April 2019 - tor-commits - lists.torproject.org

[tor/master] doc: update the man page and sample torrc for ExitRelay
by nickm＠torproject.org 11 Apr '19

11 Apr '19

commit 9b7cdd23deb5830cce794ce6e901b82fa094dd9f Author: teor <teor(a)torproject.org> Date: Thu Feb 28 11:22:20 2019 +1000 doc: update the man page and sample torrc for ExitRelay We changed the default of ExitRelay in #21530 in 0.3.5.1-alpha, but forgot to update the documentation. Closes 29612. --- doc/tor.1.txt | 13 +++++++------ src/config/torrc.sample.in | 21 ++++++++++++++++----- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 573fdf221..60997ad16 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1849,15 +1849,16 @@ is non-zero): [[ExitRelay]] **ExitRelay** **0**|**1**|**auto**:: Tells Tor whether to run as an exit relay. If Tor is running as a non-bridge server, and ExitRelay is set to 1, then Tor allows traffic to - exit according to the ExitPolicy option (or the default ExitPolicy if - none is specified). + + exit according to the ExitPolicy option, the ReducedExitPolicy option, + or the default ExitPolicy (if no other exit policy option is specified). + + If ExitRelay is set to 0, no traffic is allowed to - exit, and the ExitPolicy option is ignored. + + exit, and the ExitPolicy and ReducedExitPolicy options are ignored. + + - If ExitRelay is set to "auto", then Tor behaves as if it were set to 1, but - warns the user if this would cause traffic to exit. In a future version, - the default value will be 0. (Default: auto) + If ExitRelay is set to "auto", then Tor checks the ExitPolicy and + ReducedExitPolicy options. If either is set, Tor behaves as if ExitRelay + were set to 1. If neither exit policy option is set, Tor behaves as if + ExitRelay were set to 0. (Default: auto) [[ExitPolicy]] **ExitPolicy** __policy__,__policy__,__...__:: Set an exit policy for this server. Each policy is of the form diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in index 8d56b0896..c2ae707e9 100644 --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in @@ -1,5 +1,5 @@ ## Configuration file for a typical Tor user -## Last updated 22 December 2017 for Tor 0.3.2.8-rc. +## Last updated 28 February 2019 for Tor 0.3.5.1-alpha. ## (may or may not work for much older or much newer versions of Tor.) ## ## Lines that begin with "## " try to explain what's going on. Lines @@ -172,14 +172,25 @@ ## Note: do not use MyFamily on bridge relays. #MyFamily $keyid,$keyid,... -## Uncomment this if you do *not* want your relay to allow any exit traffic. -## (Relays allow exit traffic by default.) -#ExitRelay 0 +## Uncomment this if you want your relay to be an exit, with the default +## exit policy (or whatever exit policy you set below). +## (If ReducedExitPolicy or ExitPolicy are set, relays are exits. +## If neither exit policy option is set, relays are non-exits.) +#ExitRelay 1 ## Uncomment this if you want your relay to allow IPv6 exit traffic. -## (Relays only allow IPv4 exit traffic by default.) +## You must also set ExitRelay, ReducedExitPolicy, or ExitPolicy to make your +## relay into an exit. +## (Relays do not allow any exit traffic by default.) #IPv6Exit 1 +## Uncomment this if you want your relay to be an exit, with a reduced set +## of exit ports. +#ReducedExitPolicy 1 + +## Uncomment these lines if you want your relay to be an exit, with the +## specified set of exit IPs and ports. +## ## A comma-separated list of exit policies. They're considered first ## to last, and the first match wins. ##

1 0

[tor-browser/tor-browser-60.6.1esr-8.5-1] Bug 27503: Disabling accessibility on Windows breaks screen readers
by gk＠torproject.org 11 Apr '19

11 Apr '19

commit f5f845f5fe14b5085f919ba46ec092b14c7fcb11 Author: Richard Pospesel <richard(a)torproject.org> Date: Tue Apr 2 17:33:09 2019 -0700 Bug 27503: Disabling accessibility on Windows breaks screen readers This patch is merely an application of the current accessibility fixes in Mozilla 1520177 ( https://bugzilla.mozilla.org/show_bug.cgi?id=1520177 ). It replaces the RT_MANIFEST symbol (defined in windows headers we don't include) with the integer constant 24 to avoid includes confusion, updates the IA2Marshall.rc file to explicitly include the dll manifest and it adds some additional include directories previously excluded when building with the mingw toolchain. With this patch applied, the NVDA screen reader can now read webpage contents, though navigation is still broken. --- accessible/interfaces/ia2/IA2Marshal.rc | 1 + toolkit/library/moz.build | 2 +- toolkit/library/xulrunner.rc | 4 ++-- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/accessible/interfaces/ia2/IA2Marshal.rc b/accessible/interfaces/ia2/IA2Marshal.rc index b120abce744c..4fd86ddd2ab5 100644 --- a/accessible/interfaces/ia2/IA2Marshal.rc +++ b/accessible/interfaces/ia2/IA2Marshal.rc @@ -3,3 +3,4 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 1 typelib IA2Typelib.tlb +2 24 IA2Marshal.dll.manifest diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build old mode 100644 new mode 100755 index b0df6b98b91f..aeb850bdefba --- a/toolkit/library/moz.build +++ b/toolkit/library/moz.build @@ -45,7 +45,7 @@ def Libxul(name): if CONFIG['OS_ARCH'] == 'WINNT' and CONFIG['ACCESSIBILITY']: LOCAL_INCLUDES += ['!/accessible/interfaces/gecko/'] - if CONFIG['OS_ARCH'] == 'WINNT' and CONFIG['CC_TYPE'] not in ('clang', 'gcc'): + if CONFIG['OS_ARCH'] == 'WINNT': LOCAL_INCLUDES += [ '/widget/windows', '/xpcom/base', diff --git a/toolkit/library/xulrunner.rc b/toolkit/library/xulrunner.rc index e2adca6e2f1f..29a20c3afc11 100755 --- a/toolkit/library/xulrunner.rc +++ b/toolkit/library/xulrunner.rc @@ -6,8 +6,8 @@ #include "widget.rc" #ifdef ACCESSIBILITY 1 typelib IGeckoCustom.tlb -64 RT_MANIFEST IAccessible64.manifest +64 24 IAccessible64.manifest #ifndef HAVE_64BIT_BUILD -32 RT_MANIFEST IAccessible32.manifest +32 24 IAccessible32.manifest #endif #endif

1 0

[translation/donatepages-messagespot] Update translations for donatepages-messagespot
by translation＠torproject.org 11 Apr '19

11 Apr '19

commit 4841926e898e29e2feaad26a78c0fa8851c7d1c7 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Apr 11 18:15:36 2019 +0000 Update translations for donatepages-messagespot --- locale/id/LC_MESSAGES/messages.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/locale/id/LC_MESSAGES/messages.po b/locale/id/LC_MESSAGES/messages.po index cd8557561..c1c9ece8c 100644 --- a/locale/id/LC_MESSAGES/messages.po +++ b/locale/id/LC_MESSAGES/messages.po @@ -5,13 +5,13 @@ # Margaret Megan <megan_marg(a)yahoo.com>, 2018 # Fery Setiawan <gembelweb(a)gmail.com>, 2018 # erinm, 2018 -# ical, 2019 # Emma Peel, 2019 # Muhammad Yusuf <myusuffin(a)gmail.com>, 2019 +# ical, 2019 # msgid "" msgstr "" -"Last-Translator: Muhammad Yusuf <myusuffin(a)gmail.com>, 2019\n" +"Last-Translator: ical, 2019\n" "Language-Team: Indonesian (https://www.transifex.com/otf/teams/1519/id/)\n" "Language: id\n" "Plural-Forms: nplurals=1; plural=0;\n" @@ -44,7 +44,7 @@ msgstr "Tor: Kuat Dalam Jumlah" #: tmp/cache_locale/93/936f5ca9f26662b60293a725343573df95cb28c99d7c3f12b1c94ed37a453012.php:52 #: tmp/cache_locale/93/936f5ca9f26662b60293a725343573df95cb28c99d7c3f12b1c94ed37a453012.php:75 msgid "Donate to the Tor Project and protect the privacy of millions." -msgstr "" +msgstr "Berdonasi ke Tor Project dan lindungi privasi dari jutaan orang." #: tmp/cache_locale/f1/f1c758a0a2b3397f444e81463a5afc68c251bdbcd430c9979e3044b79d32dffc.php:54 #: tmp/cache_locale/f1/f1c758a0a2b3397f444e81463a5afc68c251bdbcd430c9979e3044b79d32dffc.php:77

1 0

[tor/release-0.4.0] More changelog edits (thanks, seborn!)
by nickm＠torproject.org 11 Apr '19

11 Apr '19

commit dac18e0b2085814c32070d603c4c94297ee778cc Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 11 14:04:02 2019 -0400 More changelog edits (thanks, seborn!) --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 70c040544..20a00899c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,7 +24,7 @@ Changes in version 0.4.0.4-rc - 2019-04-11 o Minor features (circuit padding): - Stop warning about undefined behavior in the probability distribution tests. Float division by zero may technically be - undefined behaviour in C, but it's well-defined in IEEE 754. + undefined behavior in C, but it's well defined in IEEE 754. Partial backport of 29298. Closes ticket 29527; bugfix on 0.4.0.1-alpha. @@ -87,7 +87,7 @@ Changes in version 0.4.0.4-rc - 2019-04-11 o Minor bugfixes (circuitpadding testing): - Minor tweaks to avoid rare test failures related to timers and - monotime. Fixes bug 29500; bugfix on 0.4.0.1-alpha + monotonic time. Fixes bug 29500; bugfix on 0.4.0.1-alpha. o Minor bugfixes (directory authorities): - Actually include the bandwidth-file-digest line in directory

1 0

[translation/tbmanual-contentspot_completed] Update translations for tbmanual-contentspot_completed
by translation＠torproject.org 11 Apr '19

11 Apr '19

commit 320b76bdfd4536d95af6e48252fa7b204a9a9190 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Apr 11 17:47:59 2019 +0000 Update translations for tbmanual-contentspot_completed --- contents+id.po | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/contents+id.po b/contents+id.po index d58595633..2cf2e0492 100644 --- a/contents+id.po +++ b/contents+id.po @@ -67,7 +67,7 @@ msgstr "Plugin" #: https//tb-manual.torproject.org/en-US/menu/ #: (content/menu/contents+en-US.lrtopic.body) msgid "Becoming a Tor translator" -msgstr "" +msgstr "Menjadi Penerjemah Tor" #: https//tb-manual.torproject.org/en-US/about/ #: (content/about/contents+en-US.lrtopic.title) @@ -2188,6 +2188,7 @@ msgstr "##### Mendaftar di Transifex" msgid "" "* Head over to the [Transifex signup page](https://transifex.com/signup/)." msgstr "" +"* Pergi ke [halaman pendaftaran Transifex](https://transifex.com/signup/)." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2197,7 +2198,7 @@ msgstr "Masukkan informasi Anda pada kolom-kolom dan klik tombol 'Sign Up':" #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) msgid "<img class=\"col-md-6\" src=\"/static/images/tr1.png\">" -msgstr "" +msgstr "<img class=\"col-md-6\" src=\"/static/images/tr1.png\">" #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2234,6 +2235,8 @@ msgid "" "* You are now signed up! Go to the [Tor Transifex " "page](https://www.transifex.com/otf/torproject/)." msgstr "" +"* Anda telah terdaftar! Pergi ke [halaman Transifex " +"Tor](https://www.transifex.com/otf/torproject/)." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2274,6 +2277,10 @@ msgid "" "page](https://www.transifex.com/otf/torproject/) when you are ready to " "begin." msgstr "" +"Setelah keanggotaan Anda diterima Anda dapat memulai menerjemahkan; ada " +"daftar penerjemahan yang dibutuhkan pada [halaman Transifex " +"Tor](https://www.transifex.com/otf/torproject/) saat Anda siap untuk " +"memulai." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2281,6 +2288,8 @@ msgid "" "The [Localization Lab Wiki](https://wiki.localizationlab.org/index.php/Tor) " "also has information about the translations with bigger priority." msgstr "" +"[Localization Lab Wiki](https://wiki.localizationlab.org/index.php/Tor) juga" +" memiliki informasi tentang penerjemahan dengan prioritas yang lebih besar." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body)

1 0

[translation/tbmanual-contentspot] Update translations for tbmanual-contentspot
by translation＠torproject.org 11 Apr '19

11 Apr '19

commit 327f2096b3f9a1922873befa38127b4557c5c6e4 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Apr 11 17:47:49 2019 +0000 Update translations for tbmanual-contentspot --- contents+id.po | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/contents+id.po b/contents+id.po index d58595633..2cf2e0492 100644 --- a/contents+id.po +++ b/contents+id.po @@ -67,7 +67,7 @@ msgstr "Plugin" #: https//tb-manual.torproject.org/en-US/menu/ #: (content/menu/contents+en-US.lrtopic.body) msgid "Becoming a Tor translator" -msgstr "" +msgstr "Menjadi Penerjemah Tor" #: https//tb-manual.torproject.org/en-US/about/ #: (content/about/contents+en-US.lrtopic.title) @@ -2188,6 +2188,7 @@ msgstr "##### Mendaftar di Transifex" msgid "" "* Head over to the [Transifex signup page](https://transifex.com/signup/)." msgstr "" +"* Pergi ke [halaman pendaftaran Transifex](https://transifex.com/signup/)." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2197,7 +2198,7 @@ msgstr "Masukkan informasi Anda pada kolom-kolom dan klik tombol 'Sign Up':" #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) msgid "<img class=\"col-md-6\" src=\"/static/images/tr1.png\">" -msgstr "" +msgstr "<img class=\"col-md-6\" src=\"/static/images/tr1.png\">" #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2234,6 +2235,8 @@ msgid "" "* You are now signed up! Go to the [Tor Transifex " "page](https://www.transifex.com/otf/torproject/)." msgstr "" +"* Anda telah terdaftar! Pergi ke [halaman Transifex " +"Tor](https://www.transifex.com/otf/torproject/)." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2274,6 +2277,10 @@ msgid "" "page](https://www.transifex.com/otf/torproject/) when you are ready to " "begin." msgstr "" +"Setelah keanggotaan Anda diterima Anda dapat memulai menerjemahkan; ada " +"daftar penerjemahan yang dibutuhkan pada [halaman Transifex " +"Tor](https://www.transifex.com/otf/torproject/) saat Anda siap untuk " +"memulai." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body) @@ -2281,6 +2288,8 @@ msgid "" "The [Localization Lab Wiki](https://wiki.localizationlab.org/index.php/Tor) " "also has information about the translations with bigger priority." msgstr "" +"[Localization Lab Wiki](https://wiki.localizationlab.org/index.php/Tor) juga" +" memiliki informasi tentang penerjemahan dengan prioritas yang lebih besar." #: https//tb-manual.torproject.org/en-US/becoming-tor-translator/ #: (content/becoming-tor-translator/contents+en-US.lrtopic.body)

1 0

[tor-browser/tor-browser-60.6.1esr-8.5-1] Bug 29859: Disable HLS support for now
by gk＠torproject.org 11 Apr '19

11 Apr '19

commit 477af8c709134b57b530b4b94ce6b4c82cb46fce Author: Georg Koppen <gk(a)torproject.org> Date: Thu Mar 28 19:10:34 2019 +0000 Bug 29859: Disable HLS support for now --- mobile/android/app/000-tor-browser-android.js | 3 +++ mobile/android/moz.configure | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js index de51ec125406..b2ee9d0ded00 100644 --- a/mobile/android/app/000-tor-browser-android.js +++ b/mobile/android/app/000-tor-browser-android.js @@ -56,3 +56,6 @@ pref("general.useragent.updates.url", ""); // Enable touch events on Android (highlighting text, etc) pref("dom.w3c_touch_events.enabled", 2); + +// No HLS support for now due to browser freezing, see: #29859. +pref("media.hls.enabled", false); diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure index 7033d4283211..d0347b5fe0b8 100644 --- a/mobile/android/moz.configure +++ b/mobile/android/moz.configure @@ -96,7 +96,7 @@ project_flag('MOZ_SWITCHBOARD', project_flag('MOZ_ANDROID_HLS_SUPPORT', help='Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)', - default=True) + default=False) option(env='MOZ_ANDROID_ACTIVITY_STREAM', help='Enable Activity Stream on Android (replacing the default HomePager)',

1 0

[tor/release-0.4.0] Light editing on changelog
by nickm＠torproject.org 11 Apr '19

11 Apr '19

commit 5d83c34ef9dccab311b9991abc3904ab409c5cfc Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Apr 11 10:26:41 2019 -0400 Light editing on changelog --- ChangeLog | 81 +++++++++++++++++++++++++++++---------------------------------- 1 file changed, 37 insertions(+), 44 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5e7256ddc..70c040544 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,7 @@ Changes in version 0.4.0.4-rc - 2019-04-11 Tor 0.4.0.4-rc is the first release candidate in its series; it fixes - several bugs from earlier versions, including some that had - affected stability. + several bugs from earlier versions, including some that had affected + stability, and one that prevented relays from working with NSS. o Major bugfixes (NSS, relay): - When running with NSS, disable TLS 1.2 ciphersuites that use @@ -11,11 +11,15 @@ Changes in version 0.4.0.4-rc - 2019-04-11 Fixes bug 29241; bugfix on 0.3.5.1-alpha. o Minor features (bandwidth authority): - - Make bandwidth authorities to ignore relays that are reported in - the bandwidth file with the key-value "vote=0". This change allows - to report the relays that were not measured due some failure and - diagnose the reasons without the bandwidth being included in the - bandwidth authorities vote. Closes ticket 29806. + - Make bandwidth authorities ignore relays that are reported in the + bandwidth file with the flag "vote=0". This change allows us to + report unmeasured relays for diagnostic reasons without including + their bandwidth in the bandwidth authorities' vote. Closes + ticket 29806. + - When a directory authority is using a bandwidth file to obtain the + bandwidth values that will be included in the next vote, serve + this bandwidth file at /tor/status-vote/next/bandwidth. Closes + ticket 21377. o Minor features (circuit padding): - Stop warning about undefined behavior in the probability @@ -26,15 +30,9 @@ Changes in version 0.4.0.4-rc - 2019-04-11 o Minor features (continuous integration): - On Travis Rust builds, cleanup Rust registry and refrain from - caching target/ directory to speed up builds. Resolves + caching the "target/" directory to speed up builds. Resolves issue 29962. - o Minor features (dircache): - - When a directory authority is using a bandwidth file to obtain the - bandwidth values that will be included in the next vote, serve - this bandwidth file at /tor/status-vote/next/bandwidth. Closes - ticket 21377. - o Minor features (dormant mode): - Add a DormantCanceledByStartup option to tell Tor that it should treat a startup event as cancelling any previous dormant state. @@ -58,17 +56,24 @@ Changes in version 0.4.0.4-rc - 2019-04-11 the vulnerable code is only reached when directory authorities read bandwidth files, but bandwidth files come from a trusted source (usually the authorities themselves). Furthermore, the - issue is only exploitable in rare (non-POSIX) 32-bit architectures + issue is only exploitable in rare (non-POSIX) 32-bit architectures, which are not used by any of the current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by Tobias Stoeckmann. + - Verify in more places that we are not about to create a buffer + with more than INT_MAX bytes, to avoid possible OOB access in the + event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and + fixed by Tobias Stoeckmann. o Minor bugfix (continuous integration): - - Reset coverage state on disk after Travis CI has finished. This is - being done to prevent future gcda file merge errors which causes - the test suite for the process subsystem to fail. The process - subsystem was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix + - Reset coverage state on disk after Travis CI has finished. This + should prevent future coverage merge errors from causing the test + suite for the "process" subsystem to fail. The process subsystem + was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15. + - Terminate test-stem if it takes more than 9.5 minutes to run. + (Travis terminates the job after 10 minutes of no output.) + Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha. o Minor bugfixes (bootstrap reporting): - During bootstrap reporting, correctly distinguish pluggable @@ -80,25 +85,14 @@ Changes in version 0.4.0.4-rc - 2019-04-11 29824; bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119. - o Minor bugfixes (CI): - - Terminate test-stem if it takes more than 9.5 minutes to run. - (Travis terminates the job after 10 minutes of no output.) - Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha. - o Minor bugfixes (circuitpadding testing): - - Minor tweaks to avoid very rare test failures related to timers - and monotime. Fixes bug 29500; bugfix on 0.4.0.1-alpha + - Minor tweaks to avoid rare test failures related to timers and + monotime. Fixes bug 29500; bugfix on 0.4.0.1-alpha o Minor bugfixes (directory authorities): - Actually include the bandwidth-file-digest line in directory authority votes. Fixes bug 29959; bugfix on 0.4.0.2-alpha. - o Minor bugfixes (hardening): - - Verify in more places that we are not about to create a buffer - with more than INT_MAX bytes, to avoid possible OOB access in the - event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and - fixed by Tobias Stoeckmann. - o Minor bugfixes (logging): - On Windows, when errors cause us to reload a consensus from disk, tell the user that we are retrying at log level "notice". @@ -108,20 +102,20 @@ Changes in version 0.4.0.4-rc - 2019-04-11 on 0.4.0.2-alpha. o Minor bugfixes (pluggable transports): - - Restore old behaviour when it comes to discovering the path of a - given Pluggable Transport exe-file. Fixes bug 29874; bugfix - on 0.4.0.1-alpha. + - Restore old behavior when it comes to discovering the path of a + given Pluggable Transport executable file. A change in + 0.4.0.1-alpha had broken this behavior on paths containing a + space. Fixes bug 29874; bugfix on 0.4.0.1-alpha. o Minor bugfixes (testing): - Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a recent test-network.sh to use new chutney features in CI. Fixes bug 29703; bugfix on 0.2.9.1-alpha. + - Fix a test failure on Windows caused by an unexpected "BUG" + warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix + on 0.2.9.3-alpha. - o Minor bugfixes (testing, windows): - - Fix a test failure caused by an unexpected bug warning in our test - for tor_gmtime_r(-1). Fixes bug 29922; bugfix on 0.2.9.3-alpha. - - o Minor bugfixes (TLS protocol, integration tests): + o Minor bugfixes (TLS protocol): - When classifying a client's selection of TLS ciphers, if the client ciphers are not yet available, do not cache the result. Previously, we had cached the unavailability of the cipher list @@ -131,15 +125,14 @@ Changes in version 0.4.0.4-rc - 2019-04-11 bug 30021; bugfix on 0.2.4.8-alpha. o Code simplification and refactoring: - - Introduce a connection_dir_buf_add() helper function that checks - for compress_state of dir_connection_t and automatically writes a - string to directory connection with or without compression. + - Introduce a connection_dir_buf_add() helper function that detects + whether compression is in use, and adds a string accordingly. Resolves issue 28816. - Refactor handle_get_next_bandwidth() to use connection_dir_buf_add(). Implements ticket 29897. o Documentation: - - Clarify that Tor performs stream isolation between *Port listeners + - Clarify that Tor performs stream isolation among *Port listeners by default. Resolves issue 29121.

1 0

[snowflake/master] Merge branch 'deadlock'
by cohosh＠torproject.org 11 Apr '19

11 Apr '19

commit 6399ef9d4fa7d1dced903b43f329a43d3a80dfc7 Merge: 3eb9064 62fddab Author: Cecylia Bocovich <cohosh(a)torproject.org> Date: Thu Apr 11 09:57:38 2019 -0400 Merge branch 'deadlock' proxy-go/snowflake.go | 57 +++++++++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 25 deletions(-)

1 0

[snowflake/master] Fix for proxy deadlock bug
by cohosh＠torproject.org 11 Apr '19

11 Apr '19

commit c28c8ca489633aae2d9b9dbea0e781ca5e44cc66 Author: Cecylia Bocovich <cohosh(a)torproject.org> Date: Sat Mar 30 12:19:29 2019 -0400 Fix for proxy deadlock bug This is a fix for the proxy-go deadlock bug (ticket #25688). The assumption that OnIceComplete is always followed by a successful connection where OnDataChannel has been called turns out not to occur in practice. OnICEComplete looks like it is being deprecated in other libraries anyway, so it's safer to just remove it. --- proxy-go/snowflake.go | 42 ++++++++++++++++-------------------------- 1 file changed, 16 insertions(+), 26 deletions(-) diff --git a/proxy-go/snowflake.go b/proxy-go/snowflake.go index 2e8fe20..aeb9f51 100644 --- a/proxy-go/snowflake.go +++ b/proxy-go/snowflake.go @@ -259,8 +259,6 @@ func datachannelHandler(conn *webRTCConn, remoteAddr net.Addr) { // Installs an OnDataChannel callback that creates a webRTCConn and passes it to // datachannelHandler. func makePeerConnectionFromOffer(sdp *webrtc.SessionDescription, config *webrtc.Configuration) (*webrtc.PeerConnection, error) { - errChan := make(chan error) - answerChan := make(chan struct{}) pc, err := webrtc.NewPeerConnection(config) if err != nil { @@ -269,9 +267,6 @@ func makePeerConnectionFromOffer(sdp *webrtc.SessionDescription, config *webrtc. pc.OnNegotiationNeeded = func() { panic("OnNegotiationNeeded") } - pc.OnIceComplete = func() { - answerChan <- struct{}{} - } pc.OnDataChannel = func(dc *webrtc.DataChannel) { log.Println("OnDataChannel") @@ -310,30 +305,25 @@ func makePeerConnectionFromOffer(sdp *webrtc.SessionDescription, config *webrtc. } log.Println("sdp offer successfully received.") - go func() { - log.Println("Generating answer...") - answer, err := pc.CreateAnswer() // blocking - if err != nil { - errChan <- err - return - } - err = pc.SetLocalDescription(answer) - if err != nil { - errChan <- err - return - } - }() + log.Println("Generating answer...") + answer, err := pc.CreateAnswer() + // blocks on ICE gathering. we need to add a timeout if needed + // not putting this in a separate go routine, because we need + // SetLocalDescription(answer) to be called before sendAnswer + if err != nil { + pc.Destroy() + return nil, err + } - // Wait until answer is ready. - select { - case err = <-errChan: + if answer == nil { + pc.Destroy() + return nil, fmt.Errorf("Failed gathering ICE candidates.") + } + + err = pc.SetLocalDescription(answer) + if err != nil { pc.Destroy() return nil, err - case _, ok := <-answerChan: - if !ok { - pc.Destroy() - return nil, fmt.Errorf("Failed gathering ICE candidates.") - } } return pc, nil }

1 0