[tor-commits] [tor-browser-build/maint-8.5] Bug 30371 - Stop hard-coding the content provider name in tor-android-service

[gk]

commit cd0b5f890776447ec0c2cd7932fcb011517db6c7
Author: Matthew Finkel 
Date:   Thu May 2 20:47:44 2019 +

Bug 30371 - Stop hard-coding the content provider name in 
tor-android-service
---
 projects/tor-android-service/build  |  1 -
 projects/tor-android-service/config |  1 -
 projects/tor-android-service/content-provider.patch | 13 -
 3 files changed, 15 deletions(-)

diff --git a/projects/tor-android-service/build 
b/projects/tor-android-service/build
index 7c5582a..10c2f04 100644
--- a/projects/tor-android-service/build
+++ b/projects/tor-android-service/build
@@ -18,7 +18,6 @@ tar -C /var/tmp/build -xf [% project %]-[% c('version') 
%].tar.gz
 # Patch projects
 cd /var/tmp/build/[% project %]-[% c('version') %]
 patch -p1 < $rootdir/gradle.patch
-patch -p1 < $rootdir/content-provider.patch
 patch -p1 < $rootdir/require-api.patch
 
 # Remove native files, otherwise build will fail after gradle.patch
diff --git a/projects/tor-android-service/config 
b/projects/tor-android-service/config
index e2304d1..5454c94 100644
--- a/projects/tor-android-service/config
+++ b/projects/tor-android-service/config
@@ -27,7 +27,6 @@ input_files:
 name: gradle-dependencies
 exec: '[% INCLUDE "fetch-gradle-dependencies" %]'
   - filename: gradle.patch
-  - filename: content-provider.patch
   - filename: require-api.patch
   - project: tor-onion-proxy-library
 name: topl
diff --git a/projects/tor-android-service/content-provider.patch 
b/projects/tor-android-service/content-provider.patch
deleted file mode 100644
index b026728..000
--- a/projects/tor-android-service/content-provider.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git 
a/service/src/main/java/org/torproject/android/service/DataService.java 
b/service/src/main/java/org/torproject/android/service/DataService.java
-index 8f802ea..07e52f3 100644
 a/service/src/main/java/org/torproject/android/service/DataService.java
-+++ b/service/src/main/java/org/torproject/android/service/DataService.java
-@@ -28,7 +28,7 @@ final class DataService {
- this.torService = torService;
- this.eventBroadcaster = eventBroadcaster;
- this.torConfig = torConfig;
--String packageName = context.getApplicationInfo().packageName;
-+String packageName = "org.torproject.torbrowser";
- COOKIE_CONTENT_URI = Uri.parse("content://" + packageName + 
".ui.hiddenservices.providers.cookie/cookie");
- HS_CONTENT_URI = Uri.parse("content://" + packageName + 
".ui.hiddenservices.providers/hs");
- }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Bug 30371 - Stop hard-coding the content provider name in tor-android-service

[gk]

commit a74cc0baed5dd3034e58140ca28f613d008e7c20
Author: Matthew Finkel 
Date:   Thu May 2 20:47:44 2019 +

Bug 30371 - Stop hard-coding the content provider name in 
tor-android-service
---
 projects/tor-android-service/build  |  1 -
 projects/tor-android-service/config |  1 -
 projects/tor-android-service/content-provider.patch | 13 -
 3 files changed, 15 deletions(-)

diff --git a/projects/tor-android-service/build 
b/projects/tor-android-service/build
index 7c5582a..10c2f04 100644
--- a/projects/tor-android-service/build
+++ b/projects/tor-android-service/build
@@ -18,7 +18,6 @@ tar -C /var/tmp/build -xf [% project %]-[% c('version') 
%].tar.gz
 # Patch projects
 cd /var/tmp/build/[% project %]-[% c('version') %]
 patch -p1 < $rootdir/gradle.patch
-patch -p1 < $rootdir/content-provider.patch
 patch -p1 < $rootdir/require-api.patch
 
 # Remove native files, otherwise build will fail after gradle.patch
diff --git a/projects/tor-android-service/config 
b/projects/tor-android-service/config
index e2304d1..5454c94 100644
--- a/projects/tor-android-service/config
+++ b/projects/tor-android-service/config
@@ -27,7 +27,6 @@ input_files:
 name: gradle-dependencies
 exec: '[% INCLUDE "fetch-gradle-dependencies" %]'
   - filename: gradle.patch
-  - filename: content-provider.patch
   - filename: require-api.patch
   - project: tor-onion-proxy-library
 name: topl
diff --git a/projects/tor-android-service/content-provider.patch 
b/projects/tor-android-service/content-provider.patch
deleted file mode 100644
index b026728..000
--- a/projects/tor-android-service/content-provider.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git 
a/service/src/main/java/org/torproject/android/service/DataService.java 
b/service/src/main/java/org/torproject/android/service/DataService.java
-index 8f802ea..07e52f3 100644
 a/service/src/main/java/org/torproject/android/service/DataService.java
-+++ b/service/src/main/java/org/torproject/android/service/DataService.java
-@@ -28,7 +28,7 @@ final class DataService {
- this.torService = torService;
- this.eventBroadcaster = eventBroadcaster;
- this.torConfig = torConfig;
--String packageName = context.getApplicationInfo().packageName;
-+String packageName = "org.torproject.torbrowser";
- COOKIE_CONTENT_URI = Uri.parse("content://" + packageName + 
".ui.hiddenservices.providers.cookie/cookie");
- HS_CONTENT_URI = Uri.parse("content://" + packageName + 
".ui.hiddenservices.providers/hs");
- }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit b21ed4aa07f123a8a08465331931a4a7a65c227b
Author: Translation commit bot 
Date:   Fri May 3 05:20:43 2019 +

Update translations for support-portal
---
 contents+ru.po | 14 ++
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/contents+ru.po b/contents+ru.po
index c284e265f..3ac89d0ba 100644
--- a/contents+ru.po
+++ b/contents+ru.po
@@ -4060,8 +4060,8 @@ msgid ""
 "Captchas are a challenge-response test used in computing to determine "
 "whether the user is human or not."
 msgstr ""
-"Капча. Задачка-тест, которая в мире 
компьютеров призвана определить, кто "
-"перед ней: живой перед или робот."
+"Капча. Задачка-тест, которая призвана 
определить, кто перед ней: живой "
+"человек или робот."
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
@@ -4071,11 +4071,14 @@ msgid ""
 "hard time determining whether or not those requests are coming from humans "
 "or from bots."
 msgstr ""
+"Пользоватeли [Tor](#tor-/-tor-network/-core-tor) часто 
видят капчи. "
+"[Узлы](#relay) Tor создают множество запросов, и 
сайтам бывает нелегко "
+"определить, кем созданы эти запросы: 
людьми или ботами."
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
 msgid "### checksum"
-msgstr "### контрольная сумма"
+msgstr "### checksum"
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
@@ -4084,11 +4087,14 @@ msgid ""
 "software without errors, the given checksum and the checksum of your "
 "downloaded file will be identical."
 msgstr ""
+"контрольная сумма. [Хэш](#hash)-значение для 
файла. Если вы скачали "
+"программу и при скачивании не возникло 
ошибок, контрольная сумма от "
+"разработчика будет совпадать с  
фактической."
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
 msgid "### circuit"
-msgstr "### Цепочка"
+msgstr "### circuit"
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web] Update translations for tpo-web

[translation]

commit 16fbd9de4bef3c6a79272bc5a232af82b7555b6b
Author: Translation commit bot 
Date:   Fri May 3 04:50:16 2019 +

Update translations for tpo-web
---
 contents+ka.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+ka.po b/contents+ka.po
index 1d0f8e329..0311fcbfe 100644
--- a/contents+ka.po
+++ b/contents+ka.po
@@ -812,7 +812,7 @@ msgstr ""
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12
 msgid "Donate Now"
-msgstr "თანხის გაღება ახლავე"
+msgstr "გაიღეთ თანხა"
 
 #: templates/footer.html:9 templates/footer.html:13
 #: templates/hero-home.html:13 templates/navbar.html:59

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web_completed] Update translations for tpo-web_completed

[translation]

commit abcf5a3c9f63436527427a2863c1db24ccb538e3
Author: Translation commit bot 
Date:   Fri May 3 04:50:23 2019 +

Update translations for tpo-web_completed
---
 contents+ka.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+ka.po b/contents+ka.po
index 1d0f8e329..0311fcbfe 100644
--- a/contents+ka.po
+++ b/contents+ka.po
@@ -812,7 +812,7 @@ msgstr ""
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12
 msgid "Donate Now"
-msgstr "თანხის გაღება ახლავე"
+msgstr "გაიღეთ თანხა"
 
 #: templates/footer.html:9 templates/footer.html:13
 #: templates/hero-home.html:13 templates/navbar.html:59

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 579469d41cb57e9fa644bcc05d7b48f618c7d4bf
Author: Translation commit bot 
Date:   Thu May 2 23:46:00 2019 +

Update translations for https_everywhere_completed
---
 nl/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/nl/https-everywhere.dtd b/nl/https-everywhere.dtd
index d0c29b925..c8530c2e2 100644
--- a/nl/https-everywhere.dtd
+++ b/nl/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 3b64c473aeae1f4080e1ff5b6360cca94ebf9172
Author: Translation commit bot 
Date:   Thu May 2 23:45:53 2019 +

Update translations for https_everywhere
---
 nl/https-everywhere.dtd | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nl/https-everywhere.dtd b/nl/https-everywhere.dtd
index 975ecd4e2..c8530c2e2 100644
--- a/nl/https-everywhere.dtd
+++ b/nl/https-everywhere.dtd
@@ -9,10 +9,10 @@
 
 
 
-
-
-
-
+
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 5d17a6036498502170cd4bad114d85b5c857e22d
Author: Translation commit bot 
Date:   Thu May 2 23:15:55 2019 +

Update translations for https_everywhere
---
 nl/https-everywhere.dtd | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/nl/https-everywhere.dtd b/nl/https-everywhere.dtd
index 4689f7567..975ecd4e2 100644
--- a/nl/https-everywhere.dtd
+++ b/nl/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
+
+
 
 
 
 
-
-
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web] Update translations for tpo-web

[translation]

commit 87d57068f591e4657bb6d4607e8ddd1c4f34cc00
Author: Translation commit bot 
Date:   Thu May 2 22:50:20 2019 +

Update translations for tpo-web
---
 contents+ka.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+ka.po b/contents+ka.po
index db4d7848c..1d0f8e329 100644
--- a/contents+ka.po
+++ b/contents+ka.po
@@ -2,8 +2,8 @@
 # Giovanni Pellerano , 2019
 # IDRASSI Mounir , 2019
 # erinm, 2019
-# Georgianization, 2019
 # Emma Peel, 2019
+# Georgianization, 2019
 # 
 msgid ""
 msgstr ""
@@ -11,7 +11,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Georgianization, 2019\n"
 "Language-Team: Georgian (https://www.transifex.com/otf/teams/1519/ka/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -243,6 +243,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**მსგავსად Tor-ის მომხმარ
ებლებისა, შემმუშავებლები, 
მკვლევარები და "
+"შემომწირველები, რომლებმაც 
შექმნეს Tor, წარმოადგენენ ერ
თმანეთისგან სრულიად "
+"განსხვავებულ ადამიანთა 
ჯგუფებს. თუმცა ყველას, ვინც 
ჩართულია Tor-ის "
+"შემუშავებაში, აერთიანებს ერ
თი მარტივი რწმენა: ინტერნეტის 
მომხმარებლებს, უნდა"
+" ჰქონდეთ ქსელთან წვდომა 
თავისუფლად და პირადი 
მონაცემების გაუმჟღავნებლად.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -793,13 +798,16 @@ msgstr "Tor-ბრაუზერის 
ხელმოწერის დამ
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "მხარი დაუჭირეთ პირ
ადულობასა და თავისუფლებას 
ინტერნეტში."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"ჩვენ, როგორც არამომგებიანი 
დაწესებულება, მეტად ვართ 
დამოკიდებულნი თქვენნაირ "
+"შემომწირველებზე, რომ შევინარ
ჩუნოთ Tor მდგრადი და დაცული 
მილიონობით "
+"ადამიანისთვის, მთელ 
მსოფლიოში."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web_completed] Update translations for tpo-web_completed

[translation]

commit 2d9acec1ce1e869f4262ac707aa093c19db23c95
Author: Translation commit bot 
Date:   Thu May 2 22:50:26 2019 +

Update translations for tpo-web_completed
---
 contents+ka.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+ka.po b/contents+ka.po
index db4d7848c..1d0f8e329 100644
--- a/contents+ka.po
+++ b/contents+ka.po
@@ -2,8 +2,8 @@
 # Giovanni Pellerano , 2019
 # IDRASSI Mounir , 2019
 # erinm, 2019
-# Georgianization, 2019
 # Emma Peel, 2019
+# Georgianization, 2019
 # 
 msgid ""
 msgstr ""
@@ -11,7 +11,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Georgianization, 2019\n"
 "Language-Team: Georgian (https://www.transifex.com/otf/teams/1519/ka/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -243,6 +243,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**მსგავსად Tor-ის მომხმარ
ებლებისა, შემმუშავებლები, 
მკვლევარები და "
+"შემომწირველები, რომლებმაც 
შექმნეს Tor, წარმოადგენენ ერ
თმანეთისგან სრულიად "
+"განსხვავებულ ადამიანთა 
ჯგუფებს. თუმცა ყველას, ვინც 
ჩართულია Tor-ის "
+"შემუშავებაში, აერთიანებს ერ
თი მარტივი რწმენა: ინტერნეტის 
მომხმარებლებს, უნდა"
+" ჰქონდეთ ქსელთან წვდომა 
თავისუფლად და პირადი 
მონაცემების გაუმჟღავნებლად.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -793,13 +798,16 @@ msgstr "Tor-ბრაუზერის 
ხელმოწერის დამ
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "მხარი დაუჭირეთ პირ
ადულობასა და თავისუფლებას 
ინტერნეტში."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"ჩვენ, როგორც არამომგებიანი 
დაწესებულება, მეტად ვართ 
დამოკიდებულნი თქვენნაირ "
+"შემომწირველებზე, რომ შევინარ
ჩუნოთ Tor მდგრადი და დაცული 
მილიონობით "
+"ადამიანისთვის, მთელ 
მსოფლიოში."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 10b501eba90cf8ec041750c5877384bf85679bc4
Author: Translation commit bot 
Date:   Thu May 2 22:46:01 2019 +

Update translations for https_everywhere_completed
---
 ka/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/ka/https-everywhere.dtd b/ka/https-everywhere.dtd
index 010407578..6805cfa10 100644
--- a/ka/https-everywhere.dtd
+++ b/ka/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 82dd608cdd214117c121ef02c206c1dc799580f9
Author: Translation commit bot 
Date:   Thu May 2 22:45:54 2019 +

Update translations for https_everywhere
---
 ka/https-everywhere.dtd | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/ka/https-everywhere.dtd b/ka/https-everywhere.dtd
index 80bf5332e..6805cfa10 100644
--- a/ka/https-everywhere.dtd
+++ b/ka/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit 9855fbc0fbf3783fe04d9e2ac60667cdd0a1dfea
Author: Translation commit bot 
Date:   Thu May 2 21:50:41 2019 +

Update translations for support-portal
---
 contents+fr.po | 88 +++---
 1 file changed, 53 insertions(+), 35 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 992d47eec..b8f9cfdf5 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -2,8 +2,8 @@
 # PoorPockets McNewHold , 2019
 # erinm, 2019
 # Emma Peel, 2019
-# AO , 2019
 # Curtis Baltimore , 2019
+# AO , 2019
 # 
 msgid ""
 msgstr ""
@@ -11,7 +11,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-04-29 14:45+CET\n"
 "PO-Revision-Date: 2018-10-02 22:41+\n"
-"Last-Translator: Curtis Baltimore , 2019\n"
+"Last-Translator: AO , 2019\n"
 "Language-Team: French (https://www.transifex.com/otf/teams/1519/fr/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -144,7 +144,7 @@ msgid ""
 "to the blocked site will allow access."
 msgstr ""
 "La plupart du temps, il suffit de télécharger le [Navigateur "
-"Tor](https://www.torproject.org/fr/download/) et de l'utiliser pour naviguer"
+"Tor](https://www.torproject.org/fr/download/) et de l’utiliser pour 
naviguer"
 " vers le site bloqué pour y accéder."
 
 #: https//support.torproject.org/faq/faq-2/
@@ -340,8 +340,8 @@ msgid ""
 "\".asc\". These .asc files are GPG signatures."
 msgstr ""
 "Chaque fichier sur notre [page de "
-"téléchargement](https://www.torproject.org/download/) est accompagné d'un "
-"fichier portant le même nom que le paquet et l'extension \".asc\". Ces "
+"téléchargement](https://www.torproject.org/download/) est accompagné 
d’un "
+"fichier portant le même nom que le paquet et l’extension \".asc\". Ces "
 "fichiers.asc sont des signatures GPG."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -379,7 +379,7 @@ msgid ""
 "different operating systems."
 msgstr ""
 "Nous montrons maintenant comment vous pouvez vérifier la signature 
numérique"
-" du fichier téléchargé sur différents systèmes d'exploitation."
+" du fichier téléchargé sur différents systèmes d’exploitation."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -387,7 +387,7 @@ msgid ""
 "Please notice that a signature is dated the moment the package has been "
 "signed."
 msgstr ""
-"Veuillez noter qu'une signature est datée du moment où le paquet a été "
+"Veuillez noter qu’une signature est datée du moment où le paquet a été "
 "signé."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -396,7 +396,7 @@ msgid ""
 "Therefore every time a new file is uploaded a new signature is generated "
 "with a different date."
 msgstr ""
-"Par conséquent, chaque fois qu'un nouveau fichier est téléversé, une "
+"Par conséquent, chaque fois qu’un nouveau fichier est téléversé, une "
 "nouvelle signature est générée avec une date différente."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -419,7 +419,7 @@ msgid ""
 "First of all you need to have GnuPG installed before you can verify "
 "signatures."
 msgstr ""
-"Tout d'abord, vous devez avoir installé GnuPG avant de pouvoir vérifier les 
"
+"Tout d’abord, vous devez avoir installé GnuPG avant de pouvoir vérifier 
les "
 "signatures."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -447,7 +447,7 @@ msgstr ""
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "The Tor Browser team signs Tor Browser releases."
-msgstr "L'équipe de Navigateur Tor signe les versions de Navigateur Tor."
+msgstr "L’équipe de Navigateur Tor signe les versions de Navigateur Tor."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -545,7 +545,7 @@ msgstr "Veuillez remplacer « Alice » par votre propre 
nom d’utilisateur."
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "The output should say \"Good signature\":"
-msgstr "La sortie devrait retourner « Good signature » :"
+msgstr "La sortie devrait retourner « Bonne signature » :"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -555,7 +555,7 @@ msgstr "gpg: Signature faite le 03/22/19 19:46:24 Est 
(heure d’été)"
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg:using RSA key EB774491D9FF06E2"
-msgstr "gpg: avec la clef EB774491D9FF06E2"
+msgstr "gpg: avec la clef RSA EB774491D9FF06E2"
 
 #: 

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

[translation]

commit 2c5db21b1803f24227e1d96981e2c1e057618448
Author: Translation commit bot 
Date:   Thu May 2 21:50:49 2019 +

Update translations for support-portal_completed
---
 contents+fr.po | 88 ++
 1 file changed, 52 insertions(+), 36 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 5b0568f04..b8f9cfdf5 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -2,8 +2,8 @@
 # PoorPockets McNewHold , 2019
 # erinm, 2019
 # Emma Peel, 2019
-# AO , 2019
 # Curtis Baltimore , 2019
+# AO , 2019
 # 
 msgid ""
 msgstr ""
@@ -11,7 +11,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-04-29 14:45+CET\n"
 "PO-Revision-Date: 2018-10-02 22:41+\n"
-"Last-Translator: Curtis Baltimore , 2019\n"
+"Last-Translator: AO , 2019\n"
 "Language-Team: French (https://www.transifex.com/otf/teams/1519/fr/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -144,7 +144,7 @@ msgid ""
 "to the blocked site will allow access."
 msgstr ""
 "La plupart du temps, il suffit de télécharger le [Navigateur "
-"Tor](https://www.torproject.org/fr/download/) et de l'utiliser pour naviguer"
+"Tor](https://www.torproject.org/fr/download/) et de l’utiliser pour 
naviguer"
 " vers le site bloqué pour y accéder."
 
 #: https//support.torproject.org/faq/faq-2/
@@ -340,8 +340,8 @@ msgid ""
 "\".asc\". These .asc files are GPG signatures."
 msgstr ""
 "Chaque fichier sur notre [page de "
-"téléchargement](https://www.torproject.org/download/) est accompagné d'un "
-"fichier portant le même nom que le paquet et l'extension \".asc\". Ces "
+"téléchargement](https://www.torproject.org/download/) est accompagné 
d’un "
+"fichier portant le même nom que le paquet et l’extension \".asc\". Ces "
 "fichiers.asc sont des signatures GPG."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -379,7 +379,7 @@ msgid ""
 "different operating systems."
 msgstr ""
 "Nous montrons maintenant comment vous pouvez vérifier la signature 
numérique"
-" du fichier téléchargé sur différents systèmes d'exploitation."
+" du fichier téléchargé sur différents systèmes d’exploitation."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -387,7 +387,7 @@ msgid ""
 "Please notice that a signature is dated the moment the package has been "
 "signed."
 msgstr ""
-"Veuillez noter qu'une signature est datée du moment où le paquet a été "
+"Veuillez noter qu’une signature est datée du moment où le paquet a été "
 "signé."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -396,7 +396,7 @@ msgid ""
 "Therefore every time a new file is uploaded a new signature is generated "
 "with a different date."
 msgstr ""
-"Par conséquent, chaque fois qu'un nouveau fichier est téléversé, une "
+"Par conséquent, chaque fois qu’un nouveau fichier est téléversé, une "
 "nouvelle signature est générée avec une date différente."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -419,7 +419,7 @@ msgid ""
 "First of all you need to have GnuPG installed before you can verify "
 "signatures."
 msgstr ""
-"Tout d'abord, vous devez avoir installé GnuPG avant de pouvoir vérifier les 
"
+"Tout d’abord, vous devez avoir installé GnuPG avant de pouvoir vérifier 
les "
 "signatures."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
@@ -447,7 +447,7 @@ msgstr ""
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "The Tor Browser team signs Tor Browser releases."
-msgstr "L'équipe de Navigateur Tor signe les versions de Navigateur Tor."
+msgstr "L’équipe de Navigateur Tor signe les versions de Navigateur Tor."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -545,7 +545,7 @@ msgstr "Veuillez remplacer « Alice » par votre propre 
nom d’utilisateur."
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "The output should say \"Good signature\":"
-msgstr "La sortie devrait retourner « Good signature » :"
+msgstr "La sortie devrait retourner « Bonne signature » :"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -555,7 +555,7 @@ msgstr "gpg: Signature faite le 03/22/19 19:46:24 Est 
(heure d’été)"
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg:using RSA key EB774491D9FF06E2"
-msgstr "gpg: avec la clef EB774491D9FF06E2"
+msgstr "gpg: avec la clef RSA EB774491D9FF06E2"
 
 #: 

[tor-commits] [translation/support-portal_completed] Update translations for support-portal_completed

[translation]

commit 7bc476e26953cfcb034dea011aec63dad1324987
Author: Translation commit bot 
Date:   Thu May 2 21:21:05 2019 +

Update translations for support-portal_completed
---
 contents+fr.po | 63 --
 1 file changed, 57 insertions(+), 6 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 77d27ceb1..5b0568f04 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -550,12 +550,12 @@ msgstr "La sortie devrait retourner « Good signature 
» :"
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
-msgstr "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
+msgstr "gpg: Signature faite le 03/22/19 19:46:24 Est (heure d’été)"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg:using RSA key EB774491D9FF06E2"
-msgstr "gpg: using RSA key EB774491D9FF06E2"
+msgstr "gpg: avec la clef EB774491D9FF06E2"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -1280,6 +1280,9 @@ msgid ""
 "If this doesn't fix the problem, see the Troubleshooting page on the [Tor "
 "Browser manual](https://tb-manual.torproject.org/en-US/troubleshooting)."
 msgstr ""
+"Si cela ne répare pas le problème, consultez la page Dépannage sur le 
[guide"
+" d'utilisation du navigateur Tor] (https://tb-;
+"manual.torproject.org/fr/troubleshooting)."
 
 #: https//support.torproject.org/tbb/tbb-21/
 #: (content/tbb/tbb-21/contents+en.lrquestion.title)
@@ -1815,7 +1818,7 @@ msgstr ""
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.title)
 msgid "Why does Tor Browser ship with JavaScript enabled?"
-msgstr ""
+msgstr "Pourquoi le Navigateur Tor est-il livré avec JavaScript activé ?"
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1833,6 +1836,9 @@ msgid ""
 "Most users would give up on Tor entirely if we disabled JavaScript by "
 "default because it would cause so many problems for them."
 msgstr ""
+"La plupart des utilisateurs abandonneraient complètement Tor si nous "
+"désactivions JavaScript par défaut car cela leur causerait tant de "
+"problèmes."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1841,6 +1847,9 @@ msgid ""
 "making it usable for the majority of people, so for now, that means leaving "
 "JavaScript enabled by default."
 msgstr ""
+"En fin de compte, nous voulons rendre le navigateur Tor aussi sécurisé que "
+"possible tout en le rendant utilisable pour la majorité des gens, donc pour "
+"l'instant, cela signifie laisser JavaScript activé par défaut."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1849,6 +1858,10 @@ msgid ""
 " we recommend changing your Tor Browser's security slider (in the Tor "
 "Browser Onion menu under \"Security Settings\")."
 msgstr ""
+"Pour les utilisateurs qui veulent désactiver JavaScript sur tous les sites "
+"HTTP par défaut, nous recommandons de changer le curseur de sécurité de "
+"votre navigateur Tor (dans le menu Onion du navigateur Tor, sous \" "
+"paramètres de sécurité \")."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1856,6 +1869,8 @@ msgid ""
 "The low/default setting allows JavaScript, but the medium and high levels "
 "both block JavaScript on HTTP sites."
 msgstr ""
+"Le réglage bas/défaut autorise JavaScript, mais les niveaux moyen et 
élevé "
+"bloquent JavaScript sur les sites HTTP."
 
 #: https//support.torproject.org/tbb/tbb-35/
 #: (content/tbb/tbb-35/contents+en.lrquestion.title)
@@ -1912,6 +1927,11 @@ msgid ""
 "working to add more. Want to help us translate? [See here](https://tb-;
 "manual.torproject.org/becoming-tor-translator/)"
 msgstr ""
+"Nous voulons que chacun puisse profiter de son Navigateur Tor dans sa propre"
+" langue. Le navigateur Tor est maintenant [disponible en 25 langues "
+"différentes](https://www.torproject.org/download/languages/), et nous "
+"travaillons pour en ajouter d'autres. Vous voulez nous aider à traduire ? "
+"[Voir ici](https://tb-manual.torproject.org/becoming-tor-translator/)"
 
 #: https//support.torproject.org/tbb/tbb-37/
 #: (content/tbb/tbb-37/contents+en.lrquestion.description)
@@ -1920,6 +1940,9 @@ msgid ""
 "installing and testing [Tor Browser Alpha "
 "releases](https://www.torproject.org/download/alpha/)."
 msgstr ""
+"Vous pouvez également nous aider à tester les prochains langages que nous "
+"publierons, en installant et en testant [le navigateur Tor version alpha] "

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit 0c882f55a2fc3e0d9d39a85bde41ef348d20c13d
Author: Translation commit bot 
Date:   Thu May 2 21:20:57 2019 +

Update translations for support-portal
---
 contents+fr.po | 61 --
 contents+ru.po | 19 ++
 2 files changed, 70 insertions(+), 10 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 77d27ceb1..992d47eec 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -550,12 +550,12 @@ msgstr "La sortie devrait retourner « Good signature 
» :"
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
-msgstr "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
+msgstr "gpg: Signature faite le 03/22/19 19:46:24 Est (heure d’été)"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg:using RSA key EB774491D9FF06E2"
-msgstr "gpg: using RSA key EB774491D9FF06E2"
+msgstr "gpg: avec la clef EB774491D9FF06E2"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -1280,6 +1280,9 @@ msgid ""
 "If this doesn't fix the problem, see the Troubleshooting page on the [Tor "
 "Browser manual](https://tb-manual.torproject.org/en-US/troubleshooting)."
 msgstr ""
+"Si cela ne répare pas le problème, consultez la page Dépannage sur le 
[guide"
+" d'utilisation du navigateur Tor] (https://tb-;
+"manual.torproject.org/fr/troubleshooting)."
 
 #: https//support.torproject.org/tbb/tbb-21/
 #: (content/tbb/tbb-21/contents+en.lrquestion.title)
@@ -1815,7 +1818,7 @@ msgstr ""
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.title)
 msgid "Why does Tor Browser ship with JavaScript enabled?"
-msgstr ""
+msgstr "Pourquoi le Navigateur Tor est-il livré avec JavaScript activé ?"
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1833,6 +1836,9 @@ msgid ""
 "Most users would give up on Tor entirely if we disabled JavaScript by "
 "default because it would cause so many problems for them."
 msgstr ""
+"La plupart des utilisateurs abandonneraient complètement Tor si nous "
+"désactivions JavaScript par défaut car cela leur causerait tant de "
+"problèmes."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1841,6 +1847,9 @@ msgid ""
 "making it usable for the majority of people, so for now, that means leaving "
 "JavaScript enabled by default."
 msgstr ""
+"En fin de compte, nous voulons rendre le navigateur Tor aussi sécurisé que "
+"possible tout en le rendant utilisable pour la majorité des gens, donc pour "
+"l'instant, cela signifie laisser JavaScript activé par défaut."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1849,6 +1858,10 @@ msgid ""
 " we recommend changing your Tor Browser's security slider (in the Tor "
 "Browser Onion menu under \"Security Settings\")."
 msgstr ""
+"Pour les utilisateurs qui veulent désactiver JavaScript sur tous les sites "
+"HTTP par défaut, nous recommandons de changer le curseur de sécurité de "
+"votre navigateur Tor (dans le menu Onion du navigateur Tor, sous \" "
+"paramètres de sécurité \")."
 
 #: https//support.torproject.org/tbb/tbb-34/
 #: (content/tbb/tbb-34/contents+en.lrquestion.description)
@@ -1856,6 +1869,8 @@ msgid ""
 "The low/default setting allows JavaScript, but the medium and high levels "
 "both block JavaScript on HTTP sites."
 msgstr ""
+"Le réglage bas/défaut autorise JavaScript, mais les niveaux moyen et 
élevé "
+"bloquent JavaScript sur les sites HTTP."
 
 #: https//support.torproject.org/tbb/tbb-35/
 #: (content/tbb/tbb-35/contents+en.lrquestion.title)
@@ -1912,6 +1927,11 @@ msgid ""
 "working to add more. Want to help us translate? [See here](https://tb-;
 "manual.torproject.org/becoming-tor-translator/)"
 msgstr ""
+"Nous voulons que chacun puisse profiter de son Navigateur Tor dans sa propre"
+" langue. Le navigateur Tor est maintenant [disponible en 25 langues "
+"différentes](https://www.torproject.org/download/languages/), et nous "
+"travaillons pour en ajouter d'autres. Vous voulez nous aider à traduire ? "
+"[Voir ici](https://tb-manual.torproject.org/becoming-tor-translator/)"
 
 #: https//support.torproject.org/tbb/tbb-37/
 #: (content/tbb/tbb-37/contents+en.lrquestion.description)
@@ -1920,6 +1940,9 @@ msgid ""
 "installing and testing [Tor Browser Alpha "
 "releases](https://www.torproject.org/download/alpha/)."
 msgstr ""
+"Vous pouvez également nous aider à tester les prochains langages que nous "
+"publierons, en installant et en testant [le navigateur Tor 

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit dc397df9cdbbde82ec07dd83a5149de96b2a305c
Author: Translation commit bot 
Date:   Thu May 2 21:15:57 2019 +

Update translations for https_everywhere
---
 eo/https-everywhere.dtd | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/eo/https-everywhere.dtd b/eo/https-everywhere.dtd
index 68313758d..e46370f9d 100644
--- a/eo/https-everywhere.dtd
+++ b/eo/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 27025eec25fe639202852d77d625b6d1e4579c00
Author: Translation commit bot 
Date:   Thu May 2 21:16:05 2019 +

Update translations for https_everywhere_completed
---
 eo/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/eo/https-everywhere.dtd b/eo/https-everywhere.dtd
index 16bddec4c..e46370f9d 100644
--- a/eo/https-everywhere.dtd
+++ b/eo/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit e350c8206446506f961e1f4ac7d007c39fe4af3a
Author: Translation commit bot 
Date:   Thu May 2 20:50:47 2019 +

Update translations for support-portal
---
 contents+fr.po | 75 +-
 contents+pl.po |  9 +++
 contents+ru.po | 10 +++-
 3 files changed, 77 insertions(+), 17 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 55c4d3fe0..77d27ceb1 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -1,5 +1,4 @@
 # Translators:
-# Shailja, 2019
 # PoorPockets McNewHold , 2019
 # erinm, 2019
 # Emma Peel, 2019
@@ -497,13 +496,13 @@ msgid ""
 "uid   [ unknown] Tor Browser Developers (signing key) "
 ""
 msgstr ""
-"uid [ unknown] Tor Browser Developers (signing key) "
+"uid   [ unknown] Tor Browser Developers (signing key) "
 ""
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "sub   rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12]"
-msgstr "sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12]"
+msgstr "sub   rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12]"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -516,12 +515,16 @@ msgid ""
 "To verify the signature of the package you downloaded, you will need to "
 "download the \".asc\" file as well."
 msgstr ""
+"Pour vérifier la signature du paquet que vous avez téléchargé, vous 
devrez "
+"aussi télécharger le fichier « .asc »."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid ""
 "Assuming you downloaded the package and its signature to your Desktop, run:"
 msgstr ""
+"En supposant que vous avez téléchargé le paquet et sa signature sur votre "
+"bureau, exécutez :"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -530,26 +533,29 @@ msgid ""
 ".8_en-US.exe.asc C:\\Users\\Alice\\Desktop\\torbrowser-install-8.0.8_en-"
 "US.exe"
 msgstr ""
+"gpg.exe --verify C:\\Users\\Alice\\Desktop\\torbrowser-install-"
+"win64-8.0.8_fr.exe.asc C:\\Users\\Alice\\Desktop\\torbrowser-install-"
+"win64-8.0.8_fr.exe"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "Please substitute \"Alice\" with your own username."
-msgstr ""
+msgstr "Veuillez remplacer « Alice » par votre propre nom d’utilisateur."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "The output should say \"Good signature\":"
-msgstr "La sortie devrait dire « Good signature » : "
+msgstr "La sortie devrait retourner « Good signature » :"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
-msgstr ""
+msgstr "gpg: Signature made Tue 12 Feb 2019 08:27:41 AM EST"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg:using RSA key EB774491D9FF06E2"
-msgstr ""
+msgstr "gpg: using RSA key EB774491D9FF06E2"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -557,34 +563,40 @@ msgid ""
 "gpg: Good signature from \"Tor Browser Developers (signing key) "
 "\" [unknown]"
 msgstr ""
+"gpg: Good signature from \"Tor Browser Developers (signing key) "
+"\" [unknown]"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "gpg: WARNING: This key is not certified with a trusted signature!"
 msgstr ""
+"gpg: WARNING: Cette clé n'est pas certifiée avec une signature de confiance 
"
+"!"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid ""
 "gpg:  There is no indication that the signature belongs to the "
 "owner."
-msgstr ""
+msgstr "gpg: Rien n'indique que la signature appartient au propriétaire."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid ""
 "Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290"
 msgstr ""
+"Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: 

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit be6589c64ecf989b80bf768461ae6688865f88bd
Author: Translation commit bot 
Date:   Thu May 2 20:21:06 2019 +

Update translations for support-portal
---
 contents+fr.po | 47 ++-
 contents+pl.po | 17 +++--
 contents+ru.po | 28 
 3 files changed, 73 insertions(+), 19 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 57bc271b3..55c4d3fe0 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -1,10 +1,10 @@
 # Translators:
 # Shailja, 2019
-# Curtis Baltimore , 2019
 # PoorPockets McNewHold , 2019
 # erinm, 2019
 # Emma Peel, 2019
 # AO , 2019
+# Curtis Baltimore , 2019
 # 
 msgid ""
 msgstr ""
@@ -12,7 +12,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-04-29 14:45+CET\n"
 "PO-Revision-Date: 2018-10-02 22:41+\n"
-"Last-Translator: AO , 2019\n"
+"Last-Translator: Curtis Baltimore , 2019\n"
 "Language-Team: French (https://www.transifex.com/otf/teams/1519/fr/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -340,6 +340,10 @@ msgid ""
 "accompanied by a file with the same name as the package and the extension "
 "\".asc\". These .asc files are GPG signatures."
 msgstr ""
+"Chaque fichier sur notre [page de "
+"téléchargement](https://www.torproject.org/download/) est accompagné d'un "
+"fichier portant le même nom que le paquet et l'extension \".asc\". Ces "
+"fichiers.asc sont des signatures GPG."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -347,6 +351,8 @@ msgid ""
 "They allow you to verify the file you've downloaded is exactly the one that "
 "we intended you to get."
 msgstr ""
+"Ils vous permettent de vérifier que le fichier que vous avez téléchargé 
est "
+"exactement celui que nous voulions que vous obteniez."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -354,6 +360,8 @@ msgid ""
 "For example, torbrowser-install-8.0.8_en-US.exe is accompanied by "
 "torbrowser-install-8.0.8_en-US.exe.asc."
 msgstr ""
+"Par exemple, torbrowser-install-8.0.8_fr-US.exe est accompagné de "
+"torbrowser-install-8.0.8_fr-US.exe.asc."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -361,6 +369,9 @@ msgid ""
 "For a list of which developer signs which package, see our [signing keys "
 "page](https://www.torproject.org/docs/signing-keys.html.en)."
 msgstr ""
+"Pour une liste des développeurs qui signent tel ou tel paquet, consultez "
+"notre[page des clés de signature] (https://www.torproject.org/docs/signing-;
+"keys.html.en)."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -368,6 +379,8 @@ msgid ""
 "We now show how you can verify the downloaded file's digital signature on "
 "different operating systems."
 msgstr ""
+"Nous montrons maintenant comment vous pouvez vérifier la signature 
numérique"
+" du fichier téléchargé sur différents systèmes d'exploitation."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -375,6 +388,8 @@ msgid ""
 "Please notice that a signature is dated the moment the package has been "
 "signed."
 msgstr ""
+"Veuillez noter qu'une signature est datée du moment où le paquet a été "
+"signé."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -382,6 +397,8 @@ msgid ""
 "Therefore every time a new file is uploaded a new signature is generated "
 "with a different date."
 msgstr ""
+"Par conséquent, chaque fois qu'un nouveau fichier est téléversé, une "
+"nouvelle signature est générée avec une date différente."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -389,6 +406,8 @@ msgid ""
 "As long as you have verified the signature you should not worry that the "
 "reported date may vary."
 msgstr ""
+"Tant que vous avez vérifié la signature, vous ne devez pas craindre que la "
+"date indiquée puisse varier."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
@@ -401,17 +420,21 @@ msgid ""
 "First of all you need to have GnuPG installed before you can verify "
 "signatures."
 msgstr ""
+"Tout d'abord, vous devez avoir installé GnuPG avant de pouvoir vérifier les 
"
+"signatures."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
 msgid "Download it from 

[tor-commits] [translation/whisperback] Update translations for whisperback

[translation]

commit 8ce967284ff4018988b0a7aa642b6c9b0ba32c9f
Author: Translation commit bot 
Date:   Thu May 2 20:20:46 2019 +

Update translations for whisperback
---
 de/de.po | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/de/de.po b/de/de.po
index 6a4c028f6..028117cd1 100644
--- a/de/de.po
+++ b/de/de.po
@@ -3,7 +3,7 @@
 # This file is distributed under the same license as the PACKAGE package.
 # 
 # Translators:
-# Curtis Baltimore , 2018
+# Curtis Baltimore , 2018-2019
 # Till Kottmann, 2013
 # DoKnGH26" 21 , 2015
 # Ettore Atalan , 2017
@@ -22,8 +22,8 @@ msgstr ""
 "Project-Id-Version: Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-04-29 12:08+0200\n"
-"PO-Revision-Date: 2019-04-29 19:07+\n"
-"Last-Translator: carolyn \n"
+"PO-Revision-Date: 2019-05-02 19:56+\n"
+"Last-Translator: Curtis Baltimore \n"
 "Language-Team: German 
(http://www.transifex.com/otf/torproject/language/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -233,12 +233,12 @@ msgstr "Senden"
 
 #: ../data/whisperback.desktop.in.h:1
 msgid "WhisperBack Error Reporting"
-msgstr ""
+msgstr "WhisperBack Fehlermeldung"
 
 #: ../data/whisperback.desktop.in.h:2
 msgid "Send feedback via encrypted e-mail"
-msgstr ""
+msgstr "Feedback per verschlüsselter E-Mail senden"
 
 #: ../data/whisperback.desktop.in.h:3
 msgid "feedback;bug;report;tails;error;"
-msgstr ""
+msgstr "feedback;bug;bericht;tails;fehler;"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/whisperback_completed] Update translations for whisperback_completed

[translation]

commit 1f36dafde6e450c6ac543a7f688bfa4265202734
Author: Translation commit bot 
Date:   Thu May 2 20:20:53 2019 +

Update translations for whisperback_completed
---
 de/de.po | 72 +---
 1 file changed, 42 insertions(+), 30 deletions(-)

diff --git a/de/de.po b/de/de.po
index 2c7235eef..028117cd1 100644
--- a/de/de.po
+++ b/de/de.po
@@ -3,7 +3,7 @@
 # This file is distributed under the same license as the PACKAGE package.
 # 
 # Translators:
-# Curtis Baltimore , 2018
+# Curtis Baltimore , 2018-2019
 # Till Kottmann, 2013
 # DoKnGH26" 21 , 2015
 # Ettore Atalan , 2017
@@ -21,9 +21,9 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-06-11 17:17+0200\n"
-"PO-Revision-Date: 2019-01-15 12:20+\n"
-"Last-Translator: erinm\n"
+"POT-Creation-Date: 2019-04-29 12:08+0200\n"
+"PO-Revision-Date: 2019-05-02 19:56+\n"
+"Last-Translator: Curtis Baltimore \n"
 "Language-Team: German 
(http://www.transifex.com/otf/torproject/language/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -32,17 +32,17 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 
 #. XXX use a better exception
-#: ../whisperBack/whisperback.py:56
+#: ../whisperBack/whisperback.py:63
 #, python-format
 msgid "Invalid contact email: %s"
 msgstr "Ungültige Kontakt-E-Mail-Adresse: %s"
 
-#: ../whisperBack/whisperback.py:74
+#: ../whisperBack/whisperback.py:83
 #, python-format
 msgid "Invalid contact OpenPGP key: %s"
 msgstr "Kontakt-OpenPGP-Schlüssel nicht gültig: %s"
 
-#: ../whisperBack/whisperback.py:76
+#: ../whisperBack/whisperback.py:85
 msgid "Invalid contact OpenPGP public key block"
 msgstr "Datenblock im öffentlichen OpenPGP-Schlüssel des Kontaktes ist nicht 
gültig"
 
@@ -53,56 +53,56 @@ msgid ""
 "/etc/whisperback/config.py, ~/.whisperback/config.py, or ./config.py"
 msgstr "Die %s Variable wurde in keiner der Konfigurationsdateien 
/etc/whisperback/config.py, ~/.whisperback/config.py, oder ./config.py gefunden"
 
-#: ../whisperBack/gui.py:111
+#: ../whisperBack/gui.py:114
 msgid "Name of the affected software"
 msgstr "Name der betroffenen Software"
 
-#: ../whisperBack/gui.py:113
+#: ../whisperBack/gui.py:116
 msgid "Exact steps to reproduce the error"
 msgstr "Genaue Schritte, um das Problem zu reproduzieren"
 
-#: ../whisperBack/gui.py:115
+#: ../whisperBack/gui.py:118
 msgid "Actual result and description of the error"
 msgstr "Tatsächliches Ergebnis und Beschreibung des Problems"
 
-#: ../whisperBack/gui.py:117
+#: ../whisperBack/gui.py:120
 msgid "Desired result"
 msgstr "Gewünschtes Ergebnis"
 
-#: ../whisperBack/gui.py:130
+#: ../whisperBack/gui.py:133
 msgid "Unable to load a valid configuration."
 msgstr "Es konnte keine gültige Konfiguration geladen werden."
 
-#: ../whisperBack/gui.py:166
+#: ../whisperBack/gui.py:170
 msgid "Sending mail..."
 msgstr "Nachricht wird gesendet …"
 
-#: ../whisperBack/gui.py:167
+#: ../whisperBack/gui.py:171
 msgid "Sending mail"
 msgstr "Nachricht wird gesendet"
 
 #. pylint: disable=C0301
-#: ../whisperBack/gui.py:169
+#: ../whisperBack/gui.py:173
 msgid "This could take a while..."
 msgstr "Dies könnte eine Weile dauern …"
 
-#: ../whisperBack/gui.py:185
+#: ../whisperBack/gui.py:189
 msgid "The contact email address doesn't seem valid."
 msgstr "Die Kontakt-E-Mail-Adresse scheint nicht gültig zu sein."
 
-#: ../whisperBack/gui.py:202
+#: ../whisperBack/gui.py:206
 msgid "Unable to send the mail: SMTP error."
 msgstr "Nachricht kann nicht gesendet werden: SMTP-Fehler."
 
-#: ../whisperBack/gui.py:204
+#: ../whisperBack/gui.py:208
 msgid "Unable to connect to the server."
 msgstr "Verbindung zum Server fehlgeschlagen."
 
-#: ../whisperBack/gui.py:206
+#: ../whisperBack/gui.py:210
 msgid "Unable to create or to send the mail."
 msgstr "E-Mail kann nicht erstellt oder versendet werden."
 
-#: ../whisperBack/gui.py:209
+#: ../whisperBack/gui.py:213
 msgid ""
 "\n"
 "\n"
@@ -111,20 +111,20 @@ msgid ""
 "If it does not work, you will be offered to save the bug report."
 msgstr "\n\nDer Fehlerbericht konnte vermutlich wegen Netzwerkproblemen nicht 
gesendet werden. Bitte versuchen Sie sich erneut mit dem Netzwerk zu verbinden 
und klicken Sie erneut auf Senden.\n\nSollte das nicht funktionieren, wird 
Ihnen angeboten, den Fehlerbericht zu speichern."
 
-#: ../whisperBack/gui.py:222
+#: ../whisperBack/gui.py:226
 msgid "Your message has been sent."
 msgstr "Ihre Nachricht wurde gesendet."
 
-#: ../whisperBack/gui.py:229
+#: ../whisperBack/gui.py:233
 msgid "An error occured during encryption."
 msgstr "Ein Fehler trat beim Verschlüsseln auf."
 
-#: ../whisperBack/gui.py:249
+#: ../whisperBack/gui.py:253
 #, python-format
 msgid "Unable to save %s."
 msgstr "%s kann nicht gespeichert werden."
 
-#: ../whisperBack/gui.py:272
+#: ../whisperBack/gui.py:276
 #, python-format
 msgid ""
 "The bug report could not be sent, 

[tor-commits] [translation/tpo-web] Update translations for tpo-web

[translation]

commit bf13fb4c78b34cbef60ef4a341fccd991dd4f5c3
Author: Translation commit bot 
Date:   Thu May 2 20:20:32 2019 +

Update translations for tpo-web
---
 contents+de.po | 15 +++
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/contents+de.po b/contents+de.po
index 2f01c4be0..1048636ba 100644
--- a/contents+de.po
+++ b/contents+de.po
@@ -5,9 +5,9 @@
 # Lars Schimmer , 2019
 # erinm, 2019
 # Cat C , 2019
-# Curtis Baltimore , 2019
 # Felix W , 2019
 # Emma Peel, 2019
+# Curtis Baltimore , 2019
 # 
 msgid ""
 msgstr ""
@@ -15,7 +15,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Curtis Baltimore , 2019\n"
 "Language-Team: German (https://www.transifex.com/otf/teams/1519/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -247,6 +247,10 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Genau wie die Tor-Benutzer sind auch die Entwickler, Forscher und Gründer,"
+" die Tor ermöglicht haben, eine vielfältige Gruppe von Menschen. Aber alle, 
"
+"die an Tor beteiligt waren, verbindet ein gemeinsamer Glaube: Internetnutzer"
+" sollten privaten Zugang zu einem unzensierten Netz haben.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -797,13 +801,16 @@ msgstr "Tor Browser-Signatur überprüfen"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Setz dich für Privatsphäre und Freiheit im Internet ein."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Wir sind eine gemeinnützige Organisation und verlassen uns auf Unterstützer 
"
+"wie dich, die uns helfen, Tor robust und sicher für Millionen von Menschen "
+"weltweit zu halten."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12
@@ -929,7 +936,7 @@ msgstr ""
 
 #: templates/home.html:41
 msgid "Resist Fingerprinting"
-msgstr ""
+msgstr "Widersteht Fingerprinting"
 
 #: templates/home.html:45
 msgid "RESIST FINGERPRINTING"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web_completed] Update translations for tpo-web_completed

[translation]

commit a59d16b25dde73bf2437b6aff0993d9a632d0a14
Author: Translation commit bot 
Date:   Thu May 2 20:20:38 2019 +

Update translations for tpo-web_completed
---
 contents+de.po | 15 +++
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/contents+de.po b/contents+de.po
index 2f01c4be0..1048636ba 100644
--- a/contents+de.po
+++ b/contents+de.po
@@ -5,9 +5,9 @@
 # Lars Schimmer , 2019
 # erinm, 2019
 # Cat C , 2019
-# Curtis Baltimore , 2019
 # Felix W , 2019
 # Emma Peel, 2019
+# Curtis Baltimore , 2019
 # 
 msgid ""
 msgstr ""
@@ -15,7 +15,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Curtis Baltimore , 2019\n"
 "Language-Team: German (https://www.transifex.com/otf/teams/1519/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -247,6 +247,10 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Genau wie die Tor-Benutzer sind auch die Entwickler, Forscher und Gründer,"
+" die Tor ermöglicht haben, eine vielfältige Gruppe von Menschen. Aber alle, 
"
+"die an Tor beteiligt waren, verbindet ein gemeinsamer Glaube: Internetnutzer"
+" sollten privaten Zugang zu einem unzensierten Netz haben.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -797,13 +801,16 @@ msgstr "Tor Browser-Signatur überprüfen"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Setz dich für Privatsphäre und Freiheit im Internet ein."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Wir sind eine gemeinnützige Organisation und verlassen uns auf Unterstützer 
"
+"wie dich, die uns helfen, Tor robust und sicher für Millionen von Menschen "
+"weltweit zu halten."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12
@@ -929,7 +936,7 @@ msgstr ""
 
 #: templates/home.html:41
 msgid "Resist Fingerprinting"
-msgstr ""
+msgstr "Widersteht Fingerprinting"
 
 #: templates/home.html:45
 msgid "RESIST FINGERPRINTING"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 1d7b4315c8606b671ce6578f17ab10a3cf03d1aa
Author: Translation commit bot 
Date:   Thu May 2 20:16:02 2019 +

Update translations for https_everywhere_completed
---
 de/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/de/https-everywhere.dtd b/de/https-everywhere.dtd
index 38d1c677a..e7d6968b1 100644
--- a/de/https-everywhere.dtd
+++ b/de/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit fc85b438e2a211c3b6232b789972f5e27ebf4544
Author: Translation commit bot 
Date:   Thu May 2 20:15:55 2019 +

Update translations for https_everywhere
---
 de/https-everywhere.dtd | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/de/https-everywhere.dtd b/de/https-everywhere.dtd
index 3bcd8f4e4..e7d6968b1 100644
--- a/de/https-everywhere.dtd
+++ b/de/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/staging] Remove another stray newline

[irl]

commit 8f8e77ec3e22b523b2d0050a8f6bbc7242e60100
Author: Iain R. Learmonth 
Date:   Thu May 2 21:09:17 2019 +0100

Remove another stray newline
---
 content/safetyboard.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/content/safetyboard.md b/content/safetyboard.md
index bde11ff..112f3b6 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -105,7 +105,6 @@ clarifications.
 We are publishing safety board cases in this section, to help you craft your 
own submission. Note that some cases are still private, for example because the 
researchers are waiting for their paper to become public first.
 
 2016-01: Studying reachability of Tor Browser's default bridges
-
 Request
 Questionnaire
 Questionnaire Answers

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] Remove another stray newline

[irl]

commit 8f8e77ec3e22b523b2d0050a8f6bbc7242e60100
Author: Iain R. Learmonth 
Date:   Thu May 2 21:09:17 2019 +0100

Remove another stray newline
---
 content/safetyboard.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/content/safetyboard.md b/content/safetyboard.md
index bde11ff..112f3b6 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -105,7 +105,6 @@ clarifications.
 We are publishing safety board cases in this section, to help you craft your 
own submission. Note that some cases are still private, for example because the 
researchers are waiting for their paper to become public first.
 
 2016-01: Studying reachability of Tor Browser's default bridges
-
 Request
 Questionnaire
 Questionnaire Answers

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck_completed] Update translations for torcheck_completed

[translation]

commit 410911cf45ca88b02dd938a9899fadcf17384654
Author: Translation commit bot 
Date:   Thu May 2 19:50:07 2019 +

Update translations for torcheck_completed
---
 tr/torcheck.po | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/tr/torcheck.po b/tr/torcheck.po
index ca641b51b..eebad79ef 100644
--- a/tr/torcheck.po
+++ b/tr/torcheck.po
@@ -18,7 +18,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2019-04-09 17:39+\n"
+"PO-Revision-Date: 2019-05-02 19:43+\n"
 "Last-Translator: Kaya Zeren \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -59,7 +59,7 @@ msgid "Sorry, your query failed or an unexpected response was 
received."
 msgstr "Maalesef, sorgunuz işlenemedi ya da beklenmeyen bir yanıt alındı."
 
 msgid "Your IP address appears to be: "
-msgstr "Görüntülenecek IP Adresiniz: "
+msgstr "Görünen IP Adresiniz: "
 
 msgid "This page is also available in the following languages:"
 msgstr "Bu sayfa şu dillerde de görüntülenebilir:"
@@ -79,7 +79,7 @@ msgid "Go"
 msgstr "Git"
 
 msgid "Donate to Support Tor"
-msgstr "Tor'a Bağış Yaparak Destek Olun"
+msgstr "Bağış Yaparak Tor Projesini Destekleyin"
 
 msgid "Tor Q Site"
 msgstr "Tor SSS Sitesi"
@@ -97,10 +97,10 @@ msgid "However, it does not appear to be Tor Browser."
 msgstr "Ancak bu, Tor Browser gibi görünmüyor."
 
 msgid "Run a Relay"
-msgstr "Bir Aktarıcı Hizmeti Sağlamak"
+msgstr "Aktarıcı İşletmek"
 
 msgid "Stay Anonymous"
-msgstr "Anonim Kalın"
+msgstr "Anonim Kalmak"
 
 msgid "Relay Search"
 msgstr "Aktarıcı Arama"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit e4d47883103342d4a784d79195651212407396fa
Author: Translation commit bot 
Date:   Thu May 2 19:51:17 2019 +

Update translations for support-portal
---
 contents+ru.po | 23 ++-
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/contents+ru.po b/contents+ru.po
index 1d0d8facb..91fd89e19 100644
--- a/contents+ru.po
+++ b/contents+ru.po
@@ -3785,7 +3785,7 @@ msgid ""
 "These services use the special-use tld .onion (instead of "
 ".com,.net,.org,etc..) and are only accessible through the Tor network."
 msgstr ""
-"Эти сервисы используют специальный домен 
.onion (вместо .com, .net, .org и "
+"Эти ресурсы используют специальный домен 
.onion (вместо .com, .net, .org и "
 "так далее). Доступ к ним возможен только 
через Tor Browser."
 
 #: https//support.torproject.org/onionservices/onionservices-2/
@@ -3795,16 +3795,14 @@ msgid ""
 "at the URL bar an icon of a little green onion displaying the state of your "
 "connection: secure and using an onion service."
 msgstr ""
-"Заходя на веб-сайт, который использует 
onion-сервис, Tor Browser покажет в "
-"адресной строке значок маленького 
зеленого лука, который показывает "
-"состояние вашего соединения: «безопасно» 
и «используется onion-сервис»."
+"При открытии сайта .onion Tor Browser покажет в 
адресной строке значок "
+"маленькой зеленой луковицы. Это значит 
безопасное соединение с onion-"
+"ресурсом."
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
 msgid ""
-msgstr ""
-""
+msgstr ""
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
@@ -3812,8 +3810,8 @@ msgid ""
 "And if you're accessing a website with https and onion service, it will show"
 " an icon of a green onion and a padlock."
 msgstr ""
-"И если вы получаете доступ к веб-сайту с 
протоколом https или .onion сайтом,"
-" он покажет значок зеленого лука и висячий 
замок."
+"Если вы открываете .onion-сайт по https, то 
увидите значки луковицы и "
+"замочка."
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
@@ -3827,15 +3825,14 @@ msgstr ""
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.title)
 msgid "Tor Glossary"
-msgstr "Словарь терминов Tor"
+msgstr "Глоссарий Tor"
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
 msgid ""
 "The community team has developed this Glossary of terms about and related to"
 " Tor"
-msgstr ""
-"Участники сообщества создали данный 
Глоссарий, посвященный и связанный с Tor"
+msgstr "Участники сообщества создали 
глоссарий, связанный с Tor."
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
@@ -3845,7 +3842,7 @@ msgstr "## A"
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)
 msgid "### add-on, extension, or plugin"
-msgstr "### надстройка, расширение или модуль"
+msgstr "### add-on, extension, plugin"
 
 #: https//support.torproject.org/misc/glossary/
 #: (content/misc/glossary/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 135327cb2c7894c357e69db6610fa48223d22cec
Author: Translation commit bot 
Date:   Thu May 2 19:45:54 2019 +

Update translations for https_everywhere
---
 lt/https-everywhere.dtd | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/lt/https-everywhere.dtd b/lt/https-everywhere.dtd
index 6f76d42e1..624f8da61 100644
--- a/lt/https-everywhere.dtd
+++ b/lt/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck] Update translations for torcheck

[translation]

commit 55191b12c43dc2dc75757feabb652408353f4f6f
Author: Translation commit bot 
Date:   Thu May 2 19:50:00 2019 +

Update translations for torcheck
---
 tr/torcheck.po | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/tr/torcheck.po b/tr/torcheck.po
index ca641b51b..eebad79ef 100644
--- a/tr/torcheck.po
+++ b/tr/torcheck.po
@@ -18,7 +18,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2019-04-09 17:39+\n"
+"PO-Revision-Date: 2019-05-02 19:43+\n"
 "Last-Translator: Kaya Zeren \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -59,7 +59,7 @@ msgid "Sorry, your query failed or an unexpected response was 
received."
 msgstr "Maalesef, sorgunuz işlenemedi ya da beklenmeyen bir yanıt alındı."
 
 msgid "Your IP address appears to be: "
-msgstr "Görüntülenecek IP Adresiniz: "
+msgstr "Görünen IP Adresiniz: "
 
 msgid "This page is also available in the following languages:"
 msgstr "Bu sayfa şu dillerde de görüntülenebilir:"
@@ -79,7 +79,7 @@ msgid "Go"
 msgstr "Git"
 
 msgid "Donate to Support Tor"
-msgstr "Tor'a Bağış Yaparak Destek Olun"
+msgstr "Bağış Yaparak Tor Projesini Destekleyin"
 
 msgid "Tor Q Site"
 msgstr "Tor SSS Sitesi"
@@ -97,10 +97,10 @@ msgid "However, it does not appear to be Tor Browser."
 msgstr "Ancak bu, Tor Browser gibi görünmüyor."
 
 msgid "Run a Relay"
-msgstr "Bir Aktarıcı Hizmeti Sağlamak"
+msgstr "Aktarıcı İşletmek"
 
 msgid "Stay Anonymous"
-msgstr "Anonim Kalın"
+msgstr "Anonim Kalmak"
 
 msgid "Relay Search"
 msgstr "Aktarıcı Arama"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 94ba58963c01d7a7df0d43f17d06a3998301cbde
Author: Translation commit bot 
Date:   Thu May 2 19:46:01 2019 +

Update translations for https_everywhere_completed
---
 lt/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/lt/https-everywhere.dtd b/lt/https-everywhere.dtd
index c0bb69db3..624f8da61 100644
--- a/lt/https-everywhere.dtd
+++ b/lt/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web_completed] Update translations for tpo-web_completed

[translation]

commit 64b514ea17ca9554c72e624d20c60ecedc422103
Author: Translation commit bot 
Date:   Thu May 2 19:50:56 2019 +

Update translations for tpo-web_completed
---
 contents+pl.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+pl.po b/contents+pl.po
index e409bb766..a6ab30caa 100644
--- a/contents+pl.po
+++ b/contents+pl.po
@@ -6,9 +6,9 @@
 # erinm, 2019
 # wigatesi, 2019
 # Waldemar Stoczkowski, 2019
-# Dawid Potocki , 2019
 # Filip , 2019
 # Emma Peel, 2019
+# Dawid Potocki , 2019
 # 
 msgid ""
 msgstr ""
@@ -16,7 +16,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Dawid Potocki , 2019\n"
 "Language-Team: Polish (https://www.transifex.com/otf/teams/1519/pl/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -245,6 +245,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Tak jak użytkownicy Tora, programiści, badacze i założyciele, którzy "
+"umożliwili stworzenie Tora, to zróżnicowana grupa ludzi. Ale wszyscy 
ludzie,"
+" którzy byli zaangażowani w Tor są zjednoczeni wspólnym przekonaniem: "
+"użytkownicy Internetu powinni mieć prywatny dostęp do nieocenzurowanej "
+"sieci.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -791,13 +796,16 @@ msgstr "Sprawdź podpis Tor Browser"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Stań w obronie prywatności i wolności w Internecie."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Jesteśmy organizacją nonprofit i polegamy na takich pomocnikach jak Ty, "
+"którzy pomagają nam utrzymać Tora solidnym i bezpiecznym dla milionów 
ludzi "
+"na całym świecie."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web] Update translations for tpo-web

[translation]

commit 7ad367441c2224779df0cf893b44d03994fabda3
Author: Translation commit bot 
Date:   Thu May 2 19:50:50 2019 +

Update translations for tpo-web
---
 contents+pl.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+pl.po b/contents+pl.po
index e409bb766..a6ab30caa 100644
--- a/contents+pl.po
+++ b/contents+pl.po
@@ -6,9 +6,9 @@
 # erinm, 2019
 # wigatesi, 2019
 # Waldemar Stoczkowski, 2019
-# Dawid Potocki , 2019
 # Filip , 2019
 # Emma Peel, 2019
+# Dawid Potocki , 2019
 # 
 msgid ""
 msgstr ""
@@ -16,7 +16,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Dawid Potocki , 2019\n"
 "Language-Team: Polish (https://www.transifex.com/otf/teams/1519/pl/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -245,6 +245,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Tak jak użytkownicy Tora, programiści, badacze i założyciele, którzy "
+"umożliwili stworzenie Tora, to zróżnicowana grupa ludzi. Ale wszyscy 
ludzie,"
+" którzy byli zaangażowani w Tor są zjednoczeni wspólnym przekonaniem: "
+"użytkownicy Internetu powinni mieć prywatny dostęp do nieocenzurowanej "
+"sieci.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -791,13 +796,16 @@ msgstr "Sprawdź podpis Tor Browser"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Stań w obronie prywatności i wolności w Internecie."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Jesteśmy organizacją nonprofit i polegamy na takich pomocnikach jak Ty, "
+"którzy pomagają nam utrzymać Tora solidnym i bezpiecznym dla milionów 
ludzi "
+"na całym świecie."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit bd7705ebb34e8926f313b3c3357389e03118b9b9
Author: Translation commit bot 
Date:   Thu May 2 19:20:55 2019 +

Update translations for support-portal
---
 contents+fr.po |  5 ++---
 contents+ru.po | 27 ++-
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index e5081e361..57bc271b3 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -1,6 +1,5 @@
 # Translators:
 # Shailja, 2019
-# Thomas Javier , 2019
 # Curtis Baltimore , 2019
 # PoorPockets McNewHold , 2019
 # erinm, 2019
@@ -442,8 +441,8 @@ msgstr ""
 msgid ""
 "After importing the key, you can verify that the fingerprint is correct:"
 msgstr ""
-"Après avoir importé la clef, vous pouvez vérifier que le fingerprint est "
-"correct :"
+"Après avoir importé la clé, vous pouvez vérifier que l’empreinte est "
+"correcte :"
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
diff --git a/contents+ru.po b/contents+ru.po
index 2ef38a339..1d0d8facb 100644
--- a/contents+ru.po
+++ b/contents+ru.po
@@ -3734,7 +3734,7 @@ msgstr ""
 #: https//support.torproject.org/onionservices/onionservices-1/
 #: (content/onionservices/onionservices-1/contents+en.lrquestion.description)
 msgid "You can access these websites by using Tor Browser."
-msgstr "Вы можете получить доступ к этим 
сайтам, используя браузер Tor."
+msgstr "Вы можете открывать такие сайты в Tor 
Browser."
 
 #: https//support.torproject.org/onionservices/onionservices-1/
 #: (content/onionservices/onionservices-1/contents+en.lrquestion.description)
@@ -3742,11 +3742,13 @@ msgid ""
 "The addresses must be shared with you by the website host, as onions are not"
 " indexed in search engines in the typical way that vanilla websites are."
 msgstr ""
+"Адреса сайтов можно узнавать 
непосредственно от их владельцев. Эти 
ресурсы "
+"не индексируются поисковыми системами, 
как обычные сайты."
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.title)
 msgid "What is a .onion or what are onion services?"
-msgstr "Что такое .onion и onion-службы?"
+msgstr "Что такое .onion и onion-ресурсы?"
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
@@ -3754,8 +3756,8 @@ msgid ""
 "Onion services allow people to browse but also to publish anonymously, "
 "including publishing anonymous websites."
 msgstr ""
-"Onion сервисы позволяют не только 
просматривать, но и публиковать анонимно, "
-"включая публикацию анонимных веб-сайтов."
+"Onion-ресурсы позволяют не только 
просматривать, но и публиковать информацию"
+" анонимно. Можно даже анонимно создать 
свой сайт."
 
 #: https//support.torproject.org/onionservices/onionservices-2/
 #: (content/onionservices/onionservices-2/contents+en.lrquestion.description)
@@ -3768,15 +3770,14 @@ msgid ""
 "href=\"https://www.facebook.com/notes/protect-the-graph/making-connections-;
 "to-facebook-more-secure/1526085754298237/\">Facebook."
 msgstr ""
-".onion сайты также используются для обмена 
чатами без обмена метаданными и "
-"файлами, более безопасного 
взаимодействия между журналистами и их "
-"источниками, таких как https://securedrop.org/\;>SecureDrop или https://onionshare.org/\;>OnionShare, более 
безопасных "
-"обновлений ПО и более безопасных способов 
доступа к популярным сайтам, таким"
-" как https://www.facebook.com/notes/protect-the-graph;
-"/making-connections-to-facebook-more-"
-"secure/1526085754298237/\">Facebook."
+"Ресурсы .onion также используются для чатов 
и обмена файлами без "
+"использования метаданных, для более 
безопасного взаимодействия между "
+"журналистами и их источниками (с 
инструментами вроде https://securedrop.org/\;>SecureDrop и https://onionshare.org/\;>OnionShare), для более "
+"безопасного обновления программ и 
доступа к популярным сайтам, таким как "
+"https://www.facebook.com/notes/protect-the-graph/making-;

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit 56849b577e847262c4d862b67eb6423b30af5506
Author: Translation commit bot 
Date:   Thu May 2 18:50:46 2019 +

Update translations for support-portal
---
 contents+fr.po | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 50b908753..e5081e361 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -1,10 +1,10 @@
 # Translators:
 # Shailja, 2019
 # Thomas Javier , 2019
+# Curtis Baltimore , 2019
 # PoorPockets McNewHold , 2019
 # erinm, 2019
 # Emma Peel, 2019
-# Curtis Baltimore , 2019
 # AO , 2019
 # 
 msgid ""
@@ -330,9 +330,9 @@ msgid ""
 "you download is the one we have created and has not been modified by some "
 "attacker."
 msgstr ""
-"Ci-dessous nous expliquons pourquoi c'est important et comment vérifier que "
-"le programme Tor que vous téléchargez est bien celui que nous avons créé 
et "
-"n'a pas été modifié par un assaillant."
+"Ci-dessous, nous expliquons pourquoi cela est important et comment vérifier "
+"que le programme Tor que vous téléchargez est bien celui que nous avons "
+"créé, et qu’il n’a pas été modifié par un assaillant."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/staging] Remove stray nl

[irl]

commit 9cbf125e357df9f50c4596caa8be22f32eb661fd
Author: Iain R. Learmonth 
Date:   Thu May 2 19:42:06 2019 +0100

Remove stray nl
---
 content/safetyboard.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/content/safetyboard.md b/content/safetyboard.md
index 742fec3..bde11ff 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -114,7 +114,6 @@ We are publishing safety board cases in this section, to 
help you craft your own
 2016-02: [still anonymized during paper review]
 
 2016-03: Understanding "dark web" cultures and communities
-
 Request
 Response
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] Remove stray nl

[irl]

commit 9cbf125e357df9f50c4596caa8be22f32eb661fd
Author: Iain R. Learmonth 
Date:   Thu May 2 19:42:06 2019 +0100

Remove stray nl
---
 content/safetyboard.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/content/safetyboard.md b/content/safetyboard.md
index 742fec3..bde11ff 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -114,7 +114,6 @@ We are publishing safety board cases in this section, to 
help you craft your own
 2016-02: [still anonymized during paper review]
 
 2016-03: Understanding "dark web" cultures and communities
-
 Request
 Response
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Bumping TBA translations commit

[gk]

commit b4648cc36778597fec120116c731201a62e8a7b8
Author: Georg Koppen 
Date:   Thu May 2 18:31:38 2019 +

Bumping TBA translations commit
---
 projects/tba-translation/config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/projects/tba-translation/config b/projects/tba-translation/config
index fd31b01..d53760c 100644
--- a/projects/tba-translation/config
+++ b/projects/tba-translation/config
@@ -3,5 +3,5 @@ filename: '[% project %]-[% c("version") %]-[% 
c("var/build_id") %].tar.gz'
 git_url: https://git.torproject.org/translation.git
 # We need to bump the commit before releasing but just pointing to a branch
 # might cause too much rebuidling of the Firefox part.
-git_hash: 8da59b784ec6a8492805379903696647adbcfb97
+git_hash: 342ecc5cd2ec2b0c3004fc64e0cef3956831675e
 version: '[% c("abbrev") %]'

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump to 0.4.0.5-dev

[nickm]

commit 2b54733dc0bb055b609502cede2a6055b3c3ef15
Author: Nick Mathewson 
Date:   Thu May 2 14:32:55 2019 -0400

Bump to 0.4.0.5-dev
---
 configure.ac| 4 ++--
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 28bf5d123..4b69b3c89 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.4.0.5])
+AC_INIT([tor],[0.4.0.5-dev])
 AC_CONFIG_SRCDIR([src/app/main/tor_main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
@@ -14,7 +14,7 @@ AC_CONFIG_MACRO_DIR([m4])
 # version number changes.  Tor uses it to make sure that it
 # only shuts down for missing "required protocols" when those protocols
 # are listed as required by a consensus after this date.
-AC_DEFINE(APPROX_RELEASE_DATE, ["2019-04-30"], # for 0.4.0.5
+AC_DEFINE(APPROX_RELEASE_DATE, ["2019-05-02"], # for 0.4.0.5-dev
   [Approximate date when this software was released. (Updated when the 
version changes.)])
 
 # "foreign" means we don't follow GNU package layout standards
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3538b7caa..7b3cf2116 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.4.0.5"
+!define VERSION "0.4.0.5-dev"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 23722d617..adac42268 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.4.0.5"
+#define VERSION "0.4.0.5-dev"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.0] Bump to 0.4.0.5-dev

[nickm]

commit 2b54733dc0bb055b609502cede2a6055b3c3ef15
Author: Nick Mathewson 
Date:   Thu May 2 14:32:55 2019 -0400

Bump to 0.4.0.5-dev
---
 configure.ac| 4 ++--
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 28bf5d123..4b69b3c89 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.4.0.5])
+AC_INIT([tor],[0.4.0.5-dev])
 AC_CONFIG_SRCDIR([src/app/main/tor_main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
@@ -14,7 +14,7 @@ AC_CONFIG_MACRO_DIR([m4])
 # version number changes.  Tor uses it to make sure that it
 # only shuts down for missing "required protocols" when those protocols
 # are listed as required by a consensus after this date.
-AC_DEFINE(APPROX_RELEASE_DATE, ["2019-04-30"], # for 0.4.0.5
+AC_DEFINE(APPROX_RELEASE_DATE, ["2019-05-02"], # for 0.4.0.5-dev
   [Approximate date when this software was released. (Updated when the 
version changes.)])
 
 # "foreign" means we don't follow GNU package layout standards
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3538b7caa..7b3cf2116 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.4.0.5"
+!define VERSION "0.4.0.5-dev"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 23722d617..adac42268 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.4.0.5"
+#define VERSION "0.4.0.5-dev"
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.0] Merge branch 'maint-0.4.0' into release-0.4.0

[nickm]

commit de01c0629659021d8201fcfd6fa97550c28056d9
Merge: bf071e34a 2b54733dc
Author: Nick Mathewson 
Date:   Thu May 2 14:33:22 2019 -0400

Merge branch 'maint-0.4.0' into release-0.4.0

 configure.ac| 4 ++--
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] forward-port changelog and releasenotes from 0.4.0.5

[nickm]

commit 2fca2ed499bf2378684ba0cc3390818f52792728
Author: Nick Mathewson 
Date:   Thu May 2 14:32:24 2019 -0400

forward-port changelog and releasenotes from 0.4.0.5
---
 ChangeLog|  48 +
 ReleaseNotes | 599 +++
 2 files changed, 647 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index accde75b9..a69a7253b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,51 @@
+Changes in version 0.4.0.5 - 2019-05-02
+  This is the first stable release in the 0.4.0.x series. It contains
+  improvements for power management and bootstrap reporting, as well as
+  preliminary backend support for circuit padding to prevent some kinds
+  of traffic analysis. It also continues our work in refactoring Tor for
+  long-term maintainability.
+
+  Per our support policy, we will support the 0.4.0.x series for nine
+  months, or until three months after the release of a stable 0.4.1.x:
+  whichever is longer. If you need longer-term support, please stick
+  with 0.3.5.x, which will we plan to support until Feb 2022.
+
+  Below are the changes since 0.4.0.4-rc. For a complete list of changes
+  since 0.3.5.7, see the ReleaseNotes file.
+
+  o Minor features (continuous integration):
+- In Travis, tell timelimit to use stem's backtrace signals, and
+  launch python directly from timelimit, so python receives the
+  signals from timelimit, rather than make. Closes ticket 30117.
+
+  o Minor features (diagnostic):
+- Add more diagnostic log messages in an attempt to solve the issue
+  of NUL bytes appearing in a microdescriptor cache. Related to
+  ticket 28223.
+
+  o Minor features (testing):
+- Use the approx_time() function when setting the "Expires" header
+  in directory replies, to make them more testable. Needed for
+  ticket 30001.
+
+  o Minor bugfixes (rust):
+- Abort on panic in all build profiles, instead of potentially
+  unwinding into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha.
+
+  o Minor bugfixes (shellcheck):
+- Look for scripts in their correct locations during "make
+  shellcheck". Previously we had looked in the wrong place during
+  out-of-tree builds. Fixes bug 30263; bugfix on 0.4.0.1-alpha.
+
+  o Minor bugfixes (testing):
+- Check the time in the "Expires" header using approx_time(). Fixes
+  bug 30001; bugfix on 0.4.0.4-rc.
+
+  o Minor bugfixes (UI):
+- Lower log level of unlink() errors during bootstrap. Fixes bug
+  29930; bugfix on 0.4.0.1-alpha.
+
+
 Changes in version 0.4.0.4-rc - 2019-04-11
   Tor 0.4.0.4-rc is the first release candidate in its series; it fixes
   several bugs from earlier versions, including some that had affected
diff --git a/ReleaseNotes b/ReleaseNotes
index 93dad1673..badc5e6d0 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -2,6 +2,605 @@ This document summarizes new features and bugfixes in each 
stable
 release of Tor. If you want to see more detailed descriptions of the
 changes in each development snapshot, see the ChangeLog file.
 
+Changes in version 0.4.0.5 - 2019-05-02
+  This is the first stable release in the 0.4.0.x series. It contains
+  improvements for power management and bootstrap reporting, as well as
+  preliminary backend support for circuit padding to prevent some kinds
+  of traffic analysis. It also continues our work in refactoring Tor for
+  long-term maintainability.
+
+  Per our support policy, we will support the 0.4.0.x series for nine
+  months, or until three months after the release of a stable 0.4.1.x:
+  whichever is longer. If you need longer-term support, please stick
+  with 0.3.5.x, which will we plan to support until Feb 2022.
+
+  Below are the changes since 0.3.5.7. For a complete list of changes
+  since 0.4.0.4-rc, see the ChangeLog file.
+
+  o Major features (battery management, client, dormant mode):
+- When Tor is running as a client, and it is unused for a long time,
+  it can now enter a "dormant" state. When Tor is dormant, it avoids
+  network and CPU activity until it is reawoken either by a user
+  request or by a controller command. For more information, see the
+  configuration options starting with "Dormant". Implements tickets
+  2149 and 28335.
+- The client's memory of whether it is "dormant", and how long it
+  has spent idle, persists across invocations. Implements
+  ticket 28624.
+- There is a DormantOnFirstStartup option that integrators can use
+  if they expect that in many cases, Tor will be installed but
+  not used.
+
+  o Major features (bootstrap reporting):
+- When reporting bootstrap progress, report the first connection
+  uniformly, regardless of whether it's a connection for building
+  application circuits. This allows finer-grained reporting of early
+  progress than previously possible, with the improvements of ticket
+  27169. Closes tickets 27167 and 27103. Addresses ticket 27308.
+- 

[tor-commits] [tor/master] Merge branch 'maint-0.4.0'

[nickm]

commit 1f13c2bd231886a84ef2359e4e060179ce788f9a
Merge: 2fca2ed49 2b54733dc
Author: Nick Mathewson 
Date:   Thu May 2 14:33:09 2019 -0400

Merge branch 'maint-0.4.0'

"ours" to avoid version bump.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.4.0] Bump to 0.4.0.5-dev

[nickm]

commit 2b54733dc0bb055b609502cede2a6055b3c3ef15
Author: Nick Mathewson 
Date:   Thu May 2 14:32:55 2019 -0400

Bump to 0.4.0.5-dev
---
 configure.ac| 4 ++--
 contrib/win32build/tor-mingw.nsi.in | 2 +-
 src/win32/orconfig.h| 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 28bf5d123..4b69b3c89 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
 AC_PREREQ([2.63])
-AC_INIT([tor],[0.4.0.5])
+AC_INIT([tor],[0.4.0.5-dev])
 AC_CONFIG_SRCDIR([src/app/main/tor_main.c])
 AC_CONFIG_MACRO_DIR([m4])
 
@@ -14,7 +14,7 @@ AC_CONFIG_MACRO_DIR([m4])
 # version number changes.  Tor uses it to make sure that it
 # only shuts down for missing "required protocols" when those protocols
 # are listed as required by a consensus after this date.
-AC_DEFINE(APPROX_RELEASE_DATE, ["2019-04-30"], # for 0.4.0.5
+AC_DEFINE(APPROX_RELEASE_DATE, ["2019-05-02"], # for 0.4.0.5-dev
   [Approximate date when this software was released. (Updated when the 
version changes.)])
 
 # "foreign" means we don't follow GNU package layout standards
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 3538b7caa..7b3cf2116 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.4.0.5"
+!define VERSION "0.4.0.5-dev"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 23722d617..adac42268 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.4.0.5"
+#define VERSION "0.4.0.5-dev"
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/maint-8.5] Bumping TBA translations commit

[gk]

commit 16cea2e9105b00f6946cb853196d161cca3844ac
Author: Georg Koppen 
Date:   Thu May 2 18:31:38 2019 +

Bumping TBA translations commit
---
 projects/tba-translation/config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/projects/tba-translation/config b/projects/tba-translation/config
index fd31b01..d53760c 100644
--- a/projects/tba-translation/config
+++ b/projects/tba-translation/config
@@ -3,5 +3,5 @@ filename: '[% project %]-[% c("version") %]-[% 
c("var/build_id") %].tar.gz'
 git_url: https://git.torproject.org/translation.git
 # We need to bump the commit before releasing but just pointing to a branch
 # might cause too much rebuidling of the Firefox part.
-git_hash: 8da59b784ec6a8492805379903696647adbcfb97
+git_hash: 342ecc5cd2ec2b0c3004fc64e0cef3956831675e
 version: '[% c("abbrev") %]'

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Tor 0.4.0.5 is released

[nickm]

commit 4c24be2a883b2fd8399661998e1b0099e2d0e1e5
Author: Nick Mathewson 
Date:   Thu May 2 14:28:29 2019 -0400

Tor 0.4.0.5 is released
---
 Makefile | 4 ++--
 include/versions.wmi | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 9fa032ef..dc4b3f8c 100644
--- a/Makefile
+++ b/Makefile
@@ -14,8 +14,8 @@
 # branch to your personal webwml repository, open a trac ticket in the
 # website component, and set it to needs_review.
 
-export STABLETAG=tor-0.3.5.8
-export DEVTAG=tor-0.4.0.4-rc
+export STABLETAG=tor-0.4.0.5
+export DEVTAG=tor-0.4.0.5
 
 WMLBASE=.
 SUBDIRS=docs eff projects press about download getinvolved donate 
docs/torbutton
diff --git a/include/versions.wmi b/include/versions.wmi
index 5fcea797..67c1884d 100644
--- a/include/versions.wmi
+++ b/include/versions.wmi
@@ -1,5 +1,5 @@
-0.3.5.8
-0.4.0.4-rc
+0.4.0.5
+0.4.0.5
 
 maint-8.0
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web] Update translations for tpo-web

[translation]

commit 1eaf27f31058b9d6818eb323014eddb1f43feecf
Author: Translation commit bot 
Date:   Thu May 2 18:20:27 2019 +

Update translations for tpo-web
---
 contents+tr.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+tr.po b/contents+tr.po
index 4300524b4..59331c08f 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -1,8 +1,8 @@
 # Translators:
 # erinm, 2019
-# Kaya Zeren , 2019
 # T. E. Kalayci , 2019
 # Emma Peel, 2019
+# Kaya Zeren , 2019
 # 
 msgid ""
 msgstr ""
@@ -10,7 +10,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Kaya Zeren , 2019\n"
 "Language-Team: Turkish (https://www.transifex.com/otf/teams/1519/tr/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -242,6 +242,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Tıpkı Tor kullanıcıları gibi, Tor projesini hayata geçirenler de "
+"geliştiriciler, araştırmacılar ve kurucular gibi çok farklı kişilerden 
"
+"oluşur. Ancak Tor projesine katılan herkesin ortak bir inancı vardır: "
+"İnsanların izlenmeden ve sansüre uğramadan İnternet kullanabilmesi "
+"gerekir.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -785,13 +790,16 @@ msgstr "Tor Browser imzasını doğrulayın"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Çevrimiçi özgürlük ve kişisel gizliliği savunun."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Kar amacı gütmeyen bir kuruluş olarak, dünyadaki milyonlarca insana 
yardımcı"
+" olan Tor projesini sağlam ve güvende tutmak için sizin gibi "
+"destekçilerimize güveniyoruz."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tpo-web_completed] Update translations for tpo-web_completed

[translation]

commit ef1d3c322a4d7148dbd5cc1b64de7bd78eaec68f
Author: Translation commit bot 
Date:   Thu May 2 18:20:32 2019 +

Update translations for tpo-web_completed
---
 contents+tr.po | 14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/contents+tr.po b/contents+tr.po
index 4300524b4..59331c08f 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -1,8 +1,8 @@
 # Translators:
 # erinm, 2019
-# Kaya Zeren , 2019
 # T. E. Kalayci , 2019
 # Emma Peel, 2019
+# Kaya Zeren , 2019
 # 
 msgid ""
 msgstr ""
@@ -10,7 +10,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-02 11:45+CET\n"
 "PO-Revision-Date: 2019-03-09 10:41+\n"
-"Last-Translator: Emma Peel, 2019\n"
+"Last-Translator: Kaya Zeren , 2019\n"
 "Language-Team: Turkish (https://www.transifex.com/otf/teams/1519/tr/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -242,6 +242,11 @@ msgid ""
 "been involved in Tor are united by a common belief: internet users should "
 "have private access to an uncensored web.**"
 msgstr ""
+"**Tıpkı Tor kullanıcıları gibi, Tor projesini hayata geçirenler de "
+"geliştiriciler, araştırmacılar ve kurucular gibi çok farklı kişilerden 
"
+"oluşur. Ancak Tor projesine katılan herkesin ortak bir inancı vardır: "
+"İnsanların izlenmeden ve sansüre uğramadan İnternet kullanabilmesi "
+"gerekir.**"
 
 #: https//www.torproject.org/about/history/
 #: (content/about/history/contents+en.lrpage.body)
@@ -785,13 +790,16 @@ msgstr "Tor Browser imzasını doğrulayın"
 
 #: templates/download.html:54
 msgid "Stand up for privacy and freedom online."
-msgstr ""
+msgstr "Çevrimiçi özgürlük ve kişisel gizliliği savunun."
 
 #: templates/download.html:55
 msgid ""
 "We're a nonprofit organization and rely on supporters like you to help us "
 "keep Tor robust and secure for millions of people worldwide."
 msgstr ""
+"Kar amacı gütmeyen bir kuruluş olarak, dünyadaki milyonlarca insana 
yardımcı"
+" olan Tor projesini sağlam ve güvende tutmak için sizin gibi "
+"destekçilerimize güveniyoruz."
 
 #: templates/download.html:56 templates/footer.html:44
 #: templates/navbar.html:12

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 6878bfd018c44172c4f1e0ed7ca6ce23cab87919
Author: Translation commit bot 
Date:   Thu May 2 18:16:02 2019 +

Update translations for https_everywhere_completed
---
 tr/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/tr/https-everywhere.dtd b/tr/https-everywhere.dtd
index 53b465dce..5732bb52d 100644
--- a/tr/https-everywhere.dtd
+++ b/tr/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 480671ca9eca475e4c6c5488057f5fb23469605e
Author: Translation commit bot 
Date:   Thu May 2 18:15:55 2019 +

Update translations for https_everywhere
---
 tr/https-everywhere.dtd | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tr/https-everywhere.dtd b/tr/https-everywhere.dtd
index 082bc565c..5732bb52d 100644
--- a/tr/https-everywhere.dtd
+++ b/tr/https-everywhere.dtd
@@ -14,7 +14,7 @@
 
 
 
-
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] Sync tech reports

[irl]

commit 8e916f7f995b5bd74d0bb27e7948b3daf29cdaf0
Author: Iain R. Learmonth 
Date:   Thu May 2 18:18:23 2019 +0100

Sync tech reports
---
 content/techreports.html |  10 ++
 static/techreports/metrics-evaluation-2019-03-25.pdf | Bin 0 -> 330531 bytes
 static/techreports_bib.html  |  14 +-
 techreports.bib  |  10 ++
 techreports.html |  10 ++
 5 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/content/techreports.html b/content/techreports.html
index c1e210c..9dad358 100644
--- a/content/techreports.html
+++ b/content/techreports.html
@@ -13,6 +13,16 @@ aliases:
 
 
 
+
+
+IainR. Learmonth and Karsten Loesing.
+ Tor metrics data collection, aggregation, and presentation.
+ Technical Report 2019-03-001, The Tor Project, March 2019.
+[bib| 
+https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf;>.pdf]
+
+
+
 
 
 IainR. Learmonth and Karsten Loesing.
diff --git a/static/techreports/metrics-evaluation-2019-03-25.pdf 
b/static/techreports/metrics-evaluation-2019-03-25.pdf
new file mode 100644
index 000..b0a89e2
Binary files /dev/null and 
b/static/techreports/metrics-evaluation-2019-03-25.pdf differ
diff --git a/static/techreports_bib.html b/static/techreports_bib.html
index dced0e7..733709a 100644
--- a/static/techreports_bib.html
+++ b/static/techreports_bib.html
@@ -1,4 +1,16 @@
-techreports.bib
+techreports.bib
+@techreport{tor-2019-03-001,
+  author = {Iain R. Learmonth and Karsten Loesing},
+  title = {{Tor} Metrics Data Collection, Aggregation, and Presentation},
+  institution = {The Tor Project},
+  number = {2019-03-001},
+  year = {2019},
+  month = {March},
+  url = 
{https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf}
+}
+
+
+
 @techreport{tor-2018-12-001,
   author = {Iain R. Learmonth and Karsten Loesing},
   title = {Towards Modernising Data Collection and Archive for the {Tor} 
Network},
diff --git a/techreports.bib b/techreports.bib
index 7e0a90e..0f22e01 100644
--- a/techreports.bib
+++ b/techreports.bib
@@ -1,3 +1,13 @@
+@techreport{tor-2019-03-001,
+  author = {Iain R. Learmonth and Karsten Loesing},
+  title = {{Tor} Metrics Data Collection, Aggregation, and Presentation},
+  institution = {The Tor Project},
+  number = {2019-03-001},
+  year = {2019},
+  month = {March},
+  url = 
{https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf}
+}
+
 @techreport{tor-2018-12-001,
   author = {Iain R. Learmonth and Karsten Loesing},
   title = {Towards Modernising Data Collection and Archive for the {Tor} 
Network},
diff --git a/techreports.html b/techreports.html
index 3132b85..dde8e34 100644
--- a/techreports.html
+++ b/techreports.html
@@ -7,6 +7,16 @@
 
 
 
+
+
+IainR. Learmonth and Karsten Loesing.
+ Tor metrics data collection, aggregation, and presentation.
+ Technical Report 2019-03-001, The Tor Project, March 2019.
+[bib| 
+https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf;>.pdf]
+
+
+
 
 
 IainR. Learmonth and Karsten Loesing.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] Fix script name in Makefile

[irl]

commit 6f56623154164a3098522bc64fb5243ef5985d7b
Author: Iain R. Learmonth 
Date:   Sat Feb 23 18:14:06 2019 +

Fix script name in Makefile
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 77d3f0a..475160b 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ server: content/techreports.html
hugo serve
 
 content/techreports.html: techreports-header.html techreports-footer.html 
techreports.bib
-   ./generate-tech-reports
+   ./generate-techreports-html
 
 staging: content/techreports.html
hugo -b https://research-staging.torproject.org/



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] Adds Center for Cybersecurity to research groups.

[irl]

commit 597d073b516d40b14acc823b0db264b6629fce05
Author: Iain R. Learmonth 
Date:   Sat Feb 23 18:41:29 2019 +

Adds Center for Cybersecurity to research groups.

Information based on email from Matt Wright.
---
 content/groups.md | 14 +-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/content/groups.md b/content/groups.md
index 6746c08..abb5eee 100644
--- a/content/groups.md
+++ b/content/groups.md
@@ -11,6 +11,7 @@ research groups you should take a look at.
 * [Information Security Research Group, University College London](#ucl)
 * [Nick Hopper, University of Minnesota](#hopper)
 * [Cryptography, Security, and Privacy (CrySP) Research Group, University of 
Waterloo](#crysp)
+* [Center for Cybersecurity, Rochester Institute of Technology](#rit)
 * [Other groups](#other)
 * [Add your group](#add)
 
@@ -93,6 +94,18 @@ facility has 144 CPU cores and 12 TB of RAM.
 https://crysp.uwaterloo.ca/publications/;>Publications
 
 
+
+https://www.rit.edu/cybersecurity/;>Center for Cybersecurity, https://www.rit.edu/;>Rochester Institute of Technology
+
+LocationRochester, NY, USA
+Key PeopleDirected by https://sites.google.com/site/matthewkwright/;>Matthew Wright
+
+The group explores website fingerprinting attacks and defenses in Tor,
+primarily based on deep learning techniques.
+Additional Links
+https://github.com/deep-fingerprinting;>GitHub
+
+
 
 
 ## Other groups
@@ -100,7 +113,6 @@ facility has 144 CPU cores and 12 TB of RAM.
 *   [Nikita Borisov](http://www.hatswitch.org/~nikita/)'s group at Illinois.
 *   Micah Sherr's [SecLab](https://security.cs.georgetown.edu/) group at
 Georgetown.
-*   Matt Wright's [iSec](http://isec.uta.edu/) group at UTA.
 
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/master] UX fixes for groups and safetyboard pages

[irl]

commit c4b23e0486fb6c54572b1349a45c0834d851386a
Author: Iain R. Learmonth 
Date:   Thu May 2 18:56:47 2019 +0100

UX fixes for groups and safetyboard pages
---
 content/groups.md  | 14 ++
 content/safetyboard.md | 30 ++
 2 files changed, 28 insertions(+), 16 deletions(-)

diff --git a/content/groups.md b/content/groups.md
index abb5eee..2c0c2c0 100644
--- a/content/groups.md
+++ b/content/groups.md
@@ -15,6 +15,9 @@ research groups you should take a look at.
 * [Other groups](#other)
 * [Add your group](#add)
 
+
+
+
 
 https://www.nrl.navy.mil/itd/chacs/5543;>Traffic Security Group of the 
Formal Methods Section, https://www.nrl.navy.mil/;>U.S. Naval 
Research Laboratory
 
@@ -33,7 +36,9 @@ group.
 Additional links
 https://www.nrl.navy.mil/itd/chacs/publications;>Publications
 
+
 
+
 
 http://sec.cs.ucl.ac.uk/home/;>Information Security Research Group, 
http://www.cs.ucl.ac.uk/home/;>University College London
 
@@ -51,7 +56,9 @@ media.
 Additional links
 http://sec.cs.ucl.ac.uk/publications/;>Publications
 
+
 
+
 
 https://www-users.cs.umn.edu/~hoppernj/research.html;>Nick Hopper, https://www.umn.edu/;>University of Minnesota
 
@@ -74,7 +81,9 @@ fingerprinting attacks and possible mitigation strategies.
 Additional links
 https://www-users.cs.umn.edu/~hoppernj/publications.html;>Publications
 
+
 
+
 
 https://crysp.uwaterloo.ca/;>Cryptography, Security, and Privacy (CrySP) 
Research Group, https://uwaterloo.ca/;>University of 
Waterloo
 
@@ -93,7 +102,9 @@ facility has 144 CPU cores and 12 TB of RAM.
 Additional links
 https://crysp.uwaterloo.ca/publications/;>Publications
 
+
 
+
 
 https://www.rit.edu/cybersecurity/;>Center for Cybersecurity, https://www.rit.edu/;>Rochester Institute of Technology
 
@@ -105,6 +116,9 @@ primarily based on deep learning techniques.
 Additional Links
 https://github.com/deep-fingerprinting;>GitHub
 
+
+
+
 
 
 
diff --git a/content/safetyboard.md b/content/safetyboard.md
index a5f1806..742fec3 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -106,33 +106,31 @@ We are publishing safety board cases in this section, to 
help you craft your own
 
 2016-01: Studying reachability of Tor Browser's default bridges
 
-*   [request](/trsb/2016-01-request.txt)
-*   [questionnaire](/trsb/2016-01-questionnaire.txt)
-*   [questionnaire answers](/trsb/2016-01-questionnaire-answers.txt)
-*   [response](/trsb/2016-01-response.txt)
+Request
+Questionnaire
+Questionnaire Answers
+Response
 
 2016-02: [still anonymized during paper review]
 
 2016-03: Understanding "dark web" cultures and communities
 
-*   [request](/trsb/2016-03-request.txt)
-*   [response](/trsb/2016-03-response.txt)
+Request
+Response
 
 2017-01: [still anonymized during paper review]
 
 2017-02: Running HSDir relays to measure longevity of onion services
-
-*   [request](/trsb/2017-02-request.txt)
-*   [request pdf](/trsb/2017-02-request.pdf)
-*   [response](/trsb/2017-02-response.txt)
-*   [research project page](http://tor.ccs.neu.edu/)
+Request
+Request 
(PDF)
+Response
+http://tor.ccs.neu.edu/; class="badge badge-secondary">Website
 
 2017-03: Running middle relays to measure onion service popularity
-
-*   [request](/trsb/2017-03-request.txt)
-*   [response](/trsb/2017-03-response.txt)
-*   [research project page](https://onionpop.github.io/)
-*   [Accepted paper forthcoming at NDSS 2018]
+Request
+Response
+https://onionpop.github.io/; class="badge badge-secondary">Website
+https://www.freehaven.net/anonbib/#insidejob-ndss2018; class="badge 
badge-secondary">Publication
 
 2017-04: [under review]
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/staging] UX fixes for groups and safetyboard pages

[irl]

commit c4b23e0486fb6c54572b1349a45c0834d851386a
Author: Iain R. Learmonth 
Date:   Thu May 2 18:56:47 2019 +0100

UX fixes for groups and safetyboard pages
---
 content/groups.md  | 14 ++
 content/safetyboard.md | 30 ++
 2 files changed, 28 insertions(+), 16 deletions(-)

diff --git a/content/groups.md b/content/groups.md
index abb5eee..2c0c2c0 100644
--- a/content/groups.md
+++ b/content/groups.md
@@ -15,6 +15,9 @@ research groups you should take a look at.
 * [Other groups](#other)
 * [Add your group](#add)
 
+
+
+
 
 https://www.nrl.navy.mil/itd/chacs/5543;>Traffic Security Group of the 
Formal Methods Section, https://www.nrl.navy.mil/;>U.S. Naval 
Research Laboratory
 
@@ -33,7 +36,9 @@ group.
 Additional links
 https://www.nrl.navy.mil/itd/chacs/publications;>Publications
 
+
 
+
 
 http://sec.cs.ucl.ac.uk/home/;>Information Security Research Group, 
http://www.cs.ucl.ac.uk/home/;>University College London
 
@@ -51,7 +56,9 @@ media.
 Additional links
 http://sec.cs.ucl.ac.uk/publications/;>Publications
 
+
 
+
 
 https://www-users.cs.umn.edu/~hoppernj/research.html;>Nick Hopper, https://www.umn.edu/;>University of Minnesota
 
@@ -74,7 +81,9 @@ fingerprinting attacks and possible mitigation strategies.
 Additional links
 https://www-users.cs.umn.edu/~hoppernj/publications.html;>Publications
 
+
 
+
 
 https://crysp.uwaterloo.ca/;>Cryptography, Security, and Privacy (CrySP) 
Research Group, https://uwaterloo.ca/;>University of 
Waterloo
 
@@ -93,7 +102,9 @@ facility has 144 CPU cores and 12 TB of RAM.
 Additional links
 https://crysp.uwaterloo.ca/publications/;>Publications
 
+
 
+
 
 https://www.rit.edu/cybersecurity/;>Center for Cybersecurity, https://www.rit.edu/;>Rochester Institute of Technology
 
@@ -105,6 +116,9 @@ primarily based on deep learning techniques.
 Additional Links
 https://github.com/deep-fingerprinting;>GitHub
 
+
+
+
 
 
 
diff --git a/content/safetyboard.md b/content/safetyboard.md
index a5f1806..742fec3 100644
--- a/content/safetyboard.md
+++ b/content/safetyboard.md
@@ -106,33 +106,31 @@ We are publishing safety board cases in this section, to 
help you craft your own
 
 2016-01: Studying reachability of Tor Browser's default bridges
 
-*   [request](/trsb/2016-01-request.txt)
-*   [questionnaire](/trsb/2016-01-questionnaire.txt)
-*   [questionnaire answers](/trsb/2016-01-questionnaire-answers.txt)
-*   [response](/trsb/2016-01-response.txt)
+Request
+Questionnaire
+Questionnaire Answers
+Response
 
 2016-02: [still anonymized during paper review]
 
 2016-03: Understanding "dark web" cultures and communities
 
-*   [request](/trsb/2016-03-request.txt)
-*   [response](/trsb/2016-03-response.txt)
+Request
+Response
 
 2017-01: [still anonymized during paper review]
 
 2017-02: Running HSDir relays to measure longevity of onion services
-
-*   [request](/trsb/2017-02-request.txt)
-*   [request pdf](/trsb/2017-02-request.pdf)
-*   [response](/trsb/2017-02-response.txt)
-*   [research project page](http://tor.ccs.neu.edu/)
+Request
+Request 
(PDF)
+Response
+http://tor.ccs.neu.edu/; class="badge badge-secondary">Website
 
 2017-03: Running middle relays to measure onion service popularity
-
-*   [request](/trsb/2017-03-request.txt)
-*   [response](/trsb/2017-03-response.txt)
-*   [research project page](https://onionpop.github.io/)
-*   [Accepted paper forthcoming at NDSS 2018]
+Request
+Response
+https://onionpop.github.io/; class="badge badge-secondary">Website
+https://www.freehaven.net/anonbib/#insidejob-ndss2018; class="badge 
badge-secondary">Publication
 
 2017-04: [under review]
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit f035486243b95a7426bfe0f7e281ead7a4026fb8
Author: Translation commit bot 
Date:   Thu May 2 17:45:55 2019 +

Update translations for https_everywhere
---
 tr/https-everywhere.dtd | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tr/https-everywhere.dtd b/tr/https-everywhere.dtd
index 53bdd3d2f..082bc565c 100644
--- a/tr/https-everywhere.dtd
+++ b/tr/https-everywhere.dtd
@@ -7,13 +7,13 @@
 
 
 
-
-
-
-
-
-
-
+
+
+
+
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/support-portal] Update translations for support-portal

[translation]

commit 1231b8b7f43dc000687a5cc1680a4144e4617f32
Author: Translation commit bot 
Date:   Thu May 2 17:20:52 2019 +

Update translations for support-portal
---
 contents+fr.po | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/contents+fr.po b/contents+fr.po
index 199bc0a1e..50b908753 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -320,8 +320,8 @@ msgid ""
 "Digital signature is a process ensuring that a certain package was generated"
 " by its developers and has not been tampered with."
 msgstr ""
-"Une signature numérique est un processus qui ensure qu´un certain paquet 
est"
-" bien généré par ces dévellopeurs et n´a pas été modifié."
+"La signature numérique est un processus qui garantit qu’un paquet précis 
a "
+"été généré par ses développeurs et n’a pas été altéré."
 
 #: https//support.torproject.org/tbb/how-to-verify-signature/
 #: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [research-web/staging] Sync tech reports

[irl]

commit 8e916f7f995b5bd74d0bb27e7948b3daf29cdaf0
Author: Iain R. Learmonth 
Date:   Thu May 2 18:18:23 2019 +0100

Sync tech reports
---
 content/techreports.html |  10 ++
 static/techreports/metrics-evaluation-2019-03-25.pdf | Bin 0 -> 330531 bytes
 static/techreports_bib.html  |  14 +-
 techreports.bib  |  10 ++
 techreports.html |  10 ++
 5 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/content/techreports.html b/content/techreports.html
index c1e210c..9dad358 100644
--- a/content/techreports.html
+++ b/content/techreports.html
@@ -13,6 +13,16 @@ aliases:
 
 
 
+
+
+IainR. Learmonth and Karsten Loesing.
+ Tor metrics data collection, aggregation, and presentation.
+ Technical Report 2019-03-001, The Tor Project, March 2019.
+[bib| 
+https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf;>.pdf]
+
+
+
 
 
 IainR. Learmonth and Karsten Loesing.
diff --git a/static/techreports/metrics-evaluation-2019-03-25.pdf 
b/static/techreports/metrics-evaluation-2019-03-25.pdf
new file mode 100644
index 000..b0a89e2
Binary files /dev/null and 
b/static/techreports/metrics-evaluation-2019-03-25.pdf differ
diff --git a/static/techreports_bib.html b/static/techreports_bib.html
index dced0e7..733709a 100644
--- a/static/techreports_bib.html
+++ b/static/techreports_bib.html
@@ -1,4 +1,16 @@
-techreports.bib
+techreports.bib
+@techreport{tor-2019-03-001,
+  author = {Iain R. Learmonth and Karsten Loesing},
+  title = {{Tor} Metrics Data Collection, Aggregation, and Presentation},
+  institution = {The Tor Project},
+  number = {2019-03-001},
+  year = {2019},
+  month = {March},
+  url = 
{https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf}
+}
+
+
+
 @techreport{tor-2018-12-001,
   author = {Iain R. Learmonth and Karsten Loesing},
   title = {Towards Modernising Data Collection and Archive for the {Tor} 
Network},
diff --git a/techreports.bib b/techreports.bib
index 7e0a90e..0f22e01 100644
--- a/techreports.bib
+++ b/techreports.bib
@@ -1,3 +1,13 @@
+@techreport{tor-2019-03-001,
+  author = {Iain R. Learmonth and Karsten Loesing},
+  title = {{Tor} Metrics Data Collection, Aggregation, and Presentation},
+  institution = {The Tor Project},
+  number = {2019-03-001},
+  year = {2019},
+  month = {March},
+  url = 
{https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf}
+}
+
 @techreport{tor-2018-12-001,
   author = {Iain R. Learmonth and Karsten Loesing},
   title = {Towards Modernising Data Collection and Archive for the {Tor} 
Network},
diff --git a/techreports.html b/techreports.html
index 3132b85..dde8e34 100644
--- a/techreports.html
+++ b/techreports.html
@@ -7,6 +7,16 @@
 
 
 
+
+
+IainR. Learmonth and Karsten Loesing.
+ Tor metrics data collection, aggregation, and presentation.
+ Technical Report 2019-03-001, The Tor Project, March 2019.
+[bib| 
+https://research.torproject.org/techreports/metrics-evaluation-2019-03-25.pdf;>.pdf]
+
+
+
 
 
 IainR. Learmonth and Karsten Loesing.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 037267c54c1f7ea9626437f669eba98290ac7068
Author: Translation commit bot 
Date:   Thu May 2 17:16:02 2019 +

Update translations for https_everywhere_completed
---
 es/https-everywhere.dtd | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/es/https-everywhere.dtd b/es/https-everywhere.dtd
index 26335a279..d511667e1 100644
--- a/es/https-everywhere.dtd
+++ b/es/https-everywhere.dtd
@@ -7,8 +7,14 @@
 
 
 
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -37,6 +43,9 @@
 
 
 
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit dcdfc1a45b521753c9efd02a7bb9e9b4c028376d
Author: Translation commit bot 
Date:   Thu May 2 17:15:55 2019 +

Update translations for https_everywhere
---
 es/https-everywhere.dtd | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/es/https-everywhere.dtd b/es/https-everywhere.dtd
index 89c797e61..d511667e1 100644
--- a/es/https-everywhere.dtd
+++ b/es/https-everywhere.dtd
@@ -7,14 +7,14 @@
 
 
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
 
 
 
@@ -43,9 +43,9 @@
 
 
 
-
-
-
+
+
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tba-torbrowserstringsdtd] pulling translations from transifex

[translation]

commit 342ecc5cd2ec2b0c3004fc64e0cef3956831675e
Author: Translation commit bot 
Date:   Thu May 2 15:33:07 2019 +

pulling translations from transifex
---
 ca/torbrowser_strings.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ca/torbrowser_strings.dtd b/ca/torbrowser_strings.dtd
index f3439a6d1..0add4c570 100644
--- a/ca/torbrowser_strings.dtd
+++ b/ca/torbrowser_strings.dtd
@@ -26,7 +26,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor_outreach_md_completed] Update translations for tor_outreach_md_completed

[translation]

commit 67fec3e724fdf749eae9d7797ccae65b2d8ca2d8
Author: Translation commit bot 
Date:   Thu May 2 15:20:43 2019 +

Update translations for tor_outreach_md_completed
---
 tor-outreach2019-2020-pt_PT.md | 162 +
 1 file changed, 162 insertions(+)

diff --git a/tor-outreach2019-2020-pt_PT.md b/tor-outreach2019-2020-pt_PT.md
new file mode 100644
index 0..03c937d97
--- /dev/null
+++ b/tor-outreach2019-2020-pt_PT.md
@@ -0,0 +1,162 @@
+# Tor: Material de Divulgação 2019-2020
+
+# 1. TOR PARA PRIVACIDADE
+
+### Privacidade é um direito humano
+
+Tal como muitos de nós, Aleisha passa grande parte de seu tempo online -- 
conectando-se a amigos, publicando nas médias sociais e navegando na web.
+
+Mas, recentemente, ela observou que os anúncios publicitários relacionados à
s suas pesquisas anteriores têm-na perseguido por toda parte na sua vida 
online.
+
+Ela sente-se tão invadida que, ao fazer uma pesquisa online sobre anúncios 
na Internet, descobre que não só os anunciantes a perseguem, mas também o 
seu fornecedor de serviços de Internet, as empresas de analíticas web, as 
plataformas de médias sociais e muito mais.
+
+Aleisha então decide que deseja encontrar e usar um programa que não recolha 
os seus dados, não a persiga e não partilhe com outros serviços nenhum dado 
privado a seu respeito.
+
+Ela comparece a um treino de privacidade num espaço de hacker na sua cidade e 
descobre o "Tor Browser", o único navegador web que lhe permite navegar de 
forma anónima.
+
+---
+
+# 2.TOR PARA FEMINISTAS
+
+### O futuro é ciberfeminista
+
+Fernanda dirige um coletivo de mulheres sobre direitos de reprodução no 
Brasil, país onde o aborto é ilegal.
+
+Fernanda e as suas colegas criaram um site com informações sobre o acesso 
aos serviços de aborto, controlo da natalidade e outros recursos para pessoas 
em busca informação de reprodução.
+
+Se este site estivesse ligado a elas, elas poderiam ser presas - ou pior.
+
+Para proteger-se, Fernanda e as suas colegas criaram o seu site usando os 
**Serviços Onion** do Tor não apenas para protegerem-se de serem descobertas 
como as operadoras do servidor, mas também para ajudar a proteger os 
visitantes do site ao tornar obrigatório o uso do Tor Browser.
+
+De facto, Fernanda usa o **Tor Browser** para toda a sua navegação na web, 
só para garantir a sua segurança.
+
+Ela também usa uma aplicação com tecnologia do Tor chamada **OnionShare** 
para enviar ficheiros a outros ativistas de forma privada e segura.
+
+### Os ativistas dos direitos de reprodução como Fernanda estão a lutar por 
liberdades fundamentais, e o Tor ajuda a potenciar as suas resistências.
+
+---
+
+# 3. TOR PARA OS DIREITOS HUMANOS
+
+### Água é vida
+
+Jelani vive numa pequena aldeia cortada por um rio.
+
+Esse rio forneceu água para a sua comunidade desde os dias dos seus 
ancestrais.
+
+Mas hoje, o rio de Jelani está ameaçado por poderosas empresas 
multinacionais que perfuram a sua região em busca de petróleo.
+
+Empresas particulares de segurança, pagas por essas empresas, usam poderosos 
mecanismos de vigilância para monitorizar as atividades online de Jelani e dos 
seus vizinhos da aldeia que estão a organizarem-se para proteger o seu rio.
+
+Jelani usa o **Tor Browser** para evitar que essas empresas observem suas as 
visitas a sites internacionais de proteção aos direitos humanos e de auxílio 
jurídico e escreve artigos em blogues sobre o movimento de resistência na sua 
aldeia.
+
+Ela também usa o **OnionShare** e o **SecureDrop** para enviar em segurança 
documentos para jornalistas que estão a ajudar a expor essas violações de 
direitos humanos.
+
+Todos estes programas usam o Tor para ajudar a proteger a privacidade de 
Jelani.
+
+### Os ativistas de direitos humanos como Jelani lutam por justiça nas suas 
comunidades e o Tor ajuda a potenciar a sua resistência.
+
+---
+
+# 4. TOR CONTRA A CENSURA
+
+### Construa pontes, não muros.
+
+Jean estava a viajar pela primeira vez num país distante da sua família.
+
+Ao chegar ao hotel, abriu o seu computador portátil.
+
+Ele sentia-se tão exausto que quando a mensagem "O limite de tempo da 
conexão expirou" apareceu pela primeira vez no seu navegador de Internet, ele 
pensou que fosse devido a um erro dele.
+
+Mas, após tentar de novo, e de novo, ele percebeu que o seu fornecedor de 
email, um site de notícias e muitas aplicações estavam indisponíveis.
+
+Ele ouvira dizer que esse país censurava a Internet e questionou-se se era 
isto que estava a acontecer.
+Como poderia contactar a sua família por trás dessa muralha impenetrável?
+Após fazer algumas pesquisas na Internet, encontrou um fórum onde leu sobre 
VPNs, serviços de privacidade que permitem que se conecte a outras redes não 
censuradas.
+
+Jean gastou cerca de meia hora a tentar descobrir qual das opções de VPN de 
baixo custo era a melhor.
+

[tor-commits] [torspec/master] fixup! prop289: Spec out the new SENDME cell payload

[asn]

commit b4dbcf0011c80cba37a6ef969a36b0c48960ab0b
Author: David Goulet 
Date:   Thu Mar 7 11:03:29 2019 -0500

fixup! prop289: Spec out the new SENDME cell payload
---
 proposals/289-authenticated-sendmes.txt | 14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/proposals/289-authenticated-sendmes.txt 
b/proposals/289-authenticated-sendmes.txt
index df5226b..19c3b84 100644
--- a/proposals/289-authenticated-sendmes.txt
+++ b/proposals/289-authenticated-sendmes.txt
@@ -242,15 +242,15 @@ Status: Open
 
   0x01: Authenticated SENDME. The DATA section should contain:
 
- DIGEST   [4 bytes]
+ DIGEST   [20 bytes]
 
-  If the DATA_LEN value is less then 4 bytes, the cell should be dropped
-  and the circuit closed. If the value is more than 4 bytes, then the
-  first 4 bytes should be read to get the correct value.
+ If the DATA_LEN value is less then 4 bytes, the cell should be
+ dropped and the circuit closed. If the value is more than 4 bytes,
+ then the first 20 bytes should be read to get the correct value.
 
-  The DIGEST is the digest value from the cell that triggered this SENDME
-  as mentionned above. This value is matched on the other side from the
-  previous cell.
+ The DIGEST is the digest value from the cell that triggered this
+ SENDME as mentionned above. This value is matched on the other side
+ from the previous cell.
 
If a VERSION is unrecognized, the SENDME cell should be treated as version
0 meaning the payload is ignored.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] prop289: Rewrite the Deployment Plan section

[asn]

commit 81ec28177b01c91c6b1a6ac691ef33c7a9fe2754
Author: David Goulet 
Date:   Thu Jan 10 14:18:35 2019 -0500

prop289: Rewrite the Deployment Plan section

Split it into subsection for clarity. Add a new subsection describing the
addition of a new protover value.

This patch removes a paragraph that states the obvious with "We'll need to
do a bunch of testing". It is nice but also huge part of our development
work flow so no need for it in the proposal.

Signed-off-by: David Goulet 
---
 proposals/289-authenticated-sendmes.txt | 129 +++-
 1 file changed, 111 insertions(+), 18 deletions(-)

diff --git a/proposals/289-authenticated-sendmes.txt 
b/proposals/289-authenticated-sendmes.txt
index 07258ef..df5226b 100644
--- a/proposals/289-authenticated-sendmes.txt
+++ b/proposals/289-authenticated-sendmes.txt
@@ -302,21 +302,61 @@ Status: Open
 
 4. Deployment Plan
 
-   In phase one, both sides begin remembering their expected digests,
-   and they learn how to parse sendme payloads. When they receive a
-   sendme with payload version 1, they verify its digest and tear down
-   the circuit if it's wrong. But they continue to send and accept
-   payload version 0 sendmes.
+   This section describes how we will be able to deploy this new mechanism on
+   the network.
 
-   In phase two, we flip a switch in the consensus, and everybody starts
-   sending payload version 1 sendmes. Payload version 0 sendmes are still
-   accepted. The newly proposed consensus parameter to achieve this is:
+   Alas, this deployment plan leaves a pretty large window until relays are
+   protected from attack. It's not all bad news though, since we could flip
+   the switches earlier than intended if we encounter a network-wide attack.
+
+   There are 5 phases to this plan and detailed in the subsections.
+
+4.1. Phase One - Remembering Digests
+
+   Both sides begin remembering their expected digests, and they learn how to
+   parse sendme version 1 payloads. When they receive a version 1 SENDME, they
+   verify its digest and tear down the circuit if it's wrong. But they
+   continue to send and accept payload version 0 sendmes.
+
+4.2. Phase Two - Sending Version 1
+
+   We flip a switch in the consensus, and everybody starts sending payload
+   version 1 sendmes. Payload version 0 sendmes are still accepted. The newly
+   proposed consensus parameter to achieve this is:
 
   "sendme_emit_min_version" - Minimum SENDME version that can be sent.
 
-   In phase three, we flip a different switch in the consensus, and
-   everybody starts refusing payload version 0 sendmes. The newly proposed
-   consensus parameter to achieve this is:
+4.3. Phase Three - Protover
+
+   On phase four (section 4.4), the new consensus parameter that tells us
+   which minimum version to accept, once flipped to version 1, has the
+   consequence of making every tor not supporting that version to fail to
+   operate on the network. It goes as far as unable to download a consensus.
+
+   It is essentially a "false-kill" switch because tor will still run but will
+   simply not work. It will retry over and over to download a consensus. In
+   order to help us transition before only accepting v1 on the network, a new
+   protover value is proposed (see section 9 of tor-spec.txt for protover
+   details).
+
+   Tor clients and relays that don't support this protover version from the
+   consensus "required-client-protocols" or "required-relay-protocols" lines
+   will exit and thus not try to join the network. Here is the proposed value:
+
+ "FlowCtrl"
+
+ Describes the flow control protocol at the circuit and stream level. If
+ there is no FlowCtrl protocol version, tor supports the unauthenticated
+ flow control features from its supported Relay protocols.
+
+   "1" -- supports authenticated circuit level SENDMEs as of proposal
+  289 in Tor 0.4.1.1-alpha.
+
+4.4. Phase Four - Accepting Version 1
+
+   We flip a different switch in the consensus, and everybody starts refusing
+   payload version 0 sendmes. The newly proposed consensus parameter to
+   achieve this is:
 
   "sendme_accept_min_version" - Minimum SENDME version that is accepted.
 
@@ -324,14 +364,66 @@ Status: Open
otherwise we'd have a race where relays learn about the update before
clients know to start the new behavior.)
 
-   We'll want to do a bunch of testing in chutney before flipping the
-   switches in the real network: I've long suspected we still have bugs
-   in our sendme timing, and this proposal might expose some of them.
+   Phase three will shutdown every clients that understand protover. However,
+   one important case remains which is when a client not supporting verison 1
+   boots up for the first time (no consensus).
+
+   It won't be able to download a consensus and thus know that it can't join
+   the network making it re-try over and over again. To avoid 

[tor-commits] [tpo/master] add new navigation string to ghost post for translation

[emmapeel]

commit 2f37ef98daf42d30fd1bdd0d1da3949996b30238
Author: emma peel 
Date:   Thu May 2 17:19:56 2019 +0200

add new navigation string to ghost post for translation
---
 content/menu/contents.lr | 1 +
 1 file changed, 1 insertion(+)

diff --git a/content/menu/contents.lr b/content/menu/contents.lr
index 34edc58..105278d 100644
--- a/content/menu/contents.lr
+++ b/content/menu/contents.lr
@@ -14,3 +14,4 @@ Support
 Jobs
 Blog
 Donate
+Donate Now

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor_outreach_md] Update translations for tor_outreach_md

[translation]

commit 4ed150cd4f24c8655dfd6e9ed8a816a1a97fcdc9
Author: Translation commit bot 
Date:   Thu May 2 15:20:38 2019 +

Update translations for tor_outreach_md
---
 tor-outreach2019-2020-pt_PT.md | 72 +-
 1 file changed, 36 insertions(+), 36 deletions(-)

diff --git a/tor-outreach2019-2020-pt_PT.md b/tor-outreach2019-2020-pt_PT.md
index 149ea182a..03c937d97 100644
--- a/tor-outreach2019-2020-pt_PT.md
+++ b/tor-outreach2019-2020-pt_PT.md
@@ -86,77 +86,77 @@ Quando ele abriu o **Tor Browser**, seguiu as instruções 
para utilizadores cen
 
 Com o Tor Browser, Jean pôde navegar livremente e com privacidade, entrando 
em contacto com a sua família.
 
-### Censored users all over the world rely on Tor Browser for a free, stable, 
and uncensored way to access the internet.
+### Os utilizadores censurados à volta do mundo contam com o Tor Browser como 
um meio estável e livre de censura para aceder à Internet.
 
 ---
 
-# 5. Shared Sections
+# 5. Secções partilhadas
 
-## What is Tor?
+## O que é o Tor?
 
-Tor is free software and an open network that helps protect you from tracking, 
surveillance, and censorship online.
-Tor is created for free by a 501(c)3 U.S.-based nonprofit called the Tor 
Project. 
+O Tor é um software livre e uma rede aberta que ajuda a protegê-lo contra 
rastreamento, vigilância e censura online.
+O Tor é uma criação distribuída gratuitamente por uma organização sem 
fins lucrativos registada nos Estados Unidos da América na categoria 501(c)3 
chamada Tor Project.
 
-The easiest way to use Tor is Tor Browser.
-When you use Tor Browser, no one can see what websites you visit or where in 
the world you’re coming from. 
+O meio mais fácil de utilizar o Tor é o Tor Browser.
+Quando usa o Tor Browser, ninguém pode ver que sites visita nem em que lugar 
do mundo está.
 
-Other applications, like SecureDrop and OnionShare, use Tor to protect their 
users against surveillance and censorship.
+Outras aplicações como o SecureDrop ou o OnionShare usam o Tor para proteger 
os seus utilizadores da vigilância e censura.
 
 
-## 6. How does Tor work?
+## 6. Como funciona o Tor?
 
-Amal wants to visit Bekele’s website privately, so she opens Tor Browser.
+Amal quer privacidade para visitar o site de Bekele e, assim, ela abre o Tor 
Browser.
 
-Tor Browser selects a random circuit of three relays, which are computers all 
over the world configured to route traffic over the Tor network.
+O Tor Browser seleciona um circuito aleatório de três retransmissores, os 
quais são computadores espalhados em redor do mundo configurados para rotear 
todo o seu tráfego pela rede Tor.
 
-Tor Browser then encrypts her website request three times and sends it to the 
first Tor relay in her circuit.
+O Tor Browser então encripta o seu pedido ao site desejado três vezes e 
envia esse pedido ao primeiro retransmissor Tor do seu circuito.
 
-The first relay removes the first encryption layer but doesn't learn that the 
destination is Bekele’s website.
+O primeiro retransmissor remove a primeira camada de encriptação mas não 
sabe que o site de destino é o de Bekele.
 
-The first relay learns only the next location in the circuit, which is the 
second relay.
+O primeiro retransmissor sabe apenas a próxima localização do circuito, que 
é o segundo retransmissor.
 
-The second relay removes another encryption layer and forwards the web page 
request to the third relay.
+O segundo retransmissor remove outra camada de encriptação e encaminha o 
pedido da página web ao terceiro retransmissor.
 
-The third relay removes the last encryption layer and forwards the web page 
request to its destination, Bekele’s website, but it doesn't know the request 
comes from Amal.
+O terceiro retransmissor remove a última camada de encriptação e encaminha 
o pedido da página web ao seu destino, isto é, o site de Bekele, mas não 
sabe que o pedido é proveniente de Amal.
 
-Bekele doesn't know that the website request came from Amal unless she tells 
him so.
+Bekele não sabe que o pedido ao seu site veio de Amal, a não ser que ela o 
informe disso.
 
-## 7. Who uses Tor? 
+## 7. Quem usa o Tor?
 
-People all over the world use Tor to protect their privacy and access the web 
freely.
+As pessoas em redor do mundo usam o Tor para proteger a sua privacidade e 
aceder à Internet livremente.
 
-Tor helps protect journalists, human rights defenders, domestic violence 
victims, academic researchers, and anyone experiencing tracking, censorship, or 
surveillance. 
+O Tor ajuda a proteger jornalistas, ativistas de direitos humanos, 
investigadores académicos, assim como qualquer pessoa que seja alvo de 
rastreamento, censura ou vigilância.
 
-## 6. Why trust Tor?
+## 6. Porquê confiar no Tor?
 
-Tor is designed for privacy. We don’t know who our users are, and we don't 
keep logs of user activity.
+O Tor foi desenvolvido para a privacidade. Nós não 

[tor-commits] [torspec/master] prop289: Add the new consensus params

[asn]

commit 5ac8a2bbd1f7a55542dd97358d123f7290b62dcb
Author: David Goulet 
Date:   Thu Jan 10 13:57:00 2019 -0500

prop289: Add the new consensus params

Spec out the new consensus parameters in the proposal.

Signed-off-by: David Goulet 
---
 proposals/289-authenticated-sendmes.txt | 11 ---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/proposals/289-authenticated-sendmes.txt 
b/proposals/289-authenticated-sendmes.txt
index 3ec7fd6..07258ef 100644
--- a/proposals/289-authenticated-sendmes.txt
+++ b/proposals/289-authenticated-sendmes.txt
@@ -309,11 +309,16 @@ Status: Open
payload version 0 sendmes.
 
In phase two, we flip a switch in the consensus, and everybody starts
-   sending payload version 1 sendmes. Payload version 0 sendmes are
-   still accepted.
+   sending payload version 1 sendmes. Payload version 0 sendmes are still
+   accepted. The newly proposed consensus parameter to achieve this is:
+
+  "sendme_emit_min_version" - Minimum SENDME version that can be sent.
 
In phase three, we flip a different switch in the consensus, and
-   everybody starts refusing payload version 0 sendmes.
+   everybody starts refusing payload version 0 sendmes. The newly proposed
+   consensus parameter to achieve this is:
+
+  "sendme_accept_min_version" - Minimum SENDME version that is accepted.
 
(It has to be two separate switches, not one unified one, because
otherwise we'd have a race where relays learn about the update before



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Merge remote-tracking branch 'dgoulet/ticket26288_01'

[asn]

commit e1ad77e2a1291b02ec099bfec89b1e9751e2ab95
Merge: 8685ffa b4dbcf0
Author: George Kadianakis 
Date:   Thu May 2 18:19:33 2019 +0300

Merge remote-tracking branch 'dgoulet/ticket26288_01'

 proposals/289-authenticated-sendmes.txt | 174 +++-
 1 file changed, 146 insertions(+), 28 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] prop289: Spec out the new SENDME cell payload

[asn]

commit 0713f2b4cbdeed5052f5b11f42912eff73a49d2a
Author: David Goulet 
Date:   Mon Jan 7 16:42:27 2019 -0500

prop289: Spec out the new SENDME cell payload

Signed-off-by: David Goulet 
---
 proposals/289-authenticated-sendmes.txt | 42 -
 1 file changed, 31 insertions(+), 11 deletions(-)

diff --git a/proposals/289-authenticated-sendmes.txt 
b/proposals/289-authenticated-sendmes.txt
index e7605dc..3ec7fd6 100644
--- a/proposals/289-authenticated-sendmes.txt
+++ b/proposals/289-authenticated-sendmes.txt
@@ -223,17 +223,37 @@ Status: Open
(100) has arrived. So the client should use the digest from the cell
that triggers the sendme.
 
-   How shall we version the sendme payload so we can change the format of
-   it later? Right now sendme payloads are empty. Here's a simple design:
-   we use five bytes in the payload, where the first byte indicates the
-   sendme payload version (0 in the original design, and 1 once we've
-   implemented this proposal), and the rest of the payload is formatted
-   based on the payload version number: in this case, it's simply the
-   four bytes of digest.
-
-   Is there a better way to version the payload, e.g. a way that is
-   already standard in other parts of the design, so we aren't adding
-   a new paint color to keep track of on the bike shed?
+   In order to achieve this, we need to version the SENDME cell so we can
+   differentiate the original protocol versus the new authenticated cell.
+   Right now, the SENDME payload is empty which translate to a version value
+   of 0 with this proposed change. The version to achieve authenticated
+   SENDMEs of this proposal would be 1.
+
+   The SENDME cell payload would contain the following:
+
+  VERSION [1 byte]
+  DATA_LEN[2 bytes]
+  DATA[DATA_LEN bytes]
+
+   The VERSION tells us what is expected in the DATA section of length
+   DATA_LEN. The recognized values are:
+
+  0x00: The rest of the payload should be ignored.
+
+  0x01: Authenticated SENDME. The DATA section should contain:
+
+ DIGEST   [4 bytes]
+
+  If the DATA_LEN value is less then 4 bytes, the cell should be dropped
+  and the circuit closed. If the value is more than 4 bytes, then the
+  first 4 bytes should be read to get the correct value.
+
+  The DIGEST is the digest value from the cell that triggered this SENDME
+  as mentionned above. This value is matched on the other side from the
+  previous cell.
+
+   If a VERSION is unrecognized, the SENDME cell should be treated as version
+   0 meaning the payload is ignored.
 
 3.2. Verifying the sendme payload
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] practracker: Update exceptions for #26288

[asn]

commit 535ba0d7c58c681af8251d0133b33dc5f787fb2f
Author: David Goulet 
Date:   Mon Apr 29 12:27:53 2019 -0400

practracker: Update exceptions for #26288

Signed-off-by: David Goulet 
---
 scripts/maint/practracker/exceptions.txt | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/scripts/maint/practracker/exceptions.txt 
b/scripts/maint/practracker/exceptions.txt
index 37f11bb44..f8bb2bd37 100644
--- a/scripts/maint/practracker/exceptions.txt
+++ b/scripts/maint/practracker/exceptions.txt
@@ -85,7 +85,7 @@ problem function-size 
/src/core/or/circuitbuild.c:circuit_extend() 147
 problem function-size 
/src/core/or/circuitbuild.c:choose_good_exit_server_general() 206
 problem include-count /src/core/or/circuitlist.c 54
 problem function-size /src/core/or/circuitlist.c:HT_PROTOTYPE() 128
-problem function-size /src/core/or/circuitlist.c:circuit_free_() 137
+problem function-size /src/core/or/circuitlist.c:circuit_free_() 143
 problem function-size /src/core/or/circuitlist.c:circuit_find_to_cannibalize() 
102
 problem function-size /src/core/or/circuitlist.c:circuit_about_to_free() 120
 problem function-size /src/core/or/circuitlist.c:circuits_handle_oom() 117
@@ -102,8 +102,8 @@ problem function-size 
/src/core/or/circuituse.c:circuit_get_open_circ_or_launch(
 problem function-size 
/src/core/or/circuituse.c:connection_ap_handshake_attach_circuit() 244
 problem function-size /src/core/or/command.c:command_process_create_cell() 156
 problem function-size /src/core/or/command.c:command_process_relay_cell() 132
-problem file-size /src/core/or/connection_edge.c 4575
-problem include-count /src/core/or/connection_edge.c 64
+problem file-size /src/core/or/connection_edge.c 4595
+problem include-count /src/core/or/connection_edge.c 65
 problem function-size 
/src/core/or/connection_edge.c:connection_ap_expire_beginning() 117
 problem function-size 
/src/core/or/connection_edge.c:connection_ap_handshake_rewrite() 192
 problem function-size 
/src/core/or/connection_edge.c:connection_ap_handle_onion() 188
@@ -122,11 +122,11 @@ problem function-size 
/src/core/or/policies.c:policy_summarize() 107
 problem function-size /src/core/or/protover.c:protover_all_supported() 116
 problem file-size /src/core/or/relay.c 3173
 problem function-size /src/core/or/relay.c:circuit_receive_relay_cell() 123
-problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 101
+problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 112
 problem function-size 
/src/core/or/relay.c:connection_ap_process_end_not_open() 194
 problem function-size 
/src/core/or/relay.c:connection_edge_process_relay_cell_not_open() 139
 problem function-size 
/src/core/or/relay.c:connection_edge_process_relay_cell() 520
-problem function-size /src/core/or/relay.c:connection_edge_package_raw_inbuf() 
130
+problem function-size /src/core/or/relay.c:connection_edge_package_raw_inbuf() 
132
 problem function-size 
/src/core/or/relay.c:circuit_resume_edge_reading_helper() 148
 problem function-size /src/core/or/scheduler_kist.c:kist_scheduler_run() 171
 problem function-size /src/core/or/scheduler_vanilla.c:vanilla_scheduler_run() 
109



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Better function names

[asn]

commit 0d8b9b56c5332b8f0205f460d0b23bb7f5620eff
Author: David Goulet 
Date:   Mon Apr 29 11:38:11 2019 -0400

sendme: Better function names

From nickm's review, improve the names of some functions.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c |  8 
 src/core/or/relay.c|  2 +-
 src/core/or/sendme.c   | 10 +-
 src/core/or/sendme.h   |  8 
 src/test/test_sendme.c | 18 +-
 5 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index 3a6dad4b1..5be45d6c7 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -154,8 +154,8 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell,
 *layer_hint = thishop;
 /* This cell is for us. Keep a record of this cell because we will
  * use it in the next SENDME cell. */
-if (sendme_circuit_is_next_cell(thishop->deliver_window)) {
-  sendme_circuit_note_inbound_cell(thishop);
+if (sendme_circuit_cell_is_next(thishop->deliver_window)) {
+  sendme_circuit_record_inbound_cell(thishop);
 }
 return 0;
   }
@@ -230,8 +230,8 @@ relay_encrypt_cell_inbound(cell_t *cell,
 
   /* We are about to send this cell outbound on the circuit. Keep a record of
* this cell if we are expecting that the next cell is a SENDME. */
-  if (sendme_circuit_is_next_cell(TO_CIRCUIT(or_circ)->package_window)) {
-sendme_circuit_note_outbound_cell(or_circ);
+  if (sendme_circuit_cell_is_next(TO_CIRCUIT(or_circ)->package_window)) {
+sendme_circuit_record_outbound_cell(or_circ);
   }
 
   /* encrypt one layer */
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index d273facd5..1b2aafb86 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -701,7 +701,7 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
* we need to. This call needs to be after the circuit_package_relay_cell()
* because the cell digest is set within that function. */
   if (relay_command == RELAY_COMMAND_DATA) {
-sendme_note_cell_digest(circ);
+sendme_record_cell_digest(circ);
   }
 
   return 0;
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index b65f30ba9..ff58c1489 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -294,7 +294,7 @@ send_circuit_level_sendme(circuit_t *circ, crypt_path_t 
*layer_hint,
 /** Keep the current inbound cell digest for the next SENDME digest. This part
  * is only done by the client as the circuit came back from the Exit. */
 void
-sendme_circuit_note_outbound_cell(or_circuit_t *or_circ)
+sendme_circuit_record_outbound_cell(or_circuit_t *or_circ)
 {
   tor_assert(or_circ);
   relay_crypto_record_sendme_digest(_circ->crypto);
@@ -303,7 +303,7 @@ sendme_circuit_note_outbound_cell(or_circuit_t *or_circ)
 /** Keep the current inbound cell digest for the next SENDME digest. This part
  * is only done by the client as the circuit came back from the Exit. */
 void
-sendme_circuit_note_inbound_cell(crypt_path_t *cpath)
+sendme_circuit_record_inbound_cell(crypt_path_t *cpath)
 {
   tor_assert(cpath);
   relay_crypto_record_sendme_digest(>crypto);
@@ -316,7 +316,7 @@ sendme_circuit_note_inbound_cell(crypt_path_t *cpath)
  * one cell (the possible SENDME cell) should be a multiple of the increment
  * window value. */
 bool
-sendme_circuit_is_next_cell(int window)
+sendme_circuit_cell_is_next(int window)
 {
   /* Is this the last cell before a SENDME? The idea is that if the package or
* deliver window reaches a multiple of the increment, after this cell, we
@@ -578,7 +578,7 @@ sendme_note_stream_data_packaged(edge_connection_t *conn)
 /* Note the cell digest in the circuit sendme last digests FIFO if applicable.
  * It is safe to pass a circuit that isn't meant to track those digests. */
 void
-sendme_note_cell_digest(circuit_t *circ)
+sendme_record_cell_digest(circuit_t *circ)
 {
   const uint8_t *digest;
 
@@ -592,7 +592,7 @@ sendme_note_cell_digest(circuit_t *circ)
   /* Is this the last cell before a SENDME? The idea is that if the
* package_window reaches a multiple of the increment, after this cell, we
* should expect a SENDME. */
-  if (!sendme_circuit_is_next_cell(circ->package_window)) {
+  if (!sendme_circuit_cell_is_next(circ->package_window)) {
 return;
   }
 
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index 5889b41e9..78273eb9a 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -35,12 +35,12 @@ int sendme_note_circuit_data_packaged(circuit_t *circ,
 int sendme_note_stream_data_packaged(edge_connection_t *conn);
 
 /* Track cell digest. */
-void sendme_note_cell_digest(circuit_t *circ);
-void sendme_circuit_note_inbound_cell(crypt_path_t *cpath);
-void sendme_circuit_note_outbound_cell(or_circuit_t *or_circ);
+void 

[tor-commits] [tor/master] sendme: Helper to know if next cell is a SENDME

[asn]

commit 7c8e519b3452ce3eb3d3c854d80be5b7e49164b4
Author: David Goulet 
Date:   Wed Apr 24 10:25:29 2019 -0400

sendme: Helper to know if next cell is a SENDME

We'll use it this in order to know when to hash the cell for the SENDME
instead of doing it at every cell.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 25 -
 src/core/or/sendme.h |  3 +++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 3dcd9df08..c66e947bc 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -286,6 +286,29 @@ send_circuit_level_sendme(circuit_t *circ, crypt_path_t 
*layer_hint,
   return 0;
 }
 
+/*
+ * Public API
+ */
+
+/** Return true iff the next cell for the given cell window is expected to be
+ * a SENDME.
+ *
+ * We are able to know that because the package or deliver window value minus
+ * one cell (the possible SENDME cell) should be a multiple of the increment
+ * window value. */
+bool
+sendme_circuit_is_next_cell(int window)
+{
+  /* Is this the last cell before a SENDME? The idea is that if the package or
+   * deliver window reaches a multiple of the increment, after this cell, we
+   * should expect a SENDME. */
+  if (((window - 1) % CIRCWINDOW_INCREMENT) != 0) {
+return false;
+  }
+  /* Next cell is expected to be a SENDME. */
+  return true;
+}
+
 /** Called when we've just received a relay data cell, when we've just
  * finished flushing all bytes to stream conn, or when we've flushed
  * *some* bytes to the stream conn.
@@ -550,7 +573,7 @@ sendme_note_cell_digest(circuit_t *circ)
   /* Is this the last cell before a SENDME? The idea is that if the
* package_window reaches a multiple of the increment, after this cell, we
* should expect a SENDME. */
-  if (((circ->package_window - 1) % CIRCWINDOW_INCREMENT) != 0) {
+  if (!sendme_circuit_is_next_cell(circ->package_window)) {
 return;
   }
 
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index 71df9b6f0..0965b5b22 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -37,6 +37,9 @@ int sendme_note_stream_data_packaged(edge_connection_t *conn);
 /* Track cell digest. */
 void sendme_note_cell_digest(circuit_t *circ);
 
+/* Circuit level information. */
+bool sendme_circuit_is_next_cell(int window);
+
 /* Private section starts. */
 #ifdef SENDME_PRIVATE
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Keep cell digest only if a SENDME is next

[asn]

commit c7385b5b14b30774c1768798c4495465da4d995d
Author: David Goulet 
Date:   Wed Apr 24 13:38:47 2019 -0400

sendme: Keep cell digest only if a SENDME is next

This way, we reduce the load by only hashing when we absolutely must.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c | 21 +
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index 94e906065..eddc4298e 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -12,6 +12,7 @@
 #include "core/crypto/hs_ntor.h" // for HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN
 #include "core/or/relay.h"
 #include "core/crypto/relay_crypto.h"
+#include "core/or/sendme.h"
 
 #include "core/or/cell_st.h"
 #include "core/or/or_circuit_st.h"
@@ -142,10 +143,11 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell,
   if (relay_digest_matches(thishop->crypto.b_digest, cell)) {
 *recognized = 1;
 *layer_hint = thishop;
-/* Keep current digest of this cell for the possible SENDME. */
-crypto_digest_get_digest(thishop->crypto.b_digest,
- (char *) thishop->crypto.sendme_digest,
- sizeof(thishop->crypto.sendme_digest));
+/* This cell is for us. Keep a record of this cell because we will
+ * use it in the next SENDME cell. */
+if (sendme_circuit_is_next_cell(thishop->deliver_window)) {
+  sendme_circuit_note_inbound_cell(thishop);
+}
 return 0;
   }
 }
@@ -216,10 +218,13 @@ relay_encrypt_cell_inbound(cell_t *cell,
or_circuit_t *or_circ)
 {
   relay_set_digest(or_circ->crypto.b_digest, cell);
-  /* Keep a record of this cell, we might use it for validating the SENDME. */
-  crypto_digest_get_digest(or_circ->crypto.b_digest,
-   (char *) or_circ->crypto.sendme_digest,
-   sizeof(or_circ->crypto.sendme_digest));
+
+  /* We are about to send this cell outbound on the circuit. Keep a record of
+   * this cell if we are expecting that the next cell is a SENDME. */
+  if (sendme_circuit_is_next_cell(TO_CIRCUIT(or_circ)->package_window)) {
+sendme_circuit_note_outbound_cell(or_circ);
+  }
+
   /* encrypt one layer */
   relay_crypt_one_payload(or_circ->crypto.b_crypto, cell->payload);
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Better handle the random padding

[asn]

commit d084f9115d7d46ad5e029b9c75cea716fa7d65a5
Author: David Goulet 
Date:   Wed Apr 24 15:39:10 2019 -0400

sendme: Better handle the random padding

We add random padding to every cell if there is room. This commit not only
fixes how we compute that random padding length/offset but also improves its
safety with helper functions and a unit test.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/relay.c| 74 ++
 src/core/or/relay.h|  1 +
 src/test/test_sendme.c | 46 +++
 3 files changed, 103 insertions(+), 18 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 504f391d9..d273facd5 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -529,6 +529,60 @@ relay_command_to_string(uint8_t command)
   }
 }
 
+/** Return the offset where the padding should start. The data_len is
+ * the relay payload length expected to be put in the cell. It can not be
+ * bigger than RELAY_PAYLOAD_SIZE else this function assert().
+ *
+ * Value will always be smaller than CELL_PAYLOAD_SIZE because this offset is
+ * for the entire cell length not just the data payload length. Zero is
+ * returned if there is no room for padding.
+ *
+ * This function always skips the first 4 bytes after the payload because
+ * having some unused zero bytes has saved us a lot of times in the past. */
+
+STATIC size_t
+get_pad_cell_offset(size_t data_len)
+{
+  /* This is never suppose to happen but in case it does, stop right away
+   * because if tor is tricked somehow into not adding random bytes to the
+   * payload with this function returning 0 for a bad data_len, the entire
+   * authenticated SENDME design can be bypassed leading to bad denial of
+   * service attacks. */
+  tor_assert(data_len <= RELAY_PAYLOAD_SIZE);
+
+  /* If the offset is larger than the cell payload size, we return an offset
+   * of zero indicating that no padding needs to be added. */
+  size_t offset = RELAY_HEADER_SIZE + data_len + 4;
+  if (offset >= CELL_PAYLOAD_SIZE) {
+return 0;
+  }
+  return offset;
+}
+
+/* Add random bytes to the unused portion of the payload, to foil attacks
+ * where the other side can predict all of the bytes in the payload and thus
+ * compute the authenticated SENDME cells without seeing the traffic. See
+ * proposal 289. */
+static void
+pad_cell_payload(uint8_t *cell_payload, size_t data_len)
+{
+  size_t pad_offset, pad_len;
+
+  tor_assert(cell_payload);
+
+  pad_offset = get_pad_cell_offset(data_len);
+  if (pad_offset == 0) {
+/* We can't add padding so we are done. */
+return;
+  }
+
+  /* Remember here that the cell_payload is the length of the header and
+   * payload size so we offset it using the full lenght of the cell. */
+  pad_len = CELL_PAYLOAD_SIZE - pad_offset;
+  crypto_fast_rng_getbytes(get_thread_fast_rng(),
+   cell_payload + pad_offset, pad_len);
+}
+
 /** Make a relay cell out of relay_command and payload, and send
  * it onto the open circuit circ. stream_id is the ID on
  * circ for the stream that's sending the relay cell, or 0 if it's a
@@ -547,8 +601,6 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
   cell_t cell;
   relay_header_t rh;
   cell_direction_t cell_direction;
-  int random_bytes_len;
-  size_t random_bytes_offset = 0;
   /*  NM Split this function into a separate versions per circuit type? */
 
   tor_assert(circ);
@@ -574,22 +626,8 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
   if (payload_len)
 memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
 
-  /* Add random bytes to the unused portion of the payload, to foil attacks
-   * where the other side can predict all of the bytes in the payload and thus
-   * compute authenticated sendme cells without seeing the traffic. See
-   * proposal 289.
-   *
-   * We'll skip the first 4 bytes of unused data because having some unused
-   * zero bytes has saved us a lot of times in the past. */
-  random_bytes_len = RELAY_PAYLOAD_SIZE -
- (RELAY_HEADER_SIZE + payload_len + 4);
-  if (random_bytes_len < 0) {
-random_bytes_len = 0;
-  }
-  random_bytes_offset = RELAY_PAYLOAD_SIZE - random_bytes_len;
-  crypto_fast_rng_getbytes(get_thread_fast_rng(),
-   cell.payload + random_bytes_offset,
-   random_bytes_len);
+  /* Add random padding to the cell if we can. */
+  pad_cell_payload(cell.payload, payload_len);
 
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
 cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
diff --git a/src/core/or/relay.h b/src/core/or/relay.h
index ea1b358ff..2248cdf38 100644
--- a/src/core/or/relay.h
+++ b/src/core/or/relay.h
@@ -120,6 +120,7 @@ STATIC int cell_queues_check_size(void);
 STATIC int connection_edge_process_relay_cell(cell_t *cell, circuit_t 

[tor-commits] [tor/master] prop289: Skip the first 4 unused bytes in a cell

[asn]

commit 44750b0de60fe80ea81f7fc83f8713f814caf5a6
Author: David Goulet 
Date:   Thu Mar 7 12:45:16 2019 -0500

prop289: Skip the first 4 unused bytes in a cell

When adding random to a cell, skip the first 4 bytes and leave them zeroed. 
It
has been very useful in the past for us to keep bytes like this.

Some code trickery was added to make sure we have enough room for this 4 
bytes
offset when adding random.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/relay.c | 19 +++
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index fa008120b..504f391d9 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -547,6 +547,8 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
   cell_t cell;
   relay_header_t rh;
   cell_direction_t cell_direction;
+  int random_bytes_len;
+  size_t random_bytes_offset = 0;
   /*  NM Split this function into a separate versions per circuit type? */
 
   tor_assert(circ);
@@ -574,11 +576,20 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
 
   /* Add random bytes to the unused portion of the payload, to foil attacks
* where the other side can predict all of the bytes in the payload and thus
-   * compute authenticated sendme cells without seeing the traffic.  See
-   * proposal 289. */
+   * compute authenticated sendme cells without seeing the traffic. See
+   * proposal 289.
+   *
+   * We'll skip the first 4 bytes of unused data because having some unused
+   * zero bytes has saved us a lot of times in the past. */
+  random_bytes_len = RELAY_PAYLOAD_SIZE -
+ (RELAY_HEADER_SIZE + payload_len + 4);
+  if (random_bytes_len < 0) {
+random_bytes_len = 0;
+  }
+  random_bytes_offset = RELAY_PAYLOAD_SIZE - random_bytes_len;
   crypto_fast_rng_getbytes(get_thread_fast_rng(),
-   cell.payload + RELAY_HEADER_SIZE + payload_len,
-   RELAY_PAYLOAD_SIZE - payload_len);
+   cell.payload + random_bytes_offset,
+   random_bytes_len);
 
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
 cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Move note_cell_digest() to relay_crypto module

[asn]

commit 67c22541830cf1dfc1c02843a1d4dd81c2df16ff
Author: David Goulet 
Date:   Mon Apr 29 11:29:05 2019 -0400

sendme: Move note_cell_digest() to relay_crypto module

Because this function is poking within the relay_crypto_t object, move the
function to the module so we can keep it opaque as much as possible.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c |  9 +
 src/core/crypto/relay_crypto.h |  2 ++
 src/core/or/sendme.c   | 14 +++---
 3 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index eddc4298e..3a6dad4b1 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -91,6 +91,15 @@ relay_crypt_one_payload(crypto_cipher_t *cipher, uint8_t *in)
   crypto_cipher_crypt_inplace(cipher, (char*) in, CELL_PAYLOAD_SIZE);
 }
 
+/** Record the b_digest from crypto and put it in the sendme_digest. */
+void
+relay_crypto_record_sendme_digest(relay_crypto_t *crypto)
+{
+  tor_assert(crypto);
+  crypto_digest_get_digest(crypto->b_digest, (char *) crypto->sendme_digest,
+   sizeof(crypto->sendme_digest));
+}
+
 /** Do the appropriate en/decryptions for cell arriving on
  * circ in direction cell_direction.
  *
diff --git a/src/core/crypto/relay_crypto.h b/src/core/crypto/relay_crypto.h
index 45a21d14a..1009f1841 100644
--- a/src/core/crypto/relay_crypto.h
+++ b/src/core/crypto/relay_crypto.h
@@ -27,5 +27,7 @@ void relay_crypto_clear(relay_crypto_t *crypto);
 
 void relay_crypto_assert_ok(const relay_crypto_t *crypto);
 
+void relay_crypto_record_sendme_digest(relay_crypto_t *crypto);
+
 #endif /* !defined(TOR_RELAY_CRYPTO_H) */
 
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index b384a1916..b65f30ba9 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -12,6 +12,7 @@
 #include "core/or/or.h"
 
 #include "app/config/config.h"
+#include "core/crypto/relay_crypto.h"
 #include "core/mainloop/connection.h"
 #include "core/or/cell_st.h"
 #include "core/or/circuitlist.h"
@@ -286,15 +287,6 @@ send_circuit_level_sendme(circuit_t *circ, crypt_path_t 
*layer_hint,
   return 0;
 }
 
-/* Put the crypto.b_digest in the sendme_digest. */
-static void
-note_cell_digest(const relay_crypto_t *crypto)
-{
-  tor_assert(crypto);
-  crypto_digest_get_digest(crypto->b_digest, (char *) crypto->sendme_digest,
-   sizeof(crypto->sendme_digest));
-}
-
 /*
  * Public API
  */
@@ -305,7 +297,7 @@ void
 sendme_circuit_note_outbound_cell(or_circuit_t *or_circ)
 {
   tor_assert(or_circ);
-  note_cell_digest(_circ->crypto);
+  relay_crypto_record_sendme_digest(_circ->crypto);
 }
 
 /** Keep the current inbound cell digest for the next SENDME digest. This part
@@ -314,7 +306,7 @@ void
 sendme_circuit_note_inbound_cell(crypt_path_t *cpath)
 {
   tor_assert(cpath);
-  note_cell_digest(>crypto);
+  relay_crypto_record_sendme_digest(>crypto);
 }
 
 /** Return true iff the next cell for the given cell window is expected to be



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Add helper to note the cell digest

[asn]

commit 805c81efed9bc2c474d3f10675846ee445a908d5
Author: David Goulet 
Date:   Wed Apr 24 11:57:20 2019 -0400

sendme: Add helper to note the cell digest

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 27 +++
 src/core/or/sendme.h |  2 ++
 2 files changed, 29 insertions(+)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index c66e947bc..b384a1916 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -286,10 +286,37 @@ send_circuit_level_sendme(circuit_t *circ, crypt_path_t 
*layer_hint,
   return 0;
 }
 
+/* Put the crypto.b_digest in the sendme_digest. */
+static void
+note_cell_digest(const relay_crypto_t *crypto)
+{
+  tor_assert(crypto);
+  crypto_digest_get_digest(crypto->b_digest, (char *) crypto->sendme_digest,
+   sizeof(crypto->sendme_digest));
+}
+
 /*
  * Public API
  */
 
+/** Keep the current inbound cell digest for the next SENDME digest. This part
+ * is only done by the client as the circuit came back from the Exit. */
+void
+sendme_circuit_note_outbound_cell(or_circuit_t *or_circ)
+{
+  tor_assert(or_circ);
+  note_cell_digest(_circ->crypto);
+}
+
+/** Keep the current inbound cell digest for the next SENDME digest. This part
+ * is only done by the client as the circuit came back from the Exit. */
+void
+sendme_circuit_note_inbound_cell(crypt_path_t *cpath)
+{
+  tor_assert(cpath);
+  note_cell_digest(>crypto);
+}
+
 /** Return true iff the next cell for the given cell window is expected to be
  * a SENDME.
  *
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index 0965b5b22..5889b41e9 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -36,6 +36,8 @@ int sendme_note_stream_data_packaged(edge_connection_t *conn);
 
 /* Track cell digest. */
 void sendme_note_cell_digest(circuit_t *circ);
+void sendme_circuit_note_inbound_cell(crypt_path_t *cpath);
+void sendme_circuit_note_outbound_cell(or_circuit_t *or_circ);
 
 /* Circuit level information. */
 bool sendme_circuit_is_next_cell(int window);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Improve logging messages

[asn]

commit 77bd219808ac82c231aef37672e7fb212cd83d15
Author: David Goulet 
Date:   Thu May 2 08:58:58 2019 -0400

sendme: Improve logging messages

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 6f451d38e..70ff3798b 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -129,8 +129,8 @@ cell_version_is_valid(uint8_t cell_version)
   /* Can we handle this version? */
   if (accept_version > SENDME_MAX_SUPPORTED_VERSION) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
-   "Unable to handle SENDME version %u. We only support <= %d "
-   "(from consensus). Probably your tor is too old?",
+   "Unable to accept SENDME version %u (from consensus). "
+   "We only support <= %d. Probably your tor is too old?",
accept_version, cell_version);
 goto invalid;
   }
@@ -138,8 +138,7 @@ cell_version_is_valid(uint8_t cell_version)
   /* We only accept a SENDME cell from what the consensus tells us. */
   if (cell_version < accept_version) {
 log_info(LD_PROTOCOL, "Unacceptable SENDME version %d. Only "
-  "accepting %u (taken from the consensus). "
-  "Closing circuit.",
+  "accepting %u (from consensus). Closing circuit.",
  cell_version, accept_version);
 goto invalid;
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Add changes file for prop289

[asn]

commit 562bcbcfc216df9f25cd72f1e227b9313c872172
Author: David Goulet 
Date:   Thu May 2 11:10:41 2019 -0400

sendme: Add changes file for prop289

Signed-off-by: David Goulet 
---
 changes/ticket26288 | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/changes/ticket26288 b/changes/ticket26288
new file mode 100644
index 0..59bb856dd
--- /dev/null
+++ b/changes/ticket26288
@@ -0,0 +1,6 @@
+  o Major features (flow control):
+- Implement authenticated SENDMEs detailed in proposal 289. A SENDME cell
+  now includes the digest of the last cell received so once the end point
+  receives the SENDME, it can confirm the other side's knowledge of the
+  previous cells that were sent. This behavior is controlled by two new
+  consensus parameters, see proposal for more details. Fixes ticket 26288.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Do not poke at crypto.sendme_digest directly

[asn]

commit 0f2ff267c5b509d697882989341d91b9fb4c249d
Author: David Goulet 
Date:   Mon Apr 29 12:11:57 2019 -0400

sendme: Do not poke at crypto.sendme_digest directly

As per review from nickm, keep as much as we can the relay_crypto_t object
opaque.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c | 8 
 src/core/crypto/relay_crypto.h | 1 +
 src/core/or/sendme.c   | 6 +++---
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index 5be45d6c7..893116316 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -91,6 +91,14 @@ relay_crypt_one_payload(crypto_cipher_t *cipher, uint8_t *in)
   crypto_cipher_crypt_inplace(cipher, (char*) in, CELL_PAYLOAD_SIZE);
 }
 
+/** Return the sendme_digest within the crypto object. */
+uint8_t *
+relay_crypto_get_sendme_digest(relay_crypto_t *crypto)
+{
+  tor_assert(crypto);
+  return crypto->sendme_digest;
+}
+
 /** Record the b_digest from crypto and put it in the sendme_digest. */
 void
 relay_crypto_record_sendme_digest(relay_crypto_t *crypto)
diff --git a/src/core/crypto/relay_crypto.h b/src/core/crypto/relay_crypto.h
index 1009f1841..bcc153183 100644
--- a/src/core/crypto/relay_crypto.h
+++ b/src/core/crypto/relay_crypto.h
@@ -27,6 +27,7 @@ void relay_crypto_clear(relay_crypto_t *crypto);
 
 void relay_crypto_assert_ok(const relay_crypto_t *crypto);
 
+uint8_t *relay_crypto_get_sendme_digest(relay_crypto_t *crypto);
 void relay_crypto_record_sendme_digest(relay_crypto_t *crypto);
 
 #endif /* !defined(TOR_RELAY_CRYPTO_H) */
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index ff58c1489..6f451d38e 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -388,10 +388,10 @@ sendme_circuit_consider_sending(circuit_t *circ, 
crypt_path_t *layer_hint)
 log_debug(LD_CIRC,"Queuing circuit sendme.");
 if (layer_hint) {
   layer_hint->deliver_window += CIRCWINDOW_INCREMENT;
-  digest = layer_hint->crypto.sendme_digest;
+  digest = relay_crypto_get_sendme_digest(_hint->crypto);
 } else {
   circ->deliver_window += CIRCWINDOW_INCREMENT;
-  digest = TO_OR_CIRCUIT(circ)->crypto.sendme_digest;
+  digest = relay_crypto_get_sendme_digest(_OR_CIRCUIT(circ)->crypto);
 }
 if (send_circuit_level_sendme(circ, layer_hint, digest) < 0) {
   return; /* The circuit's closed, don't continue */
@@ -597,7 +597,7 @@ sendme_record_cell_digest(circuit_t *circ)
   }
 
   /* Add the digest to the last seen list in the circuit. */
-  digest = TO_OR_CIRCUIT(circ)->crypto.sendme_digest;
+  digest = relay_crypto_get_sendme_digest(_OR_CIRCUIT(circ)->crypto);
   if (circ->sendme_last_digests == NULL) {
 circ->sendme_last_digests = smartlist_new();
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'tor-github/pr/986'

[asn]

commit b2c2cb928722cd3ecd0781d51ce5c9a7c9029b55
Merge: 4d461e20f 562bcbcfc
Author: George Kadianakis 
Date:   Thu May 2 18:12:52 2019 +0300

Merge branch 'tor-github/pr/986'

 changes/ticket26288  |   6 +
 scripts/maint/practracker/exceptions.txt |  10 +-
 src/core/crypto/relay_crypto.c   |  30 ++
 src/core/crypto/relay_crypto.h   |   3 +
 src/core/include.am  |   2 +
 src/core/or/circuit_st.h |  20 +
 src/core/or/circuitlist.c|   6 +
 src/core/or/connection_edge.c|  24 +-
 src/core/or/connection_edge.h|   1 +
 src/core/or/relay.c  | 344 +-
 src/core/or/relay.h  |   1 +
 src/core/or/relay_crypto_st.h|   2 +
 src/core/or/sendme.c | 604 +++
 src/core/or/sendme.h |  68 
 src/test/include.am  |   1 +
 src/test/test.c  |   1 +
 src/test/test.h  |   1 +
 src/test/test_sendme.c   | 267 ++
 src/trunnel/include.am   |   3 +
 src/trunnel/sendme.c | 347 ++
 src/trunnel/sendme.h | 101 ++
 src/trunnel/sendme.trunnel   |  19 +
 22 files changed, 1676 insertions(+), 185 deletions(-)

diff --cc scripts/maint/practracker/exceptions.txt
index c41b0a0b1,f8bb2bd37..9b4c03a72
--- a/scripts/maint/practracker/exceptions.txt
+++ b/scripts/maint/practracker/exceptions.txt
@@@ -119,10 -119,10 +119,10 @@@ problem function-size /src/core/or/conn
  problem function-size 
/src/core/or/connection_or.c:connection_or_compute_authenticate_cell_body() 235
  problem file-size /src/core/or/policies.c 3171
  problem function-size /src/core/or/policies.c:policy_summarize() 107
 -problem function-size /src/core/or/protover.c:protover_all_supported() 116
 +problem function-size /src/core/or/protover.c:protover_all_supported() 117
  problem file-size /src/core/or/relay.c 3173
  problem function-size /src/core/or/relay.c:circuit_receive_relay_cell() 123
- problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 101
+ problem function-size /src/core/or/relay.c:relay_send_command_from_edge_() 112
  problem function-size 
/src/core/or/relay.c:connection_ap_process_end_not_open() 194
  problem function-size 
/src/core/or/relay.c:connection_edge_process_relay_cell_not_open() 139
  problem function-size 
/src/core/or/relay.c:connection_edge_process_relay_cell() 520

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Add documentation for the circuit FIFO list

[asn]

commit aef7095c3e52e2f98850e72c68b00f54a39608a6
Author: David Goulet 
Date:   Thu Mar 7 12:57:15 2019 -0500

prop289: Add documentation for the circuit FIFO list

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/circuit_st.h | 20 +---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/core/or/circuit_st.h b/src/core/or/circuit_st.h
index 5adb15893..a68547ecb 100644
--- a/src/core/or/circuit_st.h
+++ b/src/core/or/circuit_st.h
@@ -106,9 +106,23 @@ struct circuit_t {
   int deliver_window;
   /** FIFO containing the digest of the cells that are just before a SENDME is
* sent by the client. It is done at the last cell before our package_window
-   * goes down to 0 which is when we expect a SENDME. The protocol doesn't
-   * allow more than 10 outstanding SENDMEs worth of data meaning this list
-   * should only contain at most 10 digests of 4 bytes each. */
+   * goes down to 0 which is when we expect a SENDME.
+   *
+   * Our current circuit package window is capped to 1000
+   * (CIRCWINDOW_START_MAX) which is also the start value. The increment is
+   * set to 100 (CIRCWINDOW_INCREMENT) which means we don't allow more than
+   * 1000/100 = 10 outstanding SENDME cells worth of data. Meaning that this
+   * list can not contain more than 10 digests of DIGEST_LEN bytes (20).
+   *
+   * At position i in the list, the digest corresponds to the
+   * ((CIRCWINDOW_INCREMENT * i) - 1)-nth cell received since we expect the
+   * (CIRCWINDOW_INCREMENT * i)-nth cell to be the SENDME and thus containing
+   * the previous cell digest.
+   *
+   * For example, position 2 (starting at 0) means that we've received 299
+   * cells and the 299th cell digest is kept at index 2.
+   *
+   * At maximum, this list contains 200 bytes plus the smartlist overhead. */
   smartlist_t *sendme_last_digests;
 
   /** Temporary field used during circuits_handle_oom. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Move digest matching in its own function

[asn]

commit 4efe9d653aa1d375d77d6dca83ca63787d6599d7
Author: David Goulet 
Date:   Thu Mar 7 12:01:58 2019 -0500

prop289: Move digest matching in its own function

No behavior change but code had to be refactored a bit. Also, the 
tor_memcmp()
was changed to tor_memneq().

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 70 ++--
 1 file changed, 40 insertions(+), 30 deletions(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 16ff5bcb8..0a7b1cbc0 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -59,23 +59,18 @@ get_accept_min_version(void)
  SENDME_ACCEPT_MIN_VERSION_MAX);
 }
 
-/* Return true iff the given decoded SENDME version 1 cell is valid and
- * matches the expected digest on the circuit.
- *
- * Validation is done by comparing the digest in the cell from the previous
- * cell we saw which tells us that the other side has in fact seen that cell.
- * See proposal 289 for more details. */
+/* Return true iff the given cell digest matches the first digest in the
+ * circuit sendme list. */
 static bool
-cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t *circ)
+v1_digest_matches(const circuit_t *circ, const uint8_t *cell_digest)
 {
-  const uint8_t *cell_digest = NULL;
+  bool ret = false;
+  uint8_t *circ_digest = NULL;
 
-  tor_assert(cell);
   tor_assert(circ);
+  tor_assert(cell_digest);
 
-  cell_digest = sendme_cell_getconstarray_data_v1_digest(cell);
-
-  /* We shouldn't have received this SENDME if we have no digests. Log at
+  /* We shouldn't have received a SENDME if we have no digests. Log at
* protocol warning because it can be tricked by sending many SENDMEs
* without prior data cell. */
   if (circ->sendme_last_digests == NULL ||
@@ -83,29 +78,44 @@ cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t 
*circ)
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"We received a SENDME but we have no cell digests to match. "
"Closing circuit.");
-goto invalid;
+goto no_match;
   }
 
   /* Pop the first element that was added (FIFO) and compare it. */
-  {
-uint8_t *digest = smartlist_get(circ->sendme_last_digests, 0);
-smartlist_del_keeporder(circ->sendme_last_digests, 0);
-
-/* Compare the digest with the one in the SENDME. This cell is invalid
- * without a perfect match. */
-if (tor_memcmp(digest, cell_digest, TRUNNEL_SENDME_V1_DIGEST_LEN)) {
-  tor_free(digest);
-  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
- "SENDME v1 cell digest do not match.");
-  goto invalid;
-}
-tor_free(digest);
+  circ_digest = smartlist_get(circ->sendme_last_digests, 0);
+  smartlist_del_keeporder(circ->sendme_last_digests, 0);
+
+  /* Compare the digest with the one in the SENDME. This cell is invalid
+   * without a perfect match. */
+  if (tor_memneq(circ_digest, cell_digest, TRUNNEL_SENDME_V1_DIGEST_LEN)) {
+log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+   "SENDME v1 cell digest do not match.");
+goto no_match;
   }
+  /* Digests matches! */
+  ret = true;
+
+ no_match:
+  /* This digest was popped from the circuit list. Regardless of what happens,
+   * we have no more use for it. */
+  tor_free(circ_digest);
+  return ret;
+}
 
-  /* Validated SENDME v1 cell. */
-  return 1;
- invalid:
-  return 0;
+/* Return true iff the given decoded SENDME version 1 cell is valid and
+ * matches the expected digest on the circuit.
+ *
+ * Validation is done by comparing the digest in the cell from the previous
+ * cell we saw which tells us that the other side has in fact seen that cell.
+ * See proposal 289 for more details. */
+static bool
+cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t *circ)
+{
+  tor_assert(cell);
+  tor_assert(circ);
+
+  const uint8_t *cell_digest = sendme_cell_getconstarray_data_v1_digest(cell);
+  return v1_digest_matches(circ, cell_digest);
 }
 
 /* Return true iff the given cell version can be handled or if the minimum



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Support SENDME v1 cell parsing

[asn]

commit 81706d84279f0a2870f8b1789403188fd933b32a
Author: David Goulet 
Date:   Wed Jan 9 14:03:32 2019 -0500

prop289: Support SENDME v1 cell parsing

This commit makes tor able to parse and handle a SENDME version 1. It will
look at the consensus parameter "sendme_accept_min_version" to know what is
the minimum version it should look at.

IMPORTANT: At this commit, the validation of the cell is not fully
implemented. For this, we need #26839 to be completed that is to match the
SENDME digest with the last cell digest.

Closes #26841

Signed-off-by: David Goulet 
---
 src/core/or/relay.c  |   4 +-
 src/core/or/sendme.c | 140 +--
 src/core/or/sendme.h |   3 +-
 3 files changed, 140 insertions(+), 7 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 6f69ed999..76f2203a9 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1814,7 +1814,9 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
 
   if (!rh.stream_id) {
 /* Circuit level SENDME cell. */
-ret = sendme_process_circuit_level(layer_hint, circ, rh.length);
+ret = sendme_process_circuit_level(layer_hint, circ,
+   cell->payload + RELAY_HEADER_SIZE,
+   rh.length);
 if (ret < 0) {
   return ret;
 }
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index f22e7027d..64497055e 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -18,6 +18,10 @@
 #include "feature/nodelist/networkstatus.h"
 #include "trunnel/sendme.h"
 
+/* The maximum supported version. Above that value, the cell can't be
+ * recognized as a valid SENDME. */
+#define SENDME_MAX_SUPPORTED_VERSION 1
+
 /* The cell version constants for when emitting a cell. */
 #define SENDME_EMIT_MIN_VERSION_DEFAULT 0
 #define SENDME_EMIT_MIN_VERSION_MIN 0
@@ -39,7 +43,6 @@ get_emit_min_version(void)
  SENDME_EMIT_MIN_VERSION_MAX);
 }
 
-#if 0
 /* Return the minimum version given by the consensus (if any) that should be
  * accepted when receiving a SENDME cell. */
 static int
@@ -50,7 +53,124 @@ get_accept_min_version(void)
  SENDME_ACCEPT_MIN_VERSION_MIN,
  SENDME_ACCEPT_MIN_VERSION_MAX);
 }
-#endif
+
+/* Return true iff the given decoded SENDME version 1 cell is valid.
+ *
+ * Validation is done by comparing the digest in the cell from the previous
+ * cell we saw which tells us that the other side has in fact seen that cell.
+ * See proposal 289 for more details. */
+static bool
+cell_v1_is_valid(const sendme_cell_t *cell)
+{
+  sendme_data_v1_t *data = NULL;
+
+  tor_assert(cell);
+
+  if (sendme_data_v1_parse(, sendme_cell_getconstarray_data(cell),
+   sendme_cell_getlen_data(cell)) < 0) {
+goto invalid;
+  }
+
+  /* XXX: Match the digest in the cell to the previous cell. Needs to be
+   * implemented that is passed to this function and compared. For this, we
+   * need #26839 that is making tor remember the last digest(s). */
+
+  /* Validated SENDME v1 cell. */
+  sendme_data_v1_free(data);
+  return 1;
+ invalid:
+  sendme_data_v1_free(data);
+  return 0;
+}
+
+/* Return true iff the given cell version can be handled or if the minimum
+ * accepted version from the consensus is known to us. */
+static bool
+cell_version_is_valid(uint8_t cell_version)
+{
+  int accept_version = get_accept_min_version();
+
+  /* Can we handle this version? */
+  if (accept_version > SENDME_MAX_SUPPORTED_VERSION) {
+log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+   "Unable to handle SENDME version %u. We only support <= %d "
+   "(from consensus). Probably your tor is too old?",
+   accept_version, cell_version);
+goto invalid;
+  }
+
+  /* We only accept a SENDME cell from what the consensus tells us. */
+  if (cell_version < accept_version) {
+log_info(LD_PROTOCOL, "Unacceptable SENDME version %d. Only "
+  "accepting %u (taken from the consensus). "
+  "Closing circuit.",
+ cell_version, accept_version);
+goto invalid;
+  }
+
+  return 1;
+ invalid:
+  return 0;
+}
+
+/* Return true iff the encoded SENDME cell in cell_payload of length
+ * cell_payload_len is valid. For each version:
+ *
+ *  0: No validation
+ *  1: Authenticated with last cell digest.
+ *
+ * This is the main critical function to make sure we can continue to
+ * send/recv cells on a circuit. If the SENDME is invalid, the circuit should
+ * be mark for close. */
+static bool
+sendme_is_valid(const uint8_t *cell_payload, size_t cell_payload_len)
+{
+  uint8_t cell_version;
+  sendme_cell_t *cell = NULL;
+
+  tor_assert(cell_payload);
+
+  /* An empty payload means version 0 so skip trunnel parsing. We won't be
+   * able to parse a 0 length 

[tor-commits] [tor/master] sendme: Add helper functions for DATA cell delivery

[asn]

commit 2d3c600915c22f1e9a7e9dcbba8358556ef64505
Author: David Goulet 
Date:   Wed Jan 9 10:39:58 2019 -0500

sendme: Add helper functions for DATA cell delivery

When we get a relay DATA cell delivered, we have to decrement the deliver
window on both the circuit and stream level.

This commit adds helper functions to handle the deliver window decrement.

Part of #26840

Signed-off-by: David Goulet 
---
 src/core/or/relay.c  | 16 +++-
 src/core/or/sendme.c | 33 +
 src/core/or/sendme.h |  6 ++
 3 files changed, 50 insertions(+), 5 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 132da2146..0eb2ba3f6 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1548,8 +1548,11 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
   return connection_exit_begin_conn(cell, circ);
 case RELAY_COMMAND_DATA:
   ++stats_n_data_cells_received;
-  if (( layer_hint && --layer_hint->deliver_window < 0) ||
-  (!layer_hint && --circ->deliver_window < 0)) {
+
+  /* Update our circuit-level deliver window that we received a DATA cell.
+   * If the deliver window goes below 0, we end the connection due to a
+   * protocol failure. */
+  if (sendme_circuit_data_received(circ, layer_hint) < 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"(relay data) circ deliver_window below 0. Killing.");
 if (conn) {
@@ -1560,9 +1563,8 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
 }
 return -END_CIRC_REASON_TORPROTOCOL;
   }
-  log_debug(domain,"circ deliver_window now %d.", layer_hint ?
-layer_hint->deliver_window : circ->deliver_window);
 
+  /* Consider sending a circuit-level SENDME cell. */
   sendme_circuit_consider_sending(circ, layer_hint);
 
   if (rh.stream_id == 0) {
@@ -1586,7 +1588,11 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
 return 0;
   }
 
-  if (--conn->deliver_window < 0) { /* is it below 0 after decrement? */
+  /* Update our stream-level deliver window that we just received a DATA
+   * cell. Going below 0 means we have a protocol level error so the
+   * circuit is closed. */
+
+  if (sendme_stream_data_received(conn) < 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"(relay data) conn deliver_window below 0. Killing.");
 return -END_CIRC_REASON_TORPROTOCOL;
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index df9fc57bd..6d9f6f7d0 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -180,3 +180,36 @@ sendme_process_stream_level(edge_connection_t *conn, 
circuit_t *circ,
 conn->package_window);
   return 0;
 }
+
+/* Called when a relay DATA cell is received on the given circuit. If
+ * layer_hint is NULL, this means we are the Exit end point else we are the
+ * Client. Update the deliver window and return its new value. */
+int
+sendme_circuit_data_received(circuit_t *circ, crypt_path_t *layer_hint)
+{
+  int deliver_window, domain;
+
+  if (CIRCUIT_IS_ORIGIN(circ)) {
+tor_assert(layer_hint);
+--layer_hint->deliver_window;
+deliver_window = layer_hint->deliver_window;
+domain = LD_APP;
+  } else {
+tor_assert(!layer_hint);
+--circ->deliver_window;
+deliver_window = circ->deliver_window;
+domain = LD_EXIT;
+  }
+
+  log_debug(domain, "Circuit deliver_window now %d.", deliver_window);
+  return deliver_window;
+}
+
+/* Called when a relay DATA cell is received for the given edge connection
+ * conn. Update the deliver window and return its new value. */
+int
+sendme_stream_data_received(edge_connection_t *conn)
+{
+  tor_assert(conn);
+  return --conn->deliver_window;
+}
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index 97748cf65..6313e9121 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -13,13 +13,19 @@
 #include "core/or/crypt_path_st.h"
 #include "core/or/circuit_st.h"
 
+/* Sending SENDME cell. */
 void sendme_connection_edge_consider_sending(edge_connection_t *edge_conn);
 void sendme_circuit_consider_sending(circuit_t *circ,
  crypt_path_t *layer_hint);
 
+/* Processing SENDME cell. */
 int sendme_process_circuit_level(crypt_path_t *layer_hint,
  circuit_t *circ, uint16_t cell_body_len);
 int sendme_process_stream_level(edge_connection_t *conn, circuit_t *circ,
 uint16_t cell_body_len);
 
+/* Update deliver window functions. */
+int sendme_stream_data_received(edge_connection_t *conn);
+int sendme_circuit_data_received(circuit_t *circ, crypt_path_t *layer_hint);
+
 #endif /* !defined(TOR_SENDME_H) */



___
tor-commits mailing list
tor-commits@lists.torproject.org

[tor-commits] [tor/master] prop289: Keep the digest bytes, not the object

[asn]

commit 77d560af64226eaa0fde157d7a6607791975a7a9
Author: David Goulet 
Date:   Thu Mar 7 12:30:13 2019 -0500

prop289: Keep the digest bytes, not the object

The digest object is as large as the entire internal digest object's state,
which is often much larger than the actual set of bytes you're transmitting.

This commit makes it that we keep the digest itself which is 20 bytes.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c | 17 ++---
 src/core/or/relay_crypto_st.h  |  2 +-
 src/core/or/sendme.c   | 29 +++--
 src/core/or/sendme.h   |  2 +-
 src/test/test_relaycell.c  |  1 -
 src/test/test_sendme.c | 16 +++-
 6 files changed, 26 insertions(+), 41 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index d4116d47a..94e906065 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -143,12 +143,9 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell,
 *recognized = 1;
 *layer_hint = thishop;
 /* Keep current digest of this cell for the possible SENDME. */
-if (thishop->crypto.sendme_digest) {
-  crypto_digest_free(thishop->crypto.sendme_digest);
-}
-thishop->crypto.sendme_digest =
-  crypto_digest_dup(thishop->crypto.b_digest);
-
+crypto_digest_get_digest(thishop->crypto.b_digest,
+ (char *) thishop->crypto.sendme_digest,
+ sizeof(thishop->crypto.sendme_digest));
 return 0;
   }
 }
@@ -220,10 +217,9 @@ relay_encrypt_cell_inbound(cell_t *cell,
 {
   relay_set_digest(or_circ->crypto.b_digest, cell);
   /* Keep a record of this cell, we might use it for validating the SENDME. */
-  if (or_circ->crypto.sendme_digest) {
-crypto_digest_free(or_circ->crypto.sendme_digest);
-  }
-  or_circ->crypto.sendme_digest = crypto_digest_dup(or_circ->crypto.b_digest);
+  crypto_digest_get_digest(or_circ->crypto.b_digest,
+   (char *) or_circ->crypto.sendme_digest,
+   sizeof(or_circ->crypto.sendme_digest));
   /* encrypt one layer */
   relay_crypt_one_payload(or_circ->crypto.b_crypto, cell->payload);
 }
@@ -241,7 +237,6 @@ relay_crypto_clear(relay_crypto_t *crypto)
   crypto_cipher_free(crypto->b_crypto);
   crypto_digest_free(crypto->f_digest);
   crypto_digest_free(crypto->b_digest);
-  crypto_digest_free(crypto->sendme_digest);
 }
 
 /** Initialize crypto from the key material in key_data.
diff --git a/src/core/or/relay_crypto_st.h b/src/core/or/relay_crypto_st.h
index dbdf1599d..1f243ccdc 100644
--- a/src/core/or/relay_crypto_st.h
+++ b/src/core/or/relay_crypto_st.h
@@ -26,7 +26,7 @@ struct relay_crypto_t {
   struct crypto_digest_t *b_digest;
 
   /** Digest used for the next SENDME cell if any. */
-  struct crypto_digest_t *sendme_digest;
+  uint8_t sendme_digest[DIGEST_LEN];
 };
 #undef crypto_cipher_t
 
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 0a7b1cbc0..3dcd9df08 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -215,7 +215,7 @@ sendme_is_valid(const circuit_t *circ, const uint8_t 
*cell_payload,
  * Return the size in bytes of the encoded cell in payload. A negative value
  * is returned on encoding failure. */
 STATIC ssize_t
-build_cell_payload_v1(crypto_digest_t *cell_digest, uint8_t *payload)
+build_cell_payload_v1(const uint8_t *cell_digest, uint8_t *payload)
 {
   ssize_t len = -1;
   sendme_cell_t *cell = NULL;
@@ -231,9 +231,8 @@ build_cell_payload_v1(crypto_digest_t *cell_digest, uint8_t 
*payload)
   sendme_cell_set_data_len(cell, TRUNNEL_SENDME_V1_DIGEST_LEN);
 
   /* Copy the digest into the data payload. */
-  crypto_digest_get_digest(cell_digest,
-   (char *) sendme_cell_getarray_data_v1_digest(cell),
-   sendme_cell_get_data_len(cell));
+  memcpy(sendme_cell_getarray_data_v1_digest(cell), cell_digest,
+ sendme_cell_get_data_len(cell));
 
   /* Finally, encode the cell into the payload. */
   len = sendme_cell_encode(payload, RELAY_PAYLOAD_SIZE, cell);
@@ -249,7 +248,7 @@ build_cell_payload_v1(crypto_digest_t *cell_digest, uint8_t 
*payload)
  * because we failed to send the cell on it. */
 static int
 send_circuit_level_sendme(circuit_t *circ, crypt_path_t *layer_hint,
-  crypto_digest_t *cell_digest)
+  const uint8_t *cell_digest)
 {
   uint8_t emit_version;
   uint8_t payload[RELAY_PAYLOAD_SIZE];
@@ -340,7 +339,7 @@ sendme_connection_edge_consider_sending(edge_connection_t 
*conn)
 void
 sendme_circuit_consider_sending(circuit_t *circ, crypt_path_t *layer_hint)
 {
-  crypto_digest_t *digest;
+  const uint8_t *digest;
 
   while ((layer_hint ? layer_hint->deliver_window : circ->deliver_window) <=

[tor-commits] [tor/master] prop289: Add random bytes to the unused portion of the cell

[asn]

commit a6e012508e5b0d676cdf204fcbd7942e3cc21419
Author: David Goulet 
Date:   Tue Feb 19 15:02:11 2019 -0500

prop289: Add random bytes to the unused portion of the cell

Signed-off-by: David Goulet 
---
 src/core/or/relay.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 47275a811..63c406d8a 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -572,6 +572,14 @@ relay_send_command_from_edge_,(streamid_t stream_id, 
circuit_t *circ,
   if (payload_len)
 memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
 
+  /* Add random bytes to the unused portion of the payload, to foil attacks
+   * where the other side can predict all of the bytes in the payload and thus
+   * compute authenticated sendme cells without seeing the traffic.  See
+   * proposal 289. */
+  crypto_fast_rng_getbytes(get_thread_fast_rng(),
+   cell.payload + RELAY_HEADER_SIZE + payload_len,
+   RELAY_PAYLOAD_SIZE - payload_len);
+
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
 cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Move SENDME cell processing in a separate function

[asn]

commit 2ec25e847eb2d9af0a1a1c552ffa8dbd87cf6023
Author: David Goulet 
Date:   Thu Mar 7 11:35:52 2019 -0500

prop289: Move SENDME cell processing in a separate function

No behavior change. Only moving code and fixing part of it in order to use 
the
parameters passed as pointers.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/relay.c | 137 +---
 1 file changed, 76 insertions(+), 61 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 63c406d8a..6bf7ac1a7 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1444,6 +1444,81 @@ connection_edge_process_relay_cell_not_open(
 //  return -1;
 }
 
+/** Process a SENDME cell that arrived on circ. If it is a stream level
+ * cell, it is destined for the given conn. If it is a circuit level
+ * cell, it is destined for the layer_hint. The domain is the
+ * logging domain that should be used.
+ *
+ * Return 0 if everything went well or a negative value representing a circuit
+ * end reason on error for which the caller is responsible for closing it. */
+static int
+process_sendme_cell(const relay_header_t *rh, const cell_t *cell,
+circuit_t *circ, edge_connection_t *conn,
+crypt_path_t *layer_hint, int domain)
+{
+  int ret;
+
+  tor_assert(rh);
+
+  if (!rh->stream_id) {
+/* Circuit level SENDME cell. */
+ret = sendme_process_circuit_level(layer_hint, circ,
+   cell->payload + RELAY_HEADER_SIZE,
+   rh->length);
+if (ret < 0) {
+  return ret;
+}
+/* Resume reading on any streams now that we've processed a valid
+ * SENDME cell that updated our package window. */
+circuit_resume_edge_reading(circ, layer_hint);
+/* We are done, the rest of the code is for the stream level. */
+return 0;
+  }
+
+  /* No connection, might be half edge state. We are done if so. */
+  if (!conn) {
+if (CIRCUIT_IS_ORIGIN(circ)) {
+  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
+  if (connection_half_edge_is_valid_sendme(ocirc->half_streams,
+   rh->stream_id)) {
+circuit_read_valid_data(ocirc, rh->length);
+log_info(domain, "Sendme cell on circ %u valid on half-closed "
+ "stream id %d",
+ ocirc->global_identifier, rh->stream_id);
+  }
+}
+
+log_info(domain, "SENDME cell dropped, unknown stream (streamid %d).",
+ rh->stream_id);
+return 0;
+  }
+
+  /* Stream level SENDME cell. */
+  ret = sendme_process_stream_level(conn, circ, rh->length);
+  if (ret < 0) {
+/* Means we need to close the circuit with reason ret. */
+return ret;
+  }
+
+  /* We've now processed properly a SENDME cell, all windows have been
+   * properly updated, we'll read on the edge connection to see if we can
+   * get data out towards the end point (Exit or client) since we are now
+   * allowed to deliver more cells. */
+
+  if (circuit_queue_streams_are_blocked(circ)) {
+/* Still waiting for queue to flush; don't touch conn */
+return 0;
+  }
+  connection_start_reading(TO_CONN(conn));
+  /* handle whatever might still be on the inbuf */
+  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
+/* (We already sent an end cell if possible) */
+connection_mark_for_close(TO_CONN(conn));
+return 0;
+  }
+  return 0;
+}
+
 /** An incoming relay cell has arrived on circuit circ. If
  * conn is NULL this is a control cell, else cell is
  * destined for conn.
@@ -1825,67 +1900,7 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
(unsigned)circ->n_circ_id, rh.stream_id);
   return 0;
 case RELAY_COMMAND_SENDME:
-{
-  int ret;
-
-  if (!rh.stream_id) {
-/* Circuit level SENDME cell. */
-ret = sendme_process_circuit_level(layer_hint, circ,
-   cell->payload + RELAY_HEADER_SIZE,
-   rh.length);
-if (ret < 0) {
-  return ret;
-}
-/* Resume reading on any streams now that we've processed a valid
- * SENDME cell that updated our package window. */
-circuit_resume_edge_reading(circ, layer_hint);
-/* We are done, the rest of the code is for the stream level. */
-return 0;
-  }
-
-  /* No connection, might be half edge state. We are done if so. */
-  if (!conn) {
-if (CIRCUIT_IS_ORIGIN(circ)) {
-  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
-  if (connection_half_edge_is_valid_sendme(ocirc->half_streams,
-   rh.stream_id)) {
-circuit_read_valid_data(ocirc, rh.length);
-log_info(domain, "Sendme cell on circ %u valid on half-closed "
-  

[tor-commits] [tor/master] sendme: Add helper functions for DATA cell packaging

[asn]

commit 8e38791baf48ca2a4c865f3b7fc264392e63f426
Author: David Goulet 
Date:   Fri Jan 11 11:36:08 2019 -0500

sendme: Add helper functions for DATA cell packaging

When we are about to send a DATA cell, we have to decrement the package 
window
for both the circuit and stream level.

This commit adds helper functions to handle the package window decrement.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/relay.c  | 16 +---
 src/core/or/sendme.c | 37 +
 src/core/or/sendme.h |  4 
 3 files changed, 50 insertions(+), 7 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 0eb2ba3f6..06e201f20 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -2062,15 +2062,17 @@ connection_edge_package_raw_inbuf(edge_connection_t 
*conn, int package_partial,
 return 0;
   }
 
-  if (!cpath_layer) { /* non-rendezvous exit */
-tor_assert(circ->package_window > 0);
-circ->package_window--;
-  } else { /* we're an AP, or an exit on a rendezvous circ */
-tor_assert(cpath_layer->package_window > 0);
-cpath_layer->package_window--;
+  /* Handle the circuit-level SENDME package window. */
+  if (sendme_circuit_data_packaged(circ, cpath_layer) < 0) {
+/* Package window has gone under 0. Protocol issue. */
+log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+   "Circuit package window is below 0. Closing circuit.");
+conn->end_reason = END_STREAM_REASON_TORPROTOCOL;
+return -1;
   }
 
-  if (--conn->package_window <= 0) { /* is it 0 after decrement? */
+  /* Handle the stream-level SENDME package window. */
+  if (sendme_stream_data_packaged(conn) < 0) {
 connection_stop_reading(TO_CONN(conn));
 log_debug(domain,"conn->package_window reached 0.");
 circuit_consider_stop_edge_reading(circ, cpath_layer);
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 6d9f6f7d0..d7feb6bfc 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -213,3 +213,40 @@ sendme_stream_data_received(edge_connection_t *conn)
   tor_assert(conn);
   return --conn->deliver_window;
 }
+
+/* Called when a relay DATA cell is packaged on the given circuit. If
+ * layer_hint is NULL, this means we are the Exit end point else we are the
+ * Client. Update the package window and return its new value. */
+int
+sendme_circuit_data_packaged(circuit_t *circ, crypt_path_t *layer_hint)
+{
+  int package_window, domain;
+
+  tor_assert(circ);
+
+  if (CIRCUIT_IS_ORIGIN(circ)) {
+/* Client side. */
+tor_assert(layer_hint);
+--layer_hint->package_window;
+package_window = layer_hint->package_window;
+domain = LD_APP;
+  } else {
+/* Exit side. */
+tor_assert(!layer_hint);
+--circ->package_window;
+package_window = circ->package_window;
+domain = LD_EXIT;
+  }
+
+  log_debug(domain, "Circuit package_window now %d.", package_window);
+  return package_window;
+}
+
+/* Called when a relay DATA cell is packaged for the given edge connection
+ * conn. Update the package window and return its new value. */
+int
+sendme_stream_data_packaged(edge_connection_t *conn)
+{
+  tor_assert(conn);
+  return --conn->package_window;
+}
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index 6313e9121..f50ccfbfe 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -28,4 +28,8 @@ int sendme_process_stream_level(edge_connection_t *conn, 
circuit_t *circ,
 int sendme_stream_data_received(edge_connection_t *conn);
 int sendme_circuit_data_received(circuit_t *circ, crypt_path_t *layer_hint);
 
+/* Update package window functions. */
+int sendme_circuit_data_packaged(circuit_t *circ, crypt_path_t *layer_hint);
+int sendme_stream_data_packaged(edge_connection_t *conn);
+
 #endif /* !defined(TOR_SENDME_H) */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Use a 20 bytes digest instead of 4

[asn]

commit 504e05b02999afb6a58ebe4af5770ca8dc136233
Author: David Goulet 
Date:   Thu Mar 7 11:20:23 2019 -0500

prop289: Use a 20 bytes digest instead of 4

To achieve such, this commit also changes the trunnel declaration to use a
union instead of a seperate object for the v1 data.

A constant is added for the digest length so we can use it within the SENDME
code giving us a single reference.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c   |  41 ++
 src/test/test_sendme.c |   6 +-
 src/trunnel/sendme.c   | 349 +
 src/trunnel/sendme.h   | 107 +++---
 src/trunnel/sendme.trunnel |  19 +--
 5 files changed, 146 insertions(+), 376 deletions(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 980684c82..a333b02b6 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -59,7 +59,8 @@ get_accept_min_version(void)
  SENDME_ACCEPT_MIN_VERSION_MAX);
 }
 
-/* Return true iff the given decoded SENDME version 1 cell is valid.
+/* Return true iff the given decoded SENDME version 1 cell is valid and
+ * matches the expected digest on the circuit.
  *
  * Validation is done by comparing the digest in the cell from the previous
  * cell we saw which tells us that the other side has in fact seen that cell.
@@ -67,14 +68,12 @@ get_accept_min_version(void)
 static bool
 cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t *circ)
 {
-  sendme_data_v1_t *data = NULL;
+  const uint8_t *cell_digest = NULL;
 
   tor_assert(cell);
+  tor_assert(circ);
 
-  if (sendme_data_v1_parse(, sendme_cell_getconstarray_data(cell),
-   sendme_cell_getlen_data(cell)) < 0) {
-goto invalid;
-  }
+  cell_digest = sendme_cell_getconstarray_data_v1_digest(cell);
 
   /* We shouldn't have received this SENDME if we have no digests. Log at
* protocol warning because it can be tricked by sending many SENDMEs
@@ -94,8 +93,7 @@ cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t 
*circ)
 
 /* Compare the digest with the one in the SENDME. This cell is invalid
  * without a perfect match. */
-if (tor_memcmp(digest, sendme_data_v1_getconstarray_digest(data),
-   sendme_data_v1_getlen_digest(data))) {
+if (tor_memcmp(digest, cell_digest, TRUNNEL_SENDME_V1_DIGEST_LEN)) {
   tor_free(digest);
   log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  "SENDME v1 cell digest do not match.");
@@ -105,10 +103,8 @@ cell_v1_is_valid(const sendme_cell_t *cell, const 
circuit_t *circ)
   }
 
   /* Validated SENDME v1 cell. */
-  sendme_data_v1_free(data);
   return 1;
  invalid:
-  sendme_data_v1_free(data);
   return 0;
 }
 
@@ -213,39 +209,26 @@ build_cell_payload_v1(crypto_digest_t *cell_digest, 
uint8_t *payload)
 {
   ssize_t len = -1;
   sendme_cell_t *cell = NULL;
-  sendme_data_v1_t *data = NULL;
 
   tor_assert(cell_digest);
   tor_assert(payload);
 
   cell = sendme_cell_new();
-  data = sendme_data_v1_new();
 
   /* Building a payload for version 1. */
   sendme_cell_set_version(cell, 0x01);
+  /* Set the data length field for v1. */
+  sendme_cell_set_data_len(cell, TRUNNEL_SENDME_V1_DIGEST_LEN);
 
   /* Copy the digest into the data payload. */
   crypto_digest_get_digest(cell_digest,
-   (char *) sendme_data_v1_getarray_digest(data),
-   sendme_data_v1_getlen_digest(data));
-
-  /* Set the length of the data in the cell payload. It is the encoded length
-   * of the v1 data object. */
-  sendme_cell_setlen_data(cell, sendme_data_v1_encoded_len(data));
-  /* Encode into the cell's data field using its current length just set. */
-  if (sendme_data_v1_encode(sendme_cell_getarray_data(cell),
-sendme_cell_getlen_data(cell), data) < 0) {
-goto end;
-  }
-  /* Set the DATA_LEN field to what we've just encoded. */
-  sendme_cell_set_data_len(cell, sendme_cell_getlen_data(cell));
+   (char *) sendme_cell_getarray_data_v1_digest(cell),
+   sendme_cell_get_data_len(cell));
 
   /* Finally, encode the cell into the payload. */
   len = sendme_cell_encode(payload, RELAY_PAYLOAD_SIZE, cell);
 
- end:
   sendme_cell_free(cell);
-  sendme_data_v1_free(data);
   return len;
 }
 
@@ -566,9 +549,9 @@ sendme_note_cell_digest(circuit_t *circ)
* recorded. It should never happen in theory as we always record the last
* digest for the v1 SENDME. */
   if (TO_OR_CIRCUIT(circ)->crypto.sendme_digest) {
-digest = tor_malloc_zero(4);
+digest = tor_malloc_zero(TRUNNEL_SENDME_V1_DIGEST_LEN);
 crypto_digest_get_digest(TO_OR_CIRCUIT(circ)->crypto.sendme_digest,
- (char *) digest, 4);
+ (char *) digest, TRUNNEL_SENDME_V1_DIGEST_LEN);
 if (circ->sendme_last_digests == NULL) {
   circ->sendme_last_digests 

[tor-commits] [tor/master] prop289: Rename packaged functions with better name

[asn]

commit 217b55319336227f9e397db526cea551dbd796e4
Author: David Goulet 
Date:   Thu Mar 7 11:45:38 2019 -0500

prop289: Rename packaged functions with better name

The circuit and stream level functions that update the package window have
been renamed to have a "_note_" in them to make their purpose more clear.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/relay.c  | 4 ++--
 src/core/or/sendme.c | 4 ++--
 src/core/or/sendme.h | 5 +++--
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 6bf7ac1a7..fa008120b 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -2092,7 +2092,7 @@ connection_edge_package_raw_inbuf(edge_connection_t 
*conn, int package_partial,
   }
 
   /* Handle the circuit-level SENDME package window. */
-  if (sendme_circuit_data_packaged(circ, cpath_layer) < 0) {
+  if (sendme_note_circuit_data_packaged(circ, cpath_layer) < 0) {
 /* Package window has gone under 0. Protocol issue. */
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Circuit package window is below 0. Closing circuit.");
@@ -2101,7 +2101,7 @@ connection_edge_package_raw_inbuf(edge_connection_t 
*conn, int package_partial,
   }
 
   /* Handle the stream-level SENDME package window. */
-  if (sendme_stream_data_packaged(conn) < 0) {
+  if (sendme_note_stream_data_packaged(conn) < 0) {
 connection_stop_reading(TO_CONN(conn));
 log_debug(domain,"conn->package_window reached 0.");
 circuit_consider_stop_edge_reading(circ, cpath_layer);
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index a333b02b6..16ff5bcb8 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -491,7 +491,7 @@ sendme_stream_data_received(edge_connection_t *conn)
  * layer_hint is NULL, this means we are the Exit end point else we are the
  * Client. Update the package window and return its new value. */
 int
-sendme_circuit_data_packaged(circuit_t *circ, crypt_path_t *layer_hint)
+sendme_note_circuit_data_packaged(circuit_t *circ, crypt_path_t *layer_hint)
 {
   int package_window, domain;
 
@@ -518,7 +518,7 @@ sendme_circuit_data_packaged(circuit_t *circ, crypt_path_t 
*layer_hint)
 /* Called when a relay DATA cell is packaged for the given edge connection
  * conn. Update the package window and return its new value. */
 int
-sendme_stream_data_packaged(edge_connection_t *conn)
+sendme_note_stream_data_packaged(edge_connection_t *conn)
 {
   tor_assert(conn);
   return --conn->package_window;
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index c2e2518da..2154a29f4 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -30,8 +30,9 @@ int sendme_stream_data_received(edge_connection_t *conn);
 int sendme_circuit_data_received(circuit_t *circ, crypt_path_t *layer_hint);
 
 /* Update package window functions. */
-int sendme_circuit_data_packaged(circuit_t *circ, crypt_path_t *layer_hint);
-int sendme_stream_data_packaged(edge_connection_t *conn);
+int sendme_note_circuit_data_packaged(circuit_t *circ,
+  crypt_path_t *layer_hint);
+int sendme_note_stream_data_packaged(edge_connection_t *conn);
 
 /* Track cell digest. */
 void sendme_note_cell_digest(circuit_t *circ);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] prop289: Remember the last cell digest for v1 SENDMEs

[asn]

commit 402f0a4f5d70bee128130f4dbd0ea18de1747410
Author: David Goulet 
Date:   Wed Jan 23 14:39:04 2019 -0500

prop289: Remember the last cell digest for v1 SENDMEs

In order to do so, depending on where the cell is going, we'll keep the last
cell digest that is either received inbound or sent outbound.

Then it can be used for validation.

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/crypto/relay_crypto.c | 13 +
 src/core/or/relay.c|  2 +-
 src/core/or/relay_crypto_st.h  |  2 ++
 src/core/or/sendme.c   | 28 +++-
 src/core/or/sendme.h   |  3 +--
 5 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c
index 0b83b2d0a..d4116d47a 100644
--- a/src/core/crypto/relay_crypto.c
+++ b/src/core/crypto/relay_crypto.c
@@ -142,6 +142,13 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell,
   if (relay_digest_matches(thishop->crypto.b_digest, cell)) {
 *recognized = 1;
 *layer_hint = thishop;
+/* Keep current digest of this cell for the possible SENDME. */
+if (thishop->crypto.sendme_digest) {
+  crypto_digest_free(thishop->crypto.sendme_digest);
+}
+thishop->crypto.sendme_digest =
+  crypto_digest_dup(thishop->crypto.b_digest);
+
 return 0;
   }
 }
@@ -212,6 +219,11 @@ relay_encrypt_cell_inbound(cell_t *cell,
or_circuit_t *or_circ)
 {
   relay_set_digest(or_circ->crypto.b_digest, cell);
+  /* Keep a record of this cell, we might use it for validating the SENDME. */
+  if (or_circ->crypto.sendme_digest) {
+crypto_digest_free(or_circ->crypto.sendme_digest);
+  }
+  or_circ->crypto.sendme_digest = crypto_digest_dup(or_circ->crypto.b_digest);
   /* encrypt one layer */
   relay_crypt_one_payload(or_circ->crypto.b_crypto, cell->payload);
 }
@@ -229,6 +241,7 @@ relay_crypto_clear(relay_crypto_t *crypto)
   crypto_cipher_free(crypto->b_crypto);
   crypto_digest_free(crypto->f_digest);
   crypto_digest_free(crypto->b_digest);
+  crypto_digest_free(crypto->sendme_digest);
 }
 
 /** Initialize crypto from the key material in key_data.
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index b26360b24..47275a811 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1568,7 +1568,7 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
   }
 
   /* Consider sending a circuit-level SENDME cell. */
-  sendme_circuit_consider_sending(circ, layer_hint, NULL);
+  sendme_circuit_consider_sending(circ, layer_hint);
 
   if (rh.stream_id == 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay data cell with zero "
diff --git a/src/core/or/relay_crypto_st.h b/src/core/or/relay_crypto_st.h
index dafce257c..dbdf1599d 100644
--- a/src/core/or/relay_crypto_st.h
+++ b/src/core/or/relay_crypto_st.h
@@ -25,6 +25,8 @@ struct relay_crypto_t {
   /** Digest state for cells heading away from the OR at this step. */
   struct crypto_digest_t *b_digest;
 
+  /** Digest used for the next SENDME cell if any. */
+  struct crypto_digest_t *sendme_digest;
 };
 #undef crypto_cipher_t
 
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index afade43f7..76f551a92 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -14,6 +14,7 @@
 #include "core/or/cell_st.h"
 #include "core/or/circuitlist.h"
 #include "core/or/circuituse.h"
+#include "core/or/or_circuit_st.h"
 #include "core/or/relay.h"
 #include "core/or/sendme.h"
 #include "feature/nodelist/networkstatus.h"
@@ -342,18 +343,20 @@ sendme_connection_edge_consider_sending(edge_connection_t 
*conn)
  * more.
  */
 void
-sendme_circuit_consider_sending(circuit_t *circ, crypt_path_t *layer_hint,
-crypto_digest_t *digest)
+sendme_circuit_consider_sending(circuit_t *circ, crypt_path_t *layer_hint)
 {
-  tor_assert(digest);
+  crypto_digest_t *digest;
 
   while ((layer_hint ? layer_hint->deliver_window : circ->deliver_window) <=
   CIRCWINDOW_START - CIRCWINDOW_INCREMENT) {
 log_debug(LD_CIRC,"Queuing circuit sendme.");
-if (layer_hint)
+if (layer_hint) {
   layer_hint->deliver_window += CIRCWINDOW_INCREMENT;
-else
+  digest = layer_hint->crypto.sendme_digest;
+} else {
   circ->deliver_window += CIRCWINDOW_INCREMENT;
+  digest = TO_OR_CIRCUIT(circ)->crypto.sendme_digest;
+}
 if (send_circuit_level_sendme(circ, layer_hint, digest) < 0) {
   return; /* The circuit's closed, don't continue */
 }
@@ -557,9 +560,16 @@ sendme_note_cell_digest(circuit_t *circ)
 return;
   }
 
-  digest = tor_malloc_zero(4);
-  if (circ->sendme_last_digests == NULL) {
-circ->sendme_last_digests = smartlist_new();
+  /* Only note the digest if we actually have the digest of the previous cell
+   * recorded. It should never 

[tor-commits] [tor/master] prop289: Add SENDME trunnel declaration

[asn]

commit eef78ac0b07096a6925ae42e8b5d526304fa54a8
Author: David Goulet 
Date:   Tue Jan 8 11:13:37 2019 -0500

prop289: Add SENDME trunnel declaration

Signed-off-by: David Goulet 
---
 src/trunnel/include.am |   3 +
 src/trunnel/sendme.c   | 492 +
 src/trunnel/sendme.h   | 170 
 src/trunnel/sendme.trunnel |  18 ++
 4 files changed, 683 insertions(+)

diff --git a/src/trunnel/include.am b/src/trunnel/include.am
index 4f4f1d362..82e7a6695 100644
--- a/src/trunnel/include.am
+++ b/src/trunnel/include.am
@@ -11,6 +11,7 @@ TRUNNELINPUTS = \
src/trunnel/link_handshake.trunnel \
src/trunnel/pwbox.trunnel \
src/trunnel/channelpadding_negotiation.trunnel \
+   src/trunnel/sendme.trunnel \
src/trunnel/socks5.trunnel \
src/trunnel/circpad_negotiation.trunnel
 
@@ -24,6 +25,7 @@ TRUNNELSOURCES = \
src/trunnel/hs/cell_introduce1.c \
src/trunnel/hs/cell_rendezvous.c \
src/trunnel/channelpadding_negotiation.c \
+   src/trunnel/sendme.c\
src/trunnel/socks5.c \
src/trunnel/netinfo.c \
src/trunnel/circpad_negotiation.c
@@ -40,6 +42,7 @@ TRUNNELHEADERS = \
src/trunnel/hs/cell_introduce1.h \
src/trunnel/hs/cell_rendezvous.h \
src/trunnel/channelpadding_negotiation.h \
+   src/trunnel/sendme.h\
src/trunnel/socks5.h\
src/trunnel/netinfo.h \
src/trunnel/circpad_negotiation.h
diff --git a/src/trunnel/sendme.c b/src/trunnel/sendme.c
new file mode 100644
index 0..08f9ed5e9
--- /dev/null
+++ b/src/trunnel/sendme.c
@@ -0,0 +1,492 @@
+/* sendme.c -- generated by Trunnel v1.5.2.
+ * https://gitweb.torproject.org/trunnel.git
+ * You probably shouldn't edit this file.
+ */
+#include 
+#include "trunnel-impl.h"
+
+#include "sendme.h"
+
+#define TRUNNEL_SET_ERROR_CODE(obj) \
+  do {  \
+(obj)->trunnel_error_code_ = 1; \
+  } while (0)
+
+#if defined(__COVERITY__) || defined(__clang_analyzer__)
+/* If we're running a static analysis tool, we don't want it to complain
+ * that some of our remaining-bytes checks are dead-code. */
+int sendme_deadcode_dummy__ = 0;
+#define OR_DEADCODE_DUMMY || sendme_deadcode_dummy__
+#else
+#define OR_DEADCODE_DUMMY
+#endif
+
+#define CHECK_REMAINING(nbytes, label)   \
+  do {   \
+if (remaining < (nbytes) OR_DEADCODE_DUMMY) {\
+  goto label;\
+}\
+  } while (0)
+
+sendme_cell_t *
+sendme_cell_new(void)
+{
+  sendme_cell_t *val = trunnel_calloc(1, sizeof(sendme_cell_t));
+  if (NULL == val)
+return NULL;
+  return val;
+}
+
+/** Release all storage held inside 'obj', but do not free 'obj'.
+ */
+static void
+sendme_cell_clear(sendme_cell_t *obj)
+{
+  (void) obj;
+  TRUNNEL_DYNARRAY_WIPE(>data);
+  TRUNNEL_DYNARRAY_CLEAR(>data);
+}
+
+void
+sendme_cell_free(sendme_cell_t *obj)
+{
+  if (obj == NULL)
+return;
+  sendme_cell_clear(obj);
+  trunnel_memwipe(obj, sizeof(sendme_cell_t));
+  trunnel_free_(obj);
+}
+
+uint8_t
+sendme_cell_get_version(const sendme_cell_t *inp)
+{
+  return inp->version;
+}
+int
+sendme_cell_set_version(sendme_cell_t *inp, uint8_t val)
+{
+  if (! ((val == 0 || val == 1))) {
+ TRUNNEL_SET_ERROR_CODE(inp);
+ return -1;
+  }
+  inp->version = val;
+  return 0;
+}
+uint16_t
+sendme_cell_get_data_len(const sendme_cell_t *inp)
+{
+  return inp->data_len;
+}
+int
+sendme_cell_set_data_len(sendme_cell_t *inp, uint16_t val)
+{
+  inp->data_len = val;
+  return 0;
+}
+size_t
+sendme_cell_getlen_data(const sendme_cell_t *inp)
+{
+  return TRUNNEL_DYNARRAY_LEN(>data);
+}
+
+uint8_t
+sendme_cell_get_data(sendme_cell_t *inp, size_t idx)
+{
+  return TRUNNEL_DYNARRAY_GET(>data, idx);
+}
+
+uint8_t
+sendme_cell_getconst_data(const sendme_cell_t *inp, size_t idx)
+{
+  return sendme_cell_get_data((sendme_cell_t*)inp, idx);
+}
+int
+sendme_cell_set_data(sendme_cell_t *inp, size_t idx, uint8_t elt)
+{
+  TRUNNEL_DYNARRAY_SET(>data, idx, elt);
+  return 0;
+}
+int
+sendme_cell_add_data(sendme_cell_t *inp, uint8_t elt)
+{
+#if SIZE_MAX >= UINT16_MAX
+  if (inp->data.n_ == UINT16_MAX)
+goto trunnel_alloc_failed;
+#endif
+  TRUNNEL_DYNARRAY_ADD(uint8_t, >data, elt, {});
+  return 0;
+ trunnel_alloc_failed:
+  TRUNNEL_SET_ERROR_CODE(inp);
+  return -1;
+}
+
+uint8_t *
+sendme_cell_getarray_data(sendme_cell_t *inp)
+{
+  return inp->data.elts_;
+}
+const uint8_t  *
+sendme_cell_getconstarray_data(const sendme_cell_t *inp)
+{
+  return (const uint8_t  *)sendme_cell_getarray_data((sendme_cell_t*)inp);
+}
+int
+sendme_cell_setlen_data(sendme_cell_t *inp, size_t newlen)
+{
+  uint8_t *newptr;
+#if UINT16_MAX < SIZE_MAX
+  if (newlen > UINT16_MAX)
+

[tor-commits] [tor/master] prop289: Add two consensus parameters

[asn]

commit c38d46bf4adf4107d39a2ce46aeacb630f3f112a
Author: David Goulet 
Date:   Wed Jan 9 12:02:01 2019 -0500

prop289: Add two consensus parameters

In order to be able to deploy the authenticated SENDMEs, these two consensus
parameters are needed to control the minimum version that we can emit and
accept.

See section 4 in prop289 for more details.

Note that at this commit, the functions that return the values aren't used 
so
compilation fails if warnings are set to errors.

Closes #26842

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 33 +
 1 file changed, 33 insertions(+)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index d7feb6bfc..bba760ae9 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -15,6 +15,39 @@
 #include "core/or/circuituse.h"
 #include "core/or/relay.h"
 #include "core/or/sendme.h"
+#include "feature/nodelist/networkstatus.h"
+
+/* The cell version constants for when emitting a cell. */
+#define SENDME_EMIT_MIN_VERSION_DEFAULT 0
+#define SENDME_EMIT_MIN_VERSION_MIN 0
+#define SENDME_EMIT_MIN_VERSION_MAX UINT8_MAX
+
+/* The cell version constants for when accepting a cell. */
+#define SENDME_ACCEPT_MIN_VERSION_DEFAULT 0
+#define SENDME_ACCEPT_MIN_VERSION_MIN 0
+#define SENDME_ACCEPT_MIN_VERSION_MAX UINT8_MAX
+
+/* Return the minimum version given by the consensus (if any) that should be
+ * used when emitting a SENDME cell. */
+static int
+get_emit_min_version(void)
+{
+  return networkstatus_get_param(NULL, "sendme_emit_min_version",
+ SENDME_EMIT_MIN_VERSION_DEFAULT,
+ SENDME_EMIT_MIN_VERSION_MIN,
+ SENDME_EMIT_MIN_VERSION_MAX);
+}
+
+/* Return the minimum version given by the consensus (if any) that should be
+ * accepted when receiving a SENDME cell. */
+static int
+get_accept_min_version(void)
+{
+  return networkstatus_get_param(NULL, "sendme_accept_min_version",
+ SENDME_ACCEPT_MIN_VERSION_DEFAULT,
+ SENDME_ACCEPT_MIN_VERSION_MIN,
+ SENDME_ACCEPT_MIN_VERSION_MAX);
+}
 
 /** Called when we've just received a relay data cell, when we've just
  * finished flushing all bytes to stream conn, or when we've flushed



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] tests: Implement unit tests for SENDME v1

[asn]

commit cede93b2d83fb810ec8b2152882732ed0a7481dc
Author: David Goulet 
Date:   Tue Feb 19 14:49:38 2019 -0500

tests: Implement unit tests for SENDME v1

Part of #26288

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c  |  12 +--
 src/core/or/sendme.h  |  23 +
 src/test/include.am   |   1 +
 src/test/test.c   |   1 +
 src/test/test.h   |   1 +
 src/test/test_relaycell.c |   1 +
 src/test/test_sendme.c| 223 ++
 7 files changed, 257 insertions(+), 5 deletions(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 76f551a92..980684c82 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -7,6 +7,8 @@
  *creating/parsing cells and handling the content.
  */
 
+#define SENDME_PRIVATE
+
 #include "core/or/or.h"
 
 #include "app/config/config.h"
@@ -37,7 +39,7 @@
 
 /* Return the minimum version given by the consensus (if any) that should be
  * used when emitting a SENDME cell. */
-static int
+STATIC int
 get_emit_min_version(void)
 {
   return networkstatus_get_param(NULL, "sendme_emit_min_version",
@@ -48,7 +50,7 @@ get_emit_min_version(void)
 
 /* Return the minimum version given by the consensus (if any) that should be
  * accepted when receiving a SENDME cell. */
-static int
+STATIC int
 get_accept_min_version(void)
 {
   return networkstatus_get_param(NULL, "sendme_accept_min_version",
@@ -112,7 +114,7 @@ cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t 
*circ)
 
 /* Return true iff the given cell version can be handled or if the minimum
  * accepted version from the consensus is known to us. */
-static bool
+STATIC bool
 cell_version_is_valid(uint8_t cell_version)
 {
   int accept_version = get_accept_min_version();
@@ -149,7 +151,7 @@ cell_version_is_valid(uint8_t cell_version)
  * This is the main critical function to make sure we can continue to
  * send/recv cells on a circuit. If the SENDME is invalid, the circuit should
  * be mark for close. */
-static bool
+STATIC bool
 sendme_is_valid(const circuit_t *circ, const uint8_t *cell_payload,
 size_t cell_payload_len)
 {
@@ -206,7 +208,7 @@ sendme_is_valid(const circuit_t *circ, const uint8_t 
*cell_payload,
  *
  * Return the size in bytes of the encoded cell in payload. A negative value
  * is returned on encoding failure. */
-static ssize_t
+STATIC ssize_t
 build_cell_payload_v1(crypto_digest_t *cell_digest, uint8_t *payload)
 {
   ssize_t len = -1;
diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h
index e7cf718bb..c2e2518da 100644
--- a/src/core/or/sendme.h
+++ b/src/core/or/sendme.h
@@ -36,4 +36,27 @@ int sendme_stream_data_packaged(edge_connection_t *conn);
 /* Track cell digest. */
 void sendme_note_cell_digest(circuit_t *circ);
 
+/* Private section starts. */
+#ifdef SENDME_PRIVATE
+
+/*
+ * Unit tests declaractions.
+ */
+#ifdef TOR_UNIT_TESTS
+
+STATIC int get_emit_min_version(void);
+STATIC int get_accept_min_version(void);
+
+STATIC bool cell_version_is_valid(uint8_t cell_version);
+
+STATIC ssize_t build_cell_payload_v1(crypto_digest_t *cell_digest,
+ uint8_t *payload);
+STATIC bool sendme_is_valid(const circuit_t *circ,
+const uint8_t *cell_payload,
+size_t cell_payload_len);
+
+#endif /* TOR_UNIT_TESTS */
+
+#endif /* SENDME_PRIVATE */
+
 #endif /* !defined(TOR_SENDME_H) */
diff --git a/src/test/include.am b/src/test/include.am
index 497aa320a..5f6b05fa9 100644
--- a/src/test/include.am
+++ b/src/test/include.am
@@ -179,6 +179,7 @@ src_test_test_SOURCES += \
src/test/test_routerlist.c \
src/test/test_routerset.c \
src/test/test_scheduler.c \
+   src/test/test_sendme.c \
src/test/test_shared_random.c \
src/test/test_socks.c \
src/test/test_status.c \
diff --git a/src/test/test.c b/src/test/test.c
index fbc30fb64..17159b71c 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -923,6 +923,7 @@ struct testgroup_t testgroups[] = {
   { "routerlist/", routerlist_tests },
   { "routerset/" , routerset_tests },
   { "scheduler/", scheduler_tests },
+  { "sendme/", sendme_tests },
   { "shared-random/", sr_tests },
   { "socks/", socks_tests },
   { "status/" , status_tests },
diff --git a/src/test/test.h b/src/test/test.h
index 7d19af9b2..167fd090a 100644
--- a/src/test/test.h
+++ b/src/test/test.h
@@ -266,6 +266,7 @@ extern struct testcase_t routerkeys_tests[];
 extern struct testcase_t routerlist_tests[];
 extern struct testcase_t routerset_tests[];
 extern struct testcase_t scheduler_tests[];
+extern struct testcase_t sendme_tests[];
 extern struct testcase_t socks_tests[];
 extern struct testcase_t sr_tests[];
 extern struct testcase_t status_tests[];
diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c
index 062358351..c4ed215c7 100644
--- a/src/test/test_relaycell.c
+++ b/src/test/test_relaycell.c
@@ -705,6 +705,7 @@ 

[tor-commits] [tor/master] prop289: Support sending SENDME version 1

[asn]

commit 023a70da841182fbbbe11389929c8fbbc7490365
Author: David Goulet 
Date:   Wed Jan 9 12:22:35 2019 -0500

prop289: Support sending SENDME version 1

This code will obey the consensus parameter "sendme_emit_min_version" to 
know
which SENDME version it should send. For now, the default is 0 and the
parameter is not yet used in the consensus.

This commit adds the support to send version 1 SENDMEs but aren't sent on 
the
wire at this commit.

Closes #26840

Signed-off-by: David Goulet 
---
 src/core/or/relay.c  |   2 +-
 src/core/or/sendme.c | 106 ---
 src/core/or/sendme.h |   3 +-
 3 files changed, 103 insertions(+), 8 deletions(-)

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 6ff053d8a..6f69ed999 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1560,7 +1560,7 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
   }
 
   /* Consider sending a circuit-level SENDME cell. */
-  sendme_circuit_consider_sending(circ, layer_hint);
+  sendme_circuit_consider_sending(circ, layer_hint, NULL);
 
   if (rh.stream_id == 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay data cell with zero "
diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index bba760ae9..f22e7027d 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -16,6 +16,7 @@
 #include "core/or/relay.h"
 #include "core/or/sendme.h"
 #include "feature/nodelist/networkstatus.h"
+#include "trunnel/sendme.h"
 
 /* The cell version constants for when emitting a cell. */
 #define SENDME_EMIT_MIN_VERSION_DEFAULT 0
@@ -38,6 +39,7 @@ get_emit_min_version(void)
  SENDME_EMIT_MIN_VERSION_MAX);
 }
 
+#if 0
 /* Return the minimum version given by the consensus (if any) that should be
  * accepted when receiving a SENDME cell. */
 static int
@@ -48,6 +50,98 @@ get_accept_min_version(void)
  SENDME_ACCEPT_MIN_VERSION_MIN,
  SENDME_ACCEPT_MIN_VERSION_MAX);
 }
+#endif
+
+/* Build and encode a version 1 SENDME cell into payload, which must be at
+ * least of RELAY_PAYLOAD_SIZE bytes, using the digest for the cell data.
+ *
+ * Return the size in bytes of the encoded cell in payload. A negative value
+ * is returned on encoding failure. */
+static ssize_t
+build_cell_payload_v1(crypto_digest_t *cell_digest, uint8_t *payload)
+{
+  ssize_t len = -1;
+  sendme_cell_t *cell = NULL;
+  sendme_data_v1_t *data = NULL;
+
+  tor_assert(cell_digest);
+  tor_assert(payload);
+
+  cell = sendme_cell_new();
+  data = sendme_data_v1_new();
+
+  /* Building a payload for version 1. */
+  sendme_cell_set_version(cell, 0x01);
+
+  /* Copy the digest into the data payload. */
+  crypto_digest_get_digest(cell_digest,
+   (char *) sendme_data_v1_getarray_digest(data),
+   sendme_data_v1_getlen_digest(data));
+
+  /* Set the length of the data in the cell payload. It is the encoded length
+   * of the v1 data object. */
+  sendme_cell_setlen_data(cell, sendme_data_v1_encoded_len(data));
+  /* Encode into the cell's data field using its current length just set. */
+  if (sendme_data_v1_encode(sendme_cell_getarray_data(cell),
+sendme_cell_getlen_data(cell), data) < 0) {
+goto end;
+  }
+  /* Set the DATA_LEN field to what we've just encoded. */
+  sendme_cell_set_data_len(cell, sendme_cell_getlen_data(cell));
+
+  /* Finally, encode the cell into the payload. */
+  len = sendme_cell_encode(payload, RELAY_PAYLOAD_SIZE, cell);
+
+ end:
+  sendme_cell_free(cell);
+  sendme_data_v1_free(data);
+  return len;
+}
+
+/* Send a circuit-level SENDME on the given circuit using the layer_hint if
+ * not NULL. The digest is only used for version 1.
+ *
+ * Return 0 on success else a negative value and the circuit will be closed
+ * because we failed to send the cell on it. */
+static int
+send_circuit_level_sendme(circuit_t *circ, crypt_path_t *layer_hint,
+  crypto_digest_t *cell_digest)
+{
+  uint8_t emit_version;
+  uint8_t payload[RELAY_PAYLOAD_SIZE];
+  ssize_t payload_len;
+
+  tor_assert(circ);
+  tor_assert(cell_digest);
+
+  emit_version = get_emit_min_version();
+  switch (emit_version) {
+  case 0x01:
+payload_len = build_cell_payload_v1(cell_digest, payload);
+if (BUG(payload_len < 0)) {
+  /* Unable to encode the cell, abort. We can recover from this by closing
+   * the circuit but in theory it should never happen. */
+  return -1;
+}
+log_debug(LD_PROTOCOL, "Emitting SENDME version 1 cell.");
+break;
+  case 0x00:
+/* Fallthrough because default is to use v0. */
+  default:
+/* Unknown version, fallback to version 0 meaning no payload. */
+payload_len = 0;
+break;
+  }
+
+  if (relay_send_command_from_edge(0, circ, RELAY_COMMAND_SENDME,
+   

[tor-commits] [tor/master] prop289: Match the SENDME digest

[asn]

commit bb473a807ae94a1e6c45a069db6ddf213413940a
Author: David Goulet 
Date:   Wed Jan 9 15:27:51 2019 -0500

prop289: Match the SENDME digest

Now that we keep the last seen cell digests on the Exit side on the circuit
object, use that to match the SENDME v1 transforming this whole process 
into a
real authenticated SENDME mechanism.

Part of #26841

Signed-off-by: David Goulet 
---
 src/core/or/sendme.c | 41 ++---
 1 file changed, 34 insertions(+), 7 deletions(-)

diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c
index 69bcac468..afade43f7 100644
--- a/src/core/or/sendme.c
+++ b/src/core/or/sendme.c
@@ -17,6 +17,7 @@
 #include "core/or/relay.h"
 #include "core/or/sendme.h"
 #include "feature/nodelist/networkstatus.h"
+#include "lib/ctime/di_ops.h"
 #include "trunnel/sendme.h"
 
 /* The maximum supported version. Above that value, the cell can't be
@@ -61,7 +62,7 @@ get_accept_min_version(void)
  * cell we saw which tells us that the other side has in fact seen that cell.
  * See proposal 289 for more details. */
 static bool
-cell_v1_is_valid(const sendme_cell_t *cell)
+cell_v1_is_valid(const sendme_cell_t *cell, const circuit_t *circ)
 {
   sendme_data_v1_t *data = NULL;
 
@@ -72,9 +73,33 @@ cell_v1_is_valid(const sendme_cell_t *cell)
 goto invalid;
   }
 
-  /* XXX: Match the digest in the cell to the previous cell. Needs to be
-   * implemented that is passed to this function and compared. For this, we
-   * need #26839 that is making tor remember the last digest(s). */
+  /* We shouldn't have received this SENDME if we have no digests. Log at
+   * protocol warning because it can be tricked by sending many SENDMEs
+   * without prior data cell. */
+  if (circ->sendme_last_digests == NULL ||
+  smartlist_len(circ->sendme_last_digests) == 0) {
+log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+   "We received a SENDME but we have no cell digests to match. "
+   "Closing circuit.");
+goto invalid;
+  }
+
+  /* Pop the first element that was added (FIFO) and compare it. */
+  {
+uint8_t *digest = smartlist_get(circ->sendme_last_digests, 0);
+smartlist_del_keeporder(circ->sendme_last_digests, 0);
+
+/* Compare the digest with the one in the SENDME. This cell is invalid
+ * without a perfect match. */
+if (tor_memcmp(digest, sendme_data_v1_getconstarray_digest(data),
+   sendme_data_v1_getlen_digest(data))) {
+  tor_free(digest);
+  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+ "SENDME v1 cell digest do not match.");
+  goto invalid;
+}
+tor_free(digest);
+  }
 
   /* Validated SENDME v1 cell. */
   sendme_data_v1_free(data);
@@ -124,11 +149,13 @@ cell_version_is_valid(uint8_t cell_version)
  * send/recv cells on a circuit. If the SENDME is invalid, the circuit should
  * be mark for close. */
 static bool
-sendme_is_valid(const uint8_t *cell_payload, size_t cell_payload_len)
+sendme_is_valid(const circuit_t *circ, const uint8_t *cell_payload,
+size_t cell_payload_len)
 {
   uint8_t cell_version;
   sendme_cell_t *cell = NULL;
 
+  tor_assert(circ);
   tor_assert(cell_payload);
 
   /* An empty payload means version 0 so skip trunnel parsing. We won't be
@@ -153,7 +180,7 @@ sendme_is_valid(const uint8_t *cell_payload, size_t 
cell_payload_len)
   /* Validate depending on the version now. */
   switch (cell_version) {
   case 0x01:
-if (!cell_v1_is_valid(cell)) {
+if (!cell_v1_is_valid(cell, circ)) {
   goto invalid;
 }
 break;
@@ -374,7 +401,7 @@ sendme_process_circuit_level(crypt_path_t *layer_hint,
 /* Validate the SENDME cell. Depending on the version, different
  * validation can be done. An invalid SENDME requires us to close the
  * circuit. It is only done if we are the Exit of the circuit. */
-if (!sendme_is_valid(cell_payload, cell_payload_len)) {
+if (!sendme_is_valid(circ, cell_payload, cell_payload_len)) {
   return -END_CIRC_REASON_TORPROTOCOL;
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] sendme: Always close stream if deliver window is negative

[asn]

commit 0e6e800c89c7cfef255491179473e13de5f72d03
Author: David Goulet 
Date:   Wed Jan 9 11:03:49 2019 -0500

sendme: Always close stream if deliver window is negative

Previously, we would only close the stream when our deliver window was
negative at the circuit-level but _not_ at the stream-level when receiving a
DATA cell.

This commit adds an helper function connection_edge_end_close() which
sends an END and then mark the stream for close for a given reason.

That function is now used both in case the deliver window goes below zero 
for
both circuit and stream level.

Part of #26840

Signed-off-by: David Goulet 
---
 src/core/or/connection_edge.c | 19 +++
 src/core/or/connection_edge.h |  1 +
 src/core/or/relay.c   | 14 +-
 3 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index fa72fb771..8ed403456 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -4565,6 +4565,25 @@ circuit_clear_isolation(origin_circuit_t *circ)
   circ->socks_username_len = circ->socks_password_len = 0;
 }
 
+/** Send an END and mark for close the given edge connection conn using the
+ * given reason that has to be a stream reason.
+ *
+ * Note: We don't unattached the AP connection (if applicable) because we
+ * don't want to flush the remaining data. This function aims at ending
+ * everything quickly regardless of the connection state.
+ *
+ * This function can't fail and does nothing if conn is NULL. */
+void
+connection_edge_end_close(edge_connection_t *conn, uint8_t reason)
+{
+  if (!conn) {
+return;
+  }
+
+  connection_edge_end(conn, reason);
+  connection_mark_for_close(TO_CONN(conn));
+}
+
 /** Free all storage held in module-scoped variables for connection_edge.c */
 void
 connection_edge_free_all(void)
diff --git a/src/core/or/connection_edge.h b/src/core/or/connection_edge.h
index 68d8b19a1..e82b6bd76 100644
--- a/src/core/or/connection_edge.h
+++ b/src/core/or/connection_edge.h
@@ -80,6 +80,7 @@ int connection_edge_process_inbuf(edge_connection_t *conn,
 int connection_edge_destroy(circid_t circ_id, edge_connection_t *conn);
 int connection_edge_end(edge_connection_t *conn, uint8_t reason);
 int connection_edge_end_errno(edge_connection_t *conn);
+void connection_edge_end_close(edge_connection_t *conn, uint8_t reason);
 int connection_edge_flushed_some(edge_connection_t *conn);
 int connection_edge_finished_flushing(edge_connection_t *conn);
 int connection_edge_finished_connecting(edge_connection_t *conn);
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 06e201f20..6ff053d8a 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -1550,17 +1550,12 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
   ++stats_n_data_cells_received;
 
   /* Update our circuit-level deliver window that we received a DATA cell.
-   * If the deliver window goes below 0, we end the connection due to a
-   * protocol failure. */
+   * If the deliver window goes below 0, we end the circuit and stream due
+   * to a protocol failure. */
   if (sendme_circuit_data_received(circ, layer_hint) < 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"(relay data) circ deliver_window below 0. Killing.");
-if (conn) {
-  /*  Do we actually need to do this?  Will killing the circuit
-   * not send an END and mark the stream for close as appropriate? */
-  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
-  connection_mark_for_close(TO_CONN(conn));
-}
+connection_edge_end_close(conn, END_STREAM_REASON_TORPROTOCOL);
 return -END_CIRC_REASON_TORPROTOCOL;
   }
 
@@ -1590,11 +1585,12 @@ connection_edge_process_relay_cell(cell_t *cell, 
circuit_t *circ,
 
   /* Update our stream-level deliver window that we just received a DATA
* cell. Going below 0 means we have a protocol level error so the
-   * circuit is closed. */
+   * stream and circuit are closed. */
 
   if (sendme_stream_data_received(conn) < 0) {
 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"(relay data) conn deliver_window below 0. Killing.");
+connection_edge_end_close(conn, END_STREAM_REASON_TORPROTOCOL);
 return -END_CIRC_REASON_TORPROTOCOL;
   }
   /* Total all valid application bytes delivered */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits