- tor-commits - lists.torproject.org

r24869: {website} updated docs/de/sidenav.wmi from Sacro (website/trunk/docs/de)
by Runa Sandvik 07 Jul '11

07 Jul '11

Author: runa Date: 2011-07-07 13:34:09 +0000 (Thu, 07 Jul 2011) New Revision: 24869 Modified: website/trunk/docs/de/sidenav.wmi Log: updated docs/de/sidenav.wmi from Sacro Modified: website/trunk/docs/de/sidenav.wmi =================================================================== --- website/trunk/docs/de/sidenav.wmi 2011-07-07 11:43:12 UTC (rev 24868) +++ website/trunk/docs/de/sidenav.wmi 2011-07-07 13:34:09 UTC (rev 24869) @@ -30,6 +30,12 @@ {'url' => 'docs/tor-doc-unix', 'txt' => 'Installation auf Linux/BSD/Unix', }, + {'url' => 'docs/debian', + 'txt' => 'Installation von Tor auf Debian/Ubuntu', + }, + {'url' => 'docs/debian-vidalia', + 'txt' => 'Installation von Vidalia auf Debian/Ubuntu', + }, {'url' => 'docs/tor-doc-osx', 'txt' => 'Installation auf Mac OS X', }, @@ -96,3 +102,4 @@ ]; :> +

1 0

r24868: {website} Fix typo (website/trunk/docs/en)
by Robert Ransom 07 Jul '11

07 Jul '11

Author: rransom Date: 2011-07-07 11:43:12 +0000 (Thu, 07 Jul 2011) New Revision: 24868 Modified: website/trunk/docs/en/installguide.wml Log: Fix typo Modified: website/trunk/docs/en/installguide.wml =================================================================== --- website/trunk/docs/en/installguide.wml 2011-07-07 11:33:52 UTC (rev 24867) +++ website/trunk/docs/en/installguide.wml 2011-07-07 11:43:12 UTC (rev 24868) @@ -2,7 +2,7 @@ # Revision: $Revision$ # Translation-Priority: 2-medium -#include "head.wmi" TITLE="Tor Project: Installtion Instructions" CHARSET="UTF-8" +#include "head.wmi" TITLE="Tor Project: Installation Instructions" CHARSET="UTF-8" <div id="content" class="clearfix"> <div id="breadcrumbs"> <a href="<page index>">Home » </a>

1 0

r24867: {website} fix a missing > (website/trunk/docs/en)
by Andrew Lewman 07 Jul '11

07 Jul '11

Author: phobos Date: 2011-07-07 11:33:52 +0000 (Thu, 07 Jul 2011) New Revision: 24867 Modified: website/trunk/docs/en/tor-doc-unix.wml Log: fix a missing > Modified: website/trunk/docs/en/tor-doc-unix.wml =================================================================== --- website/trunk/docs/en/tor-doc-unix.wml 2011-07-07 11:32:10 UTC (rev 24866) +++ website/trunk/docs/en/tor-doc-unix.wml 2011-07-07 11:33:52 UTC (rev 24867) @@ -16,7 +16,7 @@ <p> <b>Note that these are the installation instructions for running a Tor client. The easiest way to do this is to simply download the <a - href="<page projects/torbrowser>"Tor Browser Bundle</a> and you are + href="<page projects/torbrowser>">Tor Browser Bundle</a> and you are done. </b> </p>

1 0

r24866: {website} finish purging polipo from the docs. (website/trunk/docs/en)
by Andrew Lewman 07 Jul '11

07 Jul '11

Author: phobos Date: 2011-07-07 11:32:10 +0000 (Thu, 07 Jul 2011) New Revision: 24866 Modified: website/trunk/docs/en/tor-doc-unix.wml Log: finish purging polipo from the docs. Modified: website/trunk/docs/en/tor-doc-unix.wml =================================================================== --- website/trunk/docs/en/tor-doc-unix.wml 2011-07-07 11:26:25 UTC (rev 24865) +++ website/trunk/docs/en/tor-doc-unix.wml 2011-07-07 11:32:10 UTC (rev 24866) @@ -14,10 +14,10 @@ <br> <p> - <b>Note that these are the installation instructions for running a Tor - client. If you want to relay traffic for others to help the network grow - (please do), read the <a - href="<page docs/tor-doc-relay>">Configuring a relay</a> guide.</b> + <b>Note that these are the installation instructions for running a + Tor client. The easiest way to do this is to simply download the <a + href="<page projects/torbrowser>"Tor Browser Bundle</a> and you are + done. </b> </p> <hr> @@ -78,20 +78,16 @@ entry for running Tor on a different computer</a>. </p> - <p>To Torify other applications that support HTTP proxies, just - point them at Polipo (that is, localhost port 8118). To use SOCKS - directly (for instant messaging, Jabber, IRC, etc), you can point - your application directly at Tor (localhost port 9050), but see <a - href="<wikifaq>#SOCKSAndDNS">this - FAQ entry</a> for why this may be dangerous. For applications - that support neither SOCKS nor HTTP, take a look at <a - href="https://code.google.com/p/torsocks/">torsocks</a> or <a - href="<wiki>doc/TorifyHOWTO#socat">socat</a>. + <p>To Torify other applications that support SOCKS proxies, just + point them at Tor's SOCKS port (127.0.0.1 port 9050). See <a + href="<wikifaq>#SOCKSAndDNS">this FAQ entry</a> for why this may be + dangerous. For applications that support neither SOCKS nor HTTP, take + a look at <a href="https://code.google.com/p/torsocks/">torsocks</a> + or <a href="<wiki>doc/TorifyHOWTO#socat">socat</a>. </p> <p>For information on how to Torify other applications, check out the - <a href="<wiki>doc/TorifyHOWTO">Torify - HOWTO</a>. + <a href="<wiki>doc/TorifyHOWTO">Torify HOWTO</a>. </p> <hr> @@ -101,30 +97,26 @@ <p> Next, you should try using your browser with Tor and make - sure that your IP address is being anonymized. Click on - <a href="https://check.torproject.org/">the - Tor detector</a> - and see whether it thinks you're using Tor or not. - #<a href="http://ipchicken.com/">this site</a> - #to see what IP address it thinks you're using. - (If that site is down, see <a - href="<wikifaq>#IsMyConnectionPrivate">this - FAQ entry</a> for more suggestions on how to test your Tor.) + sure that your IP address is being anonymized. Click on <a + href="https://check.torproject.org/">the Tor detector</a> + and see whether it thinks you're using Tor or not. #<a + href="http://ipchicken.com/">this site</a> #to see what IP + address it thinks you're using. (If that site is down, see <a + href="<wikifaq>#IsMyConnectionPrivate">this FAQ entry</a> for more + suggestions on how to test your Tor.) </p> - <p>If you have a personal firewall that limits your computer's - ability to connect to itself (this includes something like SELinux on - Fedora Core 4), be sure to allow connections from - your local applications to Polipo (local port 8118) and Tor (local port - 9050). If - your firewall blocks outgoing connections, punch a hole so - it can connect to at least TCP ports 80 and 443, and then see <a - href="<wikifaq>#FirewalledClient">this - FAQ entry</a>. If your SELinux config is not allowing tor or privoxy to - run correctly, create a file named booleans.local in the directory - /etc/selinux/targeted. Edit this file in your favorite text editor and - insert "allow_ypbind=1". Restart your machine for this change to take - effect. + <p>If you have a personal firewall that limits your computer's ability + to connect to itself (this includes something like SELinux on Fedora + Core 4), be sure to allow connections from your local applications to + Tor (local port 9050). If your firewall blocks outgoing connections, + punch a hole so it can connect to at least TCP ports 80 and 443, and + then see <a href="<wikifaq>#FirewalledClient">this FAQ entry</a>. + If your SELinux config is not allowing tor or privoxy to run + correctly, create a file named booleans.local in the directory + /etc/selinux/targeted. Edit this file in your favorite text editor + and insert "allow_ypbind=1". Restart your machine for this change + to take effect. </p> <p>If it's still not working, look at <a @@ -139,19 +131,18 @@ <p>The Tor network relies on volunteers to donate bandwidth. The more people who run relays, the faster the Tor network will be. If you have - at least 20 kilobytes/s each way, please help out Tor by configuring your + at least 20 KiloBytes/s each way, please help out Tor by configuring your Tor to be a relay too. We have many features that make Tor relays easy and convenient, including rate limiting for bandwidth, exit policies so you can limit your exposure to abuse complaints, and support for dynamic IP addresses.</p> <p>Having relays in many different places on the Internet is what - makes Tor users secure. <a - href="<wikifaq>#RelayAnonymity">You - may also get stronger anonymity yourself</a>, - since remote sites can't know whether connections originated at your - computer or were relayed from others.</p> - + makes Tor users secure. <a href="<wikifaq>#RelayAnonymity">You may + also get stronger anonymity yourself</a>, since remote sites can't + know whether connections originated at your computer or were relayed + from others.</p> + <p>Read more at our <a href="<page docs/tor-doc-relay>">Configuring a relay</a> guide.</p>

1 0

r24865: {website} link to the debian/ubuntu docs in the sidenav so people have (website/trunk/docs/en)
by Andrew Lewman 07 Jul '11

07 Jul '11

Author: phobos Date: 2011-07-07 11:26:25 +0000 (Thu, 07 Jul 2011) New Revision: 24865 Modified: website/trunk/docs/en/sidenav.wmi Log: link to the debian/ubuntu docs in the sidenav so people have some hope of finding it. Modified: website/trunk/docs/en/sidenav.wmi =================================================================== --- website/trunk/docs/en/sidenav.wmi 2011-07-07 11:23:55 UTC (rev 24864) +++ website/trunk/docs/en/sidenav.wmi 2011-07-07 11:26:25 UTC (rev 24865) @@ -30,14 +30,20 @@ {'url' => 'docs/tor-doc-unix', 'txt' => 'Installing on Linux/BSD/Unix', }, + {'url' => 'docs/debian', + 'txt' => 'Installing Tor on Debian/Ubuntu', + }, + {'url' => 'docs/debian-vidalia', + 'txt' => 'Installing Vidalia on Debian/Ubuntu', + }, {'url' => 'docs/tor-doc-osx', - 'txt' => 'Installing on Mac OS X', + 'txt' => 'Installing Tor on Mac OS X', }, {'url' => 'docs/android', - 'txt' => 'Installing on Android', + 'txt' => 'Installing Tor on Android', }, {'url' => 'docs/N900', - 'txt' => 'Installing on Maemo/N900', + 'txt' => 'Installing Tor on Maemo/N900', }, {'url' => 'docs/verifying-signatures', 'txt' => 'Verify our GPG signatures',

1 0

r24864: {website} remove the polipo section. these instructions really should (website/trunk/docs/en)
by Andrew Lewman 07 Jul '11

07 Jul '11

Author: phobos Date: 2011-07-07 11:23:55 +0000 (Thu, 07 Jul 2011) New Revision: 24864 Modified: website/trunk/docs/en/tor-doc-unix.wml Log: remove the polipo section. these instructions really should be to just install TBB and be done with it. Modified: website/trunk/docs/en/tor-doc-unix.wml =================================================================== --- website/trunk/docs/en/tor-doc-unix.wml 2011-07-06 18:48:32 UTC (rev 24863) +++ website/trunk/docs/en/tor-doc-unix.wml 2011-07-07 11:23:55 UTC (rev 24864) @@ -52,47 +52,12 @@ </p> <hr> - <a id="privoxy"></a> - <a id="polipo"></a> - <h2><a class="anchor" href="#polipo">Step Two: Install Polipo for Web Browsing</a></h2> - <br> - - <p>After installing Tor, you need to configure your applications to use it. - </p> - - <p> - The first step is to set up web browsing. Start by installing <a - href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> from - your favorite repository. Polipo is a caching web proxy that does http - pipelining well, so it's well-suited for Tor's latencies. Make sure - to get at least Polipo 1.0.4, since earlier versions lack the SOCKS support - required to use Polipo with Tor. You should uninstall privoxy at this - point (e.g. apt-get remove privoxy or yum remove privoxy), so they don't - conflict. - </p> - - <p>Once you've installed Polipo (either from package or from - source), <b>you will need to configure Polipo to use Tor</b>. Grab our <a - href="<tbbrepo>/build-scripts/config/polipo.conf">Polipo - configuration for Tor</a> and put it in place of your current polipo - config file (e.g. /etc/polipo/config or ~/.polipo). - You'll need to restart Polipo for the changes to take effect. For - example:<br> - <tt>/etc/init.d/polipo restart</tt> - </p> - - <p>If you prefer, you can instead use Privoxy with <a - href="<wiki>doc/PrivoxyConfig">this - sample Privoxy configuration</a>. But since the config files both use - port 8118, you shouldn't run both Polipo and Privoxy at the same time.</p> - - <hr> <a id="using"></a> - <h2><a class="anchor" href="#using">Step Three: Configure your applications to use Tor</a></h2> + <h2><a class="anchor" href="#using">Step Two: Configure your applications to use Tor</a></h2> <br> - <p>After installing Tor and Polipo, you need to configure your - applications to use them. The first step is to set up web browsing.</p> + <p>After installing Tor, you need to configure your applications to + use them. The first step is to set up web browsing.</p> <p>You should use Tor with Firefox and Torbutton, for best safety. Simply install the <a @@ -131,7 +96,7 @@ <hr> <a id="verify"></a> - <h2><a class="anchor" href="#verify">Step Four: Make sure it's working</a></h2> + <h2><a class="anchor" href="#verify">Step Three: Make sure it's working</a></h2> <br> <p> @@ -169,7 +134,7 @@ <hr> <a id="server"></a> <a id="relay"></a> - <h2><a class="anchor" href="#relay">Step Five: Configure it as a relay</a></h2> + <h2><a class="anchor" href="#relay">Step Four: Configure it as a relay</a></h2> <br> <p>The Tor network relies on volunteers to donate bandwidth. The more

1 0

[arm/master] Configuration confirmation page for setup wizard
by atagar＠torproject.org 07 Jul '11

07 Jul '11

commit 1bb80486d2a8c9221c1e1cf7084d6245f43a24fd Author: Damian Johnson <atagar(a)torproject.org> Date: Wed Jul 6 17:51:00 2011 -0700 Configuration confirmation page for setup wizard This provides a dialog in the relay setup wizard with the torrc that'll be created (with syntax hilighing, scrolling, etc). --- src/cli/wizard.py | 110 ++++++++++++++++++++++++++++++++++++++++++++++++++++- src/util/panel.py | 11 +++-- 2 files changed, 114 insertions(+), 7 deletions(-) diff --git a/src/cli/wizard.py b/src/cli/wizard.py index 8ad7208..946ecd1 100644 --- a/src/cli/wizard.py +++ b/src/cli/wizard.py @@ -264,8 +264,19 @@ def showWizard(): if selection == BACK: relayType = None elif selection == NEXT: generatedTorrc = getTorrc(relayType, config) - log.log(log.NOTICE, "Resulting torrc:\n%s" % generatedTorrc) - break # TODO: implement next screen + + dataDir = CONFIG["startup.dataDirectory"] + if not dataDir.endswith("/"): dataDir += "/" + torrcLocation = os.path.expanduser(dataDir) + "torrc" + + cli.controller.getController().requestRedraw(True) + confirmationSelection = showConfirmationDialog(generatedTorrc, torrcLocation) + + if confirmationSelection == NEXT: + log.log(log.NOTICE, "Resulting torrc:\n%s" % generatedTorrc) + break # TODO: implement next screen + elif confirmationSelection == CANCEL: + break # redraws screen to clear away the dialog we just showed cli.controller.getController().requestRedraw(True) @@ -507,6 +518,101 @@ def getTorrc(relayType, config): return torConfig.renderTorrc(template, templateOptions) +def showConfirmationDialog(torrcContents, torrcLocation): + """ + Shows a confirmation dialog with the given torrc contents, returning CANCEL, + NEXT, or BACK based on the selection. + + Arguments: + torrcContents - lines of torrc contents to be presented + torrcLocation - path where the torrc will be placed + """ + + torrcLines = torrcContents.split("\n") + options = ["Cancel", "Back to Setup", "Start Tor"] + + control = cli.controller.getController() + screenHeight = control.getScreen().getmaxyx()[0] + stickyHeight = sum([stickyPanel.getHeight() for stickyPanel in control.getStickyPanels()]) + isScrollbarVisible = len(torrcLines) + stickyHeight + 5 > screenHeight + + xOffset = 3 if isScrollbarVisible else 0 + popup, width, height = cli.popups.init(len(torrcLines) + 5, 84 + xOffset) + if not popup: return False + + try: + scroll, selection = 0, 2 + curses.cbreak() + + while True: + popup.win.erase() + popup.win.box() + + # renders the scrollbar + if isScrollbarVisible: + popup.addScrollBar(scroll, scroll + height - 5, len(torrcLines), 1, height - 4, 1) + + # shows the path where the torrc will be placed + titleMsg = "The following will be placed at '%s':" % torrcLocation + popup.addstr(0, 0, titleMsg, curses.A_STANDOUT) + + # renders the torrc contents + for i in range(scroll, min(len(torrcLines), height - 5 + scroll)): + # parses the argument and comment from options + option, arg, comment = uiTools.cropStr(torrcLines[i], width - 4 - xOffset), "", "" + + div = option.find("#") + if div != -1: option, comment = option[:div], option[div:] + + div = option.find(" ") + if div != -1: option, arg = option[:div], option[div:] + + drawX = 2 + xOffset + popup.addstr(i + 1 - scroll, drawX, option, curses.A_BOLD | uiTools.getColor("green")) + drawX += len(option) + popup.addstr(i + 1 - scroll, drawX, arg, curses.A_BOLD | uiTools.getColor("cyan")) + drawX += len(arg) + popup.addstr(i + 1 - scroll, drawX, comment, uiTools.getColor("white")) + + # divider between the torrc and the options + popup.addch(height - 4, 0, curses.ACS_LTEE) + popup.addch(height - 4, width, curses.ACS_RTEE) + popup.hline(height - 4, 1, width - 1) + if isScrollbarVisible: popup.addch(height - 4, 2, curses.ACS_BTEE) + + # renders the selection options + confirmationMsg = "Run tor with the above configuration?" + popup.addstr(height - 3, width - len(confirmationMsg) - 1, confirmationMsg, uiTools.getColor("green") | curses.A_BOLD) + + drawX = width - 1 + for i in range(len(options) - 1, -1, -1): + optionLabel = " %s " % options[i] + drawX -= (len(optionLabel) + 4) + + selectionFormat = curses.A_STANDOUT if i == selection else curses.A_NORMAL + popup.addstr(height - 2, drawX, "[", uiTools.getColor("green")) + popup.addstr(height - 2, drawX + 1, optionLabel, uiTools.getColor("green") | selectionFormat | curses.A_BOLD) + popup.addstr(height - 2, drawX + len(optionLabel) + 1, "]", uiTools.getColor("green")) + + drawX -= 1 # space gap between the options + + popup.win.refresh() + key = cli.controller.getController().getScreen().getch() + + if key == curses.KEY_LEFT: + selection = (selection - 1) % len(options) + elif key == curses.KEY_RIGHT: + selection = (selection + 1) % len(options) + elif uiTools.isScrollKey(key): + scroll = uiTools.getScrollPosition(key, scroll, height - 5, len(torrcLines)) + elif uiTools.isSelectionKey(key): + if selection == 0: return CANCEL + elif selection == 1: return BACK + else: return NEXT + elif key == 27: return CANCEL + finally: + cli.popups.finalize() + def _splitStr(msg, width): """ Splits a string into substrings of a given length. diff --git a/src/util/panel.py b/src/util/panel.py index 1be2306..5a96623 100644 --- a/src/util/panel.py +++ b/src/util/panel.py @@ -628,7 +628,7 @@ class Panel(): return userInput - def addScrollBar(self, top, bottom, size, drawTop = 0, drawBottom = -1): + def addScrollBar(self, top, bottom, size, drawTop = 0, drawBottom = -1, drawLeft = 0): """ Draws a left justified scroll bar reflecting position within a vertical listing. This is shorted if necessary, and left undrawn if no space is @@ -649,6 +649,7 @@ class Panel(): drawTop - starting row where the scroll bar should be drawn drawBottom - ending row where the scroll bar should end, -1 if it should span to the bottom of the panel + drawLeft - left offset at which to draw the scroll bar """ if (self.maxY - drawTop) < 2: return # not enough room @@ -673,12 +674,12 @@ class Panel(): # draws scrollbar slider for i in range(scrollbarHeight): if i >= sliderTop and i <= sliderTop + sliderSize: - self.addstr(i + drawTop, 0, " ", curses.A_STANDOUT) + self.addstr(i + drawTop, drawLeft, " ", curses.A_STANDOUT) # draws box around the scroll bar - self.win.vline(drawTop, 1, curses.ACS_VLINE, self.maxY - 2) - self.win.addch(drawBottom, 1, curses.ACS_LRCORNER) - self.win.addch(drawBottom, 0, curses.ACS_HLINE) + self.vline(drawTop, drawLeft + 1, drawBottom - 1) + self.addch(drawBottom, drawLeft + 1, curses.ACS_LRCORNER) + self.addch(drawBottom, drawLeft, curses.ACS_HLINE) def _resetSubwindow(self): """

1 0

[arm/master] Generating torrc entries for special cases
by atagar＠torproject.org 07 Jul '11

07 Jul '11

commit e1760cdc972c93377fbd36aea02f8edeb7424275 Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Jul 5 20:00:47 2011 -0700 Generating torrc entries for special cases This covers the trickier torrc options (burst, exit policy, bridges, etc) that were omitted from the previous templating checkin. With this all of the torrc generation should be done - next on to the confirmation dialog... --- src/cli/wizard.py | 74 +++++++++++++++++++++++++++++++++++--- src/resources/torrcTemplate.txt | 2 + src/settings.cfg | 7 ++++ 3 files changed, 77 insertions(+), 6 deletions(-) diff --git a/src/cli/wizard.py b/src/cli/wizard.py index 03cfb48..d585ce5 100644 --- a/src/cli/wizard.py +++ b/src/cli/wizard.py @@ -72,7 +72,8 @@ MSG_COLOR = "green" OPTION_COLOR = "yellow" DISABLED_COLOR = "cyan" -CONFIG = {"wizard.message.role": "", +CONFIG = {"startup.dataDirectory": "~/.arm", + "wizard.message.role": "", "wizard.message.relay": "", "wizard.message.exit": "", "wizard.message.bridge": "", @@ -86,7 +87,14 @@ CONFIG = {"wizard.message.role": "", "wizard.label.opt": {}, "wizard.description.general": {}, "wizard.description.role": {}, - "wizard.description.opt": {}} + "wizard.description.opt": {}, + "port.category": {}, + "port.exit.all": [], + "port.exit.web": [], + "port.exit.mail": [], + "port.exit.im": [], + "port.exit.misc": [], + "port.encrypted": []} def loadConfig(config): config.update(CONFIG) @@ -437,12 +445,66 @@ def getTorrc(relayType, config): templateOptions[key.upper()] = value - #templateOptions = dict([(key.upper(), config[key].getValue()) for key in config]) templateOptions[relayType.upper()] = True templateOptions["LOW_PORTS"] = config[Options.LOWPORTS] - #templateOptions["BURST"] = config[Options.BANDWIDTH] * 2 # TODO: implement - templateOptions["NOTICE_PATH"] = "/path/to/.arm/exit-notice.html" # TODO: actually prepend the right prefix - templateOptions["EXIT_POLICY"] = "" # TODO: fill in configured policy + + # uses double the relay rate for bursts + relayRateComp = config[Options.BANDWIDTH].getValue().split(" ") + templateOptions["BURST"] = "%i %s" % (int(relayRateComp[0]) * 2, " ".join(relayRateComp[1:])) + + # exit notice will be in our data directory + dataDir = CONFIG["startup.dataDirectory"] + if not dataDir.endswith("/"): dataDir += "/" + templateOptions["NOTICE_PATH"] = os.path.expanduser(dataDir) + "exit-notice.html" + + policyCategories = [] + if not config[Options.POLICY].getValue(): + policyCategories = ["web", "mail", "im", "misc"] + else: + if config[Options.WEBSITES].getValue(): policyCategories.append("web") + if config[Options.EMAIL].getValue(): policyCategories.append("mail") + if config[Options.IM].getValue(): policyCategories.append("im") + if config[Options.MISC].getValue(): policyCategories.append("misc") + + if policyCategories: + isEncryptedOnly = not config[Options.PLAINTEXT].getValue() + + policyLines = [] + for category in ["all"] + policyCategories: + # shows a comment at the start of the section saying what it's for + topicComment = CONFIG["port.category"].get(category) + if topicComment: + while topicComment: + commentSegment, topicComment = uiTools.cropStr(topicComment, 78, None, endType = None, getRemainder = True) + policyLines.append("# " + commentSegment.strip()) + + for portEntry in CONFIG.get("port.exit.%s" % category, []): + # port entry might be an individual port or a range + + if isEncryptedOnly and (not portEntry in CONFIG["port.encrypted"]): + continue # opting to not include plaintext port and ranges + + if "-" in portEntry: + # if this is a range then use the first port's description + comment = connections.PORT_USAGE.get(portEntry[:portEntry.find("-")]) + else: comment = connections.PORT_USAGE.get(portEntry) + + entry = "ExitPolicy accept *:%s" % portEntry + if comment: policyLines.append("%-30s# %s" % (entry, comment)) + else: policyLines.append(entry) + + if category != policyCategories[-1]: + policyLines.append("") # newline to split categories + + templateOptions["EXIT_POLICY"] = "\n".join(policyLines) + + # includes input bridges + bridgeLines = [] + for bridgeOpt in [Options.BRIDGE1, Options.BRIDGE2, Options.BRIDGE3]: + bridgeValue = config[bridgeOpt].getValue() + if bridgeValue: bridgeLines.append("Bridge %s" % bridgeValue) + + templateOptions["BRIDGES"] = "\n".join(bridgeLines) return torConfig.renderTorrc(template, templateOptions) diff --git a/src/resources/torrcTemplate.txt b/src/resources/torrcTemplate.txt index 3c9387f..7462382 100644 --- a/src/resources/torrcTemplate.txt +++ b/src/resources/torrcTemplate.txt @@ -60,7 +60,9 @@ CookieAuthentication 1 # method for controller authentication DirPortFrontPage [NOTICE_PATH] # disclaimer saying that this is an exit [END IF] + [NEWLINE] [EXIT_POLICY] + ExitPolicy reject *:* # prevents any exit traffic not permitted above [END IF] [ELSE] ClientOnly 1 # prevents us from ever being used as a relay diff --git a/src/settings.cfg b/src/settings.cfg index 53da315..162327b 100644 --- a/src/settings.cfg +++ b/src/settings.cfg @@ -816,6 +816,12 @@ port.label.33434 traceroute # full policy is the Reduced Exit Policy, revision 9 (edited 6/28/11): # https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy?version… +port.category all => The following sets which ports can exit the tor network through you. For more information and updates on the suggested policy see: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy +port.category web => ports for general internet browsing +port.category mail => ports for receiving email +port.category im => ports for instant messaging +port.category misc => ports for other services + port.exit.misc 20-23 # FTP, SSH, Telnet port.exit.misc 43 # WHOIS port.exit.all 53 # DNS @@ -889,6 +895,7 @@ port.exit.misc 19638 # Ensim Control Panel # encrypted traffic) port.encrypted 22 +port.encrypted 53 # dns - not really encrypted but want it anyway port.encrypted 88 port.encrypted 443 port.encrypted 464

1 0

[arm/master] fix: dropping pointless desc publishing entry
by atagar＠torproject.org 07 Jul '11

07 Jul '11

commit ec03338fd926debd68d1c81a7f38e0723f129a9f Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Jul 5 14:23:36 2011 -0700 fix: dropping pointless desc publishing entry The 'PublishServerDescriptor bridge' entry for bridges is pointless as per: https://trac.torproject.org/projects/tor/ticket/3529 --- src/resources/torrcTemplate.txt | 5 +---- 1 files changed, 1 insertions(+), 4 deletions(-) diff --git a/src/resources/torrcTemplate.txt b/src/resources/torrcTemplate.txt index bb4dccd..3c9387f 100644 --- a/src/resources/torrcTemplate.txt +++ b/src/resources/torrcTemplate.txt @@ -36,10 +36,7 @@ CookieAuthentication 1 # method for controller authentication [IF BRIDGE] BridgeRelay 1 # makes us a bridge rather than a public relay - [IF DISTRIBUTE] - # TODO: drop this? - PublishServerDescriptor bridge # publishes to users looking for bridges - [ELSE] + [IF NOT DISTRIBUTE] PublishServerDescriptor 0 # keeps our bridge descriptor private [END IF] [END IF]

1 0

[arm/master] fix: extra slash in fallback conf desc path
by atagar＠torproject.org 07 Jul '11

07 Jul '11

commit a90ede962f9466f1019f36cc3d0038cd170be671 Author: Damian Johnson <atagar(a)torproject.org> Date: Tue Jul 5 14:35:39 2011 -0700 fix: extra slash in fallback conf desc path The prefix path used for fallback configuration descriptions already ended with a slash, so the resulting path had an extra... <prefix>//resources/torConfigDesc.txt this didn't harm anything but might as well be corrected. --- src/starter.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/starter.py b/src/starter.py index 1b6049a..234bf16 100644 --- a/src/starter.py +++ b/src/starter.py @@ -168,7 +168,7 @@ def _loadConfigurationDescriptions(pathPrefix): if not isConfigDescriptionsLoaded: try: loadStartTime = time.time() - loadedVersion = util.torConfig.loadOptionDescriptions(pathPrefix + "/resources/" + CONFIG_DESC_FILENAME, False) + loadedVersion = util.torConfig.loadOptionDescriptions("%sresources/%s" % (pathPrefix, CONFIG_DESC_FILENAME), False) isConfigDescriptionsLoaded = True msg = DESC_INTERNAL_LOAD_SUCCESS_MSG % loadedVersion

1 0