[tor-commits] [tor-launcher/master] Bug 25807: Change front domain to unbreak Moat

[gk]

commit add227697f9af12056ca26f6e510572cd9c5faef
Author: Georg Koppen 
Date:   Thu Apr 26 07:00:10 2018 +

Bug 25807: Change front domain to unbreak Moat

Google forbids to use www.google.com as front domain now, breaking Moat.
We change that domain to dontbeevil.appspot.com which seems still to be
working. That's only a stopgap solution, though, to get Moat unblocked
for now.
---
 src/defaults/preferences/prefs.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/defaults/preferences/prefs.js 
b/src/defaults/preferences/prefs.js
index cab235a..938e1b8 100644
--- a/src/defaults/preferences/prefs.js
+++ b/src/defaults/preferences/prefs.js
@@ -46,7 +46,7 @@ pref("extensions.torlauncher.torrc_path", "");
 pref("extensions.torlauncher.tordatadir_path", "");
 
 // BridgeDB-related preferences (used for Moat).
-pref("extensions.torlauncher.bridgedb_front", "www.google.com");
+pref("extensions.torlauncher.bridgedb_front", "dontbeevil.appspot.com");
 pref("extensions.torlauncher.bridgedb_reflector", 
"https://tor-bridges-hyphae-channel.appspot.com;);
 pref("extensions.torlauncher.moat_service", 
"https://bridges.torproject.org/moat;);
 pref("extensions.torlauncher.bridgedb_bridge_type", "obfs4");

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1334776 - ResponseHeader Visitor will get original header casing. We need to fix it at some places in devtools.

[gk]

commit b238251db34180e957c0807e8e8adbd9e086cf11
Author: Dragana Damjanovic 
Date:   Thu Apr 27 16:48:43 2017 +0200

Bug 1334776 - ResponseHeader Visitor will get original header casing. We 
need to fix it at some places in devtools.

Backported to TBB/ESR52 by Arthur Edelstein 

Fixes bug 25938.
---
 devtools/client/netmonitor/filter-predicates.js  |  4 ++--
 .../client/netmonitor/test/browser_net_copy_headers.js   | 16 
 devtools/client/netmonitor/test/browser_net_filter-01.js |  4 ++--
 .../netmonitor/test/browser_net_timing-division.js   |  4 ++--
 devtools/client/shared/AppCacheUtils.jsm |  8 
 devtools/client/shared/curl.js   |  8 
 .../webconsole/net/test/mochitest/browser_net_headers.js |  4 ++--
 ...er_webconsole_bug_630733_response_redirect_headers.js |  2 +-
 devtools/shared/webconsole/test/test_network_get.html|  8 
 .../shared/webconsole/test/test_network_longstring.html  |  4 ++--
 devtools/shared/webconsole/test/test_network_post.html   |  8 
 11 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/devtools/client/netmonitor/filter-predicates.js 
b/devtools/client/netmonitor/filter-predicates.js
index 9c8e49c622b2..75ee422aad60 100644
--- a/devtools/client/netmonitor/filter-predicates.js
+++ b/devtools/client/netmonitor/filter-predicates.js
@@ -72,7 +72,7 @@ function isWS({ requestHeaders, responseHeaders }) {
 
   // Find the 'upgrade' header.
   let upgradeHeader = requestHeaders.headers.find(header => {
-return (header.name == "Upgrade");
+return (header.name.toLowerCase() == "upgrade");
   });
 
   // If no header found on request, check response - mainly to get
@@ -81,7 +81,7 @@ function isWS({ requestHeaders, responseHeaders }) {
   if (!upgradeHeader && responseHeaders &&
   Array.isArray(responseHeaders.headers)) {
 upgradeHeader = responseHeaders.headers.find(header => {
-  return (header.name == "Upgrade");
+  return (header.name.toLowerCase() == "upgrade");
 });
   }
 
diff --git a/devtools/client/netmonitor/test/browser_net_copy_headers.js 
b/devtools/client/netmonitor/test/browser_net_copy_headers.js
index 36ce2fb34789..bb582c8e1359 100644
--- a/devtools/client/netmonitor/test/browser_net_copy_headers.js
+++ b/devtools/client/netmonitor/test/browser_net_copy_headers.js
@@ -49,12 +49,12 @@ add_task(function* () {
 
   const EXPECTED_RESPONSE_HEADERS = [
 `${httpVersion} ${status} ${statusText}`,
-"Last-Modified: Sun, 3 May 2015 11:11:11 GMT",
-"Content-Type: text/html",
-"Content-Length: 465",
-"Connection: close",
-"Server: httpd.js",
-"Date: Sun, 3 May 2015 11:11:11 GMT"
+"last-modified: Sun, 3 May 2015 11:11:11 GMT",
+"content-type: text/html",
+"content-length: 465",
+"connection: close",
+"server: httpd.js",
+"date: Sun, 3 May 2015 11:11:11 GMT"
   ].join("\n");
 
   yield waitForClipboardPromise(function setup() {
@@ -62,8 +62,8 @@ add_task(function* () {
   }, function validate(result) {
 // Fake the "Last-Modified" and "Date" headers because they will vary:
 result = String(result)
-  .replace(/Last-Modified: [^\n]+ GMT/, "Last-Modified: Sun, 3 May 2015 
11:11:11 GMT")
-  .replace(/Date: [^\n]+ GMT/, "Date: Sun, 3 May 2015 11:11:11 GMT");
+  .replace(/last-modified: [^\n]+ GMT/, "last-modified: Sun, 3 May 2015 
11:11:11 GMT")
+  .replace(/date: [^\n]+ GMT/, "date: Sun, 3 May 2015 11:11:11 GMT");
 return result === EXPECTED_RESPONSE_HEADERS;
   });
   info("Clipboard contains the currently selected item's response headers.");
diff --git a/devtools/client/netmonitor/test/browser_net_filter-01.js 
b/devtools/client/netmonitor/test/browser_net_filter-01.js
index b0d76c6293e0..7b3a8c457dd3 100644
--- a/devtools/client/netmonitor/test/browser_net_filter-01.js
+++ b/devtools/client/netmonitor/test/browser_net_filter-01.js
@@ -181,9 +181,9 @@ add_task(function* () {
   "The details pane should still be visible after filtering.");
 
 is(RequestsMenu.items.length, visibility.length,
-  "There should be a specific amount of items in the requests menu.");
+   "There should be a specific amount of items in the requests menu.");
 is(RequestsMenu.visibleItems.length, visibility.filter(e => e).length,
-  "There should be a specific amount of visbile items in the requests 
menu.");
+   "There should be a specific amount of visbile items in the requests 
menu.");
 
 for (let i = 0; i < visibility.length; i++) {
   is(RequestsMenu.getItemAtIndex(i).target.hidden, !visibility[i],
diff --git a/devtools/client/netmonitor/test/browser_net_timing-division.js 
b/devtools/client/netmonitor/test/browser_net_timing-division.js
index 0114ba235500..ff2379dc28c4 100644
--- a/devtools/client/netmonitor/test/browser_net_timing-division.js
+++ 

[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1334776 - Store header names into nsHttpHeaderArray. r=mcmanus

[gk]

commit f2829fa4eaf3756863dd524562055c1d7a221df7
Author: Dragana Damjanovic 
Date:   Thu Apr 27 16:48:36 2017 +0200

Bug 1334776 - Store header names into nsHttpHeaderArray. r=mcmanus

Backported to TBB/ESR52 by Arthur Edelstein 
---
 dom/security/test/cors/test_CrossSiteXHR.html  |   2 +-
 netwerk/protocol/http/HttpBaseChannel.cpp  |  18 +---
 netwerk/protocol/http/PHttpChannelParams.h |  15 +++-
 netwerk/protocol/http/nsHttpHeaderArray.cpp| 100 +
 netwerk/protocol/http/nsHttpHeaderArray.h  |  36 ++--
 netwerk/protocol/http/nsHttpRequestHead.cpp|  23 -
 netwerk/protocol/http/nsHttpRequestHead.h  |   4 +-
 netwerk/protocol/http/nsHttpResponseHead.cpp   |  50 ---
 netwerk/protocol/http/nsHttpResponseHead.h |   6 +-
 netwerk/test/unit/test_bug1064258.js   |   2 +-
 .../test/unit/test_original_sent_received_head.js  |  14 +--
 11 files changed, 204 insertions(+), 66 deletions(-)

diff --git a/dom/security/test/cors/test_CrossSiteXHR.html 
b/dom/security/test/cors/test_CrossSiteXHR.html
index b3cda3b871f3..d9aef5c60cd0 100644
--- a/dom/security/test/cors/test_CrossSiteXHR.html
+++ b/dom/security/test/cors/test_CrossSiteXHR.html
@@ -743,7 +743,7 @@ function runTest() {
 is(res.responseHeaders[header], test.responseHeaders[header],
"|xhr.getResponseHeader()|wrong response header (" + header + 
") in test for " +
test.toSource());
-is(res.allResponseHeaders[header], test.responseHeaders[header],
+is(res.allResponseHeaders[header.toLowerCase()], 
test.responseHeaders[header],
   "|xhr.getAllResponseHeaderss()|wrong response header (" + header 
+ ") in test for " +
   test.toSource());
   }
diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp 
b/netwerk/protocol/http/HttpBaseChannel.cpp
index e68bff1d115e..97120b97a5d3 100644
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -1678,13 +1678,7 @@ HttpBaseChannel::SetRequestHeader(const nsACString& 
aHeader,
 return NS_ERROR_INVALID_ARG;
   }
 
-  nsHttpAtom atom = nsHttp::ResolveAtom(flatHeader.get());
-  if (!atom) {
-NS_WARNING("failed to resolve atom");
-return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  return mRequestHead.SetHeader(atom, flatValue, aMerge);
+  return mRequestHead.SetHeader(aHeader, flatValue, aMerge);
 }
 
 NS_IMETHODIMP
@@ -1701,13 +1695,7 @@ HttpBaseChannel::SetEmptyRequestHeader(const nsACString& 
aHeader)
 return NS_ERROR_INVALID_ARG;
   }
 
-  nsHttpAtom atom = nsHttp::ResolveAtom(flatHeader.get());
-  if (!atom) {
-NS_WARNING("failed to resolve atom");
-return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  return mRequestHead.SetEmptyHeader(atom);
+  return mRequestHead.SetEmptyHeader(aHeader);
 }
 
 NS_IMETHODIMP
@@ -1763,7 +1751,7 @@ HttpBaseChannel::SetResponseHeader(const nsACString& 
header,
 
   mResponseHeadersModified = true;
 
-  return mResponseHead->SetHeader(atom, value, merge);
+  return mResponseHead->SetHeader(header, value, merge);
 }
 
 NS_IMETHODIMP
diff --git a/netwerk/protocol/http/PHttpChannelParams.h 
b/netwerk/protocol/http/PHttpChannelParams.h
index 4df5c7832ee8..b04f57306c58 100644
--- a/netwerk/protocol/http/PHttpChannelParams.h
+++ b/netwerk/protocol/http/PHttpChannelParams.h
@@ -98,7 +98,11 @@ struct ParamTraits
 
   static void Write(Message* aMsg, const paramType& aParam)
   {
-WriteParam(aMsg, aParam.header);
+if (aParam.headerNameOriginal.IsEmpty()) {
+  WriteParam(aMsg, aParam.header);
+} else {
+  WriteParam(aMsg, aParam.headerNameOriginal);
+}
 WriteParam(aMsg, aParam.value);
 switch (aParam.variety) {
   case mozilla::net::nsHttpHeaderArray::eVarietyUnknown:
@@ -124,11 +128,18 @@ struct 
ParamTraits
   static bool Read(const Message* aMsg, PickleIterator* aIter, paramType* 
aResult)
   {
 uint8_t variety;
-if (!ReadParam(aMsg, aIter, >header) ||
+nsAutoCString header;
+if (!ReadParam(aMsg, aIter, ) ||
 !ReadParam(aMsg, aIter, >value)  ||
 !ReadParam(aMsg, aIter, ))
   return false;
 
+mozilla::net::nsHttpAtom atom = mozilla::net::nsHttp::ResolveAtom(header);
+aResult->header = atom;
+if (!header.Equals(atom.get())) {
+  aResult->headerNameOriginal = header;
+}
+
 switch (variety) {
   case 0:
 aResult->variety = mozilla::net::nsHttpHeaderArray::eVarietyUnknown;
diff --git a/netwerk/protocol/http/nsHttpHeaderArray.cpp 
b/netwerk/protocol/http/nsHttpHeaderArray.cpp
index 670300dea50b..98c5a6b9ba47 100644
--- a/netwerk/protocol/http/nsHttpHeaderArray.cpp
+++ b/netwerk/protocol/http/nsHttpHeaderArray.cpp
@@ -18,8 +18,33 @@ namespace net {
 //-
 // nsHttpHeaderArray 
 

[tor-commits] [tor/master] Add a cast to make clang happy.

[nickm]

commit 3a2470762d352484d8fe163fe9d895647b4f02be
Author: Nick Mathewson 
Date:   Mon Apr 30 17:14:40 2018 -0400

Add a cast to make clang happy.
---
 src/or/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/main.c b/src/or/main.c
index 010e7200c..f1b830830 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2011,7 +2011,7 @@ save_state_callback(time_t now, const or_options_t 
*options)
  */
 return PERIODIC_EVENT_NO_UPDATE;
   } else {
-return next_write - now;
+return (int)(next_write - now);
   }
 }
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'ticket25948_squashed'

[nickm]

commit 72124dc1ef68b870ddec615249e25ddb72d6d4cb
Merge: a9dfaafca 987a7f667
Author: Nick Mathewson 
Date:   Mon Apr 30 16:46:59 2018 -0400

Merge branch 'ticket25948_squashed'

 changes/ticket25948 |  9 +
 src/or/main.c   | 44 ++--
 src/or/main.h   |  1 +
 src/or/or.h |  9 -
 src/or/rephist.c|  2 +-
 src/or/statefile.c  | 13 +
 src/or/statefile.h  |  1 +
 7 files changed, 63 insertions(+), 16 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Move responsibility for or_state_save() to a scheduled callback

[nickm]

commit 987a7f667698576d745674965973871363ffd719
Author: Nick Mathewson 
Date:   Fri Apr 27 10:30:30 2018 -0400

Move responsibility for or_state_save() to a scheduled callback

Closes ticket 25948.
---
 changes/ticket25948 |  9 +
 src/or/main.c   | 44 ++--
 src/or/main.h   |  1 +
 src/or/statefile.c  |  7 +--
 4 files changed, 53 insertions(+), 8 deletions(-)

diff --git a/changes/ticket25948 b/changes/ticket25948
new file mode 100644
index 0..7851d0b65
--- /dev/null
+++ b/changes/ticket25948
@@ -0,0 +1,9 @@
+  o Minor features (mainloop):
+- Move responsibility for
+  saving the state file to disk
+  from a once-per-second callback to a callback that is only scheduled as
+  needed.  Once enough items are removed from our once-per-second
+  callback, we can eliminate it entirely to conserve CPU when idle.
+  Closes ticket
+  25948.
+
diff --git a/src/or/main.c b/src/or/main.c
index c1103edb3..6b166d096 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1355,6 +1355,7 @@ CALLBACK(retry_listeners);
 CALLBACK(rotate_onion_key);
 CALLBACK(rotate_x509_certificate);
 CALLBACK(save_stability);
+CALLBACK(save_state);
 CALLBACK(write_bridge_ns);
 CALLBACK(write_stats_file);
 
@@ -1376,6 +1377,7 @@ STATIC periodic_event_item_t periodic_events[] = {
   CALLBACK(reset_padding_counts, PERIODIC_EVENT_ROLE_ALL, 0),
   CALLBACK(retry_listeners, PERIODIC_EVENT_ROLE_ALL,
PERIODIC_EVENT_FLAG_NEED_NET),
+  CALLBACK(save_state, PERIODIC_EVENT_ROLE_ALL, 0),
   CALLBACK(rotate_x509_certificate, PERIODIC_EVENT_ROLE_ALL, 0),
   CALLBACK(write_stats_file, PERIODIC_EVENT_ROLE_ALL, 0),
 
@@ -1432,6 +1434,7 @@ static periodic_event_item_t *check_descriptor_event=NULL;
 static periodic_event_item_t *fetch_networkstatus_event=NULL;
 static periodic_event_item_t *launch_descriptor_fetches_event=NULL;
 static periodic_event_item_t *check_dns_honesty_event=NULL;
+static periodic_event_item_t *save_state_event=NULL;
 
 /** Reset all the periodic events so we'll do all our actions again as if we
  * just started up.
@@ -1528,6 +1531,7 @@ initialize_periodic_events(void)
   NAMED_CALLBACK(fetch_networkstatus);
   NAMED_CALLBACK(launch_descriptor_fetches);
   NAMED_CALLBACK(check_dns_honesty);
+  NAMED_CALLBACK(save_state);
 
   struct timeval one_second = { 1, 0 };
   initialize_periodic_events_event = tor_evtimer_new(
@@ -1598,8 +1602,9 @@ periodic_events_on_new_options(const or_options_t 
*options)
 void
 reschedule_descriptor_update_check(void)
 {
-  tor_assert(check_descriptor_event);
-  periodic_event_reschedule(check_descriptor_event);
+  if (check_descriptor_event) {
+periodic_event_reschedule(check_descriptor_event);
+  }
 }
 
 /**
@@ -1745,10 +1750,6 @@ run_scheduled_events(time_t now)
 run_connection_housekeeping(i, now);
   }
 
-  /* 8b. And if anything in our state is ready to get flushed to disk, we
-   * flush it. */
-  or_state_save(now);
-
   /* 11b. check pending unconfigured managed proxies */
   if (!net_is_disabled() && pt_proxies_configuration_pending())
 pt_configure_remaining_proxies();
@@ -1983,6 +1984,37 @@ check_expired_networkstatus_callback(time_t now, const 
or_options_t *options)
 }
 
 /**
+ * Scheduled callback: Save the state file to disk if appropriate.
+ */
+static int
+save_state_callback(time_t now, const or_options_t *options)
+{
+  (void) options;
+  (void) or_state_save(now); // only saves if appropriate
+  const time_t next_write = get_or_state()->next_write;
+  if (next_write == TIME_MAX) {
+return 86400;
+  } else if (BUG(next_write <= now)) {
+/* This can't happen due to clock jumps, since the value of next_write
+ * is based on the same "now" that we passed to or_state_save().
+ */
+return PERIODIC_EVENT_NO_UPDATE;
+  } else {
+return next_write - now;
+  }
+}
+
+/** Reschedule the event for saving the state file.
+ *
+ * Run this when the state becomes dirty. */
+void
+reschedule_or_state_save(void)
+{
+  tor_assert(save_state_event);
+  periodic_event_reschedule(save_state_event);
+}
+
+/**
  * Periodic callback: Write statistics to disk if appropriate.
  */
 static int
diff --git a/src/or/main.h b/src/or/main.h
index 2447339fb..836dbf1ca 100644
--- a/src/or/main.h
+++ b/src/or/main.h
@@ -61,6 +61,7 @@ void dns_servers_relaunch_checks(void);
 void reset_all_main_loop_timers(void);
 void reschedule_descriptor_update_check(void);
 void reschedule_directory_downloads(void);
+void reschedule_or_state_save(void);
 void mainloop_schedule_postloop_cleanup(void);
 void rescan_periodic_events(const or_options_t *options);
 
diff --git a/src/or/statefile.c b/src/or/statefile.c
index 26a631ced..c81ea44e0 100644
--- a/src/or/statefile.c
+++ b/src/or/statefile.c
@@ -37,6 +37,7 @@
 #include "control.h"
 #include "entrynodes.h"
 #include "hibernate.h"
+#include "main.h"
 #include "rephist.h"
 #include "router.h"
 #include "sandbox.h"
@@ 

[tor-commits] [tor/master] Move or_state_mark_dirty into statefile.c

[nickm]

commit 9f8b60d74c91f4028b68ea8345a5562768acc81e
Author: Nick Mathewson 
Date:   Fri Apr 27 10:05:53 2018 -0400

Move or_state_mark_dirty into statefile.c

Previously it was an inline function in or.h
---
 src/or/or.h|  9 -
 src/or/rephist.c   |  2 +-
 src/or/statefile.c | 12 +++-
 src/or/statefile.h |  1 +
 4 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/or/or.h b/src/or/or.h
index e27f25197..06262e430 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4745,15 +4745,6 @@ typedef struct {
   time_t LastRotatedOnionKey;
 } or_state_t;
 
-/** Change the next_write time of state to when, unless the
- * state is already scheduled to be written to disk earlier than when.
- */
-static inline void or_state_mark_dirty(or_state_t *state, time_t when)
-{
-  if (state->next_write > when)
-state->next_write = when;
-}
-
 #define MAX_SOCKS_REPLY_LEN 1024
 #define MAX_SOCKS_ADDR_LEN 256
 #define SOCKS_NO_AUTH 0x00
diff --git a/src/or/rephist.c b/src/or/rephist.c
index ac3e9f502..bac2efb1f 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -85,8 +85,8 @@
 #include "routerlist.h"
 #include "ht.h"
 #include "channelpadding.h"
-
 #include "connection_or.h"
+#include "statefile.h"
 
 static void bw_arrays_init(void);
 static void predicted_ports_alloc(void);
diff --git a/src/or/statefile.c b/src/or/statefile.c
index cc114f0a2..26a631ced 100644
--- a/src/or/statefile.c
+++ b/src/or/statefile.c
@@ -472,7 +472,7 @@ or_state_save(time_t now)
 
   tor_assert(global_state);
 
-  if (global_state->next_write > now)
+  if (global_state->next_write >= now)
 return 0;
 
   /* Call everything else that might dirty the state even more, in order
@@ -680,6 +680,16 @@ save_transport_to_state(const char *transport,
   tor_free(transport_addrport);
 }
 
+/** Change the next_write time of state to when, unless the
+ * state is already scheduled to be written to disk earlier than when.
+ */
+void
+or_state_mark_dirty(or_state_t *state, time_t when)
+{
+  if (state->next_write > when)
+state->next_write = when;
+}
+
 STATIC void
 or_state_free_(or_state_t *state)
 {
diff --git a/src/or/statefile.h b/src/or/statefile.h
index b4cc4d1dc..5aa2ca932 100644
--- a/src/or/statefile.h
+++ b/src/or/statefile.h
@@ -17,6 +17,7 @@ char *get_stored_bindaddr_for_server_transport(const char 
*transport);
 int or_state_load(void);
 int or_state_loaded(void);
 void or_state_free_all(void);
+void or_state_mark_dirty(or_state_t *state, time_t when);
 
 #ifdef STATEFILE_PRIVATE
 STATIC config_line_t *get_transport_in_state_by_name(const char *transport);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Remove a comment about 0.2.8 that will soon be irrelevant.

[nickm]

commit c9c26d0c31295bc6e60fb8edabe83d2bd1387fda
Author: Nick Mathewson 
Date:   Wed Apr 18 10:44:25 2018 -0400

Remove a comment about 0.2.8 that will soon be irrelevant.

(It becomes irrelevant on 15 May 2018 when 0.2.5 is EOL.)
---
 scripts/maint/updateFallbackDirs.py | 6 --
 1 file changed, 6 deletions(-)

diff --git a/scripts/maint/updateFallbackDirs.py 
b/scripts/maint/updateFallbackDirs.py
index c854830e1..b093463e0 100755
--- a/scripts/maint/updateFallbackDirs.py
+++ b/scripts/maint/updateFallbackDirs.py
@@ -173,12 +173,6 @@ MAX_LIST_FILE_SIZE = 1024 * 1024
 # meant that we had to rebuild the list more often. We want fallbacks to be
 # stable for 2 years, so we set it to a few months.
 #
-# There was a bug in Tor 0.2.8.1-alpha and earlier where a relay temporarily
-# submits a 0 DirPort when restarted.
-# This causes OnionOO to (correctly) reset its stability timer.
-# Affected relays should upgrade to Tor 0.2.9 or later, which has a fix
-# for this issue.
-#
 # If a relay changes address or port, that's it, it's not useful any more,
 # because clients can't find it
 ADDRESS_AND_PORT_STABLE_DAYS = 90



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'ticket24790'

[nickm]

commit a9dfaafca47fb214e9f2eb64a27f8d388e948989
Merge: d1a053464 c9c26d0c3
Author: Nick Mathewson 
Date:   Mon Apr 30 16:44:30 2018 -0400

Merge branch 'ticket24790'

 scripts/maint/updateFallbackDirs.py | 6 --
 1 file changed, 6 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Fix typo

[atagar]

commit ffb3ade85297ea80fa88752cf9cd1a5585e30044
Author: Damian Johnson 
Date:   Mon Apr 30 10:43:36 2018 -0700

Fix typo

Pointed out by toralf on irc.
---
 stem/control.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stem/control.py b/stem/control.py
index ecec96aa..83304cea 100644
--- a/stem/control.py
+++ b/stem/control.py
@@ -91,7 +91,7 @@ If you're fine with allowing your script to raise exceptions 
then this can be mo
 |- get_server_descriptor - querying the server descriptor for a relay
 |- get_server_descriptors - provides all currently available server 
descriptors
 |- get_network_status - querying the router status entry for a relay
-|- get_network_statuses - provides all preently available router status 
entries
+|- get_network_statuses - provides all presently available router status 
entries
 |- get_hidden_service_descriptor - queries the given hidden service 
descriptor
 |
 |- get_conf - gets the value of a configuration option

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 26cd02c6b26df0b3fa0f57c3ae926ad2adef0a99
Author: Translation commit bot 
Date:   Mon Apr 30 15:45:47 2018 +

Update translations for https_everywhere_completed
---
 eo/https-everywhere.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eo/https-everywhere.dtd b/eo/https-everywhere.dtd
index 497d47124..c241a4e39 100644
--- a/eo/https-everywhere.dtd
+++ b/eo/https-everywhere.dtd
@@ -16,7 +16,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 9e520aaef3ef13a338d405b4ac0b887db43d35a0
Author: Translation commit bot 
Date:   Mon Apr 30 15:45:38 2018 +

Update translations for https_everywhere
---
 eo/https-everywhere.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/eo/https-everywhere.dtd b/eo/https-everywhere.dtd
index 497d47124..c241a4e39 100644
--- a/eo/https-everywhere.dtd
+++ b/eo/https-everywhere.dtd
@@ -16,7 +16,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'dgoulet/ticket25900_034_01'

[nickm]

commit 3800d5916f90b11df433c885fae94f1dc7edca5c
Merge: b205061eb 868e34857
Author: Nick Mathewson 
Date:   Mon Apr 30 10:27:22 2018 -0400

Merge remote-tracking branch 'dgoulet/ticket25900_034_01'

 src/or/main.c | 8 ++--
 src/or/periodic.h | 1 +
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --cc src/or/main.c
index 10f26c954,5e9dfd6c5..797969646
--- a/src/or/main.c
+++ b/src/or/main.c
@@@ -1365,61 -1365,53 +1365,63 @@@ CALLBACK(write_stats_file)
  
  STATIC periodic_event_item_t periodic_events[] = {
/* Everyone needs to run those. */
 -  CALLBACK(add_entropy, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(check_expired_networkstatus, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(clean_caches, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(fetch_networkstatus, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(heartbeat, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(launch_descriptor_fetches, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(reset_padding_counts, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(retry_listeners, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(rotate_x509_certificate, PERIODIC_EVENT_ROLE_ALL),
 -  CALLBACK(write_stats_file, PERIODIC_EVENT_ROLE_ALL),
 +  CALLBACK(add_entropy, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(check_expired_networkstatus, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(clean_caches, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(fetch_networkstatus, PERIODIC_EVENT_ROLE_ALL,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(heartbeat, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(launch_descriptor_fetches, PERIODIC_EVENT_ROLE_ALL,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(reset_padding_counts, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(retry_listeners, PERIODIC_EVENT_ROLE_ALL,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(rotate_x509_certificate, PERIODIC_EVENT_ROLE_ALL, 0),
 +  CALLBACK(write_stats_file, PERIODIC_EVENT_ROLE_ALL, 0),
  
/* Routers (bridge and relay) only. */
 -  CALLBACK(check_descriptor, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(check_ed_keys, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(check_for_reachability_bw, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(check_onion_keys_expiry_time, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(expire_old_ciruits_serverside, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(retry_dns, PERIODIC_EVENT_ROLE_ROUTER),
 -  CALLBACK(rotate_onion_key, PERIODIC_EVENT_ROLE_ROUTER),
 +  CALLBACK(check_descriptor, PERIODIC_EVENT_ROLE_ROUTER,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(check_ed_keys, PERIODIC_EVENT_ROLE_ROUTER, 0),
 +  CALLBACK(check_for_reachability_bw, PERIODIC_EVENT_ROLE_ROUTER,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(check_onion_keys_expiry_time, PERIODIC_EVENT_ROLE_ROUTER, 0),
-   CALLBACK(clean_consdiffmgr, PERIODIC_EVENT_ROLE_ROUTER, 0),
 +  CALLBACK(expire_old_ciruits_serverside, PERIODIC_EVENT_ROLE_ROUTER,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(retry_dns, PERIODIC_EVENT_ROLE_ROUTER, 0),
 +  CALLBACK(rotate_onion_key, PERIODIC_EVENT_ROLE_ROUTER, 0),
  
/* Authorities (bridge and directory) only. */
 -  CALLBACK(downrate_stability, PERIODIC_EVENT_ROLE_AUTHORITIES),
 -  CALLBACK(launch_reachability_tests, PERIODIC_EVENT_ROLE_AUTHORITIES),
 -  CALLBACK(save_stability, PERIODIC_EVENT_ROLE_AUTHORITIES),
 +  CALLBACK(downrate_stability, PERIODIC_EVENT_ROLE_AUTHORITIES, 0),
 +  CALLBACK(launch_reachability_tests, PERIODIC_EVENT_ROLE_AUTHORITIES,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(save_stability, PERIODIC_EVENT_ROLE_AUTHORITIES, 0),
  
/* Directory authority only. */
 -  CALLBACK(check_authority_cert, PERIODIC_EVENT_ROLE_DIRAUTH),
 +  CALLBACK(check_authority_cert, PERIODIC_EVENT_ROLE_DIRAUTH, 0),
  
/* Relay only. */
 -  CALLBACK(check_canonical_channels, PERIODIC_EVENT_ROLE_RELAY),
 -  CALLBACK(check_dns_honesty, PERIODIC_EVENT_ROLE_RELAY),
 +  CALLBACK(check_canonical_channels, PERIODIC_EVENT_ROLE_RELAY,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
 +  CALLBACK(check_dns_honesty, PERIODIC_EVENT_ROLE_RELAY,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
  
/* Hidden Service service only. */
 -  CALLBACK(hs_service, PERIODIC_EVENT_ROLE_HS_SERVICE),
 +  CALLBACK(hs_service, PERIODIC_EVENT_ROLE_HS_SERVICE,
 +   PERIODIC_EVENT_FLAG_NEED_NET),
  
/* Bridge only. */
 -  CALLBACK(record_bridge_stats, PERIODIC_EVENT_ROLE_BRIDGE),
 +  CALLBACK(record_bridge_stats, PERIODIC_EVENT_ROLE_BRIDGE, 0),
  
/* Client only. */
 -  CALLBACK(rend_cache_failure_clean, PERIODIC_EVENT_ROLE_CLIENT),
 +  CALLBACK(rend_cache_failure_clean, PERIODIC_EVENT_ROLE_CLIENT, 0),
  
/* Bridge Authority only. */
 -  CALLBACK(write_bridge_ns, PERIODIC_EVENT_ROLE_BRIDGEAUTH),
 +  CALLBACK(write_bridge_ns, PERIODIC_EVENT_ROLE_BRIDGEAUTH, 0),
  
+   /* Directory server only. */
 -  CALLBACK(clean_consdiffmgr, PERIODIC_EVENT_ROLE_DIRSERVER),
++  CALLBACK(clean_consdiffmgr, PERIODIC_EVENT_ROLE_DIRSERVER, 0),
+ 
END_OF_PERIODIC_EVENTS
  };
  #undef 

[tor-commits] [tor/master] Make unit tests pass with new dirserver role.

[nickm]

commit d1a0534649be02e37668073279664f513f4dc7d7
Author: Nick Mathewson 
Date:   Mon Apr 30 10:36:00 2018 -0400

Make unit tests pass with new dirserver role.
---
 src/test/test_periodic_event.c | 28 +++-
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/src/test/test_periodic_event.c b/src/test/test_periodic_event.c
index 74e799360..34689b64f 100644
--- a/src/test/test_periodic_event.c
+++ b/src/test/test_periodic_event.c
@@ -118,6 +118,10 @@ test_pe_launch(void *arg)
   options->ORPort_set = 1;
   periodic_events_on_new_options(options);
 
+  unsigned roles = get_my_roles(options);
+  tt_uint_op(roles, OP_EQ,
+ PERIODIC_EVENT_ROLE_RELAY|PERIODIC_EVENT_ROLE_DIRSERVER);
+
   for (int i = 0; periodic_events[i].name; ++i) {
 periodic_event_item_t *item = _events[i];
 /* Only Client role should be disabled. */
@@ -130,8 +134,8 @@ test_pe_launch(void *arg)
   tt_int_op(periodic_event_is_enabled(item), OP_EQ, 1);
   tt_u64_op(item->last_action_time, OP_NE, 0);
 }
-/* Non Relay role should be disabled! */
-if (!(item->roles & PERIODIC_EVENT_ROLE_RELAY)) {
+/* Non Relay role should be disabled, except for Dirserver. */
+if (!(item->roles & roles)) {
   tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0);
 }
   }
@@ -196,19 +200,21 @@ test_pe_get_roles(void *arg)
   options->ORPort_set = 1;
   roles = get_my_roles(options);
   tt_int_op(roles, OP_EQ,
-(PERIODIC_EVENT_ROLE_CLIENT | PERIODIC_EVENT_ROLE_RELAY));
+(PERIODIC_EVENT_ROLE_CLIENT | PERIODIC_EVENT_ROLE_RELAY |
+ PERIODIC_EVENT_ROLE_DIRSERVER));
 
   /* Now add a Bridge. */
   options->BridgeRelay = 1;
   roles = get_my_roles(options);
   tt_int_op(roles, OP_EQ,
 (PERIODIC_EVENT_ROLE_CLIENT | PERIODIC_EVENT_ROLE_RELAY |
- PERIODIC_EVENT_ROLE_BRIDGE));
+ PERIODIC_EVENT_ROLE_BRIDGE | PERIODIC_EVENT_ROLE_DIRSERVER));
   tt_assert(roles & PERIODIC_EVENT_ROLE_ROUTER);
   /* Unset client so we can solely test Router role. */
   options->SocksPort_set = 0;
   roles = get_my_roles(options);
-  tt_int_op(roles, OP_EQ, PERIODIC_EVENT_ROLE_ROUTER);
+  tt_int_op(roles, OP_EQ,
+PERIODIC_EVENT_ROLE_ROUTER | PERIODIC_EVENT_ROLE_DIRSERVER);
 
   /* Reset options so we can test authorities. */
   options->SocksPort_set = 0;
@@ -218,24 +224,28 @@ test_pe_get_roles(void *arg)
   tt_int_op(roles, OP_EQ, 0);
 
   /* Now upgrade to Dirauth. */
+  options->DirPort_set = 1;
   options->AuthoritativeDir = 1;
   options->V3AuthoritativeDir = 1;
   roles = get_my_roles(options);
-  tt_int_op(roles, OP_EQ, PERIODIC_EVENT_ROLE_DIRAUTH);
+  tt_int_op(roles, OP_EQ,
+PERIODIC_EVENT_ROLE_DIRAUTH|PERIODIC_EVENT_ROLE_DIRSERVER);
   tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES);
 
   /* Now Bridge Authority. */
   options->V3AuthoritativeDir = 0;
   options->BridgeAuthoritativeDir = 1;
   roles = get_my_roles(options);
-  tt_int_op(roles, OP_EQ, PERIODIC_EVENT_ROLE_BRIDGEAUTH);
+  tt_int_op(roles, OP_EQ,
+PERIODIC_EVENT_ROLE_BRIDGEAUTH|PERIODIC_EVENT_ROLE_DIRSERVER);
   tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES);
 
   /* Move that bridge auth to become a relay. */
   options->ORPort_set = 1;
   roles = get_my_roles(options);
   tt_int_op(roles, OP_EQ,
-(PERIODIC_EVENT_ROLE_BRIDGEAUTH | PERIODIC_EVENT_ROLE_RELAY));
+(PERIODIC_EVENT_ROLE_BRIDGEAUTH | PERIODIC_EVENT_ROLE_RELAY
+ | PERIODIC_EVENT_ROLE_DIRSERVER));
   tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES);
 
   /* And now an Hidden service. */
@@ -246,7 +256,7 @@ test_pe_get_roles(void *arg)
   remove_service(get_hs_service_map(), );
   tt_int_op(roles, OP_EQ,
 (PERIODIC_EVENT_ROLE_BRIDGEAUTH | PERIODIC_EVENT_ROLE_RELAY |
- PERIODIC_EVENT_ROLE_HS_SERVICE));
+ PERIODIC_EVENT_ROLE_HS_SERVICE | PERIODIC_EVENT_ROLE_DIRSERVER));
   tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES);
 
  done:

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] callbacks: Add a DirServer role

[nickm]

commit 868e348570911c52534132bc245a8fea07b42934
Author: David Goulet 
Date:   Wed Apr 25 14:21:19 2018 -0400

callbacks: Add a DirServer role

The clean_consdiffmgr() callback is only for relays acting as a directory
server, not all relays.

This commit adds a role for only directory server and sets the
clean_consdiffmgr() callback to use it.

Signed-off-by: David Goulet 
---
 src/or/main.c | 7 ++-
 src/or/periodic.h | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/or/main.c b/src/or/main.c
index 37eacd2c1..5e9dfd6c5 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1381,7 +1381,6 @@ STATIC periodic_event_item_t periodic_events[] = {
   CALLBACK(check_ed_keys, PERIODIC_EVENT_ROLE_ROUTER),
   CALLBACK(check_for_reachability_bw, PERIODIC_EVENT_ROLE_ROUTER),
   CALLBACK(check_onion_keys_expiry_time, PERIODIC_EVENT_ROLE_ROUTER),
-  CALLBACK(clean_consdiffmgr, PERIODIC_EVENT_ROLE_ROUTER),
   CALLBACK(expire_old_ciruits_serverside, PERIODIC_EVENT_ROLE_ROUTER),
   CALLBACK(retry_dns, PERIODIC_EVENT_ROLE_ROUTER),
   CALLBACK(rotate_onion_key, PERIODIC_EVENT_ROLE_ROUTER),
@@ -1409,6 +1408,10 @@ STATIC periodic_event_item_t periodic_events[] = {
 
   /* Bridge Authority only. */
   CALLBACK(write_bridge_ns, PERIODIC_EVENT_ROLE_BRIDGEAUTH),
+
+  /* Directory server only. */
+  CALLBACK(clean_consdiffmgr, PERIODIC_EVENT_ROLE_DIRSERVER),
+
   END_OF_PERIODIC_EVENTS
 };
 #undef CALLBACK
@@ -1465,6 +1468,7 @@ get_my_roles(const or_options_t *options)
   int is_bridgeauth = authdir_mode_bridge(options);
   int is_hidden_service = !!hs_service_get_num_services() ||
   !!rend_num_services();
+  int is_dirserver = dir_server_mode(options);
 
   if (is_bridge) roles |= PERIODIC_EVENT_ROLE_BRIDGE;
   if (is_client) roles |= PERIODIC_EVENT_ROLE_CLIENT;
@@ -1472,6 +1476,7 @@ get_my_roles(const or_options_t *options)
   if (is_dirauth) roles |= PERIODIC_EVENT_ROLE_DIRAUTH;
   if (is_bridgeauth) roles |= PERIODIC_EVENT_ROLE_BRIDGEAUTH;
   if (is_hidden_service) roles |= PERIODIC_EVENT_ROLE_HS_SERVICE;
+  if (is_dirserver) roles |= PERIODIC_EVENT_ROLE_DIRSERVER;
 
   return roles;
 }
diff --git a/src/or/periodic.h b/src/or/periodic.h
index dde27db5a..cc0ab86bd 100644
--- a/src/or/periodic.h
+++ b/src/or/periodic.h
@@ -14,6 +14,7 @@
 #define PERIODIC_EVENT_ROLE_DIRAUTH (1U << 3)
 #define PERIODIC_EVENT_ROLE_BRIDGEAUTH  (1U << 4)
 #define PERIODIC_EVENT_ROLE_HS_SERVICE  (1U << 5)
+#define PERIODIC_EVENT_ROLE_DIRSERVER   (1U << 6)
 
 /* Helper macro to make it a bit less annoying to defined groups of roles that
  * are often used. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] clean_consdiffmgr() callback is only for directories

[nickm]

commit b6f7e23bbde7ae8c50360665a7ff2f0839e9219e
Author: David Goulet 
Date:   Wed Apr 25 14:12:38 2018 -0400

clean_consdiffmgr() callback is only for directories

Only relevant for directory servers.

Signed-off-by: David Goulet 
---
 src/or/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/main.c b/src/or/main.c
index ffe407329..37eacd2c1 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2318,7 +2318,7 @@ static int
 clean_consdiffmgr_callback(time_t now, const or_options_t *options)
 {
   (void)now;
-  if (server_mode(options)) {
+  if (dir_server_mode(options)) {
 consdiffmgr_cleanup();
   }
   return CDM_CLEAN_CALLBACK_INTERVAL;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Improve documentation for CONFIG_TYPE_CSV_INTERVAL.

[nickm]

commit 510220844774dee27f40204ee24a70b81af1dcb5
Author: Nick Mathewson 
Date:   Wed Apr 18 11:30:16 2018 -0400

Improve documentation for CONFIG_TYPE_CSV_INTERVAL.
---
 src/or/confparse.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/or/confparse.h b/src/or/confparse.h
index 64ea65d1b..4b4bf0adb 100644
--- a/src/or/confparse.h
+++ b/src/or/confparse.h
@@ -28,7 +28,9 @@ typedef enum config_type_t {
   * optional whitespace. */
   CONFIG_TYPE_CSV_INTERVAL, /**< A list of strings, separated by commas and
   * optional whitespace, representing intervals in
-  * seconds, with optional units */
+  * seconds, with optional units.  We allow
+  * multiple values here for legacy reasons, but
+  * ignore every value after the first. */
   CONFIG_TYPE_LINELIST, /**< Uninterpreted config lines */
   CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
  * mixed with other keywords. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Clean up the documentation for *DownloadInitialDelay

[nickm]

commit 3b2ed849c845f9e4c1b307f45982f6b33a86b661
Author: Nick Mathewson 
Date:   Wed Apr 18 11:36:41 2018 -0400

Clean up the documentation for *DownloadInitialDelay
---
 doc/tor.1.txt | 84 +--
 1 file changed, 36 insertions(+), 48 deletions(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 05a612d6a..59e272634 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1732,32 +1732,29 @@ The following options are useful only for clients (that 
is, if
 directory authorities do not choose a value, Tor will default to 0.6.
 (Default: -1)
 
-[[ClientBootstrapConsensusAuthorityDownloadSchedule]] 
**ClientBootstrapConsensusAuthorityDownloadSchedule** __N__,__N__,__...__::
-Schedule for when clients should download consensuses from authorities
+[[ClientBootstrapConsensusAuthorityDownloadInitialDelay]] 
**ClientBootstrapConsensusAuthorityDownloadInitialDelay** __N__::
+Initial delay in seconds for when clients should download consensuses from 
authorities
 if they are bootstrapping (that is, they don't have a usable, reasonably
 live consensus). Only used by clients fetching from a list of fallback
 directory mirrors. This schedule is advanced by (potentially concurrent)
 connection attempts, unlike other schedules, which are advanced by
-connection failures. (Default: 6, 11, 3600, 10800, 25200, 54000, 111600,
-262800)
+connection failures. (Default: 6)
 
-[[ClientBootstrapConsensusFallbackDownloadSchedule]] 
**ClientBootstrapConsensusFallbackDownloadSchedule** __N__,__N__,__...__::
-Schedule for when clients should download consensuses from fallback
+[[ClientBootstrapConsensusFallbackDownloadInitialDelay]] 
**ClientBootstrapConsensusFallbackDownloadInitialDelay** __N__::
+Initial delay in seconds for when clients should download consensuses from 
fallback
 directory mirrors if they are bootstrapping (that is, they don't have a
 usable, reasonably live consensus). Only used by clients fetching from a
 list of fallback directory mirrors. This schedule is advanced by
 (potentially concurrent) connection attempts, unlike other schedules,
-which are advanced by connection failures. (Default: 0, 1, 4, 11, 3600,
-10800, 25200, 54000, 111600, 262800)
+which are advanced by connection failures. (Default: 0)
 
-[[ClientBootstrapConsensusAuthorityOnlyDownloadSchedule]] 
**ClientBootstrapConsensusAuthorityOnlyDownloadSchedule** __N__,__N__,__...__::
-Schedule for when clients should download consensuses from authorities
+[[ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay]] 
**ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay** __N__::
+Initial delay in seconds for when clients should download consensuses from 
authorities
 if they are bootstrapping (that is, they don't have a usable, reasonably
 live consensus). Only used by clients which don't have or won't fetch
 from a list of fallback directory mirrors. This schedule is advanced by
 (potentially concurrent) connection attempts, unlike other schedules,
-which are advanced by connection failures. (Default: 0, 3, 7, 3600,
-10800, 25200, 54000, 111600, 262800)
+which are advanced by connection failures. (Default: 0)
 
 [[ClientBootstrapConsensusMaxInProgressTries]] 
**ClientBootstrapConsensusMaxInProgressTries** __NUM__::
 Try this many simultaneous connections to download a consensus before
@@ -2888,12 +2885,9 @@ The following options are used for running a testing Tor 
network.
AssumeReachable 1
AuthDirMaxServersPerAddr 0
AuthDirMaxServersPerAuthAddr 0
-   ClientBootstrapConsensusAuthorityDownloadSchedule 0, 2,
-  4 (for 40 seconds), 8, 16, 32, 60
-   ClientBootstrapConsensusFallbackDownloadSchedule 0, 1,
-  4 (for 40 seconds), 8, 16, 32, 60
-   ClientBootstrapConsensusAuthorityOnlyDownloadSchedule 0, 1,
-  4 (for 40 seconds), 8, 16, 32, 60
+   ClientBootstrapConsensusAuthorityDownloadInitialDelay 0
+   ClientBootstrapConsensusFallbackDownloadInitialDelay 0
+   ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay 0
ClientDNSRejectInternalAddresses 0
ClientRejectInternalAddresses 0
CountPrivateBandwidth 1
@@ -2908,12 +2902,12 @@ The following options are used for running a testing 
Tor network.
TestingV3AuthInitialDistDelay 20 seconds
TestingAuthDirTimeToLearnReachability 0 minutes
TestingEstimatedDescriptorPropagationTime 0 minutes
-   TestingServerDownloadSchedule 0, 0, 0, 5, 10, 15, 20, 30, 60
-   TestingClientDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60
-   TestingServerConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60
-   TestingClientConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60
-   TestingBridgeDownloadSchedule 10, 30, 60
-   TestingBridgeBootstrapDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60
+  

[tor-commits] [tor/master] Remove extra values from InitialDelay defaults

[nickm]

commit 82d1d8b0711282888accc2807934f7029c28c4ef
Author: Nick Mathewson 
Date:   Wed Apr 18 11:23:43 2018 -0400

Remove extra values from InitialDelay defaults

These options are now ignored.
---
 src/or/config.c | 53 ++---
 1 file changed, 18 insertions(+), 35 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index f54be47d4..a08167d45 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -614,16 +614,10 @@ static config_var_t option_vars_[] = {
   VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
   VAR("__OwningControllerFD",INT,OwningControllerFD, "-1"),
   V(MinUptimeHidServDirectoryV2, INTERVAL, "96 hours"),
-  V(TestingServerDownloadInitialDelay, CSV_INTERVAL, "0, 0, 0, 60, 60, 120, "
- "300, 900, 2147483647"),
-  V(TestingClientDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, 300, 600, "
- "2147483647"),
-  V(TestingServerConsensusDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, "
- "300, 600, 1800, 1800, 1800, 1800, "
- "1800, 3600, 7200"),
-  V(TestingClientConsensusDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, "
- "300, 600, 1800, 3600, 3600, 3600, "
- "10800, 21600, 43200"),
+  V(TestingServerDownloadInitialDelay, CSV_INTERVAL, "0"),
+  V(TestingClientDownloadInitialDelay, CSV_INTERVAL, "0"),
+  V(TestingServerConsensusDownloadInitialDelay, CSV_INTERVAL, "0"),
+  V(TestingClientConsensusDownloadInitialDelay, CSV_INTERVAL, "0"),
   /* With the ClientBootstrapConsensus*Download* below:
* Clients with only authorities will try:
*  - at least 3 authorities over 10 seconds, then exponentially backoff,
@@ -639,13 +633,11 @@ static config_var_t option_vars_[] = {
*
* When clients have authorities and fallbacks available, they use these
* schedules: (we stagger the times to avoid thundering herds) */
-  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL,
-"6, 11, 3600, 10800, 25200, 54000, 111600, 262800" /* 3 days + 1 hour */),
-  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL,
-"0, 1, 4, 11, 3600, 10800, 25200, 54000, 111600, 262800"),
+  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL, "6"),
+  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL, "0"),
   /* When clients only have authorities available, they use this schedule: */
   V(ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay, CSV_INTERVAL,
-"0, 3, 7, 3600, 10800, 25200, 54000, 111600, 262800"),
+"0"),
   /* We don't want to overwhelm slow networks (or mirrors whose replies are
* blocked), but we also don't want to fail if only some mirrors are
* blackholed. Clients will try 3 directories simultaneously.
@@ -653,14 +645,12 @@ static config_var_t option_vars_[] = {
   V(ClientBootstrapConsensusMaxInProgressTries, UINT, "3"),
   /* When a client has any running bridges, check each bridge occasionally,
 * whether or not that bridge is actually up. */
-  V(TestingBridgeDownloadInitialDelay, CSV_INTERVAL,
-"10800, 25200, 54000, 111600, 262800"),
+  V(TestingBridgeDownloadInitialDelay, CSV_INTERVAL,"10800"),
   /* When a client is just starting, or has no running bridges, check each
* bridge a few times quickly, and then try again later. These schedules
* are much longer than the other schedules, because we try each and every
* configured bridge with this schedule. */
-  V(TestingBridgeBootstrapDownloadInitialDelay, CSV_INTERVAL,
-"0, 30, 90, 600, 3600, 10800, 25200, 54000, 111600, 262800"),
+  V(TestingBridgeBootstrapDownloadInitialDelay, CSV_INTERVAL, "0"),
   V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "10 minutes"),
   V(TestingDirConnectionMaxStall, INTERVAL, "5 minutes"),
   OBSOLETE("TestingConsensusMaxDownloadTries"),
@@ -687,12 +677,10 @@ static const config_var_t testing_tor_network_defaults[] 
= {
   V(EnforceDistinctSubnets,  BOOL, "0"),
   V(AssumeReachable, BOOL, "1"),
   V(AuthDirMaxServersPerAddr,UINT, "0"),
-  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL,
-"0, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
-  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL,
-"0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
+  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL, "0"),
+  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL, "0"),
   V(ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay, CSV_INTERVAL,
-"0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
+"0"),
   V(ClientDNSRejectInternalAddresses, BOOL,"0"),
   V(ClientRejectInternalAddresses, BOOL,   "0"),
   V(CountPrivateBandwidth,   BOOL, "1"),
@@ -707,17 +695,12 @@ 

[tor-commits] [tor/master] Describe schedules as TimeInterval, not TimeIntervalCommaList.

[nickm]

commit b205061eb13abd68a5335f8008c5121ef230c34e
Author: Nick Mathewson 
Date:   Mon Apr 30 09:47:35 2018 -0400

Describe schedules as TimeInterval, not TimeIntervalCommaList.
---
 src/or/config.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/or/config.c b/src/or/config.c
index 9e9c7e58d..54f3930fc 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -8105,7 +8105,10 @@ getinfo_helper_config(control_connection_t *conn,
 case CONFIG_TYPE_ISOTIME: type = "Time"; break;
 case CONFIG_TYPE_ROUTERSET: type = "RouterList"; break;
 case CONFIG_TYPE_CSV: type = "CommaList"; break;
-case CONFIG_TYPE_CSV_INTERVAL: type = "TimeIntervalCommaList"; break;
+/* This type accepts more inputs than TimeInterval, but it ignores
+ * everything after the first entry, so we may as well pretend
+ * it's a TimeInterval. */
+case CONFIG_TYPE_CSV_INTERVAL: type = "TimeInterval"; break;
 case CONFIG_TYPE_LINELIST: type = "LineList"; break;
 case CONFIG_TYPE_LINELIST_S: type = "Dependent"; break;
 case CONFIG_TYPE_LINELIST_V: type = "Virtual"; break;

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Changes file for ticket 23354 (remove old download schedules)

[nickm]

commit 71d503201e71197b6bdf75f7e159cfcd6280ff08
Author: Nick Mathewson 
Date:   Wed Apr 18 11:38:27 2018 -0400

Changes file for ticket 23354 (remove old download schedules)
---
 changes/ticket23354 | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/changes/ticket23354 b/changes/ticket23354
new file mode 100644
index 0..f79dfd96a
--- /dev/null
+++ b/changes/ticket23354
@@ -0,0 +1,6 @@
+  o Minor features (configuration):
+- The "DownloadSchedule" options have been renamed to end with
+  "DownloadInitialDelay".  The old names are still allowed, but will
+  produce a warning. Comma-separated lists are still permitted for
+  these options, but all values after the first are ignored (as they have
+  been since 0.2.9). Closes ticket 23354.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Rename *DownloadSchedule to *DownloadInitialDelay; make them ints

[nickm]

commit 9aaed729c188a1f560d025388374c7dc1135478e
Author: Nick Mathewson 
Date:   Wed Apr 18 10:53:39 2018 -0400

Rename *DownloadSchedule to *DownloadInitialDelay; make them ints

This commit won't compile. It was made with the following perl
scripts:

s/smartlist_t \*(.*)DownloadSchedule;/int $1DownloadInitialDelay;/;
s/\b(\w*)DownloadSchedule\b/$1DownloadInitialDelay/;
---
 src/or/config.c | 48 
 src/or/directory.c  | 18 +-
 src/or/or.h | 18 +-
 src/test/test_options.c | 12 ++--
 4 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index 9c0b321b5..a9d5b3a7a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -599,14 +599,14 @@ static config_var_t option_vars_[] = {
   VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
   VAR("__OwningControllerFD",INT,OwningControllerFD, "-1"),
   V(MinUptimeHidServDirectoryV2, INTERVAL, "96 hours"),
-  V(TestingServerDownloadSchedule, CSV_INTERVAL, "0, 0, 0, 60, 60, 120, "
+  V(TestingServerDownloadInitialDelay, CSV_INTERVAL, "0, 0, 0, 60, 60, 120, "
  "300, 900, 2147483647"),
-  V(TestingClientDownloadSchedule, CSV_INTERVAL, "0, 0, 60, 300, 600, "
+  V(TestingClientDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, 300, 600, "
  "2147483647"),
-  V(TestingServerConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
+  V(TestingServerConsensusDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, "
  "300, 600, 1800, 1800, 1800, 1800, "
  "1800, 3600, 7200"),
-  V(TestingClientConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
+  V(TestingClientConsensusDownloadInitialDelay, CSV_INTERVAL, "0, 0, 60, "
  "300, 600, 1800, 3600, 3600, 3600, "
  "10800, 21600, 43200"),
   /* With the ClientBootstrapConsensus*Download* below:
@@ -624,12 +624,12 @@ static config_var_t option_vars_[] = {
*
* When clients have authorities and fallbacks available, they use these
* schedules: (we stagger the times to avoid thundering herds) */
-  V(ClientBootstrapConsensusAuthorityDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL,
 "6, 11, 3600, 10800, 25200, 54000, 111600, 262800" /* 3 days + 1 hour */),
-  V(ClientBootstrapConsensusFallbackDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL,
 "0, 1, 4, 11, 3600, 10800, 25200, 54000, 111600, 262800"),
   /* When clients only have authorities available, they use this schedule: */
-  V(ClientBootstrapConsensusAuthorityOnlyDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay, CSV_INTERVAL,
 "0, 3, 7, 3600, 10800, 25200, 54000, 111600, 262800"),
   /* We don't want to overwhelm slow networks (or mirrors whose replies are
* blocked), but we also don't want to fail if only some mirrors are
@@ -638,13 +638,13 @@ static config_var_t option_vars_[] = {
   V(ClientBootstrapConsensusMaxInProgressTries, UINT, "3"),
   /* When a client has any running bridges, check each bridge occasionally,
 * whether or not that bridge is actually up. */
-  V(TestingBridgeDownloadSchedule, CSV_INTERVAL,
+  V(TestingBridgeDownloadInitialDelay, CSV_INTERVAL,
 "10800, 25200, 54000, 111600, 262800"),
   /* When a client is just starting, or has no running bridges, check each
* bridge a few times quickly, and then try again later. These schedules
* are much longer than the other schedules, because we try each and every
* configured bridge with this schedule. */
-  V(TestingBridgeBootstrapDownloadSchedule, CSV_INTERVAL,
+  V(TestingBridgeBootstrapDownloadInitialDelay, CSV_INTERVAL,
 "0, 30, 90, 600, 3600, 10800, 25200, 54000, 111600, 262800"),
   V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "10 minutes"),
   V(TestingDirConnectionMaxStall, INTERVAL, "5 minutes"),
@@ -672,11 +672,11 @@ static const config_var_t testing_tor_network_defaults[] 
= {
   V(EnforceDistinctSubnets,  BOOL, "0"),
   V(AssumeReachable, BOOL, "1"),
   V(AuthDirMaxServersPerAddr,UINT, "0"),
-  V(ClientBootstrapConsensusAuthorityDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL,
 "0, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
-  V(ClientBootstrapConsensusFallbackDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL,
 "0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
-  V(ClientBootstrapConsensusAuthorityOnlyDownloadSchedule, CSV_INTERVAL,
+  V(ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay, CSV_INTERVAL,
 "0, 1, 4, 4, 4, 4, 4, 4, 4, 

[tor-commits] [tor/master] Add aliases for the old DownloadSchedule options

[nickm]

commit 2f792c041a8d7a76d9de517b0f9698243e312be8
Author: Nick Mathewson 
Date:   Wed Apr 18 11:20:59 2018 -0400

Add aliases for the old DownloadSchedule options

These will produce a warning, but still work fine.
---
 src/or/config.c | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/src/or/config.c b/src/or/config.c
index a9d5b3a7a..f54be47d4 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -126,6 +126,11 @@ static const char unix_socket_prefix[] = "unix:";
  * configuration. */
 static const char unix_q_socket_prefix[] = "unix:\"";
 
+/** macro to help with the bulk rename of *DownloadSchedule to
+ * *DowloadInitialDelay . */
+#define DOWNLOAD_SCHEDULE(name) \
+  { #name "DownloadSchedule", #name "DownloadInitialDelay", 0, 1 }
+
 /** A list of abbreviations and aliases to map command-line options, obsolete
  * option names, or alternative option names, to their current values. */
 static config_abbrev_t option_abbrevs_[] = {
@@ -175,6 +180,16 @@ static config_abbrev_t option_abbrevs_[] = {
   { "_HSLayer2Nodes", "HSLayer2Nodes", 0, 1 },
   { "_HSLayer3Nodes", "HSLayer3Nodes", 0, 1 },
 
+  DOWNLOAD_SCHEDULE(ClientBootstrapConsensusAuthority),
+  DOWNLOAD_SCHEDULE(ClientBootstrapConsensusAuthorityOnly),
+  DOWNLOAD_SCHEDULE(ClientBootstrapConsensusFallback),
+  DOWNLOAD_SCHEDULE(TestingBridge),
+  DOWNLOAD_SCHEDULE(TestingBridgeBootstrap),
+  DOWNLOAD_SCHEDULE(TestingClient),
+  DOWNLOAD_SCHEDULE(TestingClientConsensus),
+  DOWNLOAD_SCHEDULE(TestingServer),
+  DOWNLOAD_SCHEDULE(TestingServerConsensus),
+
   { NULL, NULL, 0, 0},
 };
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix an absurdly wide line.

[nickm]

commit 8b6fc47cc30521195124191cdd4a6324baf652a6
Author: Nick Mathewson 
Date:   Wed Apr 18 11:27:44 2018 -0400

Fix an absurdly wide line.
---
 src/or/directory.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/or/directory.c b/src/or/directory.c
index 0cbf342df..4b196 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -5330,8 +5330,8 @@ find_dl_min_delay(const download_status_t *dls, const 
or_options_t *options)
   /* During bootstrapping */
   if (!networkstatus_consensus_can_use_extra_fallbacks(options)) {
 /* A bootstrapping client without extra fallback directories */
-return
- 
options->ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay;
+return options->
+  ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay;
   } else if (dls->want_authority) {
 /* A bootstrapping client with extra fallback directories, but
  * connecting to an authority */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Rename find_dl_schedule to find_dl_min_delay.

[nickm]

commit ff6f49f033a6fdcc63eb790548b22b9cb23d3d33
Author: Nick Mathewson 
Date:   Wed Apr 18 11:26:40 2018 -0400

Rename find_dl_schedule to find_dl_min_delay.

(We no longer need two separate functions here.)
---
 src/or/directory.c  | 21 +++--
 src/or/directory.h  |  2 --
 src/test/test_dir.c | 44 ++--
 3 files changed, 29 insertions(+), 38 deletions(-)

diff --git a/src/or/directory.c b/src/or/directory.c
index 7b7dc5b35..0cbf342df 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -5300,12 +5300,17 @@ connection_dir_finished_connecting(dir_connection_t 
*conn)
 
 /** Decide which download schedule we want to use based on descriptor type
  * in dls and options.
- * Then return a list of int pointers defining download delays in seconds.
+ *
+ * Then, return the initial delay for that download schedule, in seconds.
+ *
  * Helper function for download_status_increment_failure(),
  * download_status_reset(), and download_status_increment_attempt(). */
 STATIC int
-find_dl_schedule(const download_status_t *dls, const or_options_t *options)
+find_dl_min_delay(const download_status_t *dls, const or_options_t *options)
 {
+  tor_assert(dls);
+  tor_assert(options);
+
   switch (dls->schedule) {
 case DL_SCHED_GENERIC:
   /* Any other directory document */
@@ -5362,18 +5367,6 @@ find_dl_schedule(const download_status_t *dls, const 
or_options_t *options)
   return 0;
 }
 
-/** Decide which minimum delay step we want to use based on
- * descriptor type in dls and options.
- * Helper function for download_status_schedule_get_delay(). */
-STATIC int
-find_dl_min_delay(const download_status_t *dls, const or_options_t *options)
-{
-  tor_assert(dls);
-  tor_assert(options);
-
-  return find_dl_schedule(dls, options);
-}
-
 /** As next_random_exponential_delay() below, but does not compute a random
  * value. Instead, compute the range of values that
  * next_random_exponential_delay() should use when computing its random value.
diff --git a/src/or/directory.h b/src/or/directory.h
index e082bbf7b..5f5ff7eca 100644
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -259,8 +259,6 @@ STATIC char* authdir_type_to_string(dirinfo_type_t auth);
 STATIC const char * dir_conn_purpose_to_string(int purpose);
 STATIC int should_use_directory_guards(const or_options_t *options);
 STATIC compression_level_t choose_compression_level(ssize_t n_bytes);
-STATIC int find_dl_schedule(const download_status_t *dls,
-const or_options_t *options);
 STATIC int find_dl_min_delay(const download_status_t *dls,
  const or_options_t *options);
 
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 8926221f0..367ecf0b9 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -5432,7 +5432,7 @@ mock_num_bridges_usable(int use_maybe_reachable)
  * fallbacks.
  */
 static void
-test_dir_find_dl_schedule(void* data)
+test_dir_find_dl_min_delay(void* data)
 {
   const char *str = (const char *)data;
 
@@ -5490,20 +5490,20 @@ test_dir_find_dl_schedule(void* data)
   dls.schedule = DL_SCHED_GENERIC;
   /* client */
   mock_options->ClientOnly = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ, client);
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ, client);
   mock_options->ClientOnly = 0;
 
   /* dir mode */
   mock_options->DirPort_set = 1;
   mock_options->DirCache = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ, server);
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ, server);
   mock_options->DirPort_set = 0;
   mock_options->DirCache = 0;
 
   dls.schedule = DL_SCHED_CONSENSUS;
   /* public server mode */
   mock_options->ORPort_set = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ, server_cons);
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ, server_cons);
   mock_options->ORPort_set = 0;
 
   /* client and bridge modes */
@@ -5512,14 +5512,14 @@ test_dir_find_dl_schedule(void* data)
   dls.want_authority = 1;
   /* client */
   mock_options->ClientOnly = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ,
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ,
 client_boot_auth_cons);
   mock_options->ClientOnly = 0;
 
   /* bridge relay */
   mock_options->ORPort_set = 1;
   mock_options->BridgeRelay = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ,
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ,
 client_boot_auth_cons);
   mock_options->ORPort_set = 0;
   mock_options->BridgeRelay = 0;
@@ -5527,14 +5527,14 @@ test_dir_find_dl_schedule(void* data)
   dls.want_authority = 0;
   /* client */
   mock_options->ClientOnly = 1;
-  tt_int_op(find_dl_schedule(, mock_options), OP_EQ,
+  tt_int_op(find_dl_min_delay(, mock_options), OP_EQ,
 client_boot_fallback_cons);
   

[tor-commits] [tor/master] Change the type of "download schedule" from smartlist to int.

[nickm]

commit 2d7b5c6fe5dc46b7e7cd040e6723e25d12015985
Author: Nick Mathewson 
Date:   Wed Apr 18 11:19:14 2018 -0400

Change the type of "download schedule" from smartlist to int.

This is done as follows:
  * Only one function (find_dl_schedule()) actually returned a
smartlist. Now it returns an int.

  * The CSV_INTERVAL type has been altered to ignore everything
after the first comma, and to store the value before the first
comma in an int.
---
 src/or/confparse.c  |  80 +-
 src/or/confparse.h  |   2 +-
 src/or/directory.c  |  17 +++-
 src/or/directory.h  |   6 +--
 src/test/test_dir.c | 109 ++--
 5 files changed, 81 insertions(+), 133 deletions(-)

diff --git a/src/or/confparse.c b/src/or/confparse.c
index 64ed9ee6b..6bab79094 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -162,8 +162,6 @@ config_assign_value(const config_format_t *fmt, void 
*options,
   int i, ok;
   const config_var_t *var;
   void *lvalue;
-  int *csv_int;
-  smartlist_t *csv_str;
 
   CONFIG_CHECK(fmt, options);
 
@@ -195,6 +193,30 @@ config_assign_value(const config_format_t *fmt, void 
*options,
 *(int *)lvalue = i;
 break;
 
+  case CONFIG_TYPE_CSV_INTERVAL: {
+/* We used to have entire smartlists here.  But now that all of our
+ * download schedules use exponential backoff, only the first part
+ * matters. */
+const char *comma = strchr(c->value, ',');
+const char *val = c->value;
+char *tmp = NULL;
+if (comma) {
+  tmp = tor_strndup(c->value, comma - c->value);
+  val = tmp;
+}
+
+i = config_parse_interval(val, );
+if (!ok) {
+  tor_asprintf(msg,
+  "Interval '%s %s' is malformed or out of bounds.",
+  c->key, c->value);
+  return -1;
+}
+*(int *)lvalue = i;
+tor_free(tmp);
+break;
+  }
+
   case CONFIG_TYPE_INTERVAL: {
 i = config_parse_interval(c->value, );
 if (!ok) {
@@ -298,36 +320,6 @@ config_assign_value(const config_format_t *fmt, void 
*options,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
 break;
 
-  case CONFIG_TYPE_CSV_INTERVAL:
-if (*(smartlist_t**)lvalue) {
-  SMARTLIST_FOREACH(*(smartlist_t**)lvalue, int *, cp, tor_free(cp));
-  smartlist_clear(*(smartlist_t**)lvalue);
-} else {
-  *(smartlist_t**)lvalue = smartlist_new();
-}
-csv_str = smartlist_new();
-smartlist_split_string(csv_str, c->value, ",",
-   SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
-SMARTLIST_FOREACH_BEGIN(csv_str, char *, str)
-  {
-i = config_parse_interval(str, );
-if (!ok) {
-  tor_asprintf(msg,
-  "Interval in '%s %s' is malformed or out of bounds.",
-  c->key, c->value);
-  SMARTLIST_FOREACH(csv_str, char *, cp, tor_free(cp));
-  smartlist_free(csv_str);
-  return -1;
-}
-csv_int = tor_malloc_zero(sizeof(int));
-*csv_int = i;
-smartlist_add(*(smartlist_t**)lvalue, csv_int);
-  }
-SMARTLIST_FOREACH_END(str);
-SMARTLIST_FOREACH(csv_str, char *, cp, tor_free(cp));
-smartlist_free(csv_str);
-break;
-
   case CONFIG_TYPE_LINELIST:
   case CONFIG_TYPE_LINELIST_S:
 {
@@ -528,7 +520,6 @@ config_get_assigned_option(const config_format_t *fmt, 
const void *options,
   const config_var_t *var;
   const void *value;
   config_line_t *result;
-  smartlist_t *csv_str;
   tor_assert(options && key);
 
   CONFIG_CHECK(fmt, options);
@@ -571,6 +562,7 @@ config_get_assigned_option(const config_format_t *fmt, 
const void *options,
 break;
   }
   /* fall through */
+case CONFIG_TYPE_CSV_INTERVAL:
 case CONFIG_TYPE_INTERVAL:
 case CONFIG_TYPE_MSEC_INTERVAL:
 case CONFIG_TYPE_UINT:
@@ -611,20 +603,6 @@ config_get_assigned_option(const config_format_t *fmt, 
const void *options,
   else
 result->value = tor_strdup("");
   break;
-case CONFIG_TYPE_CSV_INTERVAL:
-  if (*(smartlist_t**)value) {
-csv_str = smartlist_new();
-SMARTLIST_FOREACH_BEGIN(*(smartlist_t**)value, int *, i)
-  {
-smartlist_add_asprintf(csv_str, "%d", *i);
-  }
-SMARTLIST_FOREACH_END(i);
-result->value = smartlist_join_strings(csv_str, ",", 0, NULL);
-SMARTLIST_FOREACH(csv_str, char *, cp, tor_free(cp));
-smartlist_free(csv_str);
-  } else
-result->value = tor_strdup("");
-  break;
 case CONFIG_TYPE_OBSOLETE:
   log_fn(LOG_INFO, LD_CONFIG,
  "You asked me for the value of an obsolete config option '%s'.",
@@ -789,6 +767,7 @@ config_clear(const config_format_t *fmt, void *options,
 case CONFIG_TYPE_ISOTIME:
   *(time_t*)lvalue = 0;
   break;
+case CONFIG_TYPE_CSV_INTERVAL:
 case CONFIG_TYPE_INTERVAL:
 case 

[tor-commits] [tor/master] Merge remote-tracking branch 'github/ticket23354'

[nickm]

commit 6cb467b462bda8d623c1a061ea2107084ff1cb41
Merge: a9736f1f3 71d503201
Author: Nick Mathewson 
Date:   Mon Apr 30 09:45:28 2018 -0400

Merge remote-tracking branch 'github/ticket23354'

 changes/ticket23354 |   6 +++
 doc/tor.1.txt   |  84 ++--
 src/or/config.c |  84 
 src/or/confparse.c  |  80 ++
 src/or/confparse.h  |   6 ++-
 src/or/directory.c  |  54 
 src/or/directory.h  |   4 +-
 src/or/or.h |  18 +++
 src/test/test_dir.c | 127 +---
 src/test/test_options.c |  12 ++---
 10 files changed, 204 insertions(+), 271 deletions(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add support for openssl built with "no-deprecated".

[nickm]

commit a15b2c57e1f901c531a5f063513a541adb418ae1
Author: Nick Mathewson 
Date:   Wed Apr 18 12:31:24 2018 -0400

Add support for openssl built with "no-deprecated".

Patch from Andrew John Hughes; partial fix for 19981.
---
 src/common/aes.c|  4 
 src/common/crypto.c | 16 
 src/common/tortls.c | 15 +++
 3 files changed, 35 insertions(+)

diff --git a/src/common/aes.c b/src/common/aes.c
index 5d0841dfa..95737cffc 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -116,7 +116,11 @@ aes_cipher_free_(aes_cnt_cipher_t *cipher_)
   if (!cipher_)
 return;
   EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_;
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+  EVP_CIPHER_CTX_reset(cipher);
+#else
   EVP_CIPHER_CTX_cleanup(cipher);
+#endif
   EVP_CIPHER_CTX_free(cipher);
 }
 void
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 9fcd17742..c98a96875 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -43,6 +43,7 @@ DISABLE_GCC_WARNING(redundant-decls)
 #include 
 #include 
 #include 
+#include 
 
 ENABLE_GCC_WARNING(redundant-decls)
 
@@ -204,8 +205,15 @@ crypto_early_init(void)
 
 crypto_early_initialized_ = 1;
 
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
+ OPENSSL_INIT_ADD_ALL_CIPHERS |
+ OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+#else
 ERR_load_crypto_strings();
 OpenSSL_add_all_algorithms();
+#endif
 
 setup_openssl_threading();
 
@@ -1660,11 +1668,15 @@ memwipe(void *mem, uint8_t byte, size_t sz)
 int
 crypto_global_cleanup(void)
 {
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
   EVP_cleanup();
+#endif
 #ifndef NEW_THREAD_API
   ERR_remove_thread_state(NULL);
 #endif
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
   ERR_free_strings();
+#endif
 
   if (dh_param_p)
 BN_clear_free(dh_param_p);
@@ -1676,11 +1688,15 @@ crypto_global_cleanup(void)
   dh_param_p = dh_param_p_tls = dh_param_g = NULL;
 
 #ifndef DISABLE_ENGINES
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
   ENGINE_cleanup();
 #endif
+#endif
 
   CONF_modules_unload(1);
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
   CRYPTO_cleanup_all_ex_data();
+#endif
 
   crypto_openssl_free_all();
 
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 05e29e22f..23bcd8528 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -56,10 +56,21 @@ ENABLE_GCC_WARNING(redundant-decls)
 #include "container.h"
 #include 
 
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#define X509_get_notBefore_const(cert) \
+X509_get0_notBefore(cert)
+#define X509_get_notAfter_const(cert) \
+X509_get0_notAfter(cert)
+#define X509_get_notBefore(cert) \
+X509_getm_notBefore(cert)
+#define X509_get_notAfter(cert) \
+X509_getm_notAfter(cert)
+#else
 #define X509_get_notBefore_const(cert) \
   ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert))
 #define X509_get_notAfter_const(cert) \
   ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert))
+#endif
 
 /* Copied from or.h */
 #define LEGAL_NICKNAME_CHARACTERS \
@@ -355,8 +366,12 @@ tor_tls_init(void)
   check_no_tls_errors();
 
   if (!tls_library_is_initialized) {
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+#else
 SSL_library_init();
 SSL_load_error_strings();
+#endif
 
 #if (SIZEOF_VOID_P >= 8 &&  \
  OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1))



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] mention 19429 in changes file

[nickm]

commit 32181cbaa2c4f0cdd8d3d39ddafb8aff643a4280
Author: Nick Mathewson 
Date:   Wed Apr 18 13:03:31 2018 -0400

mention 19429 in changes file
---
 changes/feature19429 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changes/feature19429 b/changes/feature19429
index 29db6a5bc..0faa6e84e 100644
--- a/changes/feature19429
+++ b/changes/feature19429
@@ -1,5 +1,5 @@
   o Minor features (compatibility):
 - Tor now detects versions of OpenSSL 1.1.0 and later compiled with the
   no-deprecated option, and builds correctly with them. Closes
-  tickets 19981 and 25353.
+  tickets 19429, 19981, and 25353.
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Only define X509_get_not{BeforeAfter} if they are not defined

[nickm]

commit d6a773f57d7d91e9a98444b048ed779120f14dfd
Author: Nick Mathewson 
Date:   Fri Apr 27 12:55:52 2018 -0400

Only define X509_get_not{BeforeAfter} if they are not defined

(The originally submitted version of a15b2c57e1f901c531 broke
with OpenSSL 1.1.0.)
---
 src/common/tortls.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 23bcd8528..cd236363f 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -61,11 +61,15 @@ ENABLE_GCC_WARNING(redundant-decls)
 X509_get0_notBefore(cert)
 #define X509_get_notAfter_const(cert) \
 X509_get0_notAfter(cert)
+#ifndef X509_get_notBefore
 #define X509_get_notBefore(cert) \
 X509_getm_notBefore(cert)
+#endif
+#ifndef X509_get_notAfter
 #define X509_get_notAfter(cert) \
 X509_getm_notAfter(cert)
-#else
+#endif
+#else /* ! OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) */
 #define X509_get_notBefore_const(cert) \
   ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert))
 #define X509_get_notAfter_const(cert) \



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'github/ticket19429_034'

[nickm]

commit a9736f1f3800a7f10de72c6c847e48a502dd5643
Merge: cb0af6157 d6a773f57
Author: Nick Mathewson 
Date:   Mon Apr 30 09:41:33 2018 -0400

Merge remote-tracking branch 'github/ticket19429_034'

 changes/feature19429   |  5 +
 configure.ac   | 15 ---
 src/common/aes.c   |  4 
 src/common/crypto.c| 16 
 src/common/tortls.c| 19 +++
 src/test/test_tortls.c | 41 ++---
 6 files changed, 78 insertions(+), 22 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Make test_tortls.c build with openssl no_deprecated.

[nickm]

commit 9d27e3f01468c2a31d3d3ab538a668d8351e5324
Author: Nick Mathewson 
Date:   Wed Apr 18 12:32:39 2018 -0400

Make test_tortls.c build with openssl no_deprecated.

Also for 19981.
---
 src/test/test_tortls.c | 41 ++---
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 29f7cc9c3..ef1be139a 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -203,6 +203,17 @@ test_tortls_tor_tls_get_error(void *data)
 }
 
 static void
+library_init(void)
+{
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+  OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+#else
+  SSL_library_init();
+  SSL_load_error_strings();
+#endif
+}
+
+static void
 test_tortls_get_state_description(void *ignored)
 {
   (void)ignored;
@@ -210,9 +221,7 @@ test_tortls_get_state_description(void *ignored)
   char *buf;
   SSL_CTX *ctx;
 
-  SSL_library_init();
-  SSL_load_error_strings();
-
+  library_init();
   ctx = SSL_CTX_new(SSLv23_method());
 
   buf = tor_malloc_zero(1000);
@@ -274,8 +283,7 @@ test_tortls_get_by_ssl(void *ignored)
   SSL_CTX *ctx;
   SSL *ssl;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
   tor_tls_allocate_tor_tls_object_ex_data_index();
 
   ctx = SSL_CTX_new(SSLv23_method());
@@ -322,8 +330,7 @@ test_tortls_log_one_error(void *ignored)
   SSL_CTX *ctx;
   SSL *ssl = NULL;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
 
   ctx = SSL_CTX_new(SSLv23_method());
   tls = tor_malloc_zero(sizeof(tor_tls_t));
@@ -415,8 +422,7 @@ test_tortls_get_error(void *ignored)
   int ret;
   SSL_CTX *ctx;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
 
   ctx = SSL_CTX_new(SSLv23_method());
   setup_capture_of_logs(LOG_INFO);
@@ -792,8 +798,8 @@ test_tortls_classify_client_ciphers(void *ignored)
   STACK_OF(SSL_CIPHER) *ciphers;
   SSL_CIPHER *tmp_cipher;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
+
   tor_tls_allocate_tor_tls_object_ex_data_index();
 
   tls = tor_malloc_zero(sizeof(tor_tls_t));
@@ -897,8 +903,7 @@ test_tortls_client_is_using_v2_ciphers(void *ignored)
   SSL_SESSION *sess;
   STACK_OF(SSL_CIPHER) *ciphers;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
 
   ctx = SSL_CTX_new(TLSv1_method());
   ssl = SSL_new(ctx);
@@ -1541,8 +1546,8 @@ test_tortls_session_secret_cb(void *ignored)
   STACK_OF(SSL_CIPHER) *ciphers = NULL;
   SSL_CIPHER *one;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
+
   tor_tls_allocate_tor_tls_object_ex_data_index();
 
   tls = tor_malloc_zero(sizeof(tor_tls_t));
@@ -1733,8 +1738,7 @@ test_tortls_find_cipher_by_id(void *ignored)
   fixed_cipher2 = tor_malloc_zero(sizeof(SSL_CIPHER));
   fixed_cipher2->id = 0xC00A;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
 
   ctx = SSL_CTX_new(m);
   ssl = SSL_new(ctx);
@@ -1825,8 +1829,7 @@ test_tortls_server_info_callback(void *ignored)
   SSL_CTX *ctx;
   SSL *ssl;
 
-  SSL_library_init();
-  SSL_load_error_strings();
+  library_init();
 
   ctx = SSL_CTX_new(TLSv1_method());
   ssl = SSL_new(ctx);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Edit our openssl detection in autoconf to tolerate no-deprecated.

[nickm]

commit 8e562874a42a1a3eb982ba2df3ff1f3860db0d31
Author: Nick Mathewson 
Date:   Mon Mar 5 15:34:04 2018 -0500

Edit our openssl detection in autoconf to tolerate no-deprecated.

When openssl is built with no-deprecated, the TLSv1_1_method()
function isn't visible in the headers.  That's sad, because that
method is what we were looking at.

Instead, we now look at SSL_CIPHER_get_id(), which is present in
OpenSSL 1.0.1 and later, which is _not_ deprecated, and which is
also present in LibreSSL.

Fixes ticket 25353.  Not a bugfix exactly -- we never really worked
with this configuration.
---
 configure.ac | 15 ---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 878f5a88b..aa2617b70 100644
--- a/configure.ac
+++ b/configure.ac
@@ -788,9 +788,18 @@ AC_ARG_WITH(ssl-dir,
 
 AC_MSG_NOTICE([Now, we'll look for OpenSSL >= 1.0.1])
 TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI 
$TOR_LIB_WS32],
-[#include ],
-[struct ssl_method_st; const struct ssl_method_st *TLSv1_1_method(void);],
-[TLSv1_1_method();], [],
+[#include 
+ char *getenv(const char *);],
+[struct ssl_cipher_st;
+ unsigned SSL_CIPHER_get_id(const struct ssl_cipher_st *);
+ char *getenv(const char *);],
+dnl This funny-looking test program calls getenv, so that the compiler
+dnl will neither make code that call SSL_CIPHER_get_id(NULL) [producing
+dnl a crash], nor optimize out the call to SSL_CIPHER_get_id().
+dnl We look for SSL_cipher_get_id() because it is present in
+dnl OpenSSL >=1.0.1, because it is not deprecated, and because Tor
+dnl depends on it.
+[if (getenv("THIS_SHOULDNT_BE_SET_X201803")) SSL_CIPHER_get_id((void 
*)0);], [],
 [/usr/local/opt/openssl /usr/local/openssl /usr/lib/openssl /usr/local/ssl 
/usr/lib/ssl /usr/local /opt/openssl])
 
 dnl  check for OPENSSL_VERSION_NUMBER == SSLeay()



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Changes file for openssl no-deprecated work.

[nickm]

commit c296f002541aee6dee5884187640fb273466b8f6
Author: Nick Mathewson 
Date:   Wed Apr 18 12:35:36 2018 -0400

Changes file for openssl no-deprecated work.
---
 changes/feature19429 | 5 +
 1 file changed, 5 insertions(+)

diff --git a/changes/feature19429 b/changes/feature19429
new file mode 100644
index 0..29db6a5bc
--- /dev/null
+++ b/changes/feature19429
@@ -0,0 +1,5 @@
+  o Minor features (compatibility):
+- Tor now detects versions of OpenSSL 1.1.0 and later compiled with the
+  no-deprecated option, and builds correctly with them. Closes
+  tickets 19981 and 25353.
+



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-tormessenger] Update translations for support-tormessenger

[translation]

commit d5ff4808454fb2b4b943489ebbb6ecc5cb3ef837
Author: Translation commit bot 
Date:   Mon Apr 30 11:50:40 2018 +

Update translations for support-tormessenger
---
 bn_BD.json | 24 
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/bn_BD.json b/bn_BD.json
index bbad42d5c..c9d4fbf9a 100644
--- a/bn_BD.json
+++ b/bn_BD.json
@@ -1,20 +1,20 @@
 {
 "messenger-1": {
-   "id": "#messenger-1",
-   "control": "messenger-1",
-   "title": "Does Tor Project make an application for private chat?",
-   "description": "Yes! Tor Messenger, though still in 
beta, is a cross-platform chat program that aims to be secure by default and 
sends all of its traffic over Tor. It supports a wide variety of transport 
networks, including XMPP, IRC, Twitter, and others; enables Off-the-Record 
(OTR) Messaging automatically; has an easy-to-use graphical user interface; and 
a secure automatic updater.See this https://blog.torproject.org/category/tags/tor-messenger\;>Tor Messenger 
blog post for more information."
+   "id": "# মেসেঞ্জার-1",
+   "control": "মেসেঞ্জার-1",
+   "title": "টর প্রকল্প কি 
ব্যক্তিগত চ্যাটের জন্য একটি অ
্যাপ্লিকেশন তৈরি করে?",
+   "description": "হ্যাঁ! টর 
মেসেঞ্জার, যদিও এখনও বিটাতে 
রয়েছে, একটি ক্রস-প্ল্যাটফর্ম 
চ্যাট প্রোগ্রাম যা 
ডিফল্টভাবে নিরাপদ হওয়া এবং 
টর এর উপর তার সমস্ত ট্রাফিক 
প্রেরণ করে। এটি এক্সএমপিপি, 
আইআরসি, টুইটার এবং অন্যান্য 
সহ বিভিন্ন ধরনের পরিবহন 
নেটওয়ার্ককে  সমর্থন করে; 
স্বয়ংক্রিয়ভাবে অ
ফ-দ্য-রেকর্ড (OTR) মেসেজিং সক্ষম 
করে; এর একটি সহজ-ব্যবহার 
গ্রাফিকাল ইউজার ইন্টারফেস 
আছে; এবং এটি একটà
 ¦¿ সুরক্ষিত স্বয়ংক্রিয় 
আপডেটকারী।আরও তথ্যের 
জন্য এই https://blog.torproject.org/category/tags/tor-messenger\;>টর 
মেসেঞ্জার ব্লগ পোস্ট দেখুন।"
 },
 "messenger-2": {
-   "id": "#messenger-2",
-   "control": "messenger-2",
-   "title": "What platforms is Tor Messenger available on?",
-   "description": "Tor Messenger (beta) is currently 
available on Linux, Windows, and OSX."
+   "id": "# মেসেঞ্জার-2",
+   "control": "মেসেঞ্জার-2",
+   "title": "টর্স মেসেঞ্জার কোন 
প্ল্যাটফর্মগুলিতে উপলব্ধ ?",
+   "description": "টর 
ম্যাসেঞ্জার (বিটা) বর্তমানে 
লিনাক্স, উইন্ডোজ এবং ওএসএক্স 
এ উপলব্ধ।"
 },
 "messenger-3": {
-   "id": "#messenger-3",
-   "control": "messenger-3",
-   "title": "Where can I download Tor Messenger?",
-   "description": "While the Tor Messenger remains in 
beta, the latest downloads can be found on our wiki."
+   "id": "# মেসেঞ্জার -3",
+   "control": "মেসেঞ্জার -3",
+   "title": "আমি টর ম্যাসেঞ্জার 
কোথায় ডাউনলোড করতে পারি?",
+   "description": "যদিও টর 
মেসেঞ্জার বিটাতে রয়ে গেছে, 
সর্বশেষ ডাউনলোডগুলি আমাদের 
উইকিতে পাওয়া যেতে পারে।"
 }
 }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-tormessenger_completed] Update translations for support-tormessenger_completed

[translation]

commit 56824fed9700d9a6a3475961a483f3ba323b22f3
Author: Translation commit bot 
Date:   Mon Apr 30 11:50:44 2018 +

Update translations for support-tormessenger_completed
---
 bn_BD.json | 20 
 1 file changed, 20 insertions(+)

diff --git a/bn_BD.json b/bn_BD.json
new file mode 100644
index 0..c9d4fbf9a
--- /dev/null
+++ b/bn_BD.json
@@ -0,0 +1,20 @@
+{
+"messenger-1": {
+   "id": "# মেসেঞ্জার-1",
+   "control": "মেসেঞ্জার-1",
+   "title": "টর প্রকল্প কি 
ব্যক্তিগত চ্যাটের জন্য একটি অ
্যাপ্লিকেশন তৈরি করে?",
+   "description": "হ্যাঁ! টর 
মেসেঞ্জার, যদিও এখনও বিটাতে 
রয়েছে, একটি ক্রস-প্ল্যাটফর্ম 
চ্যাট প্রোগ্রাম যা 
ডিফল্টভাবে নিরাপদ হওয়া এবং 
টর এর উপর তার সমস্ত ট্রাফিক 
প্রেরণ করে। এটি এক্সএমপিপি, 
আইআরসি, টুইটার এবং অন্যান্য 
সহ বিভিন্ন ধরনের পরিবহন 
নেটওয়ার্ককে  সমর্থন করে; 
স্বয়ংক্রিয়ভাবে অ
ফ-দ্য-রেকর্ড (OTR) মেসেজিং সক্ষম 
করে; এর একটি সহজ-ব্যবহার 
গ্রাফিকাল ইউজার ইন্টারফেস 
আছে; এবং এটি একটà
 ¦¿ সুরক্ষিত স্বয়ংক্রিয় 
আপডেটকারী।আরও তথ্যের 
জন্য এই https://blog.torproject.org/category/tags/tor-messenger\;>টর 
মেসেঞ্জার ব্লগ পোস্ট দেখুন।"
+},
+"messenger-2": {
+   "id": "# মেসেঞ্জার-2",
+   "control": "মেসেঞ্জার-2",
+   "title": "টর্স মেসেঞ্জার কোন 
প্ল্যাটফর্মগুলিতে উপলব্ধ ?",
+   "description": "টর 
ম্যাসেঞ্জার (বিটা) বর্তমানে 
লিনাক্স, উইন্ডোজ এবং ওএসএক্স 
এ উপলব্ধ।"
+},
+"messenger-3": {
+   "id": "# মেসেঞ্জার -3",
+   "control": "মেসেঞ্জার -3",
+   "title": "আমি টর ম্যাসেঞ্জার 
কোথায় ডাউনলোড করতে পারি?",
+   "description": "যদিও টর 
মেসেঞ্জার বিটাতে রয়ে গেছে, 
সর্বশেষ ডাউনলোডগুলি আমাদের 
উইকিতে পাওয়া যেতে পারে।"
+}
+}

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 295df72bf8a07857331db1b11988660a4abcdf0e
Author: Translation commit bot 
Date:   Mon Apr 30 11:45:38 2018 +

Update translations for https_everywhere_completed
---
 bn_BD/https-everywhere.dtd | 5 +
 1 file changed, 5 insertions(+)

diff --git a/bn_BD/https-everywhere.dtd b/bn_BD/https-everywhere.dtd
index d5743c504..b1a921f84 100644
--- a/bn_BD/https-everywhere.dtd
+++ b/bn_BD/https-everywhere.dtd
@@ -2,6 +2,7 @@
 
 
 
+
 
 
 
@@ -12,8 +13,12 @@
 
 
 
+
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 38a78ce0b043a20586ce17753e2d0a56f21afc1b
Author: Translation commit bot 
Date:   Mon Apr 30 11:45:29 2018 +

Update translations for https_everywhere
---
 bn_BD/https-everywhere.dtd | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/bn_BD/https-everywhere.dtd b/bn_BD/https-everywhere.dtd
index b01702858..b1a921f84 100644
--- a/bn_BD/https-everywhere.dtd
+++ b/bn_BD/https-everywhere.dtd
@@ -2,7 +2,7 @@
 
 
 
-
+
 
 
 
@@ -13,12 +13,12 @@
 
 
 
-
+
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, r=nalexander

[gk]

commit e53935623c1da11a7b327542667dba32ddd95017
Author: Eugen Sawin 
Date:   Tue Apr 24 19:09:24 2018 -0300

Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, 
r=nalexander

--HG--
extra : rebase_source : 1f764df3309b3641f124915b1a1204afbbd8354a
---
 mobile/android/base/java/org/mozilla/gecko/IntentHelper.java | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java 
b/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
index efe9576d7d19..e2f34f926b72 100644
--- a/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
+++ b/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
@@ -287,6 +287,12 @@ public final class IntentHelper implements 
GeckoEventListener,
 return null;
 }
 
+final Uri data = intent.getData();
+if (data != null && 
"file".equals(data.normalizeScheme().getScheme())) {
+Log.w(LOGTAG, "Blocked intent with \"file://\" data scheme.");
+return null;
+}
+
 // Only open applications which can accept arbitrary data from a 
browser.
 intent.addCategory(Intent.CATEGORY_BROWSABLE);
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1416940; r=snorp

[gk]

commit 5bdd0416f089ddaab4d14e63b7cd35bf51a2035b
Author: Jim Chen 
Date:   Tue Nov 28 23:07:52 2017 -0500

Bug 1416940; r=snorp

MozReview-Commit-ID: 7izmybLFG6i
---
 mozglue/android/NSSBridge.cpp | 114 +++---
 mozglue/android/NSSBridge.h   |   4 --
 2 files changed, 52 insertions(+), 66 deletions(-)

diff --git a/mozglue/android/NSSBridge.cpp b/mozglue/android/NSSBridge.cpp
index 2a9b5771df0d..3343ad1b2472 100644
--- a/mozglue/android/NSSBridge.cpp
+++ b/mozglue/android/NSSBridge.cpp
@@ -37,6 +37,10 @@ NSS_WRAPPER_INT(PL_Base64Encode)
 NSS_WRAPPER_INT(PL_Base64Decode)
 NSS_WRAPPER_INT(PL_strfree)
 
+SECStatus doCrypto(JNIEnv* jenv, const char *path, const char *value, char** 
result, bool doEncrypt);
+SECStatus encode(const uint8_t* data, uint32_t srclen, char** result);
+SECStatus decode(const char* data, uint8_t** result, uint32_t* length);
+
 int
 setup_nss_functions(void *nss_handle,
 void *nspr_handle,
@@ -189,41 +193,40 @@ doCrypto(JNIEnv* jenv, const char *path, const char 
*value, char** result, bool
   keyid.len = 0;
   rv = f_PK11SDR_Encrypt(, , , nullptr);
 
-  if (rv != SECSuccess) {
+  if (rv == SECSuccess) {
+rv = encode(reply.data, reply.len, result);
+if (rv == SECSuccess) {
+  LOG("Encrypted: %s\n", *result);
+} else {
+  throwError(jenv, "encode");
+}
+  } else {
 throwError(jenv, "PK11SDR_Encrypt");
-goto done;
   }
 
-  rv = encode(reply.data, reply.len, result);
-  if (rv != SECSuccess) {
-  throwError(jenv, "encode");
-  goto done;
-  }
-  LOG("Encrypted: %s\n", *result);
 } else {
   LOG("Decoding: %s\n", value);
-  rv = decode(value, , (int32_t*));
+  rv = decode(value, , );
   if (rv != SECSuccess) {
   throwError(jenv, "decode");
   return rv;
   }
 
   rv = f_PK11SDR_Decrypt(, , nullptr);
-  if (rv != SECSuccess) {
-throwError(jenv, "PK11SDR_Decrypt");
-goto done;
-  }
 
-  *result = (char *)malloc(reply.len+1);
-  strncpy(*result, (char *)reply.data, reply.len);
-  (*result)[reply.len] = '\0';
+  if (rv == SECSuccess) {
+*result = static_cast(malloc(reply.len + 1));
+strncpy(*result, reinterpret_cast(reply.data), reply.len);
+(*result)[reply.len] = '\0';
 
-  // This can print sensitive data. Uncomment if you need it.
-  // LOG("Decoded %i letters: %s\n", reply.len, *result);
+// This can print sensitive data. Uncomment if you need it.
+// LOG("Decoded %i letters: %s\n", reply.len, *result);
+  } else {
+throwError(jenv, "PK11SDR_Decrypt");
+  }
   free(request.data);
 }
 
-done:
 f_SECITEM_ZfreeItem(, false);
 return rv;
 }
@@ -232,64 +235,51 @@ done:
  * Base64 encodes the data passed in. The caller must deallocate _retval using 
free();
  */
 SECStatus
-encode(const unsigned char *data, int32_t dataLen, char **_retval)
+encode(const uint8_t* data, uint32_t srclen, char** result)
 {
-  SECStatus rv = SECSuccess;
-  char *encoded = f_PL_Base64Encode((const char *)data, dataLen, nullptr);
-  if (!encoded)
-rv = SECFailure;
-  if (!*encoded)
-rv = SECFailure;
-
-  if (rv == SECSuccess) {
-*_retval = (char *)malloc(strlen(encoded)+1);
-strcpy(*_retval, encoded);
+  if (srclen > (PR_UINT32_MAX / 4) * 3) {
+return SECFailure;
   }
 
-  if (encoded) {
-f_PR_Free(encoded);
+  const uint32_t dstlen = ((srclen + 2) / 3) * 4;
+  char* const buffer = static_cast(malloc(dstlen + 1));
+
+  if (!buffer || !f_PL_Base64Encode(reinterpret_cast(data), 
srclen, buffer)) {
+free(buffer);
+*result = nullptr;
+return SECFailure;
   }
 
-  return rv;
+  buffer[dstlen] = '\0';
+  *result = buffer;
+  return SECSuccess;
 }
 
 /*
  * Base64 decodes the data passed in. The caller must deallocate result using 
free();
  */
 SECStatus
-decode(const char *data, unsigned char **result, int32_t *length)
+decode(const char* data, uint8_t** result, uint32_t* length)
 {
-  SECStatus rv = SECSuccess;
-  uint32_t len = strlen(data);
-  int adjust = 0;
-
-  /* Compute length adjustment */
-  if (len > 0 && data[len-1] == '=') {
-adjust++;
-if (data[len-2] == '=') adjust++;
+  uint32_t srclen = strlen(data);
+  while (srclen && data[srclen - 1] == '=') {
+srclen--;
   }
 
-  char *decoded;
-  decoded = f_PL_Base64Decode(data, len, nullptr);
-  if (!decoded) {
-return SECFailure;
-  }
-  if (!*decoded) {
+  // Avoid overflow when calculating result length.
+  const uint32_t dstlen = (srclen / 4) * 3 + ((srclen % 4) * 3) / 4;
+  // At most 2 extra bytes due to padding in input.
+  uint8_t* const buffer = static_cast(malloc(dstlen + 2));
+
+  if (!buffer || !f_PL_Base64Decode(data, srclen, 
reinterpret_cast(buffer))) {
+free(buffer);
+*result = nullptr;

[tor-commits] [translation/support-miscellaneous] Update translations for support-miscellaneous

[translation]

commit 0b0b152f9f501a679e0f701540f54a4a2ab88cb9
Author: Translation commit bot 
Date:   Mon Apr 30 06:50:20 2018 +

Update translations for support-miscellaneous
---
 es.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/es.json b/es.json
index 482202264..058cb2303 100644
--- a/es.json
+++ b/es.json
@@ -87,6 +87,6 @@
"id": "#misc-15",
"control": "misc-15",
"title": "¿Cómo puedo donar al Proyecto Tor?",
-   "description": "¡Gracias por tu apoyo! Puedes 
encontrar más información sobre donación en nuestras https://donate.torproject.org/donor-faq\;>​en las FAQ del 
donante."
+   "description": "¡Gracias por tu apoyo! Puedes 
encontrar más información sobre donar en nuestras https://donate.torproject.org/donor-faq\;>​preguntas frecuentes del 
donante."
  }
 }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-censorship_completed] Update translations for support-censorship_completed

[translation]

commit 085125ba66185c76d5f6bb453c32b74c6f81083a
Author: Translation commit bot 
Date:   Mon Apr 30 06:49:48 2018 +

Update translations for support-censorship_completed
---
 es.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/es.json b/es.json
index 225907e6d..1cd6465ee 100644
--- a/es.json
+++ b/es.json
@@ -9,7 +9,7 @@
"id": "#censorship-2",
"control": "censorship-2",
"title": "Mi sitio web favorito está bloqueando el acceso a través de 
Tor.",
-   "description": "¡Siento que no puedas visitar el sitio web que 
querías! Algunas veces los sitios web bloquean a los usuarios de Tor ya que no 
pueden distinguir entre el usuario medio de Tor y el tráfico automatizado. Lo 
más, que hemos podido conseguir para que los sitios desbloqueen a los usuarios 
de Tor es jacerr que los usuarios se pongan en contacto con los administradores 
del sitio directamente. Algo así sería la solución: \"¡Hola! Intenté 
acceder a tu sitio xyz.com mientras usaba el Navegador Tor y descubrí que no 
permites a los usuarios de Tor acceder a tu sitio. Te pido que reconsideres 
esta decisión; Tor lo usa gente de todo el mundo para proteger su privacidad y 
luchar contra la censura. Bloqueando a los usuarios de Tor, es probable que 
estés bloqueando a personas en países represivos que quieren usar un Internet 
libre, periodistas e investigadores que quieren protegerse a sí mismos de ser 
descubiertos, denunciantes, activistas, y gente común que quiere opta
 r por no participar en el rastreo invasivo de terceros. Por favor, tenga una 
postura firme a favor de la privacidad digital y la libertad de Internet, y 
permita a los usuarios de Tor acceder a xyz.com. Gracias.\" En el caso de 
bancos y otros sitios web sensibles, también es normal que bloqueen basándose 
en la geografía (si un banco sabe que generalmente accedes a sus servicios 
desde un país, y de repente te estás conectando desde un repetidor de salida 
al otro lado del mundo, pueden bloquear tu cuenta o suspenderla). Si no puedes 
conectarte a un servicio de onion, por favor mira ¡no puedo entrar en 
X.onion!\n"
+   "description": "¡Sentimos mucho que no puedas 
visitar el sitio web que querías! Algunas veces los sitios web bloquean a los 
usuarios de Tor ya que no pueden distinguir entre el usuario medio de Tor y el 
tráfico automatizado. Lo más, que hemos podido conseguir para que los sitios 
desbloqueen a los usuarios de Tor es hacer que los usuarios se pongan en 
contacto con los administradores del sitio directamente. Algo así sería la 
solución: \"¡Hola! Intenté acceder a tu sitio xyz.com mientras usaba el 
Navegador Tor y descubrí que no permites a los usuarios de Tor acceder a tu 
sitio. Te pido que reconsideres esta decisión; Tor lo usa gente de todo el 
mundo para proteger su privacidad y luchar contra la censura. Bloqueando a los 
usuarios de Tor, es probable que estés bloqueando a personas en países 
represivos que quieren usar un Internet libre, periodistas e investigadores que 
quieren protegerse a sí mismos de ser descubiertos, denunciantes, activistas, 
y gen
 te común que quiere optar por no participar en el rastreo invasivo de 
terceros. Por favor, tenga una postura firme a favor de la privacidad digital y 
la libertad de Internet, y permita a los usuarios de Tor acceder a xyz.com. 
Gracias.\" En el caso de bancos y otros sitios web sensibles, también es 
normal que bloqueen basándose en la geografía (si un banco sabe que 
generalmente accedes a sus servicios desde un país, y de repente te estás 
conectando desde un repetidor de salida al otro lado del mundo, pueden bloquear 
tu cuenta o suspenderla). Si no puedes conectarte a un servicio de onion, por 
favor mira ¡no puedo entrar en X.onion!\n"
 },
 "censorship-3": {
"id": "#censorship-3",

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-miscellaneous_completed] Update translations for support-miscellaneous_completed

[translation]

commit 9d49f76169fd154d6941b8ab41efdd276698c6fa
Author: Translation commit bot 
Date:   Mon Apr 30 06:50:24 2018 +

Update translations for support-miscellaneous_completed
---
 es.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/es.json b/es.json
index 482202264..058cb2303 100644
--- a/es.json
+++ b/es.json
@@ -87,6 +87,6 @@
"id": "#misc-15",
"control": "misc-15",
"title": "¿Cómo puedo donar al Proyecto Tor?",
-   "description": "¡Gracias por tu apoyo! Puedes 
encontrar más información sobre donación en nuestras https://donate.torproject.org/donor-faq\;>​en las FAQ del 
donante."
+   "description": "¡Gracias por tu apoyo! Puedes 
encontrar más información sobre donar en nuestras https://donate.torproject.org/donor-faq\;>​preguntas frecuentes del 
donante."
  }
 }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-censorship] Update translations for support-censorship

[translation]

commit 822285dff89827d333c7b11bf3c2f39785d25fbf
Author: Translation commit bot 
Date:   Mon Apr 30 06:49:42 2018 +

Update translations for support-censorship
---
 es.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/es.json b/es.json
index 225907e6d..1cd6465ee 100644
--- a/es.json
+++ b/es.json
@@ -9,7 +9,7 @@
"id": "#censorship-2",
"control": "censorship-2",
"title": "Mi sitio web favorito está bloqueando el acceso a través de 
Tor.",
-   "description": "¡Siento que no puedas visitar el sitio web que 
querías! Algunas veces los sitios web bloquean a los usuarios de Tor ya que no 
pueden distinguir entre el usuario medio de Tor y el tráfico automatizado. Lo 
más, que hemos podido conseguir para que los sitios desbloqueen a los usuarios 
de Tor es jacerr que los usuarios se pongan en contacto con los administradores 
del sitio directamente. Algo así sería la solución: \"¡Hola! Intenté 
acceder a tu sitio xyz.com mientras usaba el Navegador Tor y descubrí que no 
permites a los usuarios de Tor acceder a tu sitio. Te pido que reconsideres 
esta decisión; Tor lo usa gente de todo el mundo para proteger su privacidad y 
luchar contra la censura. Bloqueando a los usuarios de Tor, es probable que 
estés bloqueando a personas en países represivos que quieren usar un Internet 
libre, periodistas e investigadores que quieren protegerse a sí mismos de ser 
descubiertos, denunciantes, activistas, y gente común que quiere opta
 r por no participar en el rastreo invasivo de terceros. Por favor, tenga una 
postura firme a favor de la privacidad digital y la libertad de Internet, y 
permita a los usuarios de Tor acceder a xyz.com. Gracias.\" En el caso de 
bancos y otros sitios web sensibles, también es normal que bloqueen basándose 
en la geografía (si un banco sabe que generalmente accedes a sus servicios 
desde un país, y de repente te estás conectando desde un repetidor de salida 
al otro lado del mundo, pueden bloquear tu cuenta o suspenderla). Si no puedes 
conectarte a un servicio de onion, por favor mira ¡no puedo entrar en 
X.onion!\n"
+   "description": "¡Sentimos mucho que no puedas 
visitar el sitio web que querías! Algunas veces los sitios web bloquean a los 
usuarios de Tor ya que no pueden distinguir entre el usuario medio de Tor y el 
tráfico automatizado. Lo más, que hemos podido conseguir para que los sitios 
desbloqueen a los usuarios de Tor es hacer que los usuarios se pongan en 
contacto con los administradores del sitio directamente. Algo así sería la 
solución: \"¡Hola! Intenté acceder a tu sitio xyz.com mientras usaba el 
Navegador Tor y descubrí que no permites a los usuarios de Tor acceder a tu 
sitio. Te pido que reconsideres esta decisión; Tor lo usa gente de todo el 
mundo para proteger su privacidad y luchar contra la censura. Bloqueando a los 
usuarios de Tor, es probable que estés bloqueando a personas en países 
represivos que quieren usar un Internet libre, periodistas e investigadores que 
quieren protegerse a sí mismos de ser descubiertos, denunciantes, activistas, 
y gen
 te común que quiere optar por no participar en el rastreo invasivo de 
terceros. Por favor, tenga una postura firme a favor de la privacidad digital y 
la libertad de Internet, y permita a los usuarios de Tor acceder a xyz.com. 
Gracias.\" En el caso de bancos y otros sitios web sensibles, también es 
normal que bloqueen basándose en la geografía (si un banco sabe que 
generalmente accedes a sus servicios desde un país, y de repente te estás 
conectando desde un repetidor de salida al otro lado del mundo, pueden bloquear 
tu cuenta o suspenderla). Si no puedes conectarte a un servicio de onion, por 
favor mira ¡no puedo entrar en X.onion!\n"
 },
 "censorship-3": {
"id": "#censorship-3",

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits