlas/master] Adds the version field to the details page (Fixes: #24974)
by irl＠torproject.org 09 Feb '18

09 Feb '18

commit 94c6afcb1e4b2bcca38d9e6c4ba914d182dbc99a Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Fri Feb 9 15:57:29 2018 +0000 Adds the version field to the details page (Fixes: #24974) --- templates/details/router.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/templates/details/router.html b/templates/details/router.html index a10f7e7..4842987 100644 --- a/templates/details/router.html +++ b/templates/details/router.html @@ -166,6 +166,9 @@ <dt><span class="tip" title="What OS and Tor version the relay is using">Platform</span></dt> <dd><%= _.escape(relay.get('platform')) %></dd> + <dt><span class="tip" title="Tor version as seen in the consensus (used to determine whether or not this relay runs a recommended version of tor)">Version</span></dt> + <dd><%= _.escape(relay.get('version')) %></dd> + </dl> </div> </div>

1 0

[torspec/master] Merge prop278 (compression) into dir-spec.
by nickm＠torproject.org 09 Feb '18

09 Feb '18

commit 1cb56afdc1e55e303e3e6b69e90d983ee217d93f Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Jan 24 12:48:12 2018 -0500 Merge prop278 (compression) into dir-spec. --- dir-spec.txt | 34 ++++++++++++++++------ proposals/000-index.txt | 4 +-- ...78-directory-compression-scheme-negotiation.txt | 2 +- 3 files changed, 28 insertions(+), 12 deletions(-) diff --git a/dir-spec.txt b/dir-spec.txt index 2f4a766..c68918e 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -3623,8 +3623,27 @@ 6.1. HTTP headers - Servers MAY set the Content-Length: header. Servers SHOULD set - Content-Encoding to "deflate" or "identity". + Servers SHOULD set Content-Encoding to the algorithm used to compress the + document(s) being served. Recognized algorithms are: + - "identity" -- RFC2616 section 3.5 + - "deflate" -- RFC2616 section 3.5 + - "gzip" -- RFC2616 section 3.5 + - "x-zstd" -- The zstandard compression algorithm (www.zstd.net) + - "x-tor-lzma" -- The lzma compression algorithm, with a "preset" + value no higher than 6. + + Clients SHOULD use Accept-Encoding to indicate which of the above + compression algorithms they support. If they omit it (as Tor clients + did before 0.3.1.1-alpha), then the server should serve only "deflate" + or "identity" encoded documents, based on the presence or absence of + the ".z" suffix on the requested URL. + + When receiving multiple documents, clients MUST accept compressed + concatenated documents and concatenated compressed documents as + equivalent. + + Servers MAY set the Content-Length: header. When they do, it should + match the number of compressed bytes that they are sending. Servers MAY include an X-Your-Address-Is: header, whose value is the apparent IP address of the client connecting to them (as a dotted quad). @@ -3780,13 +3799,10 @@ B. General-use HTTP URLs three classes of URLs. Caches may support them, and MUST support them if they have advertised "caches-extra-info".) - For debugging, directories SHOULD expose non-compressed objects at URLs like - the above, but without the final ".z". - Clients MUST handle compressed concatenated information in two forms: - - A concatenated list of zlib-compressed objects. - - A zlib-compressed concatenated list of objects. - Directory servers MAY generate either format: the former requires less - CPU, but the latter requires less bandwidth. + For debugging, directories SHOULD expose non-compressed objects at + URLs like the above, but without the final ".z". If the client uses + Accept-Encodings header, it should override the presence or absence + of the ".z" (see section 6.1). Clients SHOULD use upper case letters (A-F) when base16-encoding fingerprints. Servers MUST accept both upper and lower case fingerprints diff --git a/proposals/000-index.txt b/proposals/000-index.txt index 8506966..7cfde0f 100644 --- a/proposals/000-index.txt +++ b/proposals/000-index.txt @@ -198,7 +198,7 @@ Proposals by number: 275 Stop including meaningful "published" time in microdescriptor consensus [OPEN] 276 Report bandwidth with lower granularity in consensus documents [OPEN] 277 Detect multiple relay instances running with same ID [OPEN] -278 Directory Compression Scheme Negotiation [FINISHED] +278 Directory Compression Scheme Negotiation [CLOSED] 279 A Name System API for Tor Onion Services [DRAFT] 280 Privacy-Preserving Statistics with Privcount in Tor [SUPERSEDED] 281 Downloading microdescriptors in bulk [DRAFT] @@ -287,7 +287,6 @@ Proposals by status: 217 Tor Extended ORPort Authentication [for 0.2.5.x] 232 Pluggable Transport through SOCKS proxy [in 0.2.6] 260 Rendezvous Single Onion Services [in 0.2.9.3-alpha] - 278 Directory Compression Scheme Negotiation [in 0.3.1.1-alpha] 284 Hidden Service v3 Control Port CLOSED: 101 Voting on the Tor Directory System [in 0.2.0.x] @@ -368,6 +367,7 @@ Proposals by status: 271 Another algorithm for guard selection [in 0.3.0.1-alpha] 272 Listed routers should be Valid, Running, and treated as such [in 0.2.9.3-alpha, 0.2.9.4-alpha] 274 Rotate onion keys less frequently [in 0.3.1.1-alpha] + 278 Directory Compression Scheme Negotiation [in 0.3.1.1-alpha] SUPERSEDED: 112 Bring Back Pathlen Coin Weight 113 Simplifying directory authority administration diff --git a/proposals/278-directory-compression-scheme-negotiation.txt b/proposals/278-directory-compression-scheme-negotiation.txt index 4630bc4..6f509fc 100644 --- a/proposals/278-directory-compression-scheme-negotiation.txt +++ b/proposals/278-directory-compression-scheme-negotiation.txt @@ -2,7 +2,7 @@ Filename: 278-directory-compression-scheme-negotiation.txt Title: Directory Compression Scheme Negotiation Author: Alexander Færøy Created: 2017-03-06 -Status: Finished +Status: Closed Implemented-In: 0.3.1.1-alpha 0. Overview

1 0