[tor-commits] [tor-messenger-build/master] Bug 16606: Temporary XMPP accounts

[sukhbir]

commit a0c459f20779f10a13d9045ae7ef63efeb8423e5
Author: Sukhbir Singh 
Date:   Mon Aug 21 23:08:32 2017 -0400

Bug 16606: Temporary XMPP accounts
---
 .../0001-Set-Tor-Messenger-preferences.patch   |   4 +-
 ...c-21634-Autologin-default-should-be-false.patch |   4 +-
 .../0003-XMPP-in-band-registration.patch   |   4 +-
 .../instantbird/0004-Remove-search-from-UI.patch   |   4 +-
 .../0005-Add-Tor-Messenger-branding.patch  |   4 +-
 ...ve-option-for-configuring-account-picture.patch |   4 +-
 .../0007-Modify-top-protocol-defaults.patch|   4 +-
 .../instantbird/0008-Modify-IRC-defaults.patch |   4 +-
 .../0009-Do-not-set-default-XMPP-server.patch  |   4 +-
 projects/instantbird/0010-Modify-themes.patch  |   4 +-
 projects/instantbird/0011-Remove-logging-UI.patch  |   4 +-
 projects/instantbird/0012-Cert-override.patch  |   4 +-
 .../0013-Display-all-traffic-over-Tor.patch|   4 +-
 .../instantbird/0014-Trac-17480-Content-sink.patch |   4 +-
 .../0015-SASL-ECDSA-NIST256P-CHALLENGE.patch   |   4 +-
 ...-Use-built-in-functions-instead-of-an-svg.patch |   4 +-
 ...-Add-a-pref-to-disable-JavaScript-in-brow.patch |   4 +-
 ...517-Use-different-color-for-Add-Exception.patch |   4 +-
 ...21736-Hide-account-timestamp-from-message.patch |   4 +-
 ...wed-duplicated-files-for-Windows-and-Linu.patch |   4 +-
 ...g-13855-Use-known-onions-for-XMPP-servers.patch |   9 +-
 .../0022-Bug-16606-Automatic-XMPP-accounts.patch   | 158 +
 projects/instantbird/config|   1 +
 23 files changed, 203 insertions(+), 45 deletions(-)

diff --git a/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch 
b/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
index 0f90002..454b0e6 100644
--- a/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
+++ b/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
@@ -1,7 +1,7 @@
-From 84b615b2662ff85ad071d988455e17dbca96e0aa Mon Sep 17 00:00:00 2001
+From 945f92e09e833c6e6a86d2abdea5eac0da6f21a2 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh 
 Date: Wed, 26 Jul 2017 14:30:41 -0400
-Subject: [PATCH 01/21] Set Tor Messenger preferences
+Subject: [PATCH 01/22] Set Tor Messenger preferences
 
 ---
  im/app/profile/all-instantbird.js | 451 --
diff --git 
a/projects/instantbird/0002-Trac-21634-Autologin-default-should-be-false.patch 
b/projects/instantbird/0002-Trac-21634-Autologin-default-should-be-false.patch
index 4194828..fdb5a5a 100644
--- 
a/projects/instantbird/0002-Trac-21634-Autologin-default-should-be-false.patch
+++ 
b/projects/instantbird/0002-Trac-21634-Autologin-default-should-be-false.patch
@@ -1,7 +1,7 @@
-From 7e93084b924a4a3ffdaf6576b1e948f96ae4bcc5 Mon Sep 17 00:00:00 2001
+From daa4c63a9235f95096e878360e3e84f0d1da8eb6 Mon Sep 17 00:00:00 2001
 From: Arlo Breault 
 Date: Mon, 16 Nov 2015 20:37:53 -0800
-Subject: [PATCH 02/21] Trac 21634: Autologin default should be false
+Subject: [PATCH 02/22] Trac 21634: Autologin default should be false
 
 ---
  chat/components/src/imAccounts.js | 2 +-
diff --git a/projects/instantbird/0003-XMPP-in-band-registration.patch 
b/projects/instantbird/0003-XMPP-in-band-registration.patch
index 6272854..3e2aa9d 100644
--- a/projects/instantbird/0003-XMPP-in-band-registration.patch
+++ b/projects/instantbird/0003-XMPP-in-band-registration.patch
@@ -1,7 +1,7 @@
-From 4cc5afe3185cc2fcbc934392e088ee4ff83f39a6 Mon Sep 17 00:00:00 2001
+From a71e9f9b63396b38184c2ee9554a0c752eed898e Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh 
 Date: Wed, 26 Jul 2017 15:09:40 -0400
-Subject: [PATCH 03/21] XMPP in-band registration
+Subject: [PATCH 03/22] XMPP in-band registration
 
 ---
  chat/locales/en-US/xmpp.properties |   5 +
diff --git a/projects/instantbird/0004-Remove-search-from-UI.patch 
b/projects/instantbird/0004-Remove-search-from-UI.patch
index f4a32e4..ada0dc6 100644
--- a/projects/instantbird/0004-Remove-search-from-UI.patch
+++ b/projects/instantbird/0004-Remove-search-from-UI.patch
@@ -1,7 +1,7 @@
-From 33ccdd4229b2cc15c19c3e25048d8a3abdfec82d Mon Sep 17 00:00:00 2001
+From 93d9f82d1f4c6bb6af794bbc78510440da96dc2e Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh 
 Date: Mon, 10 Oct 2016 18:47:48 -0700
-Subject: [PATCH 04/21] Remove search from UI
+Subject: [PATCH 04/22] Remove search from UI
 
 ---
  im/content/nsContextMenu.js | 18 +-
diff --git a/projects/instantbird/0005-Add-Tor-Messenger-branding.patch 
b/projects/instantbird/0005-Add-Tor-Messenger-branding.patch
index 2a9f3bd..dfc3bc0 100644
--- a/projects/instantbird/0005-Add-Tor-Messenger-branding.patch
+++ b/projects/instantbird/0005-Add-Tor-Messenger-branding.patch
@@ -1,7 +1,7 @@
-From 58f6a00e81e0d20cfe61d7c6dd230190f3e33a89 Mon Sep 17 00:00:00 2001
+From 

[tor-commits] [stem/master] Only compare relative sizes in tests

[atagar]

commit aaa668ba80493900ba8d4b37d0aa91a67b134813
Author: Damian Johnson 
Date:   Mon Aug 21 12:54:26 2017 -0700

Only compare relative sizes in tests

On jenkins this new test is failing since object sizes fall outside the 
range
we assert. I thought these would be wide enough but evidently not. That's 
fine
- we don't care about the absolute values anyway.
---
 test/unit/util/system.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/test/unit/util/system.py b/test/unit/util/system.py
index 0f61963d..a957a23f 100644
--- a/test/unit/util/system.py
+++ b/test/unit/util/system.py
@@ -153,10 +153,8 @@ class TestSystem(unittest.TestCase):
 Exercises the size_of function.
 """
 
-self.assertTrue(10 < system.size_of('hello') < 50)
-self.assertTrue(10 < system.size_of([]) < 50)
+self.assertTrue(system.size_of('') < system.size_of('hello') < 
system.size_of('hello world'))
 self.assertTrue(system.size_of([]) < system.size_of(['hello']) < 
system.size_of(['hello', 'world']))
-self.assertTrue(100 < system.size_of({'hello': 'world'}) < 300)
 self.assertTrue(system.size_of({}) < system.size_of({'hello': 'world'}) < 
system.size_of({'hello': 'world', 'more': 'stuff'}))
 
   @patch('stem.util.system.call')

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Clarify response to RELAY_BEGIN_DIR; fixes 23276

[nickm]

commit 24fe028fbfd594ad559254b67243a26d6838a457
Author: Nick Mathewson 
Date:   Mon Aug 21 15:30:39 2017 -0400

Clarify response to RELAY_BEGIN_DIR; fixes 23276
---
 tor-spec.txt | 5 +
 1 file changed, 5 insertions(+)

diff --git a/tor-spec.txt b/tor-spec.txt
index 9ccdabe..6dbdf93 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -1417,6 +1417,11 @@ see tor-design.pdf.
Clients MUST generate an all-zero payload for RELAY_BEGIN_DIR cells,
and relays MUST ignore the payload.
 
+   In response to a RELAY_BEGIN_DIR cell, relays respond either with a
+   RELAY_CONNECTED cell on succcess, or a RELAY_END cell on failure. They
+   MUST send a RELAY_CONNECTED cell all-zero payload, and clients MUST ignore
+   the payload.
+
[RELAY_BEGIN_DIR was not supported before Tor 0.1.2.2-alpha; clients
SHOULD NOT send it to routers running earlier versions of Tor.]
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Fix size_of recursion

[atagar]

commit a58772ea8109c0a4f2d0b1395ab32951950c9191
Author: Damian Johnson 
Date:   Mon Aug 21 12:27:08 2017 -0700

Fix size_of recursion

Baka. Recursing was on our input rather than entries we're iterating on,
effectively making that a no-op. Ran into this with dicts so adding that to 
our
tests.
---
 stem/util/system.py  | 2 +-
 test/unit/util/system.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/stem/util/system.py b/stem/util/system.py
index 0569992b..391c4b70 100644
--- a/stem/util/system.py
+++ b/stem/util/system.py
@@ -466,7 +466,7 @@ def size_of(obj, exclude = None):
 
   if type(obj) in SIZE_RECURSES:
 for entry in SIZE_RECURSES[type(obj)](obj):
-  size += size_of(obj, exclude)
+  size += size_of(entry, exclude)
 
   return size
 
diff --git a/test/unit/util/system.py b/test/unit/util/system.py
index a331aab7..0f61963d 100644
--- a/test/unit/util/system.py
+++ b/test/unit/util/system.py
@@ -156,6 +156,8 @@ class TestSystem(unittest.TestCase):
 self.assertTrue(10 < system.size_of('hello') < 50)
 self.assertTrue(10 < system.size_of([]) < 50)
 self.assertTrue(system.size_of([]) < system.size_of(['hello']) < 
system.size_of(['hello', 'world']))
+self.assertTrue(100 < system.size_of({'hello': 'world'}) < 300)
+self.assertTrue(system.size_of({}) < system.size_of({'hello': 'world'}) < 
system.size_of({'hello': 'world', 'more': 'stuff'}))
 
   @patch('stem.util.system.call')
   @patch('stem.util.proc.is_available', Mock(return_value = False))

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] 22839: fix check_heap_buffer buffer size in test-memwipe

[nickm]

commit 7ba873ca2da35dc3bcf08d458b78641ddad63949
Author: Ties Stuij 
Date:   Sun Aug 13 17:55:45 2017 +0200

22839: fix check_heap_buffer buffer size in test-memwipe
---
 src/test/test-memwipe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c
index 5d4fcec66..2cb4215b6 100644
--- a/src/test/test-memwipe.c
+++ b/src/test/test-memwipe.c
@@ -76,7 +76,7 @@ static unsigned
 check_a_buffer(void)
 {
   unsigned int i;
-  volatile char buf[1024];
+  volatile char buf[BUF_LEN];
   unsigned sum = 0;
 
   /* See if this buffer has the string in it.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'bug23291_028' into maint-0.3.1

[nickm]

commit 10b242822490c9873138565bcc8a3565a7dc7014
Merge: 6be0e2867 b943cedf3
Author: Nick Mathewson 
Date:   Mon Aug 21 15:06:39 2017 -0400

Merge branch 'bug23291_028' into maint-0.3.1

 changes/bug23291| 3 +++
 src/test/test-memwipe.c | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1

[nickm]

commit 882dd4de0b5dd13674ff4530af0c8c43b389ff33
Merge: 9944fd92c 10b242822
Author: Nick Mathewson 
Date:   Mon Aug 21 15:08:17 2017 -0400

Merge branch 'maint-0.3.1' into release-0.3.1

 changes/bug23291| 3 +++
 src/test/test-memwipe.c | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] 22839: Build tor with rust enabled on win

[nickm]

commit 2e99f839e97e2b5b1e99abdb9a8673380c87ae18
Author: Ties Stuij 
Date:   Thu Aug 10 01:08:41 2017 -0700

22839: Build tor with rust enabled on win

- make tor_util static library name configurable
- fix Rust libary dependency order for Windows
---
 Makefile.am   |   2 +-
 configure.ac  | 130 +++---
 scripts/codegen/fuzzing_include_am.py |   7 +-
 src/or/include.am |   7 +-
 src/rust/tor_util/include.am  |   2 +-
 src/test/fuzz/include.am  |   8 +--
 src/test/include.am   |  43 ++-
 src/tools/include.am  |   8 +--
 8 files changed, 113 insertions(+), 94 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 79d2e7852..f1f64f210 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -26,7 +26,7 @@ TESTING_TOR_BINARY=$(top_builddir)/src/or/tor$(EXEEXT)
 endif
 
 if USE_RUST
-rust_ldadd=$(top_builddir)/src/rust/target/release/libtor_util.a
+rust_ldadd=$(top_builddir)/src/rust/target/release/@TOR_RUST_UTIL_STATIC_NAME@
 else
 rust_ldadd=
 endif
diff --git a/configure.ac b/configure.ac
index 345e499ff..1e41b3f08 100644
--- a/configure.ac
+++ b/configure.ac
@@ -258,64 +258,6 @@ dnl List all external rust crates we depend on here. 
Include the version
 rust_crates="libc-0.2.22"
 AC_SUBST(rust_crates)
 
-if test "x$enable_rust" = "xyes"; then
-  AC_ARG_VAR([RUSTC], [path to the rustc binary])
-  AC_CHECK_PROG([RUSTC], [rustc], [rustc],[no])
-  if test "x$RUSTC" = "xno"; then
-AC_MSG_ERROR([rustc unavailable but rust integration requested.])
-  fi
-
-  AC_ARG_VAR([CARGO], [path to the cargo binary])
-  AC_CHECK_PROG([CARGO], [cargo], [cargo],[no])
-  if test "x$CARGO" = "xno"; then
-AC_MSG_ERROR([cargo unavailable but rust integration requested.])
-  fi
-
-  AC_DEFINE([HAVE_RUST], 1, [have Rust])
-  if test "x$enable_cargo_online_mode" = "xyes"; then
-CARGO_ONLINE=
-RUST_DL=#
-  else
-CARGO_ONLINE=--frozen
-RUST_DL=
-
-dnl When we're not allowed to touch the network, we need crate dependencies
-dnl locally available.
-AC_MSG_CHECKING([rust crate dependencies])
-AC_ARG_VAR([RUST_DEPENDENCIES], [path to directory with local crate 
mirror])
-if test "x$RUST_DEPENDENCIES" = "x"; then
-  RUST_DEPENDENCIES="$srcdir/src/ext/rust/"
-  NEED_MOD=1
-fi
-if test ! -d "$RUST_DEPENDENCIES"; then
-  AC_MSG_ERROR([Rust dependency directory $RUST_DEPENDENCIES does not 
exist. Specify a dependency directory using the RUST_DEPENDENCIES variable or 
allow cargo to fetch crates using --enable-cargo-online-mode.])
-fi
-for dep in $rust_crates; do
-  if test ! -d "$RUST_DEPENDENCIES"/"$dep"; then
-AC_MSG_ERROR([Failure to find rust dependency $RUST_DEPENDENCIES/$dep. 
Specify a dependency directory using the RUST_DEPENDENCIES variable or allow 
cargo to fetch crates using --enable-cargo-online-mode.])
-  fi
-done
-if test "x$NEED_MOD" = "x1"; then
-  dnl When looking for dependencies from cargo, pick right directory
-  RUST_DEPENDENCIES="../../src/ext/rust"
-fi
-  fi
-
-  AC_SUBST(CARGO_ONLINE)
-  AC_SUBST(RUST_DL)
-
-dnl Let's check the rustc version, too
-  AC_MSG_CHECKING([rust version])
-  RUSTC_VERSION_MAJOR=`$RUSTC --version | cut -d ' ' -f 2 | cut -d '.' -f 1`
-  RUSTC_VERSION_MINOR=`$RUSTC --version | cut -d ' ' -f 2 | cut -d '.' -f 2`
-  if test "x$RUSTC_VERSION_MAJOR" = "x" -o "x$RUSTC_VERSION_MINOR" = "x"; then
-AC_MSG_ERROR([rustc version couldn't be identified])
-  fi
-  if test "$RUSTC_VERSION_MAJOR" -lt 2 -a "$RUSTC_VERSION_MINOR" -lt 14; then
-AC_MSG_ERROR([rustc must be at least version 1.14])
-  fi
-fi
-
 ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [
 AC_C_FLEXIBLE_ARRAY_MEMBER
 ], [
@@ -451,6 +393,73 @@ fi
 
 AC_C_BIGENDIAN
 
+if test "x$enable_rust" = "xyes"; then
+  AC_ARG_VAR([RUSTC], [path to the rustc binary])
+  AC_CHECK_PROG([RUSTC], [rustc], [rustc],[no])
+  if test "x$RUSTC" = "xno"; then
+AC_MSG_ERROR([rustc unavailable but rust integration requested.])
+  fi
+
+  AC_ARG_VAR([CARGO], [path to the cargo binary])
+  AC_CHECK_PROG([CARGO], [cargo], [cargo],[no])
+  if test "x$CARGO" = "xno"; then
+AC_MSG_ERROR([cargo unavailable but rust integration requested.])
+  fi
+
+  AC_DEFINE([HAVE_RUST], 1, [have Rust])
+  if test "x$enable_cargo_online_mode" = "xyes"; then
+CARGO_ONLINE=
+RUST_DL=#
+  else
+CARGO_ONLINE=--frozen
+RUST_DL=
+
+dnl When we're not allowed to touch the network, we need crate dependencies
+dnl locally available.
+AC_MSG_CHECKING([rust crate dependencies])
+AC_ARG_VAR([RUST_DEPENDENCIES], [path to directory with local crate 
mirror])
+if test "x$RUST_DEPENDENCIES" = "x"; then
+  RUST_DEPENDENCIES="$srcdir/src/ext/rust/"
+  NEED_MOD=1
+fi
+if test ! -d "$RUST_DEPENDENCIES"; then
+  AC_MSG_ERROR([Rust dependency directory $RUST_DEPENDENCIES does 

[tor-commits] [tor/maint-0.3.1] changes file for bug 23291

[nickm]

commit b943cedf3485d0d00c739e69fd2bb16d4e959867
Author: Nick Mathewson 
Date:   Mon Aug 21 15:04:35 2017 -0400

changes file for bug 23291
---
 changes/bug23291 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/changes/bug23291 b/changes/bug23291
new file mode 100644
index 0..a5b0efda0
--- /dev/null
+++ b/changes/bug23291
@@ -0,0 +1,3 @@
+  o Minor bugfixes (testing):
+- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
+  0.2.7.2-alpha. Found and patched by Ties Stuij.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Merge branch 'bug23291_028' into maint-0.3.1

[nickm]

commit 10b242822490c9873138565bcc8a3565a7dc7014
Merge: 6be0e2867 b943cedf3
Author: Nick Mathewson 
Date:   Mon Aug 21 15:06:39 2017 -0400

Merge branch 'bug23291_028' into maint-0.3.1

 changes/bug23291| 3 +++
 src/test/test-memwipe.c | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] 22839: fix check_heap_buffer buffer size in test-memwipe

[nickm]

commit 7ba873ca2da35dc3bcf08d458b78641ddad63949
Author: Ties Stuij 
Date:   Sun Aug 13 17:55:45 2017 +0200

22839: fix check_heap_buffer buffer size in test-memwipe
---
 src/test/test-memwipe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c
index 5d4fcec66..2cb4215b6 100644
--- a/src/test/test-memwipe.c
+++ b/src/test/test-memwipe.c
@@ -76,7 +76,7 @@ static unsigned
 check_a_buffer(void)
 {
   unsigned int i;
-  volatile char buf[1024];
+  volatile char buf[BUF_LEN];
   unsigned sum = 0;
 
   /* See if this buffer has the string in it.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.1'

[nickm]

commit 8f8a061b0c4724adebb4af1d5ac3edb7381269d5
Merge: 6f3208670 10b242822
Author: Nick Mathewson 
Date:   Mon Aug 21 15:08:17 2017 -0400

Merge branch 'maint-0.3.1'

 changes/bug23291| 3 +++
 src/test/test-memwipe.c | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] changes file for bug 23291

[nickm]

commit b943cedf3485d0d00c739e69fd2bb16d4e959867
Author: Nick Mathewson 
Date:   Mon Aug 21 15:04:35 2017 -0400

changes file for bug 23291
---
 changes/bug23291 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/changes/bug23291 b/changes/bug23291
new file mode 100644
index 0..a5b0efda0
--- /dev/null
+++ b/changes/bug23291
@@ -0,0 +1,3 @@
+  o Minor bugfixes (testing):
+- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
+  0.2.7.2-alpha. Found and patched by Ties Stuij.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] changes file for bug 23291

[nickm]

commit b943cedf3485d0d00c739e69fd2bb16d4e959867
Author: Nick Mathewson 
Date:   Mon Aug 21 15:04:35 2017 -0400

changes file for bug 23291
---
 changes/bug23291 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/changes/bug23291 b/changes/bug23291
new file mode 100644
index 0..a5b0efda0
--- /dev/null
+++ b/changes/bug23291
@@ -0,0 +1,3 @@
+  o Minor bugfixes (testing):
+- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
+  0.2.7.2-alpha. Found and patched by Ties Stuij.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'bug23291_028' into maint-0.3.1

[nickm]

commit 10b242822490c9873138565bcc8a3565a7dc7014
Merge: 6be0e2867 b943cedf3
Author: Nick Mathewson 
Date:   Mon Aug 21 15:06:39 2017 -0400

Merge branch 'bug23291_028' into maint-0.3.1

 changes/bug23291| 3 +++
 src/test/test-memwipe.c | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] 22839: fix check_heap_buffer buffer size in test-memwipe

[nickm]

commit 7ba873ca2da35dc3bcf08d458b78641ddad63949
Author: Ties Stuij 
Date:   Sun Aug 13 17:55:45 2017 +0200

22839: fix check_heap_buffer buffer size in test-memwipe
---
 src/test/test-memwipe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c
index 5d4fcec66..2cb4215b6 100644
--- a/src/test/test-memwipe.c
+++ b/src/test/test-memwipe.c
@@ -76,7 +76,7 @@ static unsigned
 check_a_buffer(void)
 {
   unsigned int i;
-  volatile char buf[1024];
+  volatile char buf[BUF_LEN];
   unsigned sum = 0;
 
   /* See if this buffer has the string in it.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Add a size_of function to get memory usage

[atagar]

commit eaba27d496609a4fdd9b8270793f621d219ad323
Author: Damian Johnson 
Date:   Mon Aug 21 12:08:05 2017 -0700

Add a size_of function to get memory usage

Presently investigating nyx's memory usage but turns out sys.getsizeof 
doesn't
understand how to recurse collections. Adding a simple helper to do so.
---
 docs/change_log.rst  |  1 +
 stem/util/system.py  | 49 
 test/unit/util/system.py |  9 +
 3 files changed, 59 insertions(+)

diff --git a/docs/change_log.rst b/docs/change_log.rst
index 59b546ad..204d5718 100644
--- a/docs/change_log.rst
+++ b/docs/change_log.rst
@@ -80,6 +80,7 @@ The following are only available within Stem's `git repository
   * Supporing pid arguments in :func:`~stem.util.system.is_running`
   * Normalized :func:`~stem.util.term.format` to return unicode
   * Don't load vim swap files as configurations
+  * Added :func:`~stem.util.system.size_of`
 
  * **Interpreter**
 
diff --git a/stem/util/system.py b/stem/util/system.py
index b3b57da9..0569992b 100644
--- a/stem/util/system.py
+++ b/stem/util/system.py
@@ -25,6 +25,7 @@ best-effort, providing **None** if the lookup fails.
 
   is_available - determines if a command is available on this system
   is_running - determines if a given process is running
+  size_of - provides the memory usage of an object
   call - runs the given system command and provides back the results
 
   name_by_pid - gets the name for a process by the given pid
@@ -62,15 +63,18 @@ best-effort, providing **None** if the lookup fails.
     ===
 """
 
+import collections
 import ctypes
 import ctypes.util
 import distutils.spawn
+import itertools
 import mimetypes
 import multiprocessing
 import os
 import platform
 import re
 import subprocess
+import sys
 import tarfile
 import threading
 import time
@@ -89,6 +93,17 @@ State = stem.util.enum.UppercaseEnum(
   'FAILED',
 )
 
+DEFAULT_SIZE = sys.getsizeof(0)  # estimate if object lacks a __sizeof__
+
+SIZE_RECURSES = {
+  tuple: iter,
+  list: iter,
+  collections.deque: iter,
+  dict: lambda d: itertools.chain.from_iterable(d.items()),
+  set: iter,
+  frozenset: iter,
+}
+
 # Mapping of commands to if they're available or not.
 
 CMD_AVAILABLE_CACHE = {}
@@ -422,6 +437,40 @@ def is_running(command):
   return None
 
 
+def size_of(obj, exclude = None):
+  """
+  Provides the `approximate memory usage of an object
+  `_. This can recurse tuples,
+  lists, deques, dicts, and sets. To teach this function to inspect additional
+  object types expand SIZE_RECURSES...
+
+  ::
+
+stem.util.system.SIZE_RECURSES[SomeClass] = SomeClass.get_elements
+
+  .. versionadded:: 1.6.0
+
+  :param object obj: object to provide the size of
+  :param set exclude: object ids to exclude from size estimation
+
+  :returns: **int** with the size of the object in bytes
+  """
+
+  if exclude is None:
+exclude = set()
+  elif id(obj) in exclude:
+return 0
+
+  size = sys.getsizeof(obj, DEFAULT_SIZE)
+  exclude.add(id(obj))
+
+  if type(obj) in SIZE_RECURSES:
+for entry in SIZE_RECURSES[type(obj)](obj):
+  size += size_of(obj, exclude)
+
+  return size
+
+
 def name_by_pid(pid):
   """
   Attempts to determine the name a given process is running under (not
diff --git a/test/unit/util/system.py b/test/unit/util/system.py
index e519aec8..a331aab7 100644
--- a/test/unit/util/system.py
+++ b/test/unit/util/system.py
@@ -148,6 +148,15 @@ class TestSystem(unittest.TestCase):
 self.assertFalse(system.is_running('irssi'))
 self.assertEqual(None, system.is_running('irssi'))
 
+  def test_size_of(self):
+"""
+Exercises the size_of function.
+"""
+
+self.assertTrue(10 < system.size_of('hello') < 50)
+self.assertTrue(10 < system.size_of([]) < 50)
+self.assertTrue(system.size_of([]) < system.size_of(['hello']) < 
system.size_of(['hello', 'world']))
+
   @patch('stem.util.system.call')
   @patch('stem.util.proc.is_available', Mock(return_value = False))
   @patch('stem.util.system.is_available', Mock(return_value = True))

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1

[nickm]

commit 9944fd92ceaa1614d6a54e47c39c2670c4fd66af
Merge: 4d5e8378b 6be0e2867
Author: Nick Mathewson 
Date:   Mon Aug 21 14:20:38 2017 -0400

Merge branch 'maint-0.3.1' into release-0.3.1

 changes/bug23233|   4 +
 src/or/hs_descriptor.c  |   5 +-
 src/test/test_hs_descriptor.c   |  31 ++
 src/test/test_hs_descriptor.inc | 224 
 4 files changed, 262 insertions(+), 2 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix triggerable BUG() when decoding hsv3 descriptors.

[nickm]

commit 1491c0d024130a5699ae9acbeb2263d9d6ca2c3c
Author: George Kadianakis 
Date:   Thu Aug 17 23:13:15 2017 +0300

Fix triggerable BUG() when decoding hsv3 descriptors.

Also improve the unittest to make sure it catches the right error.
---
 changes/bug23233  | 4 
 src/or/hs_descriptor.c| 3 ++-
 src/test/test_hs_descriptor.c | 4 
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/changes/bug23233 b/changes/bug23233
new file mode 100644
index 0..689a99a2a
--- /dev/null
+++ b/changes/bug23233
@@ -0,0 +1,4 @@
+  o Minor bugfixes (hidden service):
+- Fix a BUG alert during HSv3 descriptor decoding that could trigger with a
+  specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha.
+  Bug found by "haxxpop".
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 7c2e76942..616d2f280 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1852,7 +1852,8 @@ desc_sig_is_valid(const char *b64_sig,
   sig_start = tor_memstr(encoded_desc, encoded_len, "\n" str_signature);
   /* Getting here means the token parsing worked for the signature so if we
* can't find the start of the signature, we have a code flow issue. */
-  if (BUG(!sig_start)) {
+  if (!sig_start) {
+log_warn(LD_GENERAL, "Malformed signature line. Rejecting.");
 goto err;
   }
   /* Skip newline, it has to go in the signature check. */
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 5be074708..b68bd108f 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -569,8 +569,12 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
+
+  setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);
+  expect_log_msg_containing("Malformed signature line. Rejecting.");
+  teardown_capture_of_logs();
 
  done: ;
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] Add unittest for #23233.

[nickm]

commit 45732a1a13cb05107f5822afed0c01388096be27
Author: George Kadianakis 
Date:   Thu Aug 17 23:12:59 2017 +0300

Add unittest for #23233.

This will fail currently since the bug is not fixed yet.
---
 src/or/hs_descriptor.c  |   2 +-
 src/test/test_hs_descriptor.c   |  29 ++
 src/test/test_hs_descriptor.inc | 224 
 3 files changed, 254 insertions(+), 1 deletion(-)

diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 2a000f500..7c2e76942 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1241,7 +1241,7 @@ cert_is_valid(tor_cert_t *cert, uint8_t type, const char 
*log_obj_type)
   }
   /* The following will not only check if the signature matches but also the
* expiration date and overall validity. */
-  if (tor_cert_checksig(cert, >signing_key, time(NULL)) < 0) {
+  if (tor_cert_checksig(cert, >signing_key, approx_time()) < 0) {
 log_warn(LD_REND, "Invalid signature for %s.", log_obj_type);
 goto err;
   }
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b1abe381d..5be074708 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,6 +19,15 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
+
+#ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
+DISABLE_GCC_WARNING(overlength-strings)
+/* We allow huge string constants in the unit tests, but not in the code
+ * at large. */
+#endif
+#include "test_hs_descriptor.inc"
+ENABLE_GCC_WARNING(overlength-strings)
+
 /* Test certificate encoding put in a descriptor. */
 static void
 test_cert_encoding(void *arg)
@@ -548,6 +557,24 @@ test_decode_invalid_intro_point(void *arg)
   desc_intro_point_free(ip);
 }
 
+/** Make sure we fail gracefully when decoding the bad desc from #23233. */
+static void
+test_decode_bad_signature(void *arg)
+{
+  hs_desc_plaintext_data_t desc_plaintext;
+  int ret;
+
+  (void) arg;
+
+  /* Update approx time to dodge cert expiration */
+  update_approx_time(1502661599);
+
+  ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
+  tt_int_op(ret, OP_EQ, -1);
+
+ done: ;
+}
+
 static void
 test_decode_plaintext(void *arg)
 {
@@ -838,6 +865,8 @@ struct testcase_t hs_descriptor[] = {
 NULL, NULL },
   { "decode_plaintext", test_decode_plaintext, TT_FORK,
 NULL, NULL },
+  { "decode_bad_signature", test_decode_bad_signature, TT_FORK,
+NULL, NULL },
 
   /* Misc. */
   { "version", test_supported_version, TT_FORK,
diff --git a/src/test/test_hs_descriptor.inc b/src/test/test_hs_descriptor.inc
new file mode 100644
index 0..70a2c7c2f
--- /dev/null
+++ b/src/test/test_hs_descriptor.inc
@@ -0,0 +1,224 @@
+static const char* HS_DESC_BAD_SIG =
+"hs-descriptor 3\n"
+"descriptor-lifetime 180\n"
+"descriptor-signing-key-cert\n"
+"-BEGIN ED25519 CERT-\n"
+"AQgABl5+AQoPXRnCGEOxIup3AcjQXb8npNiUFm2Qv7A6JKk/K+EuAQAgBAD18iUD\n"
+"nbkUblnUvTHzipq4bcr6aPyFVB42Ptobg4xr8s3VjHiJtjs9MDEdr6nXS7UlyhEl\n"
+"78vsuFEvLp7cvAgGxYY1xGXdn5RdHMCdi8W9yZLKMQX9OuJckmp1C6q+cA4=\n"
+"-END ED25519 CERT-\n"
+"revision-counter 42\n"
+"superencrypted\n"
+"-BEGIN MESSAGE-\n"
+"BxzghAOjM4De6Z6eGTvBrTP2SJDdQOYV/u9qtvlFsa2FRQWk20Adv3zJ/AI10CQO\n"
+"mUP4DNXM8FWQYGTvmD7wGz2/cXGjKwBXg1qO7zF5eP/D/My1sXsIfCcb41mkheNt\n"
+"xn1I5eKXcnghtd4lw7OkPVjSb/Z+VARUMmf+0qSNgmHLgEVnAoGJsn8W8B4qtIay\n"
+"4h4PuV0jPPlqJx6jMFOOEW72uqnfmqeNvClENXXW60xhnaxsf0up62fuW8ktu6Wf\n"
+"lnX/lvTstBFZZQ8/XI1+G+BPf8TZf7mxu0WYVg1s/KWYasYMSw46as59nkqdq2Ii\n"
+"qJnqHX/R20mWBhgpLse6wO0aNpky/rozEnikaPqyO1DShf6a6jXY8ADBg7spnK2/\n"
+"h7sf1+F1xfi2dy2WGxc1EUMP1kTVUmbft7kOo2nA7+3YZwQuSJHaN/66HrzU2x5z\n"
+"ayRUJ8+qDtfpEf17xthc/Uh253blFK96IoJJiqBfI6xt3IqOdHJq0OOC9zBbF6Rj\n"
+"vKMsaxmc/nc6uOB2WePYSgkZ0qs/dRKBJs6+Ahn1KdGkadyd8mDKL86Oe8lncHdB\n"
+"m/6sQjhKqFgngkCDOIlEJyWizqfN84AGqD5Zyxq0rbsN+9KLsHFfEbCRjgqjO5nS\n"
+"FYSFtuKgCZl2gaYEslL1pIEYE6BD2Whjn/HWTRyWiULJr6SuavgcbxeNEQDuVCC+\n"
+"fm0X7Z+qERaMAMR0vTMJK/NzT4GifrDpgmgbxc+34CtNBF5TriM8aXTNZZlsW00k\n"
+"d0XRxFbbbtiT5VOaEHbny7R3MdTVutEc9E/BhLBvjSSrGX7vrryh6Oj++nthIIzm\n"
+"F4M7I11S0TyA+UE06qF1C8rKmhcqU9MWy1SiccJ9KOWhJ5xwlsXBIID7wVygUhVl\n"
+"ovzfKkDDPfRoBch6NdVkxNJx3gb63CUmC2TzfwOMh973nntMVzqqw9A7jYkro9ln\n"
+"217kHUwMk3e83UgFL4nn7NCf3Kj0zhJ4jSfAsuQpV6e7dhzrlNya0lqrUsY2zFXP\n"
+"xv8wUtg6Vo1KewgVQas4oElkgFjDN8RJ7uBAwfuE/b9NnYJoQd76G8DHei/1PHbu\n"
+"tbtwN9I5RHaTvEOfetsJFnIAkCG6O4CQpzwHu1DdvEP4s6/el10b/4awBJ4VwOVZ\n"
+"YHSe4X0DStTV4Cu6aLh5OvrOmGbieRj6HdGQ6syYCaEBTuxbBUUpjIAfVlReAIph\n"
+"6aOrY6HNcCmeVmL5qm4dKr2XXOREsnUFuMqmfQuQd9pN3zlmS+RqCgSJuFrguFpd\n"
+"mjo6UxZvbjE7yJjtCih38HRe5BaigP5RDRkXmiXjqJ4koLJpyjQh19k3BYGcdxUC\n"
+"RCcYXydbGF7qHlnoaX9HnX7y6ZRsyKQpt91PMTGOUsB4fS8NhsqPpl2gdp4poLNs\n"
+"+hqjWZJ3uuLotXBcgM39Dtq9tqqu9vM12T80UAfWnVEHrBphmukh49EhEr2sx/la\n"
+"kAzRoTbLyTdlGVei8hI7/RtZIaIcOkzlhcFI5zmBlydyrv6/79vzt6WI/w9GVGpM\n"
+"OuSM0NS2CDJ7Iw412nz3CV1pEXB551ZBmbme6NHUe4EtEsDbgkP1Z201H4j51yVz\n"

[tor-commits] [tor/release-0.3.1] Fix triggerable BUG() when decoding hsv3 descriptors.

[nickm]

commit 1491c0d024130a5699ae9acbeb2263d9d6ca2c3c
Author: George Kadianakis 
Date:   Thu Aug 17 23:13:15 2017 +0300

Fix triggerable BUG() when decoding hsv3 descriptors.

Also improve the unittest to make sure it catches the right error.
---
 changes/bug23233  | 4 
 src/or/hs_descriptor.c| 3 ++-
 src/test/test_hs_descriptor.c | 4 
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/changes/bug23233 b/changes/bug23233
new file mode 100644
index 0..689a99a2a
--- /dev/null
+++ b/changes/bug23233
@@ -0,0 +1,4 @@
+  o Minor bugfixes (hidden service):
+- Fix a BUG alert during HSv3 descriptor decoding that could trigger with a
+  specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha.
+  Bug found by "haxxpop".
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 7c2e76942..616d2f280 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1852,7 +1852,8 @@ desc_sig_is_valid(const char *b64_sig,
   sig_start = tor_memstr(encoded_desc, encoded_len, "\n" str_signature);
   /* Getting here means the token parsing worked for the signature so if we
* can't find the start of the signature, we have a code flow issue. */
-  if (BUG(!sig_start)) {
+  if (!sig_start) {
+log_warn(LD_GENERAL, "Malformed signature line. Rejecting.");
 goto err;
   }
   /* Skip newline, it has to go in the signature check. */
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 5be074708..b68bd108f 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -569,8 +569,12 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
+
+  setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);
+  expect_log_msg_containing("Malformed signature line. Rejecting.");
+  teardown_capture_of_logs();
 
  done: ;
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.3.1'

[nickm]

commit 6f3208670a11cc7f0c5917852d28890b07ab87d2
Merge: 257f50b22 6be0e2867
Author: Nick Mathewson 
Date:   Mon Aug 21 14:20:38 2017 -0400

Merge branch 'maint-0.3.1'

 changes/bug23233|   4 +
 src/or/hs_descriptor.c  |   5 +-
 src/test/test_hs_descriptor.c   |  31 ++
 src/test/test_hs_descriptor.inc | 224 
 4 files changed, 262 insertions(+), 2 deletions(-)

diff --cc src/test/test_hs_descriptor.c
index 77bdd4be5,8f8da361d..ab6a43ec7
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@@ -551,9 -553,30 +559,30 @@@ test_decode_invalid_intro_point(void *a
  
   done:
hs_descriptor_free(desc);
 -  desc_intro_point_free(ip);
 +  hs_desc_intro_point_free(ip);
  }
  
+ /** Make sure we fail gracefully when decoding the bad desc from #23233. */
+ static void
+ test_decode_bad_signature(void *arg)
+ {
+   hs_desc_plaintext_data_t desc_plaintext;
+   int ret;
+ 
+   (void) arg;
+ 
+   /* Update approx time to dodge cert expiration */
+   update_approx_time(1502661599);
+ 
+   setup_full_capture_of_logs(LOG_WARN);
+   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
+   tt_int_op(ret, OP_EQ, -1);
+   expect_log_msg_containing("Malformed signature line. Rejecting.");
+   teardown_capture_of_logs();
+ 
+  done: ;
+ }
+ 
  static void
  test_decode_plaintext(void *arg)
  {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add unittest for #23233.

[nickm]

commit 45732a1a13cb05107f5822afed0c01388096be27
Author: George Kadianakis 
Date:   Thu Aug 17 23:12:59 2017 +0300

Add unittest for #23233.

This will fail currently since the bug is not fixed yet.
---
 src/or/hs_descriptor.c  |   2 +-
 src/test/test_hs_descriptor.c   |  29 ++
 src/test/test_hs_descriptor.inc | 224 
 3 files changed, 254 insertions(+), 1 deletion(-)

diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 2a000f500..7c2e76942 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1241,7 +1241,7 @@ cert_is_valid(tor_cert_t *cert, uint8_t type, const char 
*log_obj_type)
   }
   /* The following will not only check if the signature matches but also the
* expiration date and overall validity. */
-  if (tor_cert_checksig(cert, >signing_key, time(NULL)) < 0) {
+  if (tor_cert_checksig(cert, >signing_key, approx_time()) < 0) {
 log_warn(LD_REND, "Invalid signature for %s.", log_obj_type);
 goto err;
   }
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b1abe381d..5be074708 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,6 +19,15 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
+
+#ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
+DISABLE_GCC_WARNING(overlength-strings)
+/* We allow huge string constants in the unit tests, but not in the code
+ * at large. */
+#endif
+#include "test_hs_descriptor.inc"
+ENABLE_GCC_WARNING(overlength-strings)
+
 /* Test certificate encoding put in a descriptor. */
 static void
 test_cert_encoding(void *arg)
@@ -548,6 +557,24 @@ test_decode_invalid_intro_point(void *arg)
   desc_intro_point_free(ip);
 }
 
+/** Make sure we fail gracefully when decoding the bad desc from #23233. */
+static void
+test_decode_bad_signature(void *arg)
+{
+  hs_desc_plaintext_data_t desc_plaintext;
+  int ret;
+
+  (void) arg;
+
+  /* Update approx time to dodge cert expiration */
+  update_approx_time(1502661599);
+
+  ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
+  tt_int_op(ret, OP_EQ, -1);
+
+ done: ;
+}
+
 static void
 test_decode_plaintext(void *arg)
 {
@@ -838,6 +865,8 @@ struct testcase_t hs_descriptor[] = {
 NULL, NULL },
   { "decode_plaintext", test_decode_plaintext, TT_FORK,
 NULL, NULL },
+  { "decode_bad_signature", test_decode_bad_signature, TT_FORK,
+NULL, NULL },
 
   /* Misc. */
   { "version", test_supported_version, TT_FORK,
diff --git a/src/test/test_hs_descriptor.inc b/src/test/test_hs_descriptor.inc
new file mode 100644
index 0..70a2c7c2f
--- /dev/null
+++ b/src/test/test_hs_descriptor.inc
@@ -0,0 +1,224 @@
+static const char* HS_DESC_BAD_SIG =
+"hs-descriptor 3\n"
+"descriptor-lifetime 180\n"
+"descriptor-signing-key-cert\n"
+"-BEGIN ED25519 CERT-\n"
+"AQgABl5+AQoPXRnCGEOxIup3AcjQXb8npNiUFm2Qv7A6JKk/K+EuAQAgBAD18iUD\n"
+"nbkUblnUvTHzipq4bcr6aPyFVB42Ptobg4xr8s3VjHiJtjs9MDEdr6nXS7UlyhEl\n"
+"78vsuFEvLp7cvAgGxYY1xGXdn5RdHMCdi8W9yZLKMQX9OuJckmp1C6q+cA4=\n"
+"-END ED25519 CERT-\n"
+"revision-counter 42\n"
+"superencrypted\n"
+"-BEGIN MESSAGE-\n"
+"BxzghAOjM4De6Z6eGTvBrTP2SJDdQOYV/u9qtvlFsa2FRQWk20Adv3zJ/AI10CQO\n"
+"mUP4DNXM8FWQYGTvmD7wGz2/cXGjKwBXg1qO7zF5eP/D/My1sXsIfCcb41mkheNt\n"
+"xn1I5eKXcnghtd4lw7OkPVjSb/Z+VARUMmf+0qSNgmHLgEVnAoGJsn8W8B4qtIay\n"
+"4h4PuV0jPPlqJx6jMFOOEW72uqnfmqeNvClENXXW60xhnaxsf0up62fuW8ktu6Wf\n"
+"lnX/lvTstBFZZQ8/XI1+G+BPf8TZf7mxu0WYVg1s/KWYasYMSw46as59nkqdq2Ii\n"
+"qJnqHX/R20mWBhgpLse6wO0aNpky/rozEnikaPqyO1DShf6a6jXY8ADBg7spnK2/\n"
+"h7sf1+F1xfi2dy2WGxc1EUMP1kTVUmbft7kOo2nA7+3YZwQuSJHaN/66HrzU2x5z\n"
+"ayRUJ8+qDtfpEf17xthc/Uh253blFK96IoJJiqBfI6xt3IqOdHJq0OOC9zBbF6Rj\n"
+"vKMsaxmc/nc6uOB2WePYSgkZ0qs/dRKBJs6+Ahn1KdGkadyd8mDKL86Oe8lncHdB\n"
+"m/6sQjhKqFgngkCDOIlEJyWizqfN84AGqD5Zyxq0rbsN+9KLsHFfEbCRjgqjO5nS\n"
+"FYSFtuKgCZl2gaYEslL1pIEYE6BD2Whjn/HWTRyWiULJr6SuavgcbxeNEQDuVCC+\n"
+"fm0X7Z+qERaMAMR0vTMJK/NzT4GifrDpgmgbxc+34CtNBF5TriM8aXTNZZlsW00k\n"
+"d0XRxFbbbtiT5VOaEHbny7R3MdTVutEc9E/BhLBvjSSrGX7vrryh6Oj++nthIIzm\n"
+"F4M7I11S0TyA+UE06qF1C8rKmhcqU9MWy1SiccJ9KOWhJ5xwlsXBIID7wVygUhVl\n"
+"ovzfKkDDPfRoBch6NdVkxNJx3gb63CUmC2TzfwOMh973nntMVzqqw9A7jYkro9ln\n"
+"217kHUwMk3e83UgFL4nn7NCf3Kj0zhJ4jSfAsuQpV6e7dhzrlNya0lqrUsY2zFXP\n"
+"xv8wUtg6Vo1KewgVQas4oElkgFjDN8RJ7uBAwfuE/b9NnYJoQd76G8DHei/1PHbu\n"
+"tbtwN9I5RHaTvEOfetsJFnIAkCG6O4CQpzwHu1DdvEP4s6/el10b/4awBJ4VwOVZ\n"
+"YHSe4X0DStTV4Cu6aLh5OvrOmGbieRj6HdGQ6syYCaEBTuxbBUUpjIAfVlReAIph\n"
+"6aOrY6HNcCmeVmL5qm4dKr2XXOREsnUFuMqmfQuQd9pN3zlmS+RqCgSJuFrguFpd\n"
+"mjo6UxZvbjE7yJjtCih38HRe5BaigP5RDRkXmiXjqJ4koLJpyjQh19k3BYGcdxUC\n"
+"RCcYXydbGF7qHlnoaX9HnX7y6ZRsyKQpt91PMTGOUsB4fS8NhsqPpl2gdp4poLNs\n"
+"+hqjWZJ3uuLotXBcgM39Dtq9tqqu9vM12T80UAfWnVEHrBphmukh49EhEr2sx/la\n"
+"kAzRoTbLyTdlGVei8hI7/RtZIaIcOkzlhcFI5zmBlydyrv6/79vzt6WI/w9GVGpM\n"
+"OuSM0NS2CDJ7Iw412nz3CV1pEXB551ZBmbme6NHUe4EtEsDbgkP1Z201H4j51yVz\n"

[tor-commits] [tor/master] whitespace fixes

[nickm]

commit 6be0e28670517048ce3ab017911cd41238543a13
Author: Nick Mathewson 
Date:   Mon Aug 21 14:18:41 2017 -0400

whitespace fixes
---
 src/test/test_hs_descriptor.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b68bd108f..8f8da361d 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,7 +19,6 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
-
 #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
 DISABLE_GCC_WARNING(overlength-strings)
 /* We allow huge string constants in the unit tests, but not in the code
@@ -569,7 +568,6 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
-
   setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.3.1] whitespace fixes

[nickm]

commit 6be0e28670517048ce3ab017911cd41238543a13
Author: Nick Mathewson 
Date:   Mon Aug 21 14:18:41 2017 -0400

whitespace fixes
---
 src/test/test_hs_descriptor.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b68bd108f..8f8da361d 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,7 +19,6 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
-
 #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
 DISABLE_GCC_WARNING(overlength-strings)
 /* We allow huge string constants in the unit tests, but not in the code
@@ -569,7 +568,6 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
-
   setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Add unittest for #23233.

[nickm]

commit 45732a1a13cb05107f5822afed0c01388096be27
Author: George Kadianakis 
Date:   Thu Aug 17 23:12:59 2017 +0300

Add unittest for #23233.

This will fail currently since the bug is not fixed yet.
---
 src/or/hs_descriptor.c  |   2 +-
 src/test/test_hs_descriptor.c   |  29 ++
 src/test/test_hs_descriptor.inc | 224 
 3 files changed, 254 insertions(+), 1 deletion(-)

diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 2a000f500..7c2e76942 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1241,7 +1241,7 @@ cert_is_valid(tor_cert_t *cert, uint8_t type, const char 
*log_obj_type)
   }
   /* The following will not only check if the signature matches but also the
* expiration date and overall validity. */
-  if (tor_cert_checksig(cert, >signing_key, time(NULL)) < 0) {
+  if (tor_cert_checksig(cert, >signing_key, approx_time()) < 0) {
 log_warn(LD_REND, "Invalid signature for %s.", log_obj_type);
 goto err;
   }
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b1abe381d..5be074708 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,6 +19,15 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
+
+#ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
+DISABLE_GCC_WARNING(overlength-strings)
+/* We allow huge string constants in the unit tests, but not in the code
+ * at large. */
+#endif
+#include "test_hs_descriptor.inc"
+ENABLE_GCC_WARNING(overlength-strings)
+
 /* Test certificate encoding put in a descriptor. */
 static void
 test_cert_encoding(void *arg)
@@ -548,6 +557,24 @@ test_decode_invalid_intro_point(void *arg)
   desc_intro_point_free(ip);
 }
 
+/** Make sure we fail gracefully when decoding the bad desc from #23233. */
+static void
+test_decode_bad_signature(void *arg)
+{
+  hs_desc_plaintext_data_t desc_plaintext;
+  int ret;
+
+  (void) arg;
+
+  /* Update approx time to dodge cert expiration */
+  update_approx_time(1502661599);
+
+  ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
+  tt_int_op(ret, OP_EQ, -1);
+
+ done: ;
+}
+
 static void
 test_decode_plaintext(void *arg)
 {
@@ -838,6 +865,8 @@ struct testcase_t hs_descriptor[] = {
 NULL, NULL },
   { "decode_plaintext", test_decode_plaintext, TT_FORK,
 NULL, NULL },
+  { "decode_bad_signature", test_decode_bad_signature, TT_FORK,
+NULL, NULL },
 
   /* Misc. */
   { "version", test_supported_version, TT_FORK,
diff --git a/src/test/test_hs_descriptor.inc b/src/test/test_hs_descriptor.inc
new file mode 100644
index 0..70a2c7c2f
--- /dev/null
+++ b/src/test/test_hs_descriptor.inc
@@ -0,0 +1,224 @@
+static const char* HS_DESC_BAD_SIG =
+"hs-descriptor 3\n"
+"descriptor-lifetime 180\n"
+"descriptor-signing-key-cert\n"
+"-BEGIN ED25519 CERT-\n"
+"AQgABl5+AQoPXRnCGEOxIup3AcjQXb8npNiUFm2Qv7A6JKk/K+EuAQAgBAD18iUD\n"
+"nbkUblnUvTHzipq4bcr6aPyFVB42Ptobg4xr8s3VjHiJtjs9MDEdr6nXS7UlyhEl\n"
+"78vsuFEvLp7cvAgGxYY1xGXdn5RdHMCdi8W9yZLKMQX9OuJckmp1C6q+cA4=\n"
+"-END ED25519 CERT-\n"
+"revision-counter 42\n"
+"superencrypted\n"
+"-BEGIN MESSAGE-\n"
+"BxzghAOjM4De6Z6eGTvBrTP2SJDdQOYV/u9qtvlFsa2FRQWk20Adv3zJ/AI10CQO\n"
+"mUP4DNXM8FWQYGTvmD7wGz2/cXGjKwBXg1qO7zF5eP/D/My1sXsIfCcb41mkheNt\n"
+"xn1I5eKXcnghtd4lw7OkPVjSb/Z+VARUMmf+0qSNgmHLgEVnAoGJsn8W8B4qtIay\n"
+"4h4PuV0jPPlqJx6jMFOOEW72uqnfmqeNvClENXXW60xhnaxsf0up62fuW8ktu6Wf\n"
+"lnX/lvTstBFZZQ8/XI1+G+BPf8TZf7mxu0WYVg1s/KWYasYMSw46as59nkqdq2Ii\n"
+"qJnqHX/R20mWBhgpLse6wO0aNpky/rozEnikaPqyO1DShf6a6jXY8ADBg7spnK2/\n"
+"h7sf1+F1xfi2dy2WGxc1EUMP1kTVUmbft7kOo2nA7+3YZwQuSJHaN/66HrzU2x5z\n"
+"ayRUJ8+qDtfpEf17xthc/Uh253blFK96IoJJiqBfI6xt3IqOdHJq0OOC9zBbF6Rj\n"
+"vKMsaxmc/nc6uOB2WePYSgkZ0qs/dRKBJs6+Ahn1KdGkadyd8mDKL86Oe8lncHdB\n"
+"m/6sQjhKqFgngkCDOIlEJyWizqfN84AGqD5Zyxq0rbsN+9KLsHFfEbCRjgqjO5nS\n"
+"FYSFtuKgCZl2gaYEslL1pIEYE6BD2Whjn/HWTRyWiULJr6SuavgcbxeNEQDuVCC+\n"
+"fm0X7Z+qERaMAMR0vTMJK/NzT4GifrDpgmgbxc+34CtNBF5TriM8aXTNZZlsW00k\n"
+"d0XRxFbbbtiT5VOaEHbny7R3MdTVutEc9E/BhLBvjSSrGX7vrryh6Oj++nthIIzm\n"
+"F4M7I11S0TyA+UE06qF1C8rKmhcqU9MWy1SiccJ9KOWhJ5xwlsXBIID7wVygUhVl\n"
+"ovzfKkDDPfRoBch6NdVkxNJx3gb63CUmC2TzfwOMh973nntMVzqqw9A7jYkro9ln\n"
+"217kHUwMk3e83UgFL4nn7NCf3Kj0zhJ4jSfAsuQpV6e7dhzrlNya0lqrUsY2zFXP\n"
+"xv8wUtg6Vo1KewgVQas4oElkgFjDN8RJ7uBAwfuE/b9NnYJoQd76G8DHei/1PHbu\n"
+"tbtwN9I5RHaTvEOfetsJFnIAkCG6O4CQpzwHu1DdvEP4s6/el10b/4awBJ4VwOVZ\n"
+"YHSe4X0DStTV4Cu6aLh5OvrOmGbieRj6HdGQ6syYCaEBTuxbBUUpjIAfVlReAIph\n"
+"6aOrY6HNcCmeVmL5qm4dKr2XXOREsnUFuMqmfQuQd9pN3zlmS+RqCgSJuFrguFpd\n"
+"mjo6UxZvbjE7yJjtCih38HRe5BaigP5RDRkXmiXjqJ4koLJpyjQh19k3BYGcdxUC\n"
+"RCcYXydbGF7qHlnoaX9HnX7y6ZRsyKQpt91PMTGOUsB4fS8NhsqPpl2gdp4poLNs\n"
+"+hqjWZJ3uuLotXBcgM39Dtq9tqqu9vM12T80UAfWnVEHrBphmukh49EhEr2sx/la\n"
+"kAzRoTbLyTdlGVei8hI7/RtZIaIcOkzlhcFI5zmBlydyrv6/79vzt6WI/w9GVGpM\n"
+"OuSM0NS2CDJ7Iw412nz3CV1pEXB551ZBmbme6NHUe4EtEsDbgkP1Z201H4j51yVz\n"

[tor-commits] [tor/maint-0.3.1] whitespace fixes

[nickm]

commit 6be0e28670517048ce3ab017911cd41238543a13
Author: Nick Mathewson 
Date:   Mon Aug 21 14:18:41 2017 -0400

whitespace fixes
---
 src/test/test_hs_descriptor.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index b68bd108f..8f8da361d 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -19,7 +19,6 @@
 #include "test_helpers.h"
 #include "log_test_helpers.h"
 
-
 #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS
 DISABLE_GCC_WARNING(overlength-strings)
 /* We allow huge string constants in the unit tests, but not in the code
@@ -569,7 +568,6 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
-
   setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.3.1] Fix triggerable BUG() when decoding hsv3 descriptors.

[nickm]

commit 1491c0d024130a5699ae9acbeb2263d9d6ca2c3c
Author: George Kadianakis 
Date:   Thu Aug 17 23:13:15 2017 +0300

Fix triggerable BUG() when decoding hsv3 descriptors.

Also improve the unittest to make sure it catches the right error.
---
 changes/bug23233  | 4 
 src/or/hs_descriptor.c| 3 ++-
 src/test/test_hs_descriptor.c | 4 
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/changes/bug23233 b/changes/bug23233
new file mode 100644
index 0..689a99a2a
--- /dev/null
+++ b/changes/bug23233
@@ -0,0 +1,4 @@
+  o Minor bugfixes (hidden service):
+- Fix a BUG alert during HSv3 descriptor decoding that could trigger with a
+  specially crafted descriptor. Fixes bug #23233; bugfix on 0.3.0.1-alpha.
+  Bug found by "haxxpop".
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 7c2e76942..616d2f280 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1852,7 +1852,8 @@ desc_sig_is_valid(const char *b64_sig,
   sig_start = tor_memstr(encoded_desc, encoded_len, "\n" str_signature);
   /* Getting here means the token parsing worked for the signature so if we
* can't find the start of the signature, we have a code flow issue. */
-  if (BUG(!sig_start)) {
+  if (!sig_start) {
+log_warn(LD_GENERAL, "Malformed signature line. Rejecting.");
 goto err;
   }
   /* Skip newline, it has to go in the signature check. */
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 5be074708..b68bd108f 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -569,8 +569,12 @@ test_decode_bad_signature(void *arg)
   /* Update approx time to dodge cert expiration */
   update_approx_time(1502661599);
 
+
+  setup_full_capture_of_logs(LOG_WARN);
   ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, _plaintext);
   tt_int_op(ret, OP_EQ, -1);
+  expect_log_msg_containing("Malformed signature line. Rejecting.");
+  teardown_capture_of_logs();
 
  done: ;
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Bug 17381: create tar containing update responses xml files

[boklm]

commit 93bb526421830f185c431d9064043e54c38d6bab
Author: Nicolas Vigier 
Date:   Mon Aug 21 19:01:16 2017 +0200

Bug 17381: create tar containing update responses xml files

Create a tar file in directory {alpha,release}/update-responses/, to
make it a little easier to copy them to the host where they will be
deployed.
---
 Makefile | 4 ++--
 README.MAKEFILE  | 3 ++-
 projects/release/config  | 5 +
 projects/release/create_update_responses_tar | 9 +
 4 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 1229cfa..ce63e54 100644
--- a/Makefile
+++ b/Makefile
@@ -97,11 +97,11 @@ incrementals-alpha: submodule-update
 
 update_responses-release: submodule-update
$(rbm) build release --step update_responses_config --target release 
--target signed
-   tools/update-responses/update_responses release
+   $(rbm) build release --step create_update_responses_tar --target 
release --target signed
 
 update_responses-alpha: submodule-update
$(rbm) build release --step update_responses_config --target alpha 
--target signed
-   tools/update-responses/update_responses alpha
+   $(rbm) build release --step create_update_responses_tar --target alpha 
--target signed
 
 dmg2mar-release: submodule-update
$(rbm) build release --step update_responses_config --target release 
--target signed
diff --git a/README.MAKEFILE b/README.MAKEFILE
index 9e28864..cd4bf2f 100644
--- a/README.MAKEFILE
+++ b/README.MAKEFILE
@@ -91,5 +91,6 @@ signing the OSX dmg files.
 update_responses-{release,alpha}
 
 Create update responses xml files for a signed build in the release or
-alpha channel.
+alpha channel. The files can be found in a tar in the directory
+{release,alpha}/update-responses.
 
diff --git a/projects/release/config b/projects/release/config
index 0a4276a..4ecbc0a 100644
--- a/projects/release/config
+++ b/projects/release/config
@@ -122,6 +122,11 @@ steps:
 debug: 0
 input_files: []
 update_responses_config: '[% INCLUDE update_responses_config %]'
+  create_update_responses_tar:
+build_log: '-'
+debug: 0
+input_files: []
+create_update_responses_tar: '[% INCLUDE create_update_responses_tar %]'
   hash_incrementals:
 build_log: '-'
 debug: 0
diff --git a/projects/release/create_update_responses_tar 
b/projects/release/create_update_responses_tar
new file mode 100644
index 000..ee1180f
--- /dev/null
+++ b/projects/release/create_update_responses_tar
@@ -0,0 +1,9 @@
+#!/bin/bash
+[% c("var/set_default_env") -%]
+[% shell_quote(c("basedir")) %]/tools/update-responses/update_responses
+mkdir -p [% shell_quote(path(dest_dir)) %]/update-responses
+[% SET channel = pc('firefox', 'var/torbrowser_update_channel') -%]
+mv [% shell_quote(c("basedir")) %]/tools/update-responses/htdocs/[% channel %] 
[% channel %]
+chmod 775 [% channel %]
+chmod 664 [% channel %]/.htaccess [% channel %]/*
+tar cf [% shell_quote(path(dest_dir)) %]/update-responses/update-responses-[% 
channel %]-[%  c("version") %].tar [% channel %]

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Include mar-tools zip in the output files

[boklm]

commit f3fed13feabaead01099d009f099120a8677c650
Author: Nicolas Vigier 
Date:   Mon Aug 21 18:10:03 2017 +0200

Include mar-tools zip in the output files
---
 projects/tor-browser/build | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/projects/tor-browser/build b/projects/tor-browser/build
index 77a02ea..31c2d6d 100644
--- a/projects/tor-browser/build
+++ b/projects/tor-browser/build
@@ -275,6 +275,8 @@ cd $distdir
 [% END %]
 rm -rf $distdir/${PKG_DIR}
 
+cp $rootdir/[% c('input_files_by_name/firefox') %]/mar-tools-*.zip "$OUTDIR"/
+
 # If we did not create a multi-lingual package above, create a package for
 # each locale.
 [% IF ! c("var/multi_lingual") %]



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Bug 17381: add dmg2mar

[boklm]

commit a510614a08cedcb99a03329acb8fa0bd165314e6
Author: Nicolas Vigier 
Date:   Mon Aug 21 14:41:34 2017 +0200

Bug 17381: add dmg2mar

Add the dmg2mar makefile rules.
---
 Makefile |  12 
 README.MAKEFILE  |   6 ++
 projects/release/config  |   5 ++
 projects/release/dmg2mar |   4 ++
 tools/dmg2mar| 168 +++
 5 files changed, 195 insertions(+)

diff --git a/Makefile b/Makefile
index d49d670..1229cfa 100644
--- a/Makefile
+++ b/Makefile
@@ -103,6 +103,18 @@ update_responses-alpha: submodule-update
$(rbm) build release --step update_responses_config --target alpha 
--target signed
tools/update-responses/update_responses alpha
 
+dmg2mar-release: submodule-update
+   $(rbm) build release --step update_responses_config --target release 
--target signed
+   $(rbm) build release --step dmg2mar --target release --target signed
+   tools/update-responses/download_missing_versions release
+   CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 
tools/update-responses/gen_incrementals release
+
+dmg2mar-alpha: submodule-update
+   $(rbm) build release --step update_responses_config --target alpha 
--target signed
+   $(rbm) build release --step dmg2mar --target alpha --target signed
+   tools/update-responses/download_missing_versions alpha
+   CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 
tools/update-responses/gen_incrementals alpha
+
 submodule-update:
git submodule update --init
 
diff --git a/README.MAKEFILE b/README.MAKEFILE
index 167f5d5..9e28864 100644
--- a/README.MAKEFILE
+++ b/README.MAKEFILE
@@ -82,6 +82,12 @@ incrementals-{release,alpha}
 Create incremental mar files for an unsigned build in the release or
 alpha channel.
 
+dmg2mar-{release,alpha)
+---
+Generate updated mar files for the OSX bundles, from the dmg files, then
+regenerate the OSX incremental mar files. You should run this after
+signing the OSX dmg files.
+
 update_responses-{release,alpha}
 
 Create update responses xml files for a signed build in the release or
diff --git a/projects/release/config b/projects/release/config
index 3c771bf..0a4276a 100644
--- a/projects/release/config
+++ b/projects/release/config
@@ -127,3 +127,8 @@ steps:
 debug: 0
 input_files: []
 hash_incrementals: '[% INCLUDE hash_incrementals %]'
+  dmg2mar:
+build_log: '-'
+debug: 0
+input_files: []
+dmg2mar: '[% INCLUDE dmg2mar %]'
diff --git a/projects/release/dmg2mar b/projects/release/dmg2mar
new file mode 100644
index 000..d6175f5
--- /dev/null
+++ b/projects/release/dmg2mar
@@ -0,0 +1,4 @@
+#!/bin/bash
+[% c("var/set_default_env") -%]
+cd [% shell_quote(path(dest_dir)) %]/[% c("var/signed_status") %]/[%  
c("version") %]
+[% shell_quote(c("basedir")) %]/tools/dmg2mar
diff --git a/tools/dmg2mar b/tools/dmg2mar
new file mode 100755
index 000..51d6acb
--- /dev/null
+++ b/tools/dmg2mar
@@ -0,0 +1,168 @@
+#!/usr/bin/perl -w
+#
+# This script converts all dmg files from the current directory and
+# listed in the sha256sums-unsigned-build.txt file to full update
+# mar files. After code signing the dmg files, this script can be used
+# to update the mar files.
+#
+# A recent version of p7zip is required to extract the dmg files, such
+# as 15.14. The version in Debian Jessie (9.20) is not recent enough.
+# It is possible to install the p7zip-full package from Debian testing,
+# or build p7zip from sources:
+#  $ p7zipdir=/some_directory/p7zip
+#  $ mkdir $p7zipdir
+#  $ cd $p7zipdir
+#  $ wget 
http://snapshot.debian.org/archive/debian/20160417T044336Z/pool/main/p/p7zip/p7zip_15.14.1%2Bdfsg.orig.tar.xz
+#  $ echo 'e9e696e2fa77b00445a4d85fa07506debeae01943fdc1bee1472152d7d1386af 
p7zip_15.14.1+dfsg.orig.tar.xz' | sha256sum -c
+#  $ wget 
http://snapshot.debian.org/archive/debian/20160515T161830Z/pool/main/p/p7zip/p7zip_15.14.1%2Bdfsg-2.debian.tar.xz
+#  $ echo 'f4db6803535fc30b6ae9db5aabfd9f57a851c6773d72073847ec5e3731b7af37  
p7zip_15.14.1+dfsg-2.debian.tar.xz' | sha256sum -c
+#  $ tar xvf p7zip_15.14.1+dfsg-2.debian.tar.xz
+#  $ tar xvf p7zip_15.14.1+dfsg.orig.tar.xz
+#  $ cd p7zip_15.14.1/
+#  $ for patch in $(cat ../debian/patches/series ); do patch -p1 < 
../debian/patches/$patch; done
+#  $ make 7z
+#  $ mkdir $p7zipdir/bin
+#  $ echo '#!/bin/sh' > $p7zipdir/bin/7z
+#  $ echo "export LD_LIBRARY_PATH=$PWD/bin" >> $p7zipdir/bin/7z
+#  $ echo "exec $PWD/bin/7z "'"$@"' >> $p7zipdir/bin/7z
+#  $ chmod +x $p7zipdir/bin/7z
+#  $ export "PATH=$p7zipdir/bin:$PATH"
+
+use strict;
+use IO::CaptureOutput qw(capture_exec);
+use File::Slurp;
+use File::Find;
+use Parallel::ForkManager;
+use Cwd;
+
+# If the application is not TorBrowser (for instance, TorMessenger)
+# set the application name in the TOR_APPNAME_BUNDLE_OSX and in
+# the TOR_APPNAME_MARFILE environment variables
+my $appname = 

[tor-commits] [tor-browser-build/master] Bug 17381: add and adapt the update_responses script

[boklm]

commit de3f97f325df5465fa49b7c8ca2ff229b670b207
Author: Nicolas Vigier 
Date:   Thu Aug 17 13:32:46 2017 +0200

Bug 17381: add and adapt the update_responses script

Add the update_responses and incrementals makefile rules.

The update_responses script is identical to what we have in
tor-browser-bundle.git, however the config.yml file it is using is now
generated using the infos from rbm.
---
 Makefile   |  20 +
 README.MAKEFILE|  10 +
 keyring/torbrowser.gpg | Bin 0 -> 49267 bytes
 projects/firefox/config|   3 +-
 projects/release/config|  21 +-
 projects/release/hash_incrementals |   4 +
 projects/release/update_responses_config   |  11 +
 projects/release/update_responses_config.yml   |  40 ++
 rbm.conf   |   3 +
 tools/update-responses/.gitignore  |   2 +
 tools/update-responses/README.md   |  50 ++
 .../check_update_responses_deployement |   1 +
 tools/update-responses/download_missing_versions   |   1 +
 tools/update-responses/gen_incrementals|   1 +
 tools/update-responses/get_channel_version |   1 +
 tools/update-responses/update_responses| 643 +
 16 files changed, 807 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index c45b0a1..d49d670 100644
--- a/Makefile
+++ b/Makefile
@@ -83,6 +83,26 @@ signtag-release: submodule-update
 signtag-alpha: submodule-update
$(rbm) build release --step signtag --target alpha
 
+incrementals-release: submodule-update
+   $(rbm) build release --step update_responses_config --target release
+   tools/update-responses/download_missing_versions release
+   tools/update-responses/gen_incrementals release
+   $(rbm) build release --step hash_incrementals --target release
+
+incrementals-alpha: submodule-update
+   $(rbm) build release --step update_responses_config --target alpha
+   tools/update-responses/download_missing_versions alpha
+   tools/update-responses/gen_incrementals alpha
+   $(rbm) build release --step hash_incrementals --target alpha
+
+update_responses-release: submodule-update
+   $(rbm) build release --step update_responses_config --target release 
--target signed
+   tools/update-responses/update_responses release
+
+update_responses-alpha: submodule-update
+   $(rbm) build release --step update_responses_config --target alpha 
--target signed
+   tools/update-responses/update_responses alpha
+
 submodule-update:
git submodule update --init
 
diff --git a/README.MAKEFILE b/README.MAKEFILE
index ef33904..167f5d5 100644
--- a/README.MAKEFILE
+++ b/README.MAKEFILE
@@ -77,3 +77,13 @@ signtag-{release,alpha}
 Create a git signed tag for the selected channel, using the version and
 build number defined as var/torbrowser_version and var/torbrowser_build.
 
+incrementals-{release,alpha}
+
+Create incremental mar files for an unsigned build in the release or
+alpha channel.
+
+update_responses-{release,alpha}
+
+Create update responses xml files for a signed build in the release or
+alpha channel.
+
diff --git a/keyring/torbrowser.gpg b/keyring/torbrowser.gpg
new file mode 100644
index 000..dfdee06
Binary files /dev/null and b/keyring/torbrowser.gpg differ
diff --git a/projects/firefox/config b/projects/firefox/config
index 1360772..034d40f 100644
--- a/projects/firefox/config
+++ b/projects/firefox/config
@@ -7,7 +7,8 @@ git_url: https://git.torproject.org/tor-browser.git
 gpg_keyring: torbutton.gpg
 
 var:
-  firefox_version: 52.3.0esr
+  firefox_platform_version: 52.3.0
+  firefox_version: '[% c("var/firefox_platform_version") %]esr'
   torbrowser_branch: 7.5
   torbrowser_update_channel: alpha
   copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
diff --git a/projects/release/config b/projects/release/config
index b785878..3c771bf 100644
--- a/projects/release/config
+++ b/projects/release/config
@@ -1,10 +1,11 @@
 # vim: filetype=yaml sw=2
 version: '[% c("var/torbrowser_version") %]'
-output_dir: 'release/unsigned'
+output_dir: release
 
 var:
+  signed_status: unsigned
   today: '[% USE date; date.format(format = "%Y-%m-%d") %]'
-  publish_dir: '[% c("version") %]-[% c("var/torbrowser_build") %]'
+  publish_dir: '[% c("var/signed_status") %]/[% c("version") %]-[% 
c("var/torbrowser_build") %]'
 
 targets:
   torbrowser-all:
@@ -50,7 +51,7 @@ targets:
   publish_dir: '[% c("var/today") %]'
 
   alpha:
-output_dir: 'alpha/unsigned'
+output_dir: alpha
 var:
   build_target: alpha
 
@@ -60,6 +61,10 @@ targets:
   build_target: torbrowser-testbuild
   publish_dir: ''
 
+  signed:
+var:
+  

[tor-commits] [metrics-web/master] Fix broken CollecTor link.

[karsten]

commit 6fbb55ab215ecf4c38b69924e0a52296cb8605c8
Author: Karsten Loesing 
Date:   Mon Aug 21 09:55:12 2017 +0200

Fix broken CollecTor link.
---
 website/src/main/resources/web/WEB-INF/stats.jsp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/src/main/resources/web/WEB-INF/stats.jsp 
b/website/src/main/resources/web/WEB-INF/stats.jsp
index 234d0f4..629130d 100644
--- a/website/src/main/resources/web/WEB-INF/stats.jsp
+++ b/website/src/main/resources/web/WEB-INF/stats.jsp
@@ -315,8 +315,8 @@ its predecessor https://gitweb.torproject.org/torperf.git;>Torperf,
 which both periodically fetch static files over Tor and record several
 timestamps in the process.  The data file contains daily medians and quartiles
 as well as total numbers of requests, timeouts, and failures.  Raw Onionperf 
and
-Torperf measurement data is available on the https://collector.torproject.org/#torperf;>CollecTor website.
+Torperf measurement data is specified and available for download on the CollecTor page.
 
 Download as CSV file.
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [metrics-web/master] Remove deprecated torperf.csv file.

[karsten]

commit 9a29d4400142542ab43fdb31ced4f1c57a389f0b
Author: Karsten Loesing 
Date:   Mon Aug 21 09:53:14 2017 +0200

Remove deprecated torperf.csv file.
---
 website/src/main/resources/web/WEB-INF/stats.jsp | 54 
 1 file changed, 54 deletions(-)

diff --git a/website/src/main/resources/web/WEB-INF/stats.jsp 
b/website/src/main/resources/web/WEB-INF/stats.jsp
index 7912834..234d0f4 100644
--- a/website/src/main/resources/web/WEB-INF/stats.jsp
+++ b/website/src/main/resources/web/WEB-INF/stats.jsp
@@ -306,60 +306,6 @@ there are users by either of the two numbers.
 
 
 
-Performance of downloading static files over Tor (deprecated) #
-
-
-Deprecated
-As of May 12, 2017, the linked data file has been replaced by this data file.  As of June 30, 2017, the linked data 
file is not updated anymore.  This section and the linked data file will be 
removed in the future.
-
-
-The following data file contains aggregate statistics on performance when
-downloading static files of different sizes over Tor.  These statistics are
-generated by the https://gitweb.torproject.org/torperf.git; 
target="_blank">Torperf
-tool, which periodically fetches static files over Tor and records several
-timestamps in the process.  The data file contains daily medians and quartiles
-as well as total numbers of requests, timeouts, and failures.  Raw Torperf
-measurement data are available on the CollecTor website.
-
-Download as CSV file.
-
-The statistics file contains the following columns:
-
-
-date: UTC date (-MM-DD) when download performance was
-measured.
-
-size: Size of the downloaded file in bytes.
-
-source: Name of the Torperf service performing measurements.  If 
this
-column contains the empty string, all measurements are included, regardless of
-which Torperf service performed them.  Examples are "moria",
-"siv", and "torperf".
-
-q1: First quartile of time until receiving the last byte in
-milliseconds.
-
-md: Median of time until receiving the last byte in
-milliseconds.
-
-q3: Third quartile of time until receiving the last byte in
-milliseconds.
-
-timeouts: Number of timeouts that occurred when attempting to
-download the static file over Tor.
-
-failures: Number of failures that occurred when attempting to
-download the static file over Tor.
-
-requests: Total number of requests made to download the static file
-over Tor.
-
-
-
-
-
-
 Performance of downloading static files over Tor #
 
 The following data file contains aggregate statistics on performance when



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits