[tor-commits] [tor-messenger-build/updater] Update libgcrypt to 1.6.6 for CVE-2016-6316

[sukhbir]

commit a82a7c1bd2258e404569841a01ea450debfbb4cc
Author: Arlo Breault 
Date:   Thu Aug 18 22:39:46 2016 -0700

Update libgcrypt to 1.6.6 for CVE-2016-6316

 * See https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html

 * Also, bump libgpg-error to 1.24
---
 ChangeLog| 2 ++
 projects/libgcrypt/config| 2 +-
 projects/libgpg-error/config | 2 +-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index dc7841f..a392187 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,8 @@ Tor Messenger 0.1.0b7 --
* Use the THUNDERBIRD_45_2_0_RELEASE tag on mozilla-esr45
* Use the THUNDERBIRD_45_2_0_RELEASE tag on comm-esr45
* Bug 19053: Display plaintext in notifications
+   * Update libgpg-error to 1.24
+   * Update libgcrypt to 1.6.6 for CVE-2016-6316
* ctypes-otr
  * GH 66: Provide functionality for adding verified fingerprints (patch by 
Vu Quoc Huy)
  * GH 73: Show progress during verification in notification box (patch by 
Vu Quoc Huy)
diff --git a/projects/libgcrypt/config b/projects/libgcrypt/config
index 307643f..2b43818 100644
--- a/projects/libgcrypt/config
+++ b/projects/libgcrypt/config
@@ -1,6 +1,6 @@
 # vim: filetype=yaml sw=2
 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% 
c("var/build_id") %].tar.gz'
-version: 1.6.4
+version: 1.6.6
 remote_docker: 1
 var:
   deps:
diff --git a/projects/libgpg-error/config b/projects/libgpg-error/config
index 48c10be..ed98a5e 100644
--- a/projects/libgpg-error/config
+++ b/projects/libgpg-error/config
@@ -1,6 +1,6 @@
 # vim: filetype=yaml sw=2
 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% 
c("var/build_id") %].tar.gz'
-version: 1.20
+version: 1.24
 remote_docker: 1
 var:
   deps:



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-messenger-build/updater] Reflect proper Tor Messenger version during build

[sukhbir]

commit 17613113cafb9937f6827a180107cd865f26cc64
Author: Sukhbir Singh 
Date:   Fri Aug 19 20:21:41 2016 -0400

Reflect proper Tor Messenger version during build
---
 projects/instantbird/build | 2 ++
 projects/instantbird/config| 1 -
 projects/instantbird/version.patch | 7 ---
 3 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/projects/instantbird/build b/projects/instantbird/build
index 8eb81e4..a397816 100644
--- a/projects/instantbird/build
+++ b/projects/instantbird/build
@@ -81,6 +81,8 @@ rm im/content/aboutDialog*
 cp $rootdir/aboutDialog* im/content/
 cp $rootdir/aboutDialog.dtd im/locales/en-US/chrome/instantbird/aboutDialog.dtd
 
+echo '[% c("var/tormessenger_version") %]' > im/config/version.txt
+
 cd mozilla
 if ls -1 $rootdir/*.mozpatch > /dev/null 2>&1
 then
diff --git a/projects/instantbird/config b/projects/instantbird/config
index 65d3316..7e3bf13 100644
--- a/projects/instantbird/config
+++ b/projects/instantbird/config
@@ -73,7 +73,6 @@ input_files:
   - filename: trac-17896.patch
   - filename: trac-17494.patch
   - filename: trac-13312.patch
-  - filename: version.patch
   - filename: search-context-menu.patch
   - filename: search-preferences-xul.patch
   - filename: log-preferences-xul.patch
diff --git a/projects/instantbird/version.patch 
b/projects/instantbird/version.patch
deleted file mode 100644
index a47cde1..000
--- a/projects/instantbird/version.patch
+++ /dev/null
@@ -1,7 +0,0 @@
-diff --git a/im/config/version.txt b/im/config/version.txt
-index 57b62cb..c239c60 100644
 a/im/config/version.txt
-+++ b/im/config/version.txt
-@@ -1 +1 @@
--1.6a1pre
-+1.5

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-messenger-build/master] Reflect proper Tor Messenger version during build

[sukhbir]

commit 17613113cafb9937f6827a180107cd865f26cc64
Author: Sukhbir Singh 
Date:   Fri Aug 19 20:21:41 2016 -0400

Reflect proper Tor Messenger version during build
---
 projects/instantbird/build | 2 ++
 projects/instantbird/config| 1 -
 projects/instantbird/version.patch | 7 ---
 3 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/projects/instantbird/build b/projects/instantbird/build
index 8eb81e4..a397816 100644
--- a/projects/instantbird/build
+++ b/projects/instantbird/build
@@ -81,6 +81,8 @@ rm im/content/aboutDialog*
 cp $rootdir/aboutDialog* im/content/
 cp $rootdir/aboutDialog.dtd im/locales/en-US/chrome/instantbird/aboutDialog.dtd
 
+echo '[% c("var/tormessenger_version") %]' > im/config/version.txt
+
 cd mozilla
 if ls -1 $rootdir/*.mozpatch > /dev/null 2>&1
 then
diff --git a/projects/instantbird/config b/projects/instantbird/config
index 65d3316..7e3bf13 100644
--- a/projects/instantbird/config
+++ b/projects/instantbird/config
@@ -73,7 +73,6 @@ input_files:
   - filename: trac-17896.patch
   - filename: trac-17494.patch
   - filename: trac-13312.patch
-  - filename: version.patch
   - filename: search-context-menu.patch
   - filename: search-preferences-xul.patch
   - filename: log-preferences-xul.patch
diff --git a/projects/instantbird/version.patch 
b/projects/instantbird/version.patch
deleted file mode 100644
index a47cde1..000
--- a/projects/instantbird/version.patch
+++ /dev/null
@@ -1,7 +0,0 @@
-diff --git a/im/config/version.txt b/im/config/version.txt
-index 57b62cb..c239c60 100644
 a/im/config/version.txt
-+++ b/im/config/version.txt
-@@ -1 +1 @@
--1.6a1pre
-+1.5

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Log a warning when Testing options are deprecated.

[nickm]

commit 3c8baa77a1d2f5a0235adc48ad5650340683e8ee
Author: Nick Mathewson 
Date:   Fri Aug 19 20:21:04 2016 -0400

Log a warning when Testing options are deprecated.
---
 src/or/config.c| 8 +++-
 src/or/confparse.c | 2 +-
 src/or/confparse.h | 2 ++
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index a94e959..941393a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -545,7 +545,7 @@ static const config_var_t testing_tor_network_defaults[] = {
 "0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
   V(ClientBootstrapConsensusMaxDownloadTries, UINT, "80"),
   V(ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries, UINT, "80"),
-  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
+  V(ClientDNSRejectInternalAddresses, BOOL,"0"), // deprecated in 0.2.9.2-alpha
   V(ClientRejectInternalAddresses, BOOL,   "0"),
   V(CountPrivateBandwidth,   BOOL, "1"),
   V(ExitPolicyRejectPrivate, BOOL, "0"),
@@ -4924,6 +4924,12 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
   tor_assert(new_var);
   tor_assert(old_var);
   old_var->initvalue = new_var->initvalue;
+
+  if ((config_find_deprecation(_format, new_var->name))) {
+log_warn(LD_GENERAL, "Testing options override the deprecated "
+ "option %s. Is that intentional?",
+ new_var->name);
+  }
 }
 
 /* Clear newoptions and re-initialize them with new defaults. */
diff --git a/src/or/confparse.c b/src/or/confparse.c
index e9d5645..efcf4f9 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -184,7 +184,7 @@ config_free_lines(config_line_t *front)
 /** If key is a deprecated configuration option, return the message
  * explaining why it is deprecated (which may be an empty string). Return NULL
  * if it is not deprecated. The key field must be fully expanded. */
-static const char *
+const char *
 config_find_deprecation(const config_format_t *fmt, const char *key)
 {
   if (BUG(fmt == NULL) || BUG(key == NULL))
diff --git a/src/or/confparse.h b/src/or/confparse.h
index cf92ac4..8d915d2 100644
--- a/src/or/confparse.h
+++ b/src/or/confparse.h
@@ -127,6 +127,8 @@ int config_assign(const config_format_t *fmt, void *options,
   unsigned flags, char **msg);
 config_var_t *config_find_option_mutable(config_format_t *fmt,
  const char *key);
+const char *config_find_deprecation(const config_format_t *fmt,
+ const char *key);
 const config_var_t *config_find_option(const config_format_t *fmt,
const char *key);
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Mark a big pile of options as deprecated.

[nickm]

commit 66e610da7239e8921c0063043c07c7f2c3fd48d9
Author: Nick Mathewson 
Date:   Wed Aug 3 12:08:57 2016 -0400

Mark a big pile of options as deprecated.
---
 src/or/config.c| 40 +++-
 src/or/confparse.c |  7 ---
 src/or/confparse.h |  3 +--
 3 files changed, 44 insertions(+), 6 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index 2f5ba6c..cf1365a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -588,6 +588,44 @@ static const config_var_t testing_tor_network_defaults[] = 
{
 #undef V
 #undef OBSOLETE
 
+static const config_deprecation_t option_deprecation_notes_[] = {
+  { "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
+"a wide variety of application-level attacks." },
+  { "AllowInvalidNodes", "There is no reason to enable this option; at best "
+"it will make you easier to track." },
+  { "AllowSingleHopCircuits", "Almost no relays actually allow single-hop "
+"exits, making this option pointless." },
+  { "AllowSingleHopExits", "Turning this on will make your relay easier "
+"to abuse." },
+  { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
+"easier to fingerprint, and may open you to esoteric attacks." },
+  { "ExcludeSingleHopRelays", "Turning it on makes your client easier to "
+"fingerprint." },
+  { "FastFirstHopPK", "Changing this option does not make your client more "
+"secure, but does make it easier to fingerprint." },
+  { "CloseHSClientCircutisImmediatelyOnTimeout", "This option makes your "
+"client easier to fingerprint." },
+  { "CloseHSServiceRendircutisImmediatelyOnTimeout", "This option makes "
+"your hidden services easier to fingerprint." },
+  { "WarnUnsafeSocks", "Changing this option makes it easier for you "
+"to accidentally lose your anonymity by leaking DNS information" },
+  { "TLSECGroup", "The default is a nice secure choice; the other option "
+"is less secure." },
+  { "UseNTorHandshake", "The ntor handshake should always be used." },
+
+  { "ControlListenAddress", "Use ControlPort instead." },
+  { "DirListenAddress", "Use DirPort instead, possibly with the "
+"NoAdvertise sub-option" },
+  { "DNSListenAddress", "Use DNSPort instead." },
+  { "SocksListenAddress", "Use SocksPort instead." },
+  { "TransListenAddress", "Use TransPort instead." },
+  { "NATDListenAddress", "Use NATDPort instead." },
+  { "ORListenAddress", "Use ORPort instead, possibly with the "
+"NoAdvertise sub-option" },
+
+  { NULL, NULL }
+};
+
 #ifdef _WIN32
 static char *get_windows_conf_root(void);
 #endif
@@ -636,7 +674,7 @@ STATIC config_format_t options_format = {
   OR_OPTIONS_MAGIC,
   STRUCT_OFFSET(or_options_t, magic_),
   option_abbrevs_,
-  NULL,
+  option_deprecation_notes_,
   option_vars_,
   options_validate_cb,
   NULL
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 233cc7c..8bd4b81 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -192,7 +192,7 @@ config_find_deprecation(const config_format_t *fmt, const 
char *key)
   if (fmt->deprecations == NULL)
 return NULL;
 
-  config_deprecation_t *d;
+  const config_deprecation_t *d;
   for (d = fmt->deprecations; d->name; ++d) {
 if (!strcasecmp(d->name, key)) {
   return d->why_deprecated ? d->why_deprecated : "";
@@ -486,10 +486,11 @@ config_mark_lists_fragile(const config_format_t *fmt, 
void *options)
 void
 warn_deprecated_option(const char *what, const char *why)
 {
+  const char *space = (why && strlen(why)) ? " " : "";
   log_warn(LD_CONFIG, "The %s option is deprecated, and will most likely "
-   "be removed in a future version of Tor.%s (If you think this is "
+   "be removed in a future version of Tor.%s%s (If you think this is "
"a mistake, please let us know!)",
-   what, why);
+   what, space, why);
 }
 
 /** If c is a syntactically valid configuration line, update
diff --git a/src/or/confparse.h b/src/or/confparse.h
index 415d680..87dd6d8 100644
--- a/src/or/confparse.h
+++ b/src/or/confparse.h
@@ -81,7 +81,7 @@ typedef struct config_format_t {
   off_t magic_offset; /**< Offset of the magic value within the struct. */
   config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
  * parsing this format. */
-  config_deprecation_t *deprecations; /** List of deprecated options */
+  const config_deprecation_t *deprecations; /** List of deprecated options */
   config_var_t *vars; /**< List of variables we recognize, their default
* values, and where we stick them in the structure. */
   validate_fn_t validate_fn; /**< Function to validate config. */
@@ -133,6 +133,5 @@ const char *config_expand_abbrev(const config_format_t *fmt,
  int command_line, int warn_obsolete);
 void warn_deprecated_option(const char *what, const char *why);
 
-
 #endif
 

[tor-commits] [tor/master] Teach checkOptionDocs about deprecation.

[nickm]

commit 9b6ff4c882431dd9733a1c36fc3a2b662fa5f11a
Author: Nick Mathewson 
Date:   Wed Aug 3 12:15:01 2016 -0400

Teach checkOptionDocs about deprecation.

In particular, teach it that deprecated options must exist.
---
 doc/tor.1.txt   |  4 
 src/or/config.c | 24 +++-
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index b5d6e87..530e8ca 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -84,6 +84,10 @@ COMMAND-LINE OPTIONS
 [[opt-list-torrc-options]] **--list-torrc-options**::
 List all valid options.
 
+[[opt-list-deprecated-options]] **--list-deprecated-options**::
+List all valid options that are scheduled to become obsolete in a
+future version. (This is a warning, not a promise.)
+
 [[opt-version]] **--version**::
 Display Tor version and exit.
 
diff --git a/src/or/config.c b/src/or/config.c
index cf1365a..a5428aa 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -603,9 +603,9 @@ static const config_deprecation_t 
option_deprecation_notes_[] = {
 "fingerprint." },
   { "FastFirstHopPK", "Changing this option does not make your client more "
 "secure, but does make it easier to fingerprint." },
-  { "CloseHSClientCircutisImmediatelyOnTimeout", "This option makes your "
+  { "CloseHSClientCircuitsImmediatelyOnTimeout", "This option makes your "
 "client easier to fingerprint." },
-  { "CloseHSServiceRendircutisImmediatelyOnTimeout", "This option makes "
+  { "CloseHSServiceRendCircuitsImmediatelyOnTimeout", "This option makes "
 "your hidden services easier to fingerprint." },
   { "WarnUnsafeSocks", "Changing this option makes it easier for you "
 "to accidentally lose your anonymity by leaking DNS information" },
@@ -2049,6 +2049,7 @@ static const struct {
   { "-h", TAKES_NO_ARGUMENT },
   { "--help", TAKES_NO_ARGUMENT },
   { "--list-torrc-options",   TAKES_NO_ARGUMENT },
+  { "--list-deprecated-options",TAKES_NO_ARGUMENT },
   { "--nt-service",   TAKES_NO_ARGUMENT },
   { "-nt-service",TAKES_NO_ARGUMENT },
   { NULL, 0 },
@@ -2235,7 +2236,6 @@ static void
 list_torrc_options(void)
 {
   int i;
-  smartlist_t *lines = smartlist_new();
   for (i = 0; option_vars_[i].name; ++i) {
 const config_var_t *var = _vars_[i];
 if (var->type == CONFIG_TYPE_OBSOLETE ||
@@ -2243,7 +2243,16 @@ list_torrc_options(void)
   continue;
 printf("%s\n", var->name);
   }
-  smartlist_free(lines);
+}
+
+/** Print all deprecated but non-obsolete torrc options. */
+static void
+list_deprecated_options(void)
+{
+  const config_deprecation_t *d;
+  for (d = option_deprecation_notes_; d->name; ++d) {
+printf("%s\n", d->name);
+  }
 }
 
 /** Last value actually set by resolve_my_address. */
@@ -4703,10 +4712,15 @@ options_init_from_torrc(int argc, char **argv)
 exit(0);
   }
   if (config_line_find(cmdline_only_options, "--list-torrc-options")) {
-/* For documenting validating whether we've documented everything. */
+/* For validating whether we've documented everything. */
 list_torrc_options();
 exit(0);
   }
+  if (config_line_find(cmdline_only_options, "--list-deprecated-options")) {
+/* For validating whether what we have deprecated really exists. */
+list_deprecated_options();
+exit(0);
+  }
 
   if (config_line_find(cmdline_only_options, "--version")) {
 printf("Tor version %s.\n",get_version());



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add deprecation for configuration options that need to go away.

[nickm]

commit e6220ccbf8004090b9bcc7228b33d85d2cf9c067
Author: Nick Mathewson 
Date:   Wed Aug 3 11:40:43 2016 -0400

Add deprecation for configuration options that need to go away.
---
 src/or/config.c  |  1 +
 src/or/confparse.c   | 34 ++
 src/or/confparse.h   |  8 
 src/or/shared_random_state.c |  1 +
 src/or/statefile.c   |  1 +
 5 files changed, 45 insertions(+)

diff --git a/src/or/config.c b/src/or/config.c
index 64c9796..2f5ba6c 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -636,6 +636,7 @@ STATIC config_format_t options_format = {
   OR_OPTIONS_MAGIC,
   STRUCT_OFFSET(or_options_t, magic_),
   option_abbrevs_,
+  NULL,
   option_vars_,
   options_validate_cb,
   NULL
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 3532b39..233cc7c 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -181,6 +181,26 @@ config_free_lines(config_line_t *front)
   }
 }
 
+/** If key is a deprecated configuration option, return the message
+ * explaining why it is deprecated (which may be an empty string). Return NULL
+ * if it is not deprecated. The key field must be fully expanded. */
+static const char *
+config_find_deprecation(const config_format_t *fmt, const char *key)
+{
+  if (BUG(fmt == NULL) || BUG(key == NULL))
+return NULL;
+  if (fmt->deprecations == NULL)
+return NULL;
+
+  config_deprecation_t *d;
+  for (d = fmt->deprecations; d->name; ++d) {
+if (!strcasecmp(d->name, key)) {
+  return d->why_deprecated ? d->why_deprecated : "";
+}
+  }
+  return NULL;
+}
+
 /** As config_find_option, but return a non-const pointer. */
 config_var_t *
 config_find_option_mutable(config_format_t *fmt, const char *key)
@@ -463,6 +483,15 @@ config_mark_lists_fragile(const config_format_t *fmt, void 
*options)
   }
 }
 
+void
+warn_deprecated_option(const char *what, const char *why)
+{
+  log_warn(LD_CONFIG, "The %s option is deprecated, and will most likely "
+   "be removed in a future version of Tor.%s (If you think this is "
+   "a mistake, please let us know!)",
+   what, why);
+}
+
 /** If c is a syntactically valid configuration line, update
  * options with its value and return 0.  Otherwise return -1 for bad
  * key, -2 for bad value.
@@ -502,6 +531,11 @@ config_assign_line(const config_format_t *fmt, void 
*options,
 c->key = tor_strdup(var->name);
   }
 
+  const char *deprecation_msg = config_find_deprecation(fmt, var->name);
+  if (deprecation_msg) {
+warn_deprecated_option(var->name, deprecation_msg);
+  }
+
   if (!strlen(c->value)) {
 /* reset or clear it, then return */
 if (!clear_first) {
diff --git a/src/or/confparse.h b/src/or/confparse.h
index ca6fb5e..415d680 100644
--- a/src/or/confparse.h
+++ b/src/or/confparse.h
@@ -48,6 +48,11 @@ typedef struct config_abbrev_t {
   int warn;
 } config_abbrev_t;
 
+typedef struct config_deprecation_t {
+  const char *name;
+  const char *why_deprecated;
+} config_deprecation_t;
+
 /* Handy macro for declaring "In the config file or on the command line,
  * you can abbreviate toks as tok". */
 #define PLURAL(tok) { #tok, #tok "s", 0, 0 }
@@ -76,6 +81,7 @@ typedef struct config_format_t {
   off_t magic_offset; /**< Offset of the magic value within the struct. */
   config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
  * parsing this format. */
+  config_deprecation_t *deprecations; /** List of deprecated options */
   config_var_t *vars; /**< List of variables we recognize, their default
* values, and where we stick them in the structure. */
   validate_fn_t validate_fn; /**< Function to validate config. */
@@ -125,6 +131,8 @@ void config_free_lines(config_line_t *front);
 const char *config_expand_abbrev(const config_format_t *fmt,
  const char *option,
  int command_line, int warn_obsolete);
+void warn_deprecated_option(const char *what, const char *why);
+
 
 #endif
 
diff --git a/src/or/shared_random_state.c b/src/or/shared_random_state.c
index 52a0034..c344a45 100644
--- a/src/or/shared_random_state.c
+++ b/src/or/shared_random_state.c
@@ -86,6 +86,7 @@ static const config_format_t state_format = {
   SR_DISK_STATE_MAGIC,
   STRUCT_OFFSET(sr_disk_state_t, magic_),
   NULL,
+  NULL,
   state_vars,
   disk_state_validate_cb,
   _extra_var,
diff --git a/src/or/statefile.c b/src/or/statefile.c
index 9594d9c..c2f31d6 100644
--- a/src/or/statefile.c
+++ b/src/or/statefile.c
@@ -121,6 +121,7 @@ static const config_format_t state_format = {
   OR_STATE_MAGIC,
   STRUCT_OFFSET(or_state_t, magic_),
   state_abbrevs_,
+  NULL,
   state_vars_,
   or_state_validate_cb,
   _extra_var,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Changes file for deprecation features from #19820

[nickm]

commit 675119d79a2e1cb8b47639d1383d2e631f9412e5
Author: Nick Mathewson 
Date:   Fri Aug 19 20:08:07 2016 -0400

Changes file for deprecation features from #19820
---
 changes/deprecation | 31 +++
 1 file changed, 31 insertions(+)

diff --git a/changes/deprecation b/changes/deprecation
new file mode 100644
index 000..03a537a
--- /dev/null
+++ b/changes/deprecation
@@ -0,0 +1,31 @@
+  o Major features (user interface):
+- Tor now supports the ability to declare options deprecated, so that
+  we can recommend that people stop using them. Previously, this was
+  done in an ad-hoc way.
+  Closes ticket 19820.
+
+  o Minor features (user interface):
+- There is a new --list-deprecated-options command-line option to list
+  all of the deprecated options. Implemented as part of ticket 19820.
+
+  o Deprecated features:
+- A number of options are deprecated for security reasons, and may be
+  removed in a future version of Tor. The options are: AllowDotExit,
+  AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits,
+  ClientDNSRejectInternalAddresses,
+  CloseHSClientCircuitsImmediatelyOnTimeout,
+  CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays,
+  FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks.
+
+- A number of DNS-cache-related sub-options for client ports are now
+  deprecated for security reasons, and may be removed in a future version
+  of Tor. (We believe that client-side DNS cacheing is a bad idea for
+  anonymity, and you should not turn it on.) The options are: CacheDNS,
+  CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and
+  UseIPv6Cache.
+
+- The *ListenAddress options are now deprecated as unnecessary: the
+  corresponding *Port options should be used instead. These options may
+  someday be removed.  The affected options are: ControlListenAddress,
+  DNSListenAddress, DirListenAddress, NATDListenAddress, ORListenAddress,
+  SocksListenAddress, and TransListenAddress.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add comments to explain when things were deprecated

[nickm]

commit 05ad2db283744609ea9414c2ba434a495e183a3f
Author: Nick Mathewson 
Date:   Fri Aug 19 20:09:51 2016 -0400

Add comments to explain when things were deprecated
---
 src/or/config.c | 15 ---
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index c1f82c8..a94e959 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -589,6 +589,7 @@ static const config_var_t testing_tor_network_defaults[] = {
 #undef OBSOLETE
 
 static const config_deprecation_t option_deprecation_notes_[] = {
+  /* Deprecated since 0.2.9.2-alpha... */
   { "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
 "a wide variety of application-level attacks." },
   { "AllowInvalidNodes", "There is no reason to enable this option; at best "
@@ -612,7 +613,6 @@ static const config_deprecation_t 
option_deprecation_notes_[] = {
   { "TLSECGroup", "The default is a nice secure choice; the other option "
 "is less secure." },
   { "UseNTorHandshake", "The ntor handshake should always be used." },
-
   { "ControlListenAddress", "Use ControlPort instead." },
   { "DirListenAddress", "Use DirPort instead, possibly with the "
 "NoAdvertise sub-option" },
@@ -622,6 +622,7 @@ static const config_deprecation_t 
option_deprecation_notes_[] = {
   { "NATDListenAddress", "Use NATDPort instead." },
   { "ORListenAddress", "Use ORPort instead, possibly with the "
 "NoAdvertise sub-option" },
+  /* End of options deprecated since 0.2.9.2-alpha. */
 
   { NULL, NULL }
 };
@@ -6551,27 +6552,27 @@ parse_port_config(smartlist_t *out,
   }
 }
 if (!strcasecmp(elt, "CacheIPv4DNS")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   cache_ipv4 = ! no;
   continue;
 } else if (!strcasecmp(elt, "CacheIPv6DNS")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   cache_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "CacheDNS")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   cache_ipv4 = cache_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseIPv4Cache")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   use_cached_ipv4 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseIPv6Cache")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   use_cached_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseDNSCache")) {
-  warn_client_dns_cache(elt, no);
+  warn_client_dns_cache(elt, no); // since 0.2.9.2-alpha
   use_cached_ipv4 = use_cached_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "PreferIPv6Automap")) {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add new warn_deprecated option to config_assign*().

[nickm]

commit f5dcab8072e4f8471cc0d4d8a28c79272467fb92
Author: Nick Mathewson 
Date:   Wed Aug 3 12:52:26 2016 -0400

Add new warn_deprecated option to config_assign*().

Also, collapse all the config_assign*() options into a flags
argument, since having two boolean arguments was already confusing.
---
 src/or/config.c  | 14 +++---
 src/or/config.h  |  4 ++--
 src/or/confparse.c   | 24 +++-
 src/or/confparse.h   |  6 +-
 src/or/control.c |  5 +++--
 src/or/shared_random_state.c |  2 +-
 src/or/statefile.c   |  2 +-
 src/test/test_options.c  | 12 ++--
 8 files changed, 40 insertions(+), 29 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index b6ea089..a57b83e 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2186,14 +2186,13 @@ option_get_assignment(const or_options_t *options, 
const char *key)
  * what went wrong.
  */
 setopt_err_t
-options_trial_assign(config_line_t *list, int use_defaults,
- int clear_first, char **msg)
+options_trial_assign(config_line_t *list, unsigned flags, char **msg)
 {
   int r;
   or_options_t *trial_options = config_dup(_format, get_options());
 
   if ((r=config_assign(_format, trial_options,
-   list, use_defaults, clear_first, msg)) < 0) {
+   list, flags, msg)) < 0) {
 config_free(_format, trial_options);
 return r;
   }
@@ -4899,7 +4898,8 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
   err = SETOPT_ERR_PARSE;
   goto err;
 }
-retval = config_assign(_format, newoptions, cl, 0, 0, msg);
+retval = config_assign(_format, newoptions, cl,
+   CAL_WARN_DEPRECATIONS, msg);
 config_free_lines(cl);
 if (retval < 0) {
   err = SETOPT_ERR_PARSE;
@@ -4915,7 +4915,7 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
 
   /* Go through command-line variables too */
   retval = config_assign(_format, newoptions,
- global_cmdline_options, 0, 0, msg);
+ global_cmdline_options, CAL_WARN_DEPRECATIONS, msg);
   if (retval < 0) {
 err = SETOPT_ERR_PARSE;
 goto err;
@@ -4963,7 +4963,7 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
 err = SETOPT_ERR_PARSE;
 goto err;
   }
-  retval = config_assign(_format, newoptions, cl, 0, 0, msg);
+  retval = config_assign(_format, newoptions, cl, 0, msg);
   config_free_lines(cl);
   if (retval < 0) {
 err = SETOPT_ERR_PARSE;
@@ -4974,7 +4974,7 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
 }
 /* Assign command-line variables a second time too */
 retval = config_assign(_format, newoptions,
-   global_cmdline_options, 0, 0, msg);
+   global_cmdline_options, 0, msg);
 if (retval < 0) {
   err = SETOPT_ERR_PARSE;
   goto err;
diff --git a/src/or/config.h b/src/or/config.h
index a0fe6e4..9d020b3 100644
--- a/src/or/config.h
+++ b/src/or/config.h
@@ -29,8 +29,8 @@ const char *escaped_safe_str_client(const char *address);
 const char *escaped_safe_str(const char *address);
 const char *get_version(void);
 const char *get_short_version(void);
-setopt_err_t options_trial_assign(config_line_t *list, int use_defaults,
-  int clear_first, char **msg);
+setopt_err_t options_trial_assign(config_line_t *list, unsigned flags,
+  char **msg);
 
 uint32_t get_last_resolved_addr(void);
 void reset_last_resolved_addr(void);
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 8bd4b81..e9d5645 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -504,9 +504,12 @@ warn_deprecated_option(const char *what, const char *why)
  */
 static int
 config_assign_line(const config_format_t *fmt, void *options,
-   config_line_t *c, int use_defaults,
-   int clear_first, bitarray_t *options_seen, char **msg)
+   config_line_t *c, unsigned flags,
+   bitarray_t *options_seen, char **msg)
 {
+  const unsigned use_defaults = flags & CAL_USE_DEFAULTS;
+  const unsigned clear_first = flags & CAL_CLEAR_FIRST;
+  const unsigned warn_deprecations = flags & CAL_WARN_DEPRECATIONS;
   const config_var_t *var;
 
   CONFIG_CHECK(fmt, options);
@@ -532,8 +535,9 @@ config_assign_line(const config_format_t *fmt, void 
*options,
 c->key = tor_strdup(var->name);
   }
 
-  const char *deprecation_msg = config_find_deprecation(fmt, var->name);
-  if (deprecation_msg) {
+  const char *deprecation_msg;
+  if (warn_deprecations &&
+  (deprecation_msg = config_find_deprecation(fmt, var->name))) {
 warn_deprecated_option(var->name, deprecation_msg);
   }
 
@@ -639,7 +643,7 @@ config_lines_dup(const config_line_t *inp)
  * escape that 

[tor-commits] [tor/master] Deprecate some SocksPort sub-options.

[nickm]

commit f3314aa6e1e307467a684f1477e2af1568a728b6
Author: Nick Mathewson 
Date:   Wed Aug 3 12:24:04 2016 -0400

Deprecate some SocksPort sub-options.
---
 src/or/config.c | 20 
 1 file changed, 20 insertions(+)

diff --git a/src/or/config.c b/src/or/config.c
index a5428aa..b6ea089 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -6186,6 +6186,20 @@ config_parse_unix_port(const char *addrport, char 
**path_out)
 }
 #endif /* defined(HAVE_SYS_UN_H) */
 
+static void
+warn_client_dns_cache(const char *option, int disabling)
+{
+  if (disabling)
+return;
+
+  warn_deprecated_option(option,
+  "Client-side DNS cacheing enables a wide variety of route-"
+  "capture attacks. If a single bad exit node lies to you about "
+  "an IP address, cacheing that address would make you visit "
+  "an address of the attacker's choice every time you connected "
+  "to your destination.");
+}
+
 /**
  * Parse port configuration for a single port type.
  *
@@ -6554,21 +6568,27 @@ parse_port_config(smartlist_t *out,
   }
 }
 if (!strcasecmp(elt, "CacheIPv4DNS")) {
+  warn_client_dns_cache(elt, no);
   cache_ipv4 = ! no;
   continue;
 } else if (!strcasecmp(elt, "CacheIPv6DNS")) {
+  warn_client_dns_cache(elt, no);
   cache_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "CacheDNS")) {
+  warn_client_dns_cache(elt, no);
   cache_ipv4 = cache_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseIPv4Cache")) {
+  warn_client_dns_cache(elt, no);
   use_cached_ipv4 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseIPv6Cache")) {
+  warn_client_dns_cache(elt, no);
   use_cached_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "UseDNSCache")) {
+  warn_client_dns_cache(elt, no);
   use_cached_ipv4 = use_cached_ipv6 = ! no;
   continue;
 } else if (!strcasecmp(elt, "PreferIPv6Automap")) {



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'public/deprecation_v2'

[nickm]

commit 507f07de098a14d54dfc2a2fdc603b49d563ef01
Merge: 5aad921 f5dcab8
Author: Nick Mathewson 
Date:   Fri Aug 19 19:58:51 2016 -0400

Merge remote-tracking branch 'public/deprecation_v2'

 doc/tor.1.txt|  4 ++
 src/or/config.c  | 93 +++-
 src/or/config.h  |  4 +-
 src/or/confparse.c   | 55 ++
 src/or/confparse.h   | 13 ++-
 src/or/control.c |  5 ++-
 src/or/shared_random_state.c |  3 +-
 src/or/statefile.c   |  3 +-
 src/test/test_options.c  | 12 +++---
 9 files changed, 162 insertions(+), 30 deletions(-)

diff --cc src/or/config.c
index 06ce161,a57b83e..c1f82c8
--- a/src/or/config.c
+++ b/src/or/config.c
@@@ -2142,8 -2192,8 +2181,8 @@@ options_trial_assign(config_line_t *lis
or_options_t *trial_options = config_dup(_format, get_options());
  
if ((r=config_assign(_format, trial_options,
-list, use_defaults, clear_first, msg)) < 0) {
+list, flags, msg)) < 0) {
 -config_free(_format, trial_options);
 +or_options_free(trial_options);
  return r;
}
  



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Added a voting_schedule_free function to free voting schedules.

[nickm]

commit 8c0fdf6a276077123c356f3fc9d29eebfc41db72
Author: Daniel Pinto 
Date:   Tue Aug 16 17:53:38 2016 +0100

Added a voting_schedule_free function to free voting schedules.

Existing Uses of the tor_free function on voting schedules were
replaced with voting_schedule_free.
Fixes #19562.
---
 src/or/dirvote.c | 11 +--
 src/or/dirvote.h |  2 ++
 src/or/shared_random.c   |  2 +-
 src/or/shared_random_state.c |  2 +-
 4 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 94a13e3..7c80868 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -2577,7 +2577,7 @@ get_next_valid_after_time(time_t now)
   tor_assert(new_voting_schedule);
 
   next_valid_after_time = new_voting_schedule->interval_starts;
-  tor_free(new_voting_schedule);
+  free_voting_schedule(new_voting_schedule);
 
   return next_valid_after_time;
 }
@@ -2601,7 +2601,7 @@ dirvote_recalculate_timing(const or_options_t *options, 
time_t now)
 
   /* Fill in the global static struct now */
   memcpy(_schedule, new_voting_schedule, sizeof(voting_schedule));
-  tor_free(new_voting_schedule);
+  free_voting_schedule(new_voting_schedule);
 }
 
 /* Populate and return a new voting_schedule_t that can be used to schedule
@@ -2660,6 +2660,13 @@ get_voting_schedule(const or_options_t *options, time_t 
now, int severity)
   return new_voting_schedule;
 }
 
+/** Frees a voting_schedule_t. This should be used instead of the generic 
tor_free. */
+void
+free_voting_schedule(voting_schedule_t *voting_schedule_to_free)
+{
+  tor_free(voting_schedule_to_free);
+}
+
 /** Entry point: Take whatever voting actions are pending as of now. */
 void
 dirvote_act(const or_options_t *options, time_t now)
diff --git a/src/or/dirvote.h b/src/or/dirvote.h
index 2a83802..23084cd 100644
--- a/src/or/dirvote.h
+++ b/src/or/dirvote.h
@@ -157,6 +157,8 @@ typedef struct {
 voting_schedule_t *get_voting_schedule(const or_options_t *options,
time_t now, int severity);
 
+void free_voting_schedule(voting_schedule_t *voting_schedule_to_free);
+
 void dirvote_get_preferred_voting_intervals(vote_timing_t *timing_out);
 time_t dirvote_get_start_of_next_interval(time_t now,
   int interval,
diff --git a/src/or/shared_random.c b/src/or/shared_random.c
index 0a1f24a..4453052 100644
--- a/src/or/shared_random.c
+++ b/src/or/shared_random.c
@@ -1328,7 +1328,7 @@ sr_act_post_consensus(const networkstatus_t *consensus)
   get_voting_schedule(options,time(NULL), LOG_NOTICE);
 time_t interval_starts = voting_schedule->interval_starts;
 sr_state_update(interval_starts);
-tor_free(voting_schedule);
+free_voting_schedule(voting_schedule);
   }
 }
 
diff --git a/src/or/shared_random_state.c b/src/or/shared_random_state.c
index 52a0034..4985af1 100644
--- a/src/or/shared_random_state.c
+++ b/src/or/shared_random_state.c
@@ -150,7 +150,7 @@ get_start_time_of_current_round(time_t now)
  voting_interval,
  options->TestingV3AuthVotingStartOffset);
 
-  tor_free(new_voting_schedule);
+  free_voting_schedule(new_voting_schedule);
 
   return curr_start;
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Rename free_voting_schedule to voting_schedule_free. Wrap line. Follow if convention.

[nickm]

commit 5aad921e3a02cd96158cc54d309d072ed21b3aba
Author: Nick Mathewson 
Date:   Fri Aug 19 19:44:19 2016 -0400

Rename free_voting_schedule to voting_schedule_free. Wrap line. Follow if 
convention.
---
 src/or/dirvote.c | 11 +++
 src/or/dirvote.h |  2 +-
 src/or/shared_random.c   |  2 +-
 src/or/shared_random_state.c |  2 +-
 4 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 7c80868..9748f4a 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -2577,7 +2577,7 @@ get_next_valid_after_time(time_t now)
   tor_assert(new_voting_schedule);
 
   next_valid_after_time = new_voting_schedule->interval_starts;
-  free_voting_schedule(new_voting_schedule);
+  voting_schedule_free(new_voting_schedule);
 
   return next_valid_after_time;
 }
@@ -2601,7 +2601,7 @@ dirvote_recalculate_timing(const or_options_t *options, 
time_t now)
 
   /* Fill in the global static struct now */
   memcpy(_schedule, new_voting_schedule, sizeof(voting_schedule));
-  free_voting_schedule(new_voting_schedule);
+  voting_schedule_free(new_voting_schedule);
 }
 
 /* Populate and return a new voting_schedule_t that can be used to schedule
@@ -2660,10 +2660,13 @@ get_voting_schedule(const or_options_t *options, time_t 
now, int severity)
   return new_voting_schedule;
 }
 
-/** Frees a voting_schedule_t. This should be used instead of the generic 
tor_free. */
+/** Frees a voting_schedule_t. This should be used instead of the generic
+ * tor_free. */
 void
-free_voting_schedule(voting_schedule_t *voting_schedule_to_free)
+voting_schedule_free(voting_schedule_t *voting_schedule_to_free)
 {
+  if (!voting_schedule_to_free)
+return;
   tor_free(voting_schedule_to_free);
 }
 
diff --git a/src/or/dirvote.h b/src/or/dirvote.h
index 23084cd..a1f71ce 100644
--- a/src/or/dirvote.h
+++ b/src/or/dirvote.h
@@ -157,7 +157,7 @@ typedef struct {
 voting_schedule_t *get_voting_schedule(const or_options_t *options,
time_t now, int severity);
 
-void free_voting_schedule(voting_schedule_t *voting_schedule_to_free);
+void voting_schedule_free(voting_schedule_t *voting_schedule_to_free);
 
 void dirvote_get_preferred_voting_intervals(vote_timing_t *timing_out);
 time_t dirvote_get_start_of_next_interval(time_t now,
diff --git a/src/or/shared_random.c b/src/or/shared_random.c
index 4453052..19564f5 100644
--- a/src/or/shared_random.c
+++ b/src/or/shared_random.c
@@ -1328,7 +1328,7 @@ sr_act_post_consensus(const networkstatus_t *consensus)
   get_voting_schedule(options,time(NULL), LOG_NOTICE);
 time_t interval_starts = voting_schedule->interval_starts;
 sr_state_update(interval_starts);
-free_voting_schedule(voting_schedule);
+voting_schedule_free(voting_schedule);
   }
 }
 
diff --git a/src/or/shared_random_state.c b/src/or/shared_random_state.c
index 4985af1..655b950 100644
--- a/src/or/shared_random_state.c
+++ b/src/or/shared_random_state.c
@@ -150,7 +150,7 @@ get_start_time_of_current_round(time_t now)
  voting_interval,
  options->TestingV3AuthVotingStartOffset);
 
-  free_voting_schedule(new_voting_schedule);
+  voting_schedule_free(new_voting_schedule);
 
   return curr_start;
 }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'jigsaw/fix-19562'

[nickm]

commit 3e8f93bb103d3537703c168a82450aeab5f96710
Merge: fdc2a91 8c0fdf6
Author: Nick Mathewson 
Date:   Fri Aug 19 19:41:53 2016 -0400

Merge remote-tracking branch 'jigsaw/fix-19562'

 src/or/dirvote.c | 11 +--
 src/or/dirvote.h |  2 ++
 src/or/shared_random.c   |  2 +-
 src/or/shared_random_state.c |  2 +-
 4 files changed, 13 insertions(+), 4 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix quite a few slow memory leaks in config.c

[nickm]

commit be820f41a33413883b23220ec19135477ac3e67d
Author: Nick Mathewson 
Date:   Fri Aug 12 18:47:35 2016 -0400

Fix quite a few slow memory leaks in config.c

This bug was introduced in 8af87b5ab3c when we added a separate
or_options_free() function but didn't start using it everywhere.

Fixes bug 19466.
---
 changes/bug19466 |  3 +++
 src/or/config.c  | 20 ++--
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/changes/bug19466 b/changes/bug19466
new file mode 100644
index 000..d0c2ada
--- /dev/null
+++ b/changes/bug19466
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leak):
+- Fix a series of slow memory leaks related to parsing torrc files
+  and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha.
diff --git a/src/or/config.c b/src/or/config.c
index 3fab3b3..06ce161 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -746,7 +746,7 @@ set_options(or_options_t *new_val, char **msg)
   }
 
   if (old_options != global_options)
-config_free(_format, old_options);
+or_options_free(old_options);
 
   return 0;
 }
@@ -2143,23 +2143,23 @@ options_trial_assign(config_line_t *list, int 
use_defaults,
 
   if ((r=config_assign(_format, trial_options,
list, use_defaults, clear_first, msg)) < 0) {
-config_free(_format, trial_options);
+or_options_free(trial_options);
 return r;
   }
 
   if (options_validate(get_options_mutable(), trial_options,
global_default_options, 1, msg) < 0) {
-config_free(_format, trial_options);
+or_options_free(trial_options);
 return SETOPT_ERR_PARSE; /*XXX make this a separate return value. */
   }
 
   if (options_transition_allowed(get_options(), trial_options, msg) < 0) {
-config_free(_format, trial_options);
+or_options_free(trial_options);
 return SETOPT_ERR_TRANSITION;
   }
 
   if (set_options(trial_options, msg)<0) {
-config_free(_format, trial_options);
+or_options_free(trial_options);
 return SETOPT_ERR_SETTING;
   }
 
@@ -4873,8 +4873,8 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
 }
 
 /* Clear newoptions and re-initialize them with new defaults. */
-config_free(_format, newoptions);
-config_free(_format, newdefaultoptions);
+or_options_free(newoptions);
+or_options_free(newdefaultoptions);
 newdefaultoptions = NULL;
 newoptions = tor_malloc_zero(sizeof(or_options_t));
 newoptions->magic_ = OR_OPTIONS_MAGIC;
@@ -4927,14 +4927,14 @@ options_init_from_string(const char *cf_defaults, const 
char *cf,
 err = SETOPT_ERR_SETTING;
 goto err; /* frees and replaces old options */
   }
-  config_free(_format, global_default_options);
+  or_options_free(global_default_options);
   global_default_options = newdefaultoptions;
 
   return SETOPT_OK;
 
  err:
-  config_free(_format, newoptions);
-  config_free(_format, newdefaultoptions);
+  or_options_free(newoptions);
+  or_options_free(newdefaultoptions);
   if (*msg) {
 char *old_msg = *msg;
 tor_asprintf(msg, "Failed to parse/validate config: %s", old_msg);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'public/bug19466'

[nickm]

commit fdc2a9195686805e98e221150fa476afe2d394e9
Merge: 8f2f06c be820f4
Author: Nick Mathewson 
Date:   Fri Aug 19 19:37:48 2016 -0400

Merge remote-tracking branch 'public/bug19466'

 changes/bug19466 |  3 +++
 src/or/config.c  | 20 ++--
 2 files changed, 13 insertions(+), 10 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'maint-0.2.8' into release-0.2.8

[nickm]

commit 6e181bafff0b62688bae02998784a8e4b7f2167d
Merge: ee47010 65cf513
Author: Nick Mathewson 
Date:   Fri Aug 19 19:35:52 2016 -0400

Merge branch 'maint-0.2.8' into release-0.2.8

 changes/bug19903 | 4 +
 changes/geoip-august2016 | 4 +
 src/common/tortls.c  | 2 +-
 src/config/geoip | 14009 +
 src/config/geoip6|  1108 +++-
 5 files changed, 8587 insertions(+), 6540 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'maint-0.2.6' into maint-0.2.7

[nickm]

commit db372addc8534dc6e4639fe943179943b276b051
Merge: 4d70ed7 742ff2c
Author: Nick Mathewson 
Date:   Fri Aug 12 10:27:08 2016 -0400

Merge branch 'maint-0.2.6' into maint-0.2.7

 changes/geoip-august2016 | 4 +
 src/config/geoip | 14009 +
 src/config/geoip6|  1108 +++-
 3 files changed, 8582 insertions(+), 6539 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'maint-0.2.5' into maint-0.2.6

[nickm]

commit 742ff2cddbb9676262e1b588206c3ae264f269b8
Merge: 210928f 46754d6
Author: Nick Mathewson 
Date:   Fri Aug 12 10:27:01 2016 -0400

Merge branch 'maint-0.2.5' into maint-0.2.6

 changes/geoip-august2016 | 4 +
 src/config/geoip | 14009 +
 src/config/geoip6|  1108 +++-
 3 files changed, 8582 insertions(+), 6539 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'bug19903_028_v2' into maint-0.2.8

[nickm]

commit 65cf5130ef60b82bae552363bcca53e5ab9cfd02
Merge: 459e5d7 49843c9
Author: Nick Mathewson 
Date:   Fri Aug 19 19:35:26 2016 -0400

Merge branch 'bug19903_028_v2' into maint-0.2.8

 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'maint-0.2.4' into maint-0.2.5

[nickm]

commit 46754d608110fce07fb286365b67209b35397194
Merge: d95c280 1410947
Author: Nick Mathewson 
Date:   Fri Aug 12 10:26:48 2016 -0400

Merge branch 'maint-0.2.4' into maint-0.2.5

 changes/geoip-august2016 | 4 +
 src/config/geoip | 14009 +
 src/config/geoip6|  1108 +++-
 3 files changed, 8582 insertions(+), 6539 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'bug19903_028_v2' into maint-0.2.8

[nickm]

commit 65cf5130ef60b82bae552363bcca53e5ab9cfd02
Merge: 459e5d7 49843c9
Author: Nick Mathewson 
Date:   Fri Aug 19 19:35:26 2016 -0400

Merge branch 'bug19903_028_v2' into maint-0.2.8

 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

[nickm]

commit 49843c980a07b73c9e98c7c7983e7745d5d82751
Author: Nick Mathewson 
Date:   Thu Aug 11 20:29:37 2016 -0400

Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

Fixes bug 19903; bugfix on 0.2.8.1-alpha.
---
 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug19903 b/changes/bug19903
new file mode 100644
index 000..33aa878
--- /dev/null
+++ b/changes/bug19903
@@ -0,0 +1,4 @@
+  o Minor bugfixes (compilation):
+- Remove an inappropriate "inline" in tortls.c that was causing warnings
+  on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha.
+
diff --git a/src/common/tortls.c b/src/common/tortls.c
index b68f5df..9507bb7 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -143,7 +143,7 @@ tor_tls_allocate_tor_tls_object_ex_data_index(void)
 
 /** Helper: given a SSL* pointer, return the tor_tls_t object using that
  * pointer. */
-STATIC inline tor_tls_t *
+STATIC tor_tls_t *
 tor_tls_get_by_ssl(const SSL *ssl)
 {
   tor_tls_t *result = SSL_get_ex_data(ssl, tor_tls_object_ex_data_index);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.8] Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

[nickm]

commit 49843c980a07b73c9e98c7c7983e7745d5d82751
Author: Nick Mathewson 
Date:   Thu Aug 11 20:29:37 2016 -0400

Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

Fixes bug 19903; bugfix on 0.2.8.1-alpha.
---
 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug19903 b/changes/bug19903
new file mode 100644
index 000..33aa878
--- /dev/null
+++ b/changes/bug19903
@@ -0,0 +1,4 @@
+  o Minor bugfixes (compilation):
+- Remove an inappropriate "inline" in tortls.c that was causing warnings
+  on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha.
+
diff --git a/src/common/tortls.c b/src/common/tortls.c
index b68f5df..9507bb7 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -143,7 +143,7 @@ tor_tls_allocate_tor_tls_object_ex_data_index(void)
 
 /** Helper: given a SSL* pointer, return the tor_tls_t object using that
  * pointer. */
-STATIC inline tor_tls_t *
+STATIC tor_tls_t *
 tor_tls_get_by_ssl(const SSL *ssl)
 {
   tor_tls_t *result = SSL_get_ex_data(ssl, tor_tls_object_ex_data_index);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

[nickm]

commit 49843c980a07b73c9e98c7c7983e7745d5d82751
Author: Nick Mathewson 
Date:   Thu Aug 11 20:29:37 2016 -0400

Avoid confusing GCC 4.2.1 by saying "int foo()... inline int foo() {...}"

Fixes bug 19903; bugfix on 0.2.8.1-alpha.
---
 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug19903 b/changes/bug19903
new file mode 100644
index 000..33aa878
--- /dev/null
+++ b/changes/bug19903
@@ -0,0 +1,4 @@
+  o Minor bugfixes (compilation):
+- Remove an inappropriate "inline" in tortls.c that was causing warnings
+  on older versions of GCC. Fixes bug 19903; 0.2.8.1-alpha.
+
diff --git a/src/common/tortls.c b/src/common/tortls.c
index b68f5df..9507bb7 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -143,7 +143,7 @@ tor_tls_allocate_tor_tls_object_ex_data_index(void)
 
 /** Helper: given a SSL* pointer, return the tor_tls_t object using that
  * pointer. */
-STATIC inline tor_tls_t *
+STATIC tor_tls_t *
 tor_tls_get_by_ssl(const SSL *ssl)
 {
   tor_tls_t *result = SSL_get_ex_data(ssl, tor_tls_object_ex_data_index);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.8] Merge branch 'maint-0.2.7' into maint-0.2.8

[nickm]

commit 459e5d705eb688642d53f38c00e0a2c6cfd36b8a
Merge: 6b740aa db372ad
Author: Nick Mathewson 
Date:   Fri Aug 12 10:27:14 2016 -0400

Merge branch 'maint-0.2.7' into maint-0.2.8

 changes/geoip-august2016 | 4 +
 src/config/geoip | 14009 +
 src/config/geoip6|  1108 +++-
 3 files changed, 8582 insertions(+), 6539 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.8] Merge branch 'bug19903_028_v2' into maint-0.2.8

[nickm]

commit 65cf5130ef60b82bae552363bcca53e5ab9cfd02
Merge: 459e5d7 49843c9
Author: Nick Mathewson 
Date:   Fri Aug 19 19:35:26 2016 -0400

Merge branch 'bug19903_028_v2' into maint-0.2.8

 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.2.8'

[nickm]

commit 8f2f06c9b38015f641d0505e805a8285884f55ba
Merge: 5e57190 65cf513
Author: Nick Mathewson 
Date:   Fri Aug 19 19:35:39 2016 -0400

Merge branch 'maint-0.2.8'

 changes/bug19903| 4 
 src/common/tortls.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 9b9e01f286b734bbdfacbaa2f9a3cae6932ac4fb
Author: Translation commit bot 
Date:   Fri Aug 19 13:45:21 2016 +

Update translations for https_everywhere
---
 la/ssl-observatory.dtd | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/la/ssl-observatory.dtd b/la/ssl-observatory.dtd
index 37637c9..1f0858d 100644
--- a/la/ssl-observatory.dtd
+++ b/la/ssl-observatory.dtd
@@ -3,9 +3,9 @@
 
 
 
-
+
 
 
 
 
+"Usetne HTTPS In Omnibus Locis SSL Observatorium?">
 
 
 
 
 
 
+"Id inire certe est, nisi intrissimum
+coniunctionem usas.">
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 7e8960e5030de7374995eedc202f48205e242ef7
Author: Translation commit bot 
Date:   Fri Aug 19 12:45:22 2016 +

Update translations for https_everywhere
---
 la/ssl-observatory.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/la/ssl-observatory.dtd b/la/ssl-observatory.dtd
index a4b3a57..37637c9 100644
--- a/la/ssl-observatory.dtd
+++ b/la/ssl-observatory.dtd
@@ -1,6 +1,6 @@
 
 
-
+
 
 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-prefsdtd] Update translations for tor-messenger-prefsdtd

[translation]

commit 76dbf38c19f62aa81267243a5035e9e549c60be0
Author: Translation commit bot 
Date:   Fri Aug 19 11:48:13 2016 +

Update translations for tor-messenger-prefsdtd
---
 la/prefs.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/la/prefs.dtd b/la/prefs.dtd
index 1441b0e..2f9cc18 100644
--- a/la/prefs.dtd
+++ b/la/prefs.dtd
@@ -1,4 +1,4 @@
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-otrproperties] Update translations for tor-messenger-otrproperties

[translation]

commit f9aa0551a349a0e0d6594acd3593ccde4bdfbe7e
Author: Translation commit bot 
Date:   Fri Aug 19 11:48:02 2016 +

Update translations for tor-messenger-otrproperties
---
 la/otr.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/la/otr.properties b/la/otr.properties
index 11b23be..c382279 100644
--- a/la/otr.properties
+++ b/la/otr.properties
@@ -22,7 +22,7 @@ error.not_priv=You sent encrypted data to %S, who wasn't 
expecting it.
 error.unreadable=You transmitted an unreadable encrypted message.
 error.malformed=You transmitted a malformed data message.
 resent=[resent]
-tlv.disconnected=%S has ended their private conversation with you; you should 
do the same.
+tlv.disconnected=%S dictionem abditam tecum finit, etiam sic facere debes.
 query.msg=%S has requested an Off-the Record private conversation. However, 
you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for 
more information.
 trust.unused=Unused
 trust.not_private=Not Private

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-progress] Update translations for tor-launcher-progress

[translation]

commit 69ff40cb5de971eaee5cd29d3272ad4769bf51a1
Author: Translation commit bot 
Date:   Fri Aug 19 11:46:03 2016 +

Update translations for tor-launcher-progress
---
 la/progress.dtd | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/la/progress.dtd b/la/progress.dtd
index 0fd1ad4..780bad2 100644
--- a/la/progress.dtd
+++ b/la/progress.dtd
@@ -1,4 +1,4 @@
 
-
-
-
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-properties] Update translations for tor-launcher-properties

[translation]

commit d4c1b80ad1766601e086809782ea440adc3836d7
Author: Translation commit bot 
Date:   Fri Aug 19 11:45:57 2016 +

Update translations for tor-launcher-properties
---
 la/torlauncher.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/la/torlauncher.properties b/la/torlauncher.properties
index c83591e..2a4d1d9 100644
--- a/la/torlauncher.properties
+++ b/la/torlauncher.properties
@@ -48,7 +48,7 @@ torlauncher.bootstrapStatus.loading_status=Loading network 
status
 torlauncher.bootstrapStatus.loading_keys=Loading authority certificates
 torlauncher.bootstrapStatus.requesting_descriptors=Requesting relay information
 torlauncher.bootstrapStatus.loading_descriptors=Loading relay information
-torlauncher.bootstrapStatus.conn_or=Connecting to the Tor network
+torlauncher.bootstrapStatus.conn_or=Ad Tor coniunctionem coniungitur
 torlauncher.bootstrapStatus.handshake_or=Establishing a Tor circuit
 torlauncher.bootstrapStatus.done=Connected to the Tor network!
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-progress_completed] Update translations for tor-launcher-progress_completed

[translation]

commit 3dd4dc55dea51b803a57a64871863ef0857107e0
Author: Translation commit bot 
Date:   Fri Aug 19 11:46:06 2016 +

Update translations for tor-launcher-progress_completed
---
 la/progress.dtd | 4 
 1 file changed, 4 insertions(+)

diff --git a/la/progress.dtd b/la/progress.dtd
new file mode 100644
index 000..780bad2
--- /dev/null
+++ b/la/progress.dtd
@@ -0,0 +1,4 @@
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit a37ac2b69c9c358dc3b9368b954e1fdd7b8e7791
Author: Translation commit bot 
Date:   Fri Aug 19 11:45:25 2016 +

Update translations for https_everywhere_completed
---
 la/https-everywhere.properties | 8 
 1 file changed, 8 insertions(+)

diff --git a/la/https-everywhere.properties b/la/https-everywhere.properties
new file mode 100644
index 000..f0827b3
--- /dev/null
+++ b/la/https-everywhere.properties
@@ -0,0 +1,8 @@
+https-everywhere.menu.globalEnable = HTTPS In Omnibus Locis inire
+https-everywhere.menu.globalDisable = HTTPS In Omnibus Locis finire
+https-everywhere.menu.enableDisable = Leges Inire / Finire
+https-everywhere.menu.noRules = (Leges pro ea pagina desunt)
+https-everywhere.menu.unknownRules = (Leges pro ea pagina nescitae sunt)
+https-everywhere.toolbar.hint = HTTPS In Omnibus Locis nunc adest. Id in modo 
pagina-pagina presso signi in axis sententii locis addicere potes.
+https-everywhere.migration.notification0 = Pro inportatione correcturae 
magnae, ea novatio praeferentias legum tuas ad initium reponet.
+https-everywhere.menu.ruleset-tests = Collationes legum de HTTPS In Omnibus 
Locis probare

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/master] Actually fix that bug with shifting when there's nothing to shift.

[gk]

commit ce368417b914f74383bafddd268b2f1a2e9dc509
Author: Linus Nordberg 
Date:   Fri Aug 19 13:24:24 2016 +0200

Actually fix that bug with shifting when there's nothing to shift.
---
 tools/continuous-builds/park-nightly.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/continuous-builds/park-nightly.sh 
b/tools/continuous-builds/park-nightly.sh
index dff87e2..378eb21 100755
--- a/tools/continuous-builds/park-nightly.sh
+++ b/tools/continuous-builds/park-nightly.sh
@@ -8,7 +8,7 @@ if [ "$1" = "-v" ]; then
 fi
 
 DESTDIR=~/public_html/builds
-if [ -n "$DESTDIR" ]; then
+if [ -n "$1" ]; then
 DESTDIR=$1
 shift
 fi

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/hardened-builds] Actually fix that bug with shifting when there's nothing to shift.

[gk]

commit 4424456c869552bf9b238fbc15a390a0d5ca8d9a
Author: Linus Nordberg 
Date:   Fri Aug 19 13:24:24 2016 +0200

Actually fix that bug with shifting when there's nothing to shift.
---
 tools/continuous-builds/park-nightly.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/continuous-builds/park-nightly.sh 
b/tools/continuous-builds/park-nightly.sh
index dff87e2..378eb21 100755
--- a/tools/continuous-builds/park-nightly.sh
+++ b/tools/continuous-builds/park-nightly.sh
@@ -8,7 +8,7 @@ if [ "$1" = "-v" ]; then
 fi
 
 DESTDIR=~/public_html/builds
-if [ -n "$DESTDIR" ]; then
+if [ -n "$1" ]; then
 DESTDIR=$1
 shift
 fi

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit ca897f241377af1bee41f840ac5f1f40907cb221
Author: Translation commit bot 
Date:   Fri Aug 19 11:15:26 2016 +

Update translations for https_everywhere_completed
---
 la/https-everywhere.dtd | 57 +
 1 file changed, 57 insertions(+)

diff --git a/la/https-everywhere.dtd b/la/https-everywhere.dtd
new file mode 100644
index 000..93cdf41
--- /dev/null
+++ b/la/https-everywhere.dtd
@@ -0,0 +1,57 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage

[translation]

commit dfe823ea638cb6001c953cdab1ee510a86282e58
Author: Translation commit bot 
Date:   Fri Aug 19 11:16:19 2016 +

Update translations for abouttor-homepage
---
 la/aboutTor.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/la/aboutTor.dtd b/la/aboutTor.dtd
index 4a9a57b..e0cc48e 100644
--- a/la/aboutTor.dtd
+++ b/la/aboutTor.dtd
@@ -21,7 +21,7 @@
 
 
 
-
+
 
 https://startpage.com/rth/search;>
 https://duckduckgo.com/html/;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 9b84d67bc0cfe87f07a8b928f7fb287af3f9a9c9
Author: Translation commit bot 
Date:   Fri Aug 19 11:15:21 2016 +

Update translations for https_everywhere
---
 la/https-everywhere.dtd| 62 +-
 la/https-everywhere.properties | 10 +++
 2 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/la/https-everywhere.dtd b/la/https-everywhere.dtd
index 079482f..93cdf41 100644
--- a/la/https-everywhere.dtd
+++ b/la/https-everywhere.dtd
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -20,38 +20,38 @@
 
 
 
-
-
-
+
+
+
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
 
 
 
diff --git a/la/https-everywhere.properties b/la/https-everywhere.properties
index d23555a..2fac156 100644
--- a/la/https-everywhere.properties
+++ b/la/https-everywhere.properties
@@ -1,8 +1,8 @@
 https-everywhere.menu.globalEnable = HTTPS In Omnibus Locis inire
 https-everywhere.menu.globalDisable = HTTPS In Omnibus Locis finire
-https-everywhere.menu.enableDisable = Enable / Disable Rules
-https-everywhere.menu.noRules = (No Rules for This Page)
-https-everywhere.menu.unknownRules = (Rules for This Page Unknown)
-https-everywhere.toolbar.hint = HTTPS Everywhere is now active. You can toggle 
it on a site-by-site basis by clicking the icon in the address bar.
-https-everywhere.migration.notification0 = In order to implement a crucial 
fix, this update resets your HTTPS Everywhere rule preferences to their default 
values.
+https-everywhere.menu.enableDisable = Leges Inire / Finire
+https-everywhere.menu.noRules = (Leges pro ea pagina desunt)
+https-everywhere.menu.unknownRules = (Leges pro ea pagina nescitae sunt)
+https-everywhere.toolbar.hint = HTTPS In Omnibus Locis nunc adest. Id in modo 
pagina-pagina presso signi in axis sententii locis addicere potes.
+https-everywhere.migration.notification0 = Pro inportatione correcturae 
magnae, ea novatio praeferentias legum tuas ad initium reponet.
 https-everywhere.menu.ruleset-tests = Run HTTPS Everywhere Ruleset Tests

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/hardened-builds] Don't shift unconditionally.

[gk]

commit c1d4e1f132cbe239b6586b456822017a5276f7ad
Author: Linus Nordberg 
Date:   Fri Aug 19 13:00:17 2016 +0200

Don't shift unconditionally.
---
 tools/continuous-builds/park-nightly.sh | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tools/continuous-builds/park-nightly.sh 
b/tools/continuous-builds/park-nightly.sh
index 944e3a1..dff87e2 100755
--- a/tools/continuous-builds/park-nightly.sh
+++ b/tools/continuous-builds/park-nightly.sh
@@ -7,8 +7,11 @@ if [ "$1" = "-v" ]; then
   shift
 fi
 
-DESTDIR=$1; shift
-[ -z "$DESTDIR" ] && DESTDIR=~/public_html/builds
+DESTDIR=~/public_html/builds
+if [ -n "$DESTDIR" ]; then
+DESTDIR=$1
+shift
+fi
 
 do_check() {
 SAVEDPWD=$PWD

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/master] Don't shift unconditionally.

[gk]

commit 0b888ea05c97153c40a02b4c676d5291f9b3b4c8
Author: Linus Nordberg 
Date:   Fri Aug 19 13:00:17 2016 +0200

Don't shift unconditionally.
---
 tools/continuous-builds/park-nightly.sh | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tools/continuous-builds/park-nightly.sh 
b/tools/continuous-builds/park-nightly.sh
index 944e3a1..dff87e2 100755
--- a/tools/continuous-builds/park-nightly.sh
+++ b/tools/continuous-builds/park-nightly.sh
@@ -7,8 +7,11 @@ if [ "$1" = "-v" ]; then
   shift
 fi
 
-DESTDIR=$1; shift
-[ -z "$DESTDIR" ] && DESTDIR=~/public_html/builds
+DESTDIR=~/public_html/builds
+if [ -n "$DESTDIR" ]; then
+DESTDIR=$1
+shift
+fi
 
 do_check() {
 SAVEDPWD=$PWD

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torbutton/master] Bug 19837: Whitelist internal URLs that Firefox requires for media.

[gk]

commit 61b395a433c821bd4b17f69b956eb149f12f525e
Author: Yawning Angel 
Date:   Mon Aug 15 18:53:05 2016 +

Bug 19837: Whitelist internal URLs that Firefox requires for media.

Firefox requires being able to load chrome:// and resource:// URLs for
things like the media player, with the origin set to the remote URL
that triggered the load.

This is unfortunate in that there's no way to disambiguate malicious JS
versus someone opening a video file (for example).

See https://trac.torproject.org/projects/tor/ticket/19837#comment:5
for why this is a huge nightmare and will eventually require C++ code.
---
 src/components/content-policy.js | 29 +
 1 file changed, 29 insertions(+)

diff --git a/src/components/content-policy.js b/src/components/content-policy.js
index e025ecd..3379eb7 100644
--- a/src/components/content-policy.js
+++ b/src/components/content-policy.js
@@ -21,7 +21,26 @@ ContentPolicy.prototype = {
   contractID: "@torproject.org/content-policy;1",
   QueryInterface: XPCOMUtils.generateQI([Ci.nsIContentPolicy]),
 
+  uriWhitelist: {
+// Video playback.
+"chrome://global/content/TopLevelVideoDocument.js": 
Ci.nsIContentPolicy.TYPE_SCRIPT,
+"resource://gre/res/TopLevelVideoDocument.css": 
Ci.nsIContentPolicy.TYPE_STYLESHEET,
+"chrome://global/skin/media/TopLevelVideoDocument.css": 
Ci.nsIContentPolicy.TYPE_STYLESHEET,
+"chrome://global/content/bindings/videocontrols.xml": 
Ci.nsIContentPolicy.TYPE_XBL,
+"chrome://global/content/bindings/scale.xml": Ci.nsIContentPolicy.TYPE_XBL,
+"chrome://global/content/bindings/progressmeter.xml": 
Ci.nsIContentPolicy.TYPE_XBL,
+
+// Image display.
+"resource://gre/res/ImageDocument.css": 
Ci.nsIContentPolicy.TYPE_STYLESHEET,
+"resource://gre/res/TopLevelImageDocument.css": 
Ci.nsIContentPolicy.TYPE_STYLESHEET,
+"chrome://global/skin/media/TopLevelImageDocument.css": 
Ci.nsIContentPolicy.TYPE_STYLESHEET,
+
+// Resizing text boxes.
+"chrome://global/content/bindings/resizer.xml": 
Ci.nsIContentPolicy.TYPE_XBL,
+  },
+
   shouldLoad: function(aContentType, aContentLocation, aRequestOrigin, 
aContext, aMimeTypeGuess, aExtra) {
+
 // Accept if no content URI or scheme is not a resource/chrome.
 if (!aContentLocation || !(aContentLocation.schemeIs('resource') || 
aContentLocation.schemeIs('chrome')))
   return Ci.nsIContentPolicy.ACCEPT;
@@ -34,6 +53,16 @@ ContentPolicy.prototype = {
 if (Ci.nsIContentPolicy.TYPE_DOCUMENT === aContentType)
   return Ci.nsIContentPolicy.ACCEPT;
 
+// There's certain things that break horribly if they aren't allowed to
+// access URIs with proscribed schemes, with `aContentOrigin` basically
+// set to arbibrary URIs.
+//
+// XXX: Feature gate this behind the security slider or something, I don't
+// give a fuck.
+if (aContentLocation.spec in this.uriWhitelist)
+  if (this.uriWhitelist[aContentLocation.spec] == aContentType)
+return Ci.nsIContentPolicy.ACCEPT;
+
 return Ci.nsIContentPolicy.REJECT_REQUEST;
   },
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/hardened-builds] Version bumps for hardened nightly

[gk]

commit 0d8810c64d578e2b7cf659f2aecfe12b07d2fab5
Author: Georg Koppen 
Date:   Fri Aug 19 07:21:00 2016 +

Version bumps for hardened nightly
---
 gitian/versions.nightly | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gitian/versions.nightly b/gitian/versions.nightly
index dead59c..1d216fa 100755
--- a/gitian/versions.nightly
+++ b/gitian/versions.nightly
@@ -17,7 +17,7 @@ MULTI_LINGUAL=1
 
 VERIFY_TAGS=0
 
-FIREFOX_VERSION=45.2.0esr
+FIREFOX_VERSION=45.3.0esr
 
 TORBROWSER_UPDATE_CHANNEL=default
 
@@ -55,7 +55,7 @@ GITIAN_TAG=tor-browser-builder-4
 OPENSSL_VER=1.0.1t
 GMP_VER=5.1.3
 FIREFOX_LANG_VER=$FIREFOX_VERSION
-FIREFOX_LANG_BUILD=build2
+FIREFOX_LANG_BUILD=build1
 BINUTILS_VER=2.24
 GCC_VER=5.2.0
 CLANG_VER=r247539
@@ -77,7 +77,7 @@ ELFUTILS_VER=0.160
 ## File names for the source packages
 OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
 GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2
-NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.11-fn+sm+fx.xpi
+NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.14-fx+fn+sm.xpi
 
TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz
 CCTOOLS_PACKAGE=cctools.tar.gz
 OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz
@@ -112,7 +112,7 @@ 
GMP_HASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160
 OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf
 
OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc
 
TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9
-NOSCRIPT_HASH=fdd965a69188ac651b08a7d3ada54821a89db10a4685aa73ba59edc0b8243390
+NOSCRIPT_HASH=39bc71be20c318578239ea791c0341dbfcd13b33559af080cea386eeec08b337
 CCTOOLS_HASH=e908fdebc2886ee5491ebfc7e7950af451b3c4e2439c2d7a923ed06ad05113e4
 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/master] NoScript version bump for nightlies

[gk]

commit 0a0a8c01236ddb50f5f4f87da28758f8e65214de
Author: Georg Koppen 
Date:   Fri Aug 19 07:19:11 2016 +

NoScript version bump for nightlies
---
 gitian/versions.nightly | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gitian/versions.nightly b/gitian/versions.nightly
index 749f8ea..f92a471 100755
--- a/gitian/versions.nightly
+++ b/gitian/versions.nightly
@@ -75,7 +75,7 @@ NSIS_VER=2.51
 ## File names for the source packages
 OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
 GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2
-NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.12-fx+fn+sm.xpi
+NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.14-fx+fn+sm.xpi
 
TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz
 CCTOOLS_PACKAGE=cctools.tar.gz
 OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz
@@ -109,7 +109,7 @@ 
GMP_HASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160
 OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf
 
OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc
 
TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9
-NOSCRIPT_HASH=3fa641dcb60455c950cef0c15effa8ca060b3b05405f46f55cbdb922929027e7
+NOSCRIPT_HASH=39bc71be20c318578239ea791c0341dbfcd13b33559af080cea386eeec08b337
 CCTOOLS_HASH=e908fdebc2886ee5491ebfc7e7950af451b3c4e2439c2d7a923ed06ad05113e4
 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle/master] Fold in stable changelog

[gk]

commit 10aa41a5d6abf25a912616c39d9e39ebb7cc29d6
Author: Georg Koppen 
Date:   Fri Aug 19 09:15:28 2016 +0200

Fold in stable changelog
---
 Bundle-Data/Docs/ChangeLog.txt | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt
index c0abf86..4506e37 100644
--- a/Bundle-Data/Docs/ChangeLog.txt
+++ b/Bundle-Data/Docs/ChangeLog.txt
@@ -1,3 +1,9 @@
+Tor Browser 6.0.4 -- August 16
+ * All Platforms
+   * Update Tor to 0.2.8.6
+   * Update NoScript to 2.9.0.14
+   * Bug 19890: Disable installation of system addons
+
 Tor Browser 6.5a2-hardened -- August 3
  * All Platforms
* Update Firefox to 45.3.0esr

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits