April 2018 - tor-commits - lists.torproject.org

[tor/master] Edit our openssl detection in autoconf to tolerate no-deprecated.
by nickm＠torproject.org 30 Apr '18

30 Apr '18

commit 8e562874a42a1a3eb982ba2df3ff1f3860db0d31 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Mar 5 15:34:04 2018 -0500 Edit our openssl detection in autoconf to tolerate no-deprecated. When openssl is built with no-deprecated, the TLSv1_1_method() function isn't visible in the headers. That's sad, because that method is what we were looking at. Instead, we now look at SSL_CIPHER_get_id(), which is present in OpenSSL 1.0.1 and later, which … [View More]

1 0

[tor/master] Add support for openssl built with "no-deprecated".
by nickm＠torproject.org 30 Apr '18

30 Apr '18

commit a15b2c57e1f901c531a5f063513a541adb418ae1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Apr 18 12:31:24 2018 -0400 Add support for openssl built with "no-deprecated". Patch from Andrew John Hughes; partial fix for 19981. --- src/common/aes.c | 4 ++++ src/common/crypto.c | 16 ++++++++++++++++ src/common/tortls.c | 15 +++++++++++++++ 3 files changed, 35 insertions(+) diff --git a/src/common/aes.c b/src/common/aes.c index 5d0841dfa..95737cffc 100644 … [View More]--- a/src/common/aes.c +++ b/src/common/aes.c @@ -116,7 +116,11 @@ aes_cipher_free_(aes_cnt_cipher_t *cipher_) if (!cipher_) return; EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_; +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + EVP_CIPHER_CTX_reset(cipher); +#else EVP_CIPHER_CTX_cleanup(cipher); +#endif EVP_CIPHER_CTX_free(cipher); } void diff --git a/src/common/crypto.c b/src/common/crypto.c index 9fcd17742..c98a96875 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -43,6 +43,7 @@ DISABLE_GCC_WARNING(redundant-decls) #include <openssl/dh.h> #include <openssl/conf.h> #include <openssl/hmac.h> +#include <openssl/ssl.h> ENABLE_GCC_WARNING(redundant-decls) @@ -204,8 +205,15 @@ crypto_early_init(void) crypto_early_initialized_ = 1; +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | + OPENSSL_INIT_LOAD_CRYPTO_STRINGS | + OPENSSL_INIT_ADD_ALL_CIPHERS | + OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); +#else ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); +#endif setup_openssl_threading(); @@ -1660,11 +1668,15 @@ memwipe(void *mem, uint8_t byte, size_t sz) int crypto_global_cleanup(void) { +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) EVP_cleanup(); +#endif #ifndef NEW_THREAD_API ERR_remove_thread_state(NULL); #endif +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) ERR_free_strings(); +#endif if (dh_param_p) BN_clear_free(dh_param_p); @@ -1676,11 +1688,15 @@ crypto_global_cleanup(void) dh_param_p = dh_param_p_tls = dh_param_g = NULL; #ifndef DISABLE_ENGINES +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) ENGINE_cleanup(); #endif +#endif CONF_modules_unload(1); +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) CRYPTO_cleanup_all_ex_data(); +#endif crypto_openssl_free_all(); diff --git a/src/common/tortls.c b/src/common/tortls.c index 05e29e22f..23bcd8528 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -56,10 +56,21 @@ ENABLE_GCC_WARNING(redundant-decls) #include "container.h" #include <string.h> +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#define X509_get_notBefore_const(cert) \ + X509_get0_notBefore(cert) +#define X509_get_notAfter_const(cert) \ + X509_get0_notAfter(cert) +#define X509_get_notBefore(cert) \ + X509_getm_notBefore(cert) +#define X509_get_notAfter(cert) \ + X509_getm_notAfter(cert) +#else #define X509_get_notBefore_const(cert) \ ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert)) #define X509_get_notAfter_const(cert) \ ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert)) +#endif /* Copied from or.h */ #define LEGAL_NICKNAME_CHARACTERS \ @@ -355,8 +366,12 @@ tor_tls_init(void) check_no_tls_errors(); if (!tls_library_is_initialized) { +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); +#else SSL_library_init(); SSL_load_error_strings(); +#endif #if (SIZEOF_VOID_P >= 8 && \ OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1)) [View Less]

1 0

[tor/master] Only define X509_get_not{BeforeAfter} if they are not defined
by nickm＠torproject.org 30 Apr '18

30 Apr '18

commit d6a773f57d7d91e9a98444b048ed779120f14dfd Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Apr 27 12:55:52 2018 -0400 Only define X509_get_not{BeforeAfter} if they are not defined (The originally submitted version of a15b2c57e1f901c531 broke with OpenSSL 1.1.0.) --- src/common/tortls.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index 23bcd8528..cd236363f 100644 --- a/src/common/… [View More]

1 0

[tor/master] Merge remote-tracking branch 'github/ticket19429_034'
by nickm＠torproject.org 30 Apr '18

30 Apr '18

commit a9736f1f3800a7f10de72c6c847e48a502dd5643 Merge: cb0af6157 d6a773f57 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Apr 30 09:41:33 2018 -0400 Merge remote-tracking branch 'github/ticket19429_034' changes/feature19429 | 5 +++++ configure.ac | 15 ++++++++++++--- src/common/aes.c | 4 ++++ src/common/crypto.c | 16 ++++++++++++++++ src/common/tortls.c | 19 +++++++++++++++++++ src/test/test_tortls.c | 41 ++++++++++++++++++++++------------… [View More]

1 0

[translation/support-tormessenger_completed] Update translations for support-tormessenger_completed
by translation＠torproject.org 30 Apr '18

30 Apr '18

commit 56824fed9700d9a6a3475961a483f3ba323b22f3 Author: Translation commit bot <translation(a)torproject.org> Date: Mon Apr 30 11:50:44 2018 +0000 Update translations for support-tormessenger_completed --- bn_BD.json | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/bn_BD.json b/bn_BD.json new file mode 100644 index 000000000..c9d4fbf9a --- /dev/null +++ b/bn_BD.json @@ -0,0 +1,20 @@ +{ + "messenger-1": { + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-1", + "… [View More]control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-1", + "title": "àŠàŠ° àŠªà§àŠ°àŠàŠ²à§àŠª àŠàŠ¿ àŠ¬à§àŠ¯àŠà§àŠ€àŠ¿àŠàŠ€ àŠà§àŠ¯àŠŸàŠà§àŠ° àŠàŠšà§àŠ¯ àŠàŠàŠàŠ¿ àŠà§àŠ¯àŠŸàŠªà§àŠ²àŠ¿àŠà§àŠ¶àŠš àŠ€à§àŠ°àŠ¿ àŠàŠ°à§?", + "description": "àŠ¹à§àŠ¯àŠŸàŠ! àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°, àŠ¯àŠŠàŠ¿àŠ àŠàŠàŠšàŠ àŠ¬àŠ¿àŠàŠŸàŠ€à§ àŠ°àŠ¯àŠŒà§àŠà§, àŠàŠàŠàŠ¿ àŠà§àŠ°àŠž-àŠªà§àŠ²à§àŠ¯àŠŸàŠàŠ«àŠ°à§àŠ® àŠà§àŠ¯àŠŸàŠ àŠªà§àŠ°à§àŠà§àŠ°àŠŸàŠ® àŠ¯àŠŸ àŠ¡àŠ¿àŠ«àŠ²à§àŠàŠàŠŸàŠ¬à§ àŠšàŠ¿àŠ°àŠŸàŠªàŠŠ àŠ¹àŠàŠ¯àŠŒàŠŸ àŠàŠ¬àŠ àŠàŠ° àŠàŠ° àŠàŠªàŠ° àŠ€àŠŸàŠ° àŠžàŠ®àŠžà§àŠ€ àŠà§àŠ°àŠŸàŠ«àŠ¿àŠ àŠªà§àŠ°à§àŠ°àŠ£ àŠàŠ°à§à¥€ àŠàŠàŠ¿ àŠàŠà§àŠžàŠàŠ®àŠªàŠ¿àŠªàŠ¿, àŠàŠàŠàŠ°àŠžàŠ¿, àŠà§àŠàŠàŠŸàŠ° àŠàŠ¬àŠ àŠàŠšà§àŠ¯àŠŸàŠšà§àŠ¯ àŠžàŠ¹ àŠ¬àŠ¿àŠàŠ¿àŠšà§àŠš àŠ§àŠ°àŠšà§àŠ° àŠªàŠ°àŠ¿àŠ¬àŠ¹àŠš àŠšà§àŠàŠàŠ¯àŠŒàŠŸàŠ°à§àŠàŠà§ àŠžàŠ®àŠ°à§àŠ¥àŠš àŠàŠ°à§; àŠžà§àŠ¬àŠ¯àŠŒàŠàŠà§àŠ°àŠ¿àŠ¯àŠŒàŠàŠŸàŠ¬à§ àŠàŠ«-àŠŠà§àŠ¯-àŠ°à§àŠàŠ°à§àŠ¡ (OTR) àŠ®à§àŠžà§àŠàŠ¿àŠ àŠžàŠà§àŠ·àŠ® àŠàŠ°à§; àŠàŠ° àŠàŠàŠàŠ¿ àŠžàŠ¹àŠ-àŠ¬à§àŠ¯àŠ¬àŠ¹àŠŸàŠ° àŠà§àŠ°àŠŸàŠ«àŠ¿àŠàŠŸàŠ² àŠàŠàŠàŠŸàŠ° àŠàŠšà§àŠàŠŸàŠ°àŠ«à§àŠž àŠàŠà§; àŠàŠ¬àŠ àŠàŠàŠ¿ àŠàŠàŠà Š¿ àŠžà§àŠ°àŠà§àŠ·àŠ¿àŠ€ àŠžà§àŠ¬àŠ¯àŠŒàŠàŠà§àŠ°àŠ¿àŠ¯àŠŒ àŠàŠªàŠ¡à§àŠàŠàŠŸàŠ°à§à¥€àŠàŠ°àŠ àŠ€àŠ¥à§àŠ¯à§àŠ° àŠàŠšà§àŠ¯ àŠàŠ <a href=\"https://blog.torproject.org/category/tags/tor-messenger\">àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠ¬à§àŠ²àŠ àŠªà§àŠžà§àŠ àŠŠà§àŠà§àŠšà¥€" + }, + "messenger-2": { + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-2", + "control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-2", + "title": "àŠàŠ°à§àŠž àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠà§àŠš àŠªà§àŠ²à§àŠ¯àŠŸàŠàŠ«àŠ°à§àŠ®àŠà§àŠ²àŠ¿àŠ€à§ àŠàŠªàŠ²àŠ¬à§àŠ§ ?", + "description": "àŠàŠ° àŠ®à§àŠ¯àŠŸàŠžà§àŠà§àŠàŠŸàŠ° (àŠ¬àŠ¿àŠàŠŸ) àŠ¬àŠ°à§àŠ€àŠ®àŠŸàŠšà§ àŠ²àŠ¿àŠšàŠŸàŠà§àŠž, àŠàŠàŠšà§àŠ¡à§àŠ àŠàŠ¬àŠ àŠàŠàŠžàŠàŠà§àŠž àŠ àŠàŠªàŠ²àŠ¬à§àŠ§à¥€" + }, + "messenger-3": { + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° -3", + "control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° -3", + "title": "àŠàŠ®àŠ¿ àŠàŠ° àŠ®à§àŠ¯àŠŸàŠžà§àŠà§àŠàŠŸàŠ° àŠà§àŠ¥àŠŸàŠ¯àŠŒ àŠ¡àŠŸàŠàŠšàŠ²à§àŠ¡ àŠàŠ°àŠ€à§ àŠªàŠŸàŠ°àŠ¿?", + "description": "àŠ¯àŠŠàŠ¿àŠ àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠ¬àŠ¿àŠàŠŸàŠ€à§ àŠ°àŠ¯àŠŒà§ àŠà§àŠà§, àŠžàŠ°à§àŠ¬àŠ¶à§àŠ· àŠ¡àŠŸàŠàŠšàŠ²à§àŠ¡àŠà§àŠ²àŠ¿ àŠàŠ®àŠŸàŠŠà§àŠ° àŠàŠàŠàŠ¿àŠ€à§ àŠªàŠŸàŠàŠ¯àŠŒàŠŸ àŠ¯à§àŠ€à§ àŠªàŠŸàŠ°à§à¥€" + } +} [View Less]

1 0

[translation/support-tormessenger] Update translations for support-tormessenger
by translation＠torproject.org 30 Apr '18

30 Apr '18

commit d5ff4808454fb2b4b943489ebbb6ecc5cb3ef837 Author: Translation commit bot <translation(a)torproject.org> Date: Mon Apr 30 11:50:40 2018 +0000 Update translations for support-tormessenger --- bn_BD.json | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/bn_BD.json b/bn_BD.json index bbad42d5c..c9d4fbf9a 100644 --- a/bn_BD.json +++ b/bn_BD.json @@ -1,20 +1,20 @@ { "messenger-1": { - "id": "#messenger-1", - "control": "messenger-… [View More]1", - "title": "Does Tor Project make an application for private chat?", - "description": "Yes! Tor Messenger, though still in beta, is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor. It supports a wide variety of transport networks, including XMPP, IRC, Twitter, and others; enables Off-the-Record (OTR) Messaging automatically; has an easy-to-use graphical user interface; and a secure automatic updater.See this <a href=\"https://blog.torproject.org/category/tags/tor-messenger\">Tor Messenger blog post</a> for more information." + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-1", + "control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-1", + "title": "àŠàŠ° àŠªà§àŠ°àŠàŠ²à§àŠª àŠàŠ¿ àŠ¬à§àŠ¯àŠà§àŠ€àŠ¿àŠàŠ€ àŠà§àŠ¯àŠŸàŠà§àŠ° àŠàŠšà§àŠ¯ àŠàŠàŠàŠ¿ àŠà§àŠ¯àŠŸàŠªà§àŠ²àŠ¿àŠà§àŠ¶àŠš àŠ€à§àŠ°àŠ¿ àŠàŠ°à§?", + "description": "àŠ¹à§àŠ¯àŠŸàŠ! àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°, àŠ¯àŠŠàŠ¿àŠ àŠàŠàŠšàŠ àŠ¬àŠ¿àŠàŠŸàŠ€à§ àŠ°àŠ¯àŠŒà§àŠà§, àŠàŠàŠàŠ¿ àŠà§àŠ°àŠž-àŠªà§àŠ²à§àŠ¯àŠŸàŠàŠ«àŠ°à§àŠ® àŠà§àŠ¯àŠŸàŠ àŠªà§àŠ°à§àŠà§àŠ°àŠŸàŠ® àŠ¯àŠŸ àŠ¡àŠ¿àŠ«àŠ²à§àŠàŠàŠŸàŠ¬à§ àŠšàŠ¿àŠ°àŠŸàŠªàŠŠ àŠ¹àŠàŠ¯àŠŒàŠŸ àŠàŠ¬àŠ àŠàŠ° àŠàŠ° àŠàŠªàŠ° àŠ€àŠŸàŠ° àŠžàŠ®àŠžà§àŠ€ àŠà§àŠ°àŠŸàŠ«àŠ¿àŠ àŠªà§àŠ°à§àŠ°àŠ£ àŠàŠ°à§à¥€ àŠàŠàŠ¿ àŠàŠà§àŠžàŠàŠ®àŠªàŠ¿àŠªàŠ¿, àŠàŠàŠàŠ°àŠžàŠ¿, àŠà§àŠàŠàŠŸàŠ° àŠàŠ¬àŠ àŠàŠšà§àŠ¯àŠŸàŠšà§àŠ¯ àŠžàŠ¹ àŠ¬àŠ¿àŠàŠ¿àŠšà§àŠš àŠ§àŠ°àŠšà§àŠ° àŠªàŠ°àŠ¿àŠ¬àŠ¹àŠš àŠšà§àŠàŠàŠ¯àŠŒàŠŸàŠ°à§àŠàŠà§ àŠžàŠ®àŠ°à§àŠ¥àŠš àŠàŠ°à§; àŠžà§àŠ¬àŠ¯àŠŒàŠàŠà§àŠ°àŠ¿àŠ¯àŠŒàŠàŠŸàŠ¬à§ àŠàŠ«-àŠŠà§àŠ¯-àŠ°à§àŠàŠ°à§àŠ¡ (OTR) àŠ®à§àŠžà§àŠàŠ¿àŠ àŠžàŠà§àŠ·àŠ® àŠàŠ°à§; àŠàŠ° àŠàŠàŠàŠ¿ àŠžàŠ¹àŠ-àŠ¬à§àŠ¯àŠ¬àŠ¹àŠŸàŠ° àŠà§àŠ°àŠŸàŠ«àŠ¿àŠàŠŸàŠ² àŠàŠàŠàŠŸàŠ° àŠàŠšà§àŠàŠŸàŠ°àŠ«à§àŠž àŠàŠà§; àŠàŠ¬àŠ àŠàŠàŠ¿ àŠàŠàŠà Š¿ àŠžà§àŠ°àŠà§àŠ·àŠ¿àŠ€ àŠžà§àŠ¬àŠ¯àŠŒàŠàŠà§àŠ°àŠ¿àŠ¯àŠŒ àŠàŠªàŠ¡à§àŠàŠàŠŸàŠ°à§à¥€àŠàŠ°àŠ àŠ€àŠ¥à§àŠ¯à§àŠ° àŠàŠšà§àŠ¯ àŠàŠ <a href=\"https://blog.torproject.org/category/tags/tor-messenger\">àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠ¬à§àŠ²àŠ àŠªà§àŠžà§àŠ àŠŠà§àŠà§àŠšà¥€" }, "messenger-2": { - "id": "#messenger-2", - "control": "messenger-2", - "title": "What platforms is Tor Messenger available on?", - "description": "Tor Messenger (beta) is currently available on Linux, Windows, and OSX." + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-2", + "control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ°-2", + "title": "àŠàŠ°à§àŠž àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠà§àŠš àŠªà§àŠ²à§àŠ¯àŠŸàŠàŠ«àŠ°à§àŠ®àŠà§àŠ²àŠ¿àŠ€à§ àŠàŠªàŠ²àŠ¬à§àŠ§ ?", + "description": "àŠàŠ° àŠ®à§àŠ¯àŠŸàŠžà§àŠà§àŠàŠŸàŠ° (àŠ¬àŠ¿àŠàŠŸ) àŠ¬àŠ°à§àŠ€àŠ®àŠŸàŠšà§ àŠ²àŠ¿àŠšàŠŸàŠà§àŠž, àŠàŠàŠšà§àŠ¡à§àŠ àŠàŠ¬àŠ àŠàŠàŠžàŠàŠà§àŠž àŠ àŠàŠªàŠ²àŠ¬à§àŠ§à¥€" }, "messenger-3": { - "id": "#messenger-3", - "control": "messenger-3", - "title": "Where can I download Tor Messenger?", - "description": "While the Tor Messenger remains in beta, the latest downloads can be found on our wiki." + "id": "# àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° -3", + "control": "àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° -3", + "title": "àŠàŠ®àŠ¿ àŠàŠ° àŠ®à§àŠ¯àŠŸàŠžà§àŠà§àŠàŠŸàŠ° àŠà§àŠ¥àŠŸàŠ¯àŠŒ àŠ¡àŠŸàŠàŠšàŠ²à§àŠ¡ àŠàŠ°àŠ€à§ àŠªàŠŸàŠ°àŠ¿?", + "description": "àŠ¯àŠŠàŠ¿àŠ àŠàŠ° àŠ®à§àŠžà§àŠà§àŠàŠŸàŠ° àŠ¬àŠ¿àŠàŠŸàŠ€à§ àŠ°àŠ¯àŠŒà§ àŠà§àŠà§, àŠžàŠ°à§àŠ¬àŠ¶à§àŠ· àŠ¡àŠŸàŠàŠšàŠ²à§àŠ¡àŠà§àŠ²àŠ¿ àŠàŠ®àŠŸàŠŠà§àŠ° àŠàŠàŠàŠ¿àŠ€à§ àŠªàŠŸàŠàŠ¯àŠŒàŠŸ àŠ¯à§àŠ€à§ àŠªàŠŸàŠ°à§à¥€" } } [View Less]

1 0

[translation/https_everywhere_completed] Update translations for https_everywhere_completed
by translation＠torproject.org 30 Apr '18

30 Apr '18

commit 295df72bf8a07857331db1b11988660a4abcdf0e Author: Translation commit bot <translation(a)torproject.org> Date: Mon Apr 30 11:45:38 2018 +0000 Update translations for https_everywhere_completed --- bn_BD/https-everywhere.dtd | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/bn_BD/https-everywhere.dtd b/bn_BD/https-everywhere.dtd index d5743c504..b1a921f84 100644 --- a/bn_BD/https-everywhere.dtd +++ b/bn_BD/https-everywhere.dtd @@ -2,6 +2,7 @@ <!ENTITY https-… [View More]

1 0

[translation/https_everywhere] Update translations for https_everywhere
by translation＠torproject.org 30 Apr '18

30 Apr '18

commit 38a78ce0b043a20586ce17753e2d0a56f21afc1b Author: Translation commit bot <translation(a)torproject.org> Date: Mon Apr 30 11:45:29 2018 +0000 Update translations for https_everywhere --- bn_BD/https-everywhere.dtd | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/bn_BD/https-everywhere.dtd b/bn_BD/https-everywhere.dtd index b01702858..b1a921f84 100644 --- a/bn_BD/https-everywhere.dtd +++ b/bn_BD/https-everywhere.dtd @@ -2,7 +2,7 @@ <!ENTITY … [View More]https-everywhere.about.ext_name "সর্বত্র HTTPS"> <!ENTITY https-everywhere.about.ext_description "ওয়েব এনক্রিপ্ট! অনেক সাইটগুলিতে স্বয়ংক্রিয়ভাবে HTTPS নিরাপত্তা ব্যবহার করুন"> <!ENTITY https-everywhere.about.version "সংস্করণ"> -<!ENTITY https-everywhere.about.rulesets_version "Rulesets version for"> +<!ENTITY https-everywhere.about.rulesets_version "নিয়মাবলী সংস্করণ জন্য"> <!ENTITY https-everywhere.about.add_new_rule "নতুন নিয়ম যোগ করুন"> <!ENTITY https-everywhere.menu.donate_eff_imperative "ইএফএফকে দান করুন"> @@ -13,12 +13,12 @@ <!ENTITY https-everywhere.menu.viewAllRules "সমস্ত নিয়ম দেখুন"> <!ENTITY https-everywhere.options.generalSettings "সাধারণ সেটিংস"> -<!ENTITY https-everywhere.options.advancedSettings "Advanced Settings"> +<!ENTITY https-everywhere.options.advancedSettings "উন্নত সেটিংস"> <!ENTITY https-everywhere.options.importSettings "সেটিংস আমদানি করুন"> <!ENTITY https-everywhere.options.import "আমদানি"> -<!ENTITY https-everywhere.options.enableMixedRulesets "Enable mixed content rulesets"> -<!ENTITY https-everywhere.options.showDevtoolsTab "Show Devtools tab"> -<!ENTITY https-everywhere.options.autoUpdateRulesets "Auto-update rulesets"> +<!ENTITY https-everywhere.options.enableMixedRulesets "মিশ্র কন্টেন্ট/বিষয়বস্তু নিয়মাবলী সক্ষম করুন"> +<!ENTITY https-everywhere.options.showDevtoolsTab "Devtools ট্যাব দেখান"> +<!ENTITY https-everywhere.options.autoUpdateRulesets "স্বয়ংক্রিয় আপডেট নিয়মাবলী"> <!ENTITY https-everywhere.options.imported "আপনার সেটিংস আমদানি করা হয়েছে।"> <!ENTITY https-everywhere.prefs.export_settings "সেটিংস রপ্তানি করুন"> [View Less]

1 0

[tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, r=nalexander
by gk＠torproject.org 30 Apr '18

30 Apr '18

commit e53935623c1da11a7b327542667dba32ddd95017 Author: Eugen Sawin <esawin(a)mozilla.com> Date: Tue Apr 24 19:09:24 2018 -0300 Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, r=nalexander --HG-- extra : rebase_source : 1f764df3309b3641f124915b1a1204afbbd8354a --- mobile/android/base/java/org/mozilla/gecko/IntentHelper.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java b/… [View More]

1 0

[tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1416940; r=snorp
by gk＠torproject.org 30 Apr '18

30 Apr '18

commit 5bdd0416f089ddaab4d14e63b7cd35bf51a2035b Author: Jim Chen <nchen(a)mozilla.com> Date: Tue Nov 28 23:07:52 2017 -0500 Bug 1416940; r=snorp MozReview-Commit-ID: 7izmybLFG6i --- mozglue/android/NSSBridge.cpp | 114 +++++++++++++++++++----------------------- mozglue/android/NSSBridge.h | 4 -- 2 files changed, 52 insertions(+), 66 deletions(-) diff --git a/mozglue/android/NSSBridge.cpp b/mozglue/android/NSSBridge.cpp index 2a9b5771df0d..3343ad1b2472 100644 --- a/… [View More]mozglue/android/NSSBridge.cpp +++ b/mozglue/android/NSSBridge.cpp @@ -37,6 +37,10 @@ NSS_WRAPPER_INT(PL_Base64Encode) NSS_WRAPPER_INT(PL_Base64Decode) NSS_WRAPPER_INT(PL_strfree) +SECStatus doCrypto(JNIEnv* jenv, const char *path, const char *value, char** result, bool doEncrypt); +SECStatus encode(const uint8_t* data, uint32_t srclen, char** result); +SECStatus decode(const char* data, uint8_t** result, uint32_t* length); + int setup_nss_functions(void *nss_handle, void *nspr_handle, @@ -189,41 +193,40 @@ doCrypto(JNIEnv* jenv, const char *path, const char *value, char** result, bool keyid.len = 0; rv = f_PK11SDR_Encrypt(&keyid, &request, &reply, nullptr); - if (rv != SECSuccess) { + if (rv == SECSuccess) { + rv = encode(reply.data, reply.len, result); + if (rv == SECSuccess) { + LOG("Encrypted: %s\n", *result); + } else { + throwError(jenv, "encode"); + } + } else { throwError(jenv, "PK11SDR_Encrypt"); - goto done; } - rv = encode(reply.data, reply.len, result); - if (rv != SECSuccess) { - throwError(jenv, "encode"); - goto done; - } - LOG("Encrypted: %s\n", *result); } else { LOG("Decoding: %s\n", value); - rv = decode(value, &request.data, (int32_t*)&request.len); + rv = decode(value, &request.data, &request.len); if (rv != SECSuccess) { throwError(jenv, "decode"); return rv; } rv = f_PK11SDR_Decrypt(&request, &reply, nullptr); - if (rv != SECSuccess) { - throwError(jenv, "PK11SDR_Decrypt"); - goto done; - } - *result = (char *)malloc(reply.len+1); - strncpy(*result, (char *)reply.data, reply.len); - (*result)[reply.len] = '\0'; + if (rv == SECSuccess) { + *result = static_cast<char*>(malloc(reply.len + 1)); + strncpy(*result, reinterpret_cast<char*>(reply.data), reply.len); + (*result)[reply.len] = '\0'; - // This can print sensitive data. Uncomment if you need it. - // LOG("Decoded %i letters: %s\n", reply.len, *result); + // This can print sensitive data. Uncomment if you need it. + // LOG("Decoded %i letters: %s\n", reply.len, *result); + } else { + throwError(jenv, "PK11SDR_Decrypt"); + } free(request.data); } -done: f_SECITEM_ZfreeItem(&reply, false); return rv; } @@ -232,64 +235,51 @@ done: * Base64 encodes the data passed in. The caller must deallocate _retval using free(); */ SECStatus -encode(const unsigned char *data, int32_t dataLen, char **_retval) +encode(const uint8_t* data, uint32_t srclen, char** result) { - SECStatus rv = SECSuccess; - char *encoded = f_PL_Base64Encode((const char *)data, dataLen, nullptr); - if (!encoded) - rv = SECFailure; - if (!*encoded) - rv = SECFailure; - - if (rv == SECSuccess) { - *_retval = (char *)malloc(strlen(encoded)+1); - strcpy(*_retval, encoded); + if (srclen > (PR_UINT32_MAX / 4) * 3) { + return SECFailure; } - if (encoded) { - f_PR_Free(encoded); + const uint32_t dstlen = ((srclen + 2) / 3) * 4; + char* const buffer = static_cast<char*>(malloc(dstlen + 1)); + + if (!buffer || !f_PL_Base64Encode(reinterpret_cast<const char*>(data), srclen, buffer)) { + free(buffer); + *result = nullptr; + return SECFailure; } - return rv; + buffer[dstlen] = '\0'; + *result = buffer; + return SECSuccess; } /* * Base64 decodes the data passed in. The caller must deallocate result using free(); */ SECStatus -decode(const char *data, unsigned char **result, int32_t *length) +decode(const char* data, uint8_t** result, uint32_t* length) { - SECStatus rv = SECSuccess; - uint32_t len = strlen(data); - int adjust = 0; - - /* Compute length adjustment */ - if (len > 0 && data[len-1] == '=') { - adjust++; - if (data[len-2] == '=') adjust++; + uint32_t srclen = strlen(data); + while (srclen && data[srclen - 1] == '=') { + srclen--; } - char *decoded; - decoded = f_PL_Base64Decode(data, len, nullptr); - if (!decoded) { - return SECFailure; - } - if (!*decoded) { + // Avoid overflow when calculating result length. + const uint32_t dstlen = (srclen / 4) * 3 + ((srclen % 4) * 3) / 4; + // At most 2 extra bytes due to padding in input. + uint8_t* const buffer = static_cast<uint8_t*>(malloc(dstlen + 2)); + + if (!buffer || !f_PL_Base64Decode(data, srclen, reinterpret_cast<char*>(buffer))) { + free(buffer); + *result = nullptr; + *length = 0; return SECFailure; } - *length = (len*3)/4 - adjust; - LOG("Decoded %i chars into %i chars\n", len, *length); - - *result = (unsigned char*)malloc((size_t)len); - - if (!*result) { - rv = SECFailure; - } else { - memcpy((char*)*result, decoded, len); - } - f_PR_Free(decoded); - return rv; + buffer[dstlen] = '\0'; + *result = buffer; + *length = dstlen; + return SECSuccess; } - - diff --git a/mozglue/android/NSSBridge.h b/mozglue/android/NSSBridge.h index 77bcd1172459..83ec8d7494c2 100644 --- a/mozglue/android/NSSBridge.h +++ b/mozglue/android/NSSBridge.h @@ -39,8 +39,4 @@ NSS_WRAPPER(PK11_GetInternalKeySlot, PK11SlotInfo *, void) NSS_WRAPPER(PK11_NeedUserInit, PRBool, PK11SlotInfo *) NSS_WRAPPER(PK11_InitPin, SECStatus, PK11SlotInfo*, const char*, const char*) -bool setPassword(PK11SlotInfo *slot); -SECStatus doCrypto(JNIEnv* jenv, const char *path, const char *value, char** result, bool doEncrypt); -SECStatus encode(const unsigned char *data, int32_t dataLen, char **_retval); -SECStatus decode(const char *data, unsigned char **result, int32_t * _retval); #endif /* NSS_h */ [View Less]

1 0