[tor-commits] [translation/torbutton-torbuttonproperties] https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties
commit fc9520aaf07aa742e3121f10f7d6b1457022d60a Author: Translation commit bot Date: Fri Jun 12 05:21:36 2020 + https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties --- nl/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nl/torbutton.properties b/nl/torbutton.properties index 6edc3b301b..a037f2d0c5 100644 --- a/nl/torbutton.properties +++ b/nl/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Verbinding maken met de onion-website is mislukt, mo onionServices.introTimedOut.longDescription=Details: %S â Time-out bij verbinding met de opgevraagde onion-service tijdens opbouwen van het rendezvous-circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description2=%S vereist uw authenticatie. +onionServices.authPrompt.description2=%S vraagt om uw authenticatie. onionServices.authPrompt.keyPlaceholder=Voer uw privésleutel voor deze onion-service in onionServices.authPrompt.done=Gereed onionServices.authPrompt.doneAccessKey=G ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-torbuttonproperties] https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties
commit 471583fc2ad2f375ef48415e36c28eb27f229b71 Author: Translation commit bot Date: Fri Jun 12 04:51:32 2020 + https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties --- nl/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nl/torbutton.properties b/nl/torbutton.properties index acfbdcf9e3..6edc3b301b 100644 --- a/nl/torbutton.properties +++ b/nl/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Verbinding maken met de onion-website is mislukt, mo onionServices.introTimedOut.longDescription=Details: %S â Time-out bij verbinding met de opgevraagde onion-service tijdens opbouwen van het rendezvous-circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description2=%S is requesting that you authenticate. +onionServices.authPrompt.description2=%S vereist uw authenticatie. onionServices.authPrompt.keyPlaceholder=Voer uw privésleutel voor deze onion-service in onionServices.authPrompt.done=Gereed onionServices.authPrompt.doneAccessKey=G ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] Temporary disable gsoc: waiting for logo and description
commit 85d50779e9b5edef93b8d14b1aac34ddef5ccc18 Author: gus Date: Fri Jun 12 00:12:07 2020 -0400 Temporary disable gsoc: waiting for logo and description --- content/about/sponsors/google-soc/contents.lr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/about/sponsors/google-soc/contents.lr b/content/about/sponsors/google-soc/contents.lr index e445751f..5ed76741 100644 --- a/content/about/sponsors/google-soc/contents.lr +++ b/content/about/sponsors/google-soc/contents.lr @@ -1,6 +1,6 @@ _model: sponsor --- -active: true +active: false --- time: 2007-2014 and 2016-2017 and 2020 --- ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] make sure to credit dial for 2019 sponsorship too
commit f607cce2c1130446a61f6f5f3f67ae733b71e77f Author: Roger Dingledine Date: Thu Jun 11 23:48:12 2020 -0400 make sure to credit dial for 2019 sponsorship too --- content/about/sponsors/dial/contents.lr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/about/sponsors/dial/contents.lr b/content/about/sponsors/dial/contents.lr index 02be8ec1..31a3be15 100644 --- a/content/about/sponsors/dial/contents.lr +++ b/content/about/sponsors/dial/contents.lr @@ -2,7 +2,7 @@ _model: sponsor --- active: True --- -time: 2020 +time: 2019-2020 --- name: Digital Impact Alliance --- ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] Updating because we're getting 4 students funded by GSoC this summer
commit 083667c3877ccfa491d637ca281698e4f73dda01 Author: Bekeela Davila Date: Thu Jun 11 17:32:10 2020 + Updating because we're getting 4 students funded by GSoC this summer --- content/about/sponsors/google-soc/contents.lr | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/about/sponsors/google-soc/contents.lr b/content/about/sponsors/google-soc/contents.lr index 68255445..e445751f 100644 --- a/content/about/sponsors/google-soc/contents.lr +++ b/content/about/sponsors/google-soc/contents.lr @@ -1,8 +1,8 @@ _model: sponsor --- -active: False +active: true --- -time: 2007-2014 and 2016-2017 +time: 2007-2014 and 2016-2017 and 2020 --- name: Google Summer of Code --- ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] added dial back to current sponsor list as they are currently paying for our two Outreachy students
commit 0dea327171d9528ec00ca8c0d22d904c61906eaa Author: Bekeela Davila Date: Thu Jun 11 17:29:56 2020 + added dial back to current sponsor list as they are currently paying for our two Outreachy students --- content/about/sponsors/dial/contents.lr | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/about/sponsors/dial/contents.lr b/content/about/sponsors/dial/contents.lr index 5e17bef1..02be8ec1 100644 --- a/content/about/sponsors/dial/contents.lr +++ b/content/about/sponsors/dial/contents.lr @@ -1,8 +1,8 @@ _model: sponsor --- -active: False +active: True --- -time: 2019 +time: 2020 --- name: Digital Impact Alliance --- ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] Merge remote-tracking branch 'gitlab-gus/sponsor-dial-gsoc-handshake'
commit 0684dbbac7d92bbfea3a56d7281f5b6027139a4b Merge: ffd349f3 3e627db5 Author: gus Date: Thu Jun 11 23:32:52 2020 -0400 Merge remote-tracking branch 'gitlab-gus/sponsor-dial-gsoc-handshake' content/about/sponsors/dial/contents.lr | 4 ++-- content/about/sponsors/google-soc/contents.lr | 4 ++-- content/about/sponsors/handshake/contents.lr | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tpo/master] removing because this sponsor has ended
commit 3e627db596e93565063e8ea43b66fbce72a52b5a Author: Bekeela Davila Date: Thu Jun 11 17:33:52 2020 + removing because this sponsor has ended --- content/about/sponsors/handshake/contents.lr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/about/sponsors/handshake/contents.lr b/content/about/sponsors/handshake/contents.lr index 7b9c7405..c1b8cd72 100644 --- a/content/about/sponsors/handshake/contents.lr +++ b/content/about/sponsors/handshake/contents.lr @@ -1,6 +1,6 @@ _model: sponsor --- -active: True +active: False --- time: 2018 --- ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [nyx/master] Update index.html
commit 161307666133c90fc461285176acd331fc42faca Author: Arth Tyagi Date: Thu Jun 11 07:34:58 2020 +0530 Update index.html --- web/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/index.html b/web/index.html index 0320447..84632ef 100644 --- a/web/index.html +++ b/web/index.html @@ -378,8 +378,8 @@ sudo python setup.py install -http://brewformulas.org/Nyx"; id="osx"> -http://brewformulas.org/Nyx";>Mac OSX +https://formulae.brew.sh/formula/nyx"; id="osx"> +https://formulae.brew.sh/formula/nyx";>Mac OSX On OSX you can easily install with both the pip command above and brew... % brew install nyx ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [nyx/master] Merge pull request #19 from arthtyagi/patch-1
commit d6aa73568b4f1a383f6a9bb8c97f904e170f8a84 Merge: 796089d 1613076 Author: Damian Date: Thu Jun 11 19:04:38 2020 -0700 Merge pull request #19 from arthtyagi/patch-1 Update index.html web/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit 393a849b93f2baec0d5fd61a8c2f6e9d95bf5dbc Author: Translation commit bot Date: Thu Jun 11 23:23:37 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+ka.po | 32 +++- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/contents+ka.po b/contents+ka.po index 2568ba9e87..d78fa6206f 100644 --- a/contents+ka.po +++ b/contents+ka.po @@ -2661,7 +2661,7 @@ msgstr "" #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) msgid "Be smart and learn more." -msgstr "" +msgstr "áá§áááá ááá®áá á®ááá£áá áá á¨ááá¡á¬ááááá ááá¢á." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) @@ -8807,12 +8807,15 @@ msgstr "" msgid "" "Once more bridges report these data, the numbers will become more accurate." msgstr "" +"á á᪠á£á¤á á ááá¢á á®ááá áááááá¡áªááá¡ áá áááááªááááá¡, áªáá¤á ááá ááá á£á¤á á áá£á¡á¢á áá¥áááá." #: https//support.torproject.org/metrics/censorship-events/ #: (content/metrics/censorship-events/contents+en.lrquestion.title) msgid "" "What are these red and blue dots indicating possible censorship events?" msgstr "" +"á áá¡ á¬áá áááááááá¡ áá¡ á¬ááááá áá áá£á á¯á á¬áá á¢ááááá, á áááááá᪠á¨áá¡áá«áá áªáááá£á áá¡ " +"áá¦áááá¨áááááá?" #: https//support.torproject.org/metrics/censorship-events/ #: (content/metrics/censorship-events/contents+en.lrquestion.description) @@ -8835,6 +8838,8 @@ msgid "" "For more details, see our [technical " "report](https://research.torproject.org/techreports/detector-2011-09-09.pdf)." msgstr "" +"ááá¬áá áááááá, áá®áááá á©áááá [á¢áá¥áááá£á á " +"ááá®á¡ááááá](https://research.torproject.org/techreports/detector-2011-09-09.pdf)." #: https//support.torproject.org/metrics/concurrent-users/ #: (content/metrics/concurrent-users/contents+en.lrquestion.title) @@ -11563,7 +11568,7 @@ msgstr "" #: https//support.torproject.org/abuse/remove-content-from-onion-address/ #: (content/abuse/remove-content/contents+en.lrquestion.title) msgid "I want some content removed from a .onion address." -msgstr "" +msgstr "á áá¦á᪠ááá¡áááááá¡ áááªááááá ááááá .onion ááá¡áááá ááááá." #: https//support.torproject.org/abuse/remove-content-from-onion-address/ #: (content/abuse/remove-content/contents+en.lrquestion.description) @@ -11571,6 +11576,8 @@ msgid "" "The Tor Project does not host, control, nor have the ability to discover the" " owner or location of a .onion address." msgstr "" +"Tor-áá ááá¥á¢á áá ááááá¡ááá¡, áááááá áááá¡ áá áá áá¥áá¡ á¨áá¡áá«ááááááá, ááááááááá¡ " +"áá¤áááááá áá áááááá áááá .onion ááá¡áááá ááá¡." #: https//support.torproject.org/abuse/remove-content-from-onion-address/ #: (content/abuse/remove-content/contents+en.lrquestion.description) @@ -11578,11 +11585,14 @@ msgid "" "The .onion address is an address from [an onion service](https://tb-"; "manual.torproject.org/onion-services/)." msgstr "" +".onion-ááá¡áááá áá áá áá¡ ááá¡áááá áá [onion-áááá¡áá®á£á áááááá](https://tb-"; +"manual.torproject.org/onion-services/)." #: https//support.torproject.org/abuse/remove-content-from-onion-address/ #: (content/abuse/remove-content/contents+en.lrquestion.description) msgid "The name you see ending in .onion is an onion service descriptor." msgstr "" +"á¡áá®ááá, á áááááá᪠ááááááááá .onion á¬áá áááááááá¡ onion-áááá¡áá®á£á áááá¡ áá¦áá¬áá á¡." #: https//support.torproject.org/abuse/remove-content-from-onion-address/ #: (content/abuse/remove-content/contents+en.lrquestion.description) @@ -11590,6 +11600,8 @@ msgid "" "It's an automatically generated name which can be located on any Tor relay " "or client anywhere on the Internet." msgstr "" +"ááá ááá¢áááá¢á£á áá á¨áááááááá á¡áá®áááá, á ááááá᪠á¨ááá«áááá ááááááá¡ááá£áá áá§áá¡ " +"ááááá¡áááá Tor-ááááááªáááá áá áááááá¢áá ááá¢áá ááá¢áá¡ ááááá¡áááá á¬áá á¢ááá¨á." #: https//support.torproject.org/abuse/remove-content-from-onion-addres
[tor-commits] [translation/support-portal] https://gitweb.torproject.org/translation.git/commit/?h=support-portal
commit f3371d9dc4aec594f3e9d47546646097ced591b3 Author: Translation commit bot Date: Thu Jun 11 21:53:48 2020 + https://gitweb.torproject.org/translation.git/commit/?h=support-portal --- contents+ka.po | 21 + 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/contents+ka.po b/contents+ka.po index 589de26689..2568ba9e87 100644 --- a/contents+ka.po +++ b/contents+ka.po @@ -2556,11 +2556,13 @@ msgid "" "Also see EFF's interactive graphic explaining [how Tor and HTTPS " "relate](/https/https-1)." msgstr "" +"ááá áááá áá®áááá EFF-áá¡ á£á áááá áááá¥áááá ááááá¡áá®á£áááá á£ááá ááá¡áá áááááá [á áááá áá " +"Tor áá HTTPS áááááá¨áá ááá£áá](/https/https-1)." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) msgid "### Don't open documents downloaded through Tor while online" -msgstr "" +msgstr "### áᣠááá®á¡ááá Tor-áá á©áááá¢ááá áá£á áááá£áááá¢ááá¡ ááá¢áá ááá¢á¨á á§áá¤ááá¡áá¡" #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) @@ -2568,11 +2570,13 @@ msgid "" "Tor Browser will warn you before automatically opening documents that are " "handled by external applications." msgstr "" +"Tor-áá áá£ááá á ááááá¤á áá®ááááá, á¡áááá ááá¢áááá¢á£á áá áááá®á¡áááá áááá£áááá¢á, á¡á®áá " +"áá ááá áááá." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) msgid "**DO NOT IGNORE THIS WARNING**." -msgstr "" +msgstr "**áá á£áá£áááááá§áá áá¡ ááá¤á áá®ááááá**." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) @@ -2582,11 +2586,16 @@ msgid "" "Browser) as these documents can contain Internet resources that will be " "downloaded outside of Tor by the application that opens them." msgstr "" +"á¤á áá®áááá á£ááá áá§áá, áááá£áááá¢áááá¡ Tor-áá á©áááá¢ááá áááá¡áá¡ (áááá¡ááá£áá áááá DOC áá" +" PDF á¤ááááááá¡, ááá áá áá á¨áááá®ááááá¡á, áᣠTor-á¨á á©áá¨ááááá£á PDF-áááá®á¡áááá¡ " +"áááááá§ááááá) áááááááá, áá¡ áááá£áááá¢ááá á¨ááá«áááá á¨áááªááááá¡ ááá¢áá ááá¢ááá¡ááááá¡, " +"á áááááá᪠á©ááááá¢ááá áááá Tor-áá¡ áááá ááá¡ ááááá áá áá ááá áááá¡ ááá¨áááááá, á áááááááª" +" ááá®á¡ááá." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) msgid "This will reveal your non-Tor IP address." -msgstr "" +msgstr "á¨áááááá áá¥áááá IP-ááá¡áááá áá ááááá¦ááááááá Tor-áá¡ ááá¦áá." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) @@ -2596,6 +2605,10 @@ msgid "" "[dangerzone](https://github.com/firstlookmedia/dangerzone) to create safe " "PDF files that you can open." msgstr "" +"áᣠáá¡á£á á Tor-áá á©áááá¢ááá áá£á á¤áááááááá áá£á¨áááá, ááááááááá ááá á©ááá áá " +"áááááá§áááá á¥á¡áááááá áááááá áááá£áá áááááá£á¢áá á áá " +"[dangerzone](https://github.com/firstlookmedia/dangerzone), á£á¡áá¤á áá®á PDF-" +"á¤ááááááá¡ á¨áá¡áá¥áááááá, á áááááá ááá®á¡ááá¡á᪠á¨áá«áááá." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) @@ -2653,7 +2666,7 @@ msgstr "" #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) msgid "Understand what Tor does and does not offer." -msgstr "" +msgstr "áááááááá¡áá á áá¡ ááááááááá Tor áá á áá¡ áá á." #: https//support.torproject.org/faq/staying-anonymous/ #: (content/faq/staying-anonymous/contents+en.lrquestion.description) ___ tor-commits mail
[tor-commits] [translation/torbutton-torbuttonproperties] https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties
commit 4be087566ca6ae5c113f5c62f8669f6ba1c2b415 Author: Translation commit bot Date: Thu Jun 11 21:51:30 2020 + https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties --- ka/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ka/torbutton.properties b/ka/torbutton.properties index aee8253fc9..5714996f43 100644 --- a/ka/torbutton.properties +++ b/ka/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=ááá ááá®áá á®áá onion-á¡áá onionServices.introTimedOut.longDescription=áá áªááá: %S â áááá®ááááá onion-áááá¡áá®á£á áááá¡ááá áááá¨áá áá¡ áááá ááááá¬á£á á, á¨áá®áááá áá¡ á¬á áááá¡ á©áááá§áááááááá¡áá¡. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description2=%S is requesting that you authenticate. +onionServices.authPrompt.description2=%S ááá®ááá¡ ááááá áá¨áá¡ ááááá¬ááááá¡. onionServices.authPrompt.keyPlaceholder=á¨ááá§ááááá áá¥áááá á¡áááá£ááá ááá¡áá¦ááá áá onion-áááá¡áá®á£á áááá¡áááá¡ onionServices.authPrompt.done=áááááá onionServices.authPrompt.doneAccessKey=á ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-torbuttonproperties_completed] https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties_completed
commit cd5250e925ac41a6e4a512d75ea8f5d32c3eeb30 Author: Translation commit bot Date: Thu Jun 11 19:52:38 2020 + https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties_completed --- da/torbutton.properties| 2 +- de/torbutton.properties| 2 +- en-GB/torbutton.properties | 2 +- en-US/torbutton.properties | 2 +- en/torbutton.properties| 2 +- es-AR/torbutton.properties | 2 +- es-ES/torbutton.properties | 2 +- fa/torbutton.properties| 2 +- fr/torbutton.properties| 2 +- he/torbutton.properties| 2 +- hr/torbutton.properties| 2 +- hu/torbutton.properties| 2 +- it/torbutton.properties| 2 +- ka/torbutton.properties| 2 +- mk/torbutton.properties| 2 +- nl/torbutton.properties| 2 +- pt-BR/torbutton.properties | 2 +- pt-PT/torbutton.properties | 2 +- ro/torbutton.properties| 2 +- sv-SE/torbutton.properties | 2 +- tr/torbutton.properties| 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/da/torbutton.properties b/da/torbutton.properties index 30d4e0fc89..a5e7c40a6c 100644 --- a/da/torbutton.properties +++ b/da/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Kunne ikke oprette forbindelse til onionstedet, muli onionServices.introTimedOut.longDescription=Detaljer: %S â Forbindelsen til den anmodede oniontjeneste fik timeout mens rendezvous-kredsløbet blev forsøgt bygget. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description=%S anmoder om din private nøgle. +# onionServices.authPrompt.description2=%S is requesting that you authenticate. onionServices.authPrompt.keyPlaceholder=Indtast din private nøgle til oniontjenesten onionServices.authPrompt.done=Færdig onionServices.authPrompt.doneAccessKey=d diff --git a/de/torbutton.properties b/de/torbutton.properties index 3b2ed56ca1..f66c37adab 100644 --- a/de/torbutton.properties +++ b/de/torbutton.properties @@ -111,7 +111,7 @@ # onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -# onionServices.authPrompt.description=%S is requesting your private key. +# onionServices.authPrompt.description2=%S is requesting that you authenticate. # onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service # onionServices.authPrompt.done=Done # onionServices.authPrompt.doneAccessKey=d diff --git a/en-GB/torbutton.properties b/en-GB/torbutton.properties index 3b2ed56ca1..f66c37adab 100644 --- a/en-GB/torbutton.properties +++ b/en-GB/torbutton.properties @@ -111,7 +111,7 @@ # onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -# onionServices.authPrompt.description=%S is requesting your private key. +# onionServices.authPrompt.description2=%S is requesting that you authenticate. # onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service # onionServices.authPrompt.done=Done # onionServices.authPrompt.doneAccessKey=d diff --git a/en-US/torbutton.properties b/en-US/torbutton.properties index 3b2ed56ca1..f66c37adab 100644 --- a/en-US/torbutton.properties +++ b/en-US/torbutton.properties @@ -111,7 +111,7 @@ # onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -# onionServices.authPrompt.description=%S is requesting your private key. +# onionServices.authPrompt.description2=%S is requesting that you authenticate. # onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service # onionServices.authPrompt.done=Done # onionServices.authPrompt.doneAccessKey=d diff --git a/en/torbutton.properties b/en/torbutton.properties index 3b2ed56ca1..f66c37adab 100644 --- a/en/torbutton.properties +++ b/en/torbutton.properties @@ -111,7 +111,7 @@ # onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -# onionServices.authPrompt.description=%S is requesting your private key. +# onionServices.authPrompt.description2=%S is requesting that you authenticate. # onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service # onionServices.authPrompt.done=Done # onionServices.authPrompt.doneAccessKey=d diff --git a/es-AR/torbutton.properties b/es-AR/torbutton.properties index 3ebb6263a3..5588df7f6a 100644 --- a/es-AR/torbutton.properties +++ b/es-AR/torbutton.pr
[tor-commits] [translation/torbutton-torbuttonproperties] https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties
commit 7538b4ea5d7ffea976833b58754bf0c94762468b Author: Translation commit bot Date: Thu Jun 11 19:52:22 2020 + https://gitweb.torproject.org/translation.git/commit/?h=torbutton-torbuttonproperties --- ach/torbutton.properties | 2 +- af/torbutton.properties| 2 +- ar/torbutton.properties| 2 +- ast/torbutton.properties | 2 +- az/torbutton.properties| 2 +- be/torbutton.properties| 2 +- bg/torbutton.properties| 2 +- bn-BD/torbutton.properties | 2 +- br/torbutton.properties| 2 +- bs/torbutton.properties| 2 +- ca/torbutton.properties| 2 +- cs/torbutton.properties| 2 +- cy/torbutton.properties| 2 +- da/torbutton.properties| 2 +- de/torbutton.properties| 2 +- el/torbutton.properties| 2 +- en-GB/torbutton.properties | 2 +- en-US/torbutton.properties | 2 +- en/torbutton.properties| 2 +- eo/torbutton.properties| 2 +- es-AR/torbutton.properties | 2 +- es-ES/torbutton.properties | 2 +- es-MX/torbutton.properties | 2 +- et/torbutton.properties| 2 +- eu/torbutton.properties| 2 +- fa/torbutton.properties| 2 +- fi/torbutton.properties| 2 +- fr/torbutton.properties| 2 +- fy-NL/torbutton.properties | 2 +- ga-IE/torbutton.properties | 2 +- gd/torbutton.properties| 2 +- gl/torbutton.properties| 2 +- gu-IN/torbutton.properties | 2 +- he/torbutton.properties| 2 +- hi-IN/torbutton.properties | 2 +- hr/torbutton.properties| 2 +- hu/torbutton.properties| 2 +- hy-AM/torbutton.properties | 2 +- ia/torbutton.properties| 2 +- id/torbutton.properties| 2 +- is/torbutton.properties| 2 +- it/torbutton.properties| 2 +- ja/torbutton.properties| 2 +- ka/torbutton.properties| 2 +- kab/torbutton.properties | 2 +- kk/torbutton.properties| 2 +- km/torbutton.properties| 2 +- kn/torbutton.properties| 2 +- ko/torbutton.properties| 2 +- lt/torbutton.properties| 2 +- lv/torbutton.properties| 2 +- mk/torbutton.properties| 2 +- ml/torbutton.properties| 2 +- mr/torbutton.properties| 2 +- ms/torbutton.properties| 2 +- my/torbutton.properties| 2 +- nb-NO/torbutton.properties | 2 +- ne/torbutton.properties| 2 +- nl-BE/torbutton.properties | 2 +- nl/torbutton.properties| 2 +- nn-NO/torbutton.properties | 2 +- oc/torbutton.properties| 2 +- or/torbutton.properties| 2 +- pa-IN/torbutton.properties | 2 +- pl/torbutton.properties| 2 +- pt-BR/torbutton.properties | 2 +- pt-PT/torbutton.properties | 2 +- ro/torbutton.properties| 2 +- ru/torbutton.properties| 2 +- si/torbutton.properties| 2 +- sk/torbutton.properties| 2 +- sl/torbutton.properties| 2 +- son/torbutton.properties | 2 +- sq/torbutton.properties| 2 +- sr/torbutton.properties| 2 +- sv-SE/torbutton.properties | 2 +- sw/torbutton.properties| 2 +- ta/torbutton.properties| 2 +- te/torbutton.properties| 2 +- th/torbutton.properties| 2 +- tr/torbutton.properties| 2 +- uk/torbutton.properties| 2 +- ur/torbutton.properties| 2 +- uz/torbutton.properties| 2 +- vi/torbutton.properties| 2 +- zh-CN/torbutton.properties | 2 +- zh-HK/torbutton.properties | 2 +- zh-TW/torbutton.properties | 2 +- 88 files changed, 88 insertions(+), 88 deletions(-) diff --git a/ach/torbutton.properties b/ach/torbutton.properties index 7b6c2d6571..53651280e8 100644 --- a/ach/torbutton.properties +++ b/ach/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description=%S is requesting your private key. +onionServices.authPrompt.description2=%S is requesting that you authenticate. onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service onionServices.authPrompt.done=Done onionServices.authPrompt.doneAccessKey=d diff --git a/af/torbutton.properties b/af/torbutton.properties index 3f05e0f613..5222e570ae 100644 --- a/af/torbutton.properties +++ b/af/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description=%S is requesting your private key. +onionServices.authPrompt.description2=%S is requesting that you authenticate. onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service onionServices.authPrompt.done=Done onionServices.authPrompt.doneAccessKey=d diff --git a/ar/torb
[tor-commits] [torbutton/master] Bug 34250: Only listen to 'started' in noscript-control.js
commit 21e6fbd52a4b38150a56fb64475e4fd80352b92f
Author: Alex Catarineu
Date: Mon May 18 12:59:36 2020 +0200
Bug 34250: Only listen to 'started' in noscript-control.js
This fixes a race condition which can be hit in some cases,
such as running some marionette tests. The race condition
results in noscript not being initialized properly due to
the 'pageshow' event being received before 'started'.
---
modules/noscript-control.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/noscript-control.js b/modules/noscript-control.js
index 0383b9b5..02d5abea 100644
--- a/modules/noscript-control.js
+++ b/modules/noscript-control.js
@@ -146,7 +146,7 @@ var initialize = () => {
let messageListener = (a, b, c) => {
try {
log(3, `Message received from NoScript: ${JSON.stringify([a, b, c])}`);
-if (!["started", "pageshow"].includes(a.__meta.name)) {
+if (a.__meta.name !== "started") {
return;
}
Services.mm.removeMessageListener("MessageChannel:Messages", listener);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-9.5-1] fixup! Bug 21952: Implement Onion-Location
commit da4458c8d39845e56d70051c61f49b7d50b0c2da Author: Kathy Brade Date: Tue Jun 9 14:38:38 2020 -0400 fixup! Bug 21952: Implement Onion-Location Fixes bug 34361. --- .../components/onionservices/content/onionlocationPreferences.inc.xul | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browser/components/onionservices/content/onionlocationPreferences.inc.xul b/browser/components/onionservices/content/onionlocationPreferences.inc.xul index c386316c98dc..c285f403f99b 100644 --- a/browser/components/onionservices/content/onionlocationPreferences.inc.xul +++ b/browser/components/onionservices/content/onionlocationPreferences.inc.xul @@ -1,6 +1,6 @@ # Copyright (c) 2020, The Tor Project, Inc. - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-10.0-1] fixup! Bug 21952: Implement Onion-Location
commit e170c676b8b30f92c7279e8a817ebe8ca4cb2f09 Author: Kathy Brade Date: Tue Jun 9 14:38:38 2020 -0400 fixup! Bug 21952: Implement Onion-Location Fixes bug 34361. --- .../components/onionservices/content/onionlocationPreferences.inc.xul | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browser/components/onionservices/content/onionlocationPreferences.inc.xul b/browser/components/onionservices/content/onionlocationPreferences.inc.xul index c386316c98dc..c285f403f99b 100644 --- a/browser/components/onionservices/content/onionlocationPreferences.inc.xul +++ b/browser/components/onionservices/content/onionlocationPreferences.inc.xul @@ -1,6 +1,6 @@ # Copyright (c) 2020, The Tor Project, Inc. - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb] https://gitweb.torproject.org/translation.git/commit/?h=bridgedb
commit 27f3b10b6a189e785ef435fea5bb92949ec2f00a Author: Translation commit bot Date: Thu Jun 11 17:15:15 2020 + https://gitweb.torproject.org/translation.git/commit/?h=bridgedb --- lt/LC_MESSAGES/bridgedb.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lt/LC_MESSAGES/bridgedb.po b/lt/LC_MESSAGES/bridgedb.po index 9a054e67d7..536d20446f 100644 --- a/lt/LC_MESSAGES/bridgedb.po +++ b/lt/LC_MESSAGES/bridgedb.po @@ -17,7 +17,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2020-05-14 14:21-0700\n" -"PO-Revision-Date: 2020-06-11 16:34+\n" +"PO-Revision-Date: 2020-06-11 16:56+\n" "Last-Translator: Pijus Kamandulis \n" "Language-Team: Lithuanian (http://www.transifex.com/otf/torproject/language/lt/)\n" "MIME-Version: 1.0\n" @@ -396,7 +396,7 @@ msgstr "" #: bridgedb/strings.py:173 msgid "(Request unobfuscated Tor bridges.)" -msgstr "" +msgstr "(Prašyti ne užmaskuotų Tor tinklo tiltų.)" #: bridgedb/strings.py:174 msgid "(Request IPv6 bridges.)" @@ -404,4 +404,4 @@ msgstr "(Prašyti IPv6 tinklo tiltų)" #: bridgedb/strings.py:175 msgid "(Request obfs4 obfuscated bridges.)" -msgstr "" +msgstr "(Prašyti užmaskuotų obfs4 tinklo tiltų)" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Merge remote-tracking branch 'tor-github/pr/119'
commit 904430ed73dcb55c836bedfb08fa20cf9b0df5cd Merge: f26e739 91ea21e Author: Nick Mathewson Date: Thu Jun 11 13:11:31 2020 -0400 Merge remote-tracking branch 'tor-github/pr/119' guard-spec.txt | 45 + 1 file changed, 29 insertions(+), 16 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] including prop310 rational
commit 91ea21e3a36d5eb96c3e52ffed6466ebd1f05607
Author: Florentin Rochet
Date: Sun Jun 7 19:49:58 2020 +0200
including prop310 rational
---
guard-spec.txt | 45 +
1 file changed, 29 insertions(+), 16 deletions(-)
diff --git a/guard-spec.txt b/guard-spec.txt
index db1ae32..4f021b7 100644
--- a/guard-spec.txt
+++ b/guard-spec.txt
@@ -23,7 +23,7 @@
nodes that the client will connect to directly. If they are not
compromised, the user's paths are not compromised.
- This specification outlines Tor's guard selection algorithm,
+ This specification outlines Tor's guard housekeeping algorithm,
which tries to meet the following goals:
- Heuristics and algorithms for determining how and which guards
@@ -45,6 +45,8 @@
- Tor clients should resist (to the extent possible) attacks
that try to force them onto compromised guards.
+- Should maintain the load-balancing offered by the path selection
+ algorithm
2. State instances
@@ -113,7 +115,7 @@
specification defines how entry guards specifically should be selected and
managed, as opposed to middle or exit nodes.
- 3.1.1 Entry guard selection
+ 3.1.1 Managing entry guards
At a high level, a relay listed in a consensus will move through the
following states in the process from initial selection to eventual
@@ -129,7 +131,8 @@
Relays listed in the latest consensus can be sampled for guard usage
if they have the "Guard" flag. Sampling is random but weighted by
- bandwidth.
+ a measured bandwidth multiplied by bandwidth-weights (Wgg if guard only,
+ Wgd if guard+exit flagged).
Once a path is built and a circuit established using this guard, it
is marked as confirmed. Until this point, guards are first sampled
@@ -143,9 +146,9 @@
3.1.2 Middle and exit node selection
- Middle nodes are selected at random from relays listed in the
- latest consensus, weighted by bandwidth. Exit nodes are chosen
- similarly but restricted to relays with a sufficiently permissive
+ Middle nodes are selected at random from relays listed in the latest
+ consensus, weighted by bandwidth and bandwidth-weights. Exit nodes are
+ chosen similarly but restricted to relays with a sufficiently permissive
exit policy.
3.2 Circuit Building
@@ -176,7 +179,7 @@
4.1. The Sampled Guard Set. [Section:SAMPLED]
We maintain a set, {set:SAMPLED_GUARDS}, that persists across
- invocations of Tor. It is an unordered subset of the nodes that
+ invocations of Tor. It is a subset of the nodes ordered by a sample idx that
we have seen listed as a guard in the consensus at some point.
For each such guard, we record persistently:
@@ -230,8 +233,8 @@
(But if the maximum would be smaller than {MIN_FILTERED_SAMPLE}, we
set the maximum at {MIN_FILTERED_SAMPLE}.)
- To add a new guard to {SAMPLED_GUARDS}, pick an entry at random
- from ({GUARDS} - {SAMPLED_GUARDS}), weighted by bandwidth.
+ To add a new guard to {SAMPLED_GUARDS}, pick an entry at random from
+ ({GUARDS} - {SAMPLED_GUARDS}), according to the path selection rules.
We remove an entry from {SAMPLED_GUARDS} if:
@@ -263,6 +266,17 @@
The second expiration mechanism makes us rotate our guards slowly
over time.
+ Ordering the {SAMPLED_GUARDS} set in the order in which we sampled those
+ guards and picking guards from that set according to this ordering improves
+ load-balancing. It is closer to offer the expected usage of the guard nodes
+ as per the path selection rules.
+
+ The ordering also improves on another objective of this proposal: trying to
+ resist an adversary pushing clients over compromised guards, since the
+ adversary would need the clients to exhaust all their initial
+ {SAMPLED_GUARDS} set before having a chance to use a newly deployed
+ adversary node.
+
4.2. The Usable Sample [Section:FILTERED]
@@ -376,12 +390,11 @@
{CONFIRMED_GUARDS} and {FILTERED_GUARDS}, and take the first
{N_PRIMARY_GUARDS} elements. If there are fewer than
{N_PRIMARY_GUARDS} elements, append additional elements to
- PRIMARY_GUARDS chosen _uniformly_ at random from
- ({FILTERED_GUARDS} - {CONFIRMED_GUARDS}).
+ PRIMARY_GUARDS chosen from ({FILTERED_GUARDS} - {CONFIRMED_GUARDS}) in
+ sample order.
Once an element has been added to {PRIMARY_GUARDS}, we do not remove it
- until it is replaced by some element from {CONFIRMED_GUARDS}. Confirmed
- elements always precede unconfirmed ones in the {PRIMARY_GUARDS} list.
+ until it is replaced by some element from {CONFIRMED_GUARDS}.
Note that {PRIMARY_GUARDS} do not have to be in
{USABLE_FILTERED_GUARDS}: they might be unreachable.
@@ -475,9 +488,9 @@
is now . (If all entries have
{is_pending} true, pick the first one.)
-* Otherwise, if there is no such entry, select a member at
- random from {USABLE_FILTERED_GUARDS}. Set its {is
[tor-commits] [translation/bridgedb] https://gitweb.torproject.org/translation.git/commit/?h=bridgedb
commit 3a928cf8d8b91ed5cdcc81162da35af41de16cfa Author: Translation commit bot Date: Thu Jun 11 16:45:16 2020 + https://gitweb.torproject.org/translation.git/commit/?h=bridgedb --- lt/LC_MESSAGES/bridgedb.po | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lt/LC_MESSAGES/bridgedb.po b/lt/LC_MESSAGES/bridgedb.po index ef0e12cf6e..9a054e67d7 100644 --- a/lt/LC_MESSAGES/bridgedb.po +++ b/lt/LC_MESSAGES/bridgedb.po @@ -6,6 +6,7 @@ # Aiste G , 2016 # Aiste G , 2016 # Moo, 2015-2020 +# Pijus Kamandulis , 2020 # Saule Papeckyte , 2015 # Edgaras7 , 2014 # Tautvydas Zukauskas , 2016 @@ -16,8 +17,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2020-05-14 14:21-0700\n" -"PO-Revision-Date: 2020-05-21 10:56+\n" -"Last-Translator: Moo\n" +"PO-Revision-Date: 2020-06-11 16:34+\n" +"Last-Translator: Pijus Kamandulis \n" "Language-Team: Lithuanian (http://www.transifex.com/otf/torproject/language/lt/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -284,7 +285,7 @@ msgstr "Gauti tinklų tiltus!" #: bridgedb/strings.py:107 msgid "Bridge distribution mechanisms" -msgstr "" +msgstr "Tinklo tiltų paskirstymo mechanizmas" #. TRANSLATORS: Please DO NOT translate "BridgeDB", "HTTPS", and "Moat". #: bridgedb/strings.py:109 @@ -325,7 +326,7 @@ msgstr "" #: bridgedb/strings.py:129 msgid "Reserved" -msgstr "" +msgstr "Rezervuota" #: bridgedb/strings.py:130 #, python-format @@ -399,7 +400,7 @@ msgstr "" #: bridgedb/strings.py:174 msgid "(Request IPv6 bridges.)" -msgstr "" +msgstr "(Prašyti IPv6 tinklo tiltų)" #: bridgedb/strings.py:175 msgid "(Request obfs4 obfuscated bridges.)" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-10.0-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
commit c5cd695c6803f32c97a4f5ec052155c3d021b379
Author: Kathy Brade
Date: Tue Jun 9 13:58:12 2020 -0400
fixup! Bug 30237: Add v3 onion services client authentication prompt
Fixes bug 34362.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 8f3a9ce838b8..e8a8d37ae373 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -381,7 +381,7 @@ var TorStrings = {
},
authPrompt: {
description:
- getString("authPrompt.description", "%S is requesting your private
key."),
+ getString("authPrompt.description2", "%S is requesting that you
authenticate."),
keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your
key"),
done: getString("authPrompt.done", "Done"),
doneAccessKey: getString("authPrompt.doneAccessKey", "d"),
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-9.5-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
commit aace250e0ac5bb4b36004aadd0cab2d05c23d5d5
Author: Kathy Brade
Date: Tue Jun 9 13:58:12 2020 -0400
fixup! Bug 30237: Add v3 onion services client authentication prompt
Fixes bug 34362.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 8f3a9ce838b8..e8a8d37ae373 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -381,7 +381,7 @@ var TorStrings = {
},
authPrompt: {
description:
- getString("authPrompt.description", "%S is requesting your private
key."),
+ getString("authPrompt.description2", "%S is requesting that you
authenticate."),
keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your
key"),
done: getString("authPrompt.done", "Done"),
doneAccessKey: getString("authPrompt.doneAccessKey", "d"),
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torbutton/master] Bug 34362: Improve onion service authentication prompt
commit 605e9d398ab026ce53ec8ad106848bfe5ae5e627 Author: Kathy Brade Date: Tue Jun 9 13:59:12 2020 -0400 Bug 34362: Improve onion service authentication prompt To avoid misleading users about private key usage, change: example.onion is requesting your private key. to: example.onion is requesting that you authenticate. --- chrome/locale/en-US/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chrome/locale/en-US/torbutton.properties b/chrome/locale/en-US/torbutton.properties index 7b6c2d65..53651280 100644 --- a/chrome/locale/en-US/torbutton.properties +++ b/chrome/locale/en-US/torbutton.properties @@ -111,7 +111,7 @@ onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to onionServices.introTimedOut.longDescription=Details: %S â The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description=%S is requesting your private key. +onionServices.authPrompt.description2=%S is requesting that you authenticate. onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service onionServices.authPrompt.done=Done onionServices.authPrompt.doneAccessKey=d ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-9.5-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
commit 58ac4b710c63854d6285b437e241e0284b43dbee
Author: Kathy Brade
Date: Mon Jun 8 11:11:28 2020 -0400
fixup! Bug 30237: Add v3 onion services client authentication prompt
Fixes bug 34369.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 05bbfd63ef60..8f3a9ce838b8 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -333,7 +333,7 @@ var TorStrings = {
let retval = {
learnMore: getString("learnMore", "Learn more"),
- learnMoreURL:
`https://2019.www.torproject.org/docs/tor-manual-dev.html.${getLocale()}#_client_authorization`,
+ learnMoreURL:
`https://support.torproject.org/${getLocale()}/onionservices/client-auth/`,
errorPage: {
browser: getString("errorPage.browser", "Browser"),
network: getString("errorPage.network", "Network"),
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-10.0-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
commit 632beb89a79f17bdb0db266196c39b67fc11561f
Author: Kathy Brade
Date: Mon Jun 8 11:11:28 2020 -0400
fixup! Bug 30237: Add v3 onion services client authentication prompt
Fixes bug 34369.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 05bbfd63ef60..8f3a9ce838b8 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -333,7 +333,7 @@ var TorStrings = {
let retval = {
learnMore: getString("learnMore", "Learn more"),
- learnMoreURL:
`https://2019.www.torproject.org/docs/tor-manual-dev.html.${getLocale()}#_client_authorization`,
+ learnMoreURL:
`https://support.torproject.org/${getLocale()}/onionservices/client-auth/`,
errorPage: {
browser: getString("errorPage.browser", "Browser"),
network: getString("errorPage.network", "Network"),
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.4] Fix and update unittests.
commit 755b8252a431ecc07644dee7a98e4318fe2ff692
Author: George Kadianakis
Date: Thu Jun 11 13:44:50 2020 +0300
Fix and update unittests.
Co-authored-by: Florentin Rochet
---
src/test/test_entrynodes.c | 147 +++--
1 file changed, 102 insertions(+), 45 deletions(-)
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index 12b4fcde3..5ddd1a3db 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -390,12 +390,13 @@ test_entry_guard_encode_for_state_minimal(void *arg)
eg->confirmed_idx = -1;
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=wubwub "
"rsa_id=706C75727079666C75727079736C75727079646F "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"listed=0");
done:
@@ -421,10 +422,11 @@ test_entry_guard_encode_for_state_maximal(void *arg)
eg->currently_listed = 1;
eg->confirmed_on_date = 1479081690;
eg->confirmed_idx = 333;
+ eg->sampled_idx = 42;
eg->extra_state_fields = tor_strdup("and the green grass grew all around");
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=default "
@@ -432,6 +434,7 @@ test_entry_guard_encode_for_state_maximal(void *arg)
"bridge_addr=8.8.4.4: "
"nickname=Fred "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"sampled_by=1.2.3 "
"unlisted_since=2016-11-14T00:00:45 "
"listed=1 "
@@ -621,39 +624,47 @@ test_entry_guard_parse_from_state_full(void *arg)
const char STATE[] =
"Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 "
"nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=2 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=maibrunn sampled_on=2016-11-25T22:36:38 "
+"sampled_idx=3 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E "
"nickname=Unnamed sampled_on=2016-11-25T14:34:00 "
+"sampled_idx=10 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=bridges rsa_id=8F2E "
"bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev listed=1 "
"confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 "
"pb_circ_attempts=8.00 pb_circ_successes=8.00 "
"pb_successful_circuits_closed=13.00\n"
"Guard in=bridges rsa_id=5800 "
"bridge_addr=37.218.246.143:28366 "
-"sampled_on=2016-11-18T15:07:34 sampled_by=0.3.0.0-alpha-dev listed=1\n";
+"sampled_on=2016-11-18T15:07:34 sampled_idx=1 "
+"sampled_by=0.3.0.0-alpha-dev listed=1\n";
config_line_t *lines = NULL;
or_state_t *state = tor_malloc_zero(sizeof(or_state_t));
@@ -729,35 +740,42 @@ test_entry_guard_parse_from_state_full(void *arg)
tt_str_op(joined, OP_EQ,
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=mai
[tor-commits] [tor/release-0.4.4] Update functions that load and write the guard state file.
commit 714e235a3c5d428d897e90ae586b6c0c8a3f4c8d
Author: George Kadianakis
Date: Thu Jun 11 13:49:13 2020 +0300
Update functions that load and write the guard state file.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 68 ++---
src/feature/client/entrynodes.h | 3 +-
2 files changed, 59 insertions(+), 12 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 64005c1e6..2a000a47b 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2812,10 +2812,12 @@ entry_guards_update_all(guard_selection_t *gs)
/**
* Return a newly allocated string for encoding the persistent parts of
- * guard to the state file.
+ * guard to the state file. dense_sampled_idx refers to the
+ * sampled_idx made dense for this guard. Encoding all guards should
+ * lead to a dense array of sampled_idx in the state file.
*/
STATIC char *
-entry_guard_encode_for_state(entry_guard_t *guard)
+entry_guard_encode_for_state(entry_guard_t *guard, int dense_sampled_idx)
{
/*
* The meta-format we use is K=V K=V K=V... where K can be any
@@ -2844,7 +2846,8 @@ entry_guard_encode_for_state(entry_guard_t *guard)
format_iso_time_nospace(tbuf, guard->sampled_on_date);
smartlist_add_asprintf(result, "sampled_on=%s", tbuf);
-
+ // Replacing the sampled_idx by dense array
+ smartlist_add_asprintf(result, "sampled_idx=%d", dense_sampled_idx);
if (guard->sampled_by_version) {
smartlist_add_asprintf(result, "sampled_by=%s",
guard->sampled_by_version);
@@ -2900,11 +2903,12 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
- * Extract key=val from the state string s and duplicate the value to
+ * Extract key=val from the state string s and duplicate the value to
* some string target declared in entry_guard_parse_from_state
*/
-static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
-smartlist_t *extra, strmap_t *vals)
+static void
+parse_from_state_set_vals(const char *s, smartlist_t *entries, smartlist_t
+*extra, strmap_t *vals)
{
smartlist_split_string(entries, s, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
@@ -2933,8 +2937,9 @@ static void parse_from_state_set_vals(const char *s,
smartlist_t *entries,
/**
* Handle part of the parsing state file logic, focused on time related things
*/
-static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
-char *unlisted_since, char *confirmed_on)
+static void
+parse_from_state_handle_time(entry_guard_t *guard, char *sampled_on, char
+*unlisted_since, char *confirmed_on)
{
#define HANDLE_TIME(field) do { \
if (field) {\
@@ -2985,6 +2990,7 @@ entry_guard_parse_from_state(const char *s)
char *rsa_id = NULL;
char *nickname = NULL;
char *sampled_on = NULL;
+ char *sampled_idx = NULL;
char *sampled_by = NULL;
char *unlisted_since = NULL;
char *listed = NULL;
@@ -3001,6 +3007,7 @@ entry_guard_parse_from_state(const char *s)
char *pb_collapsed_circuits = NULL;
char *pb_unusable_circuits = NULL;
char *pb_timeouts = NULL;
+ int invalid_sampled_idx = get_max_sample_size_absolute();
/* Split up the entries. Put the ones we know about in strings and the
* rest in "extra". */
@@ -3014,6 +3021,7 @@ entry_guard_parse_from_state(const char *s)
FIELD(rsa_id);
FIELD(nickname);
FIELD(sampled_on);
+FIELD(sampled_idx);
FIELD(sampled_by);
FIELD(unlisted_since);
FIELD(listed);
@@ -3078,12 +3086,12 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
- parse_from_state_handle_time(guard, sampled_on, unlisted_since,
confirmed_on);
+ parse_from_state_handle_time(guard, sampled_on, unlisted_since,
+ confirmed_on);
/* Take sampled_by_version verbatim. */
guard->sampled_by_version = sampled_by;
sampled_by = NULL; /* prevent free */
-
/* Listed is a boolean */
if (listed && strcmp(listed, "0"))
guard->currently_listed = 1;
@@ -3101,6 +3109,29 @@ entry_guard_parse_from_state(const char *s)
}
}
+ if (sampled_idx) {
+int ok = 1;
+long idx = tor_parse_long(sampled_idx, 10, 0, INT_MAX, &ok, NULL);
+if (!ok) {
+ log_warn(LD_GUARD, "Guard has invalid sampled_idx %s",
+ escaped(sampled_idx));
+ /* set it to a idx higher than the max sample size */
+ guard->sampled_idx = invalid_sampled_idx++;
+} else {
+ guard->sampled_idx = (int)idx;
+}
+ } else if (confirmed_idx) {
+/* This state has been written by an older Tor version which did not have
+ * sample ordering */
+
+guard->sampled_idx = guard->confirmed_idx;
+ } else {
+log_warn(LD_GUARD, "The state file seems to be into a status that could"
+" yield to weird entr
[tor-commits] [tor/release-0.4.4] Pick guards on the order they were sampled (prop310).
commit d2c3b6ea1e7eb0fb351df620517fd2e271899399
Author: George Kadianakis
Date: Thu Jun 11 13:49:00 2020 +0300
Pick guards on the order they were sampled (prop310).
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 91 +
src/feature/client/entrynodes.h | 22 --
2 files changed, 83 insertions(+), 30 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 3d2abd920..64005c1e6 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -47,8 +47,7 @@
* As a persistent ordered list whose elements are taken from the
* sampled set, we track a CONFIRMED GUARDS LIST. A guard becomes
* confirmed when we successfully build a circuit through it, and decide
- * to use that circuit. We order the guards on this list by the order
- * in which they became confirmed.
+ * to use that circuit.
*
* And as a final group, we have an ordered list of PRIMARY GUARDS,
* whose elements are taken from the filtered set. We prefer
@@ -59,7 +58,7 @@
*
* To build circuits, we take a primary guard if possible -- or a
* reachable filtered confirmed guard if no primary guard is possible --
- * or a random reachable filtered guard otherwise. If the guard is
+ * or the first (by sampled order) filtered guard otherwise. If the guard is
* primary, we can use the circuit immediately on success. Otherwise,
* the guard is now "pending" -- we won't use its circuit unless all
* of the circuits we're trying to build through better guards have
@@ -92,14 +91,18 @@
* [x] Whenever we remove a guard from the sample, remove it from the primary
* and confirmed lists.
*
- * [x] When we make a guard confirmed, update the primary list.
+ * [x] When we make a guard confirmed, update the primary list, and sort them
+ * by sampled order.
*
* [x] When we make a guard filtered or unfiltered, update the primary list.
*
* [x] When we are about to pick a guard, make sure that the primary list is
* full.
*
- * [x] Before calling sample_reachable_filtered_entry_guards(), make sure
+ * [x] When we update the confirmed list, or when we re-build the primary list
+ * and detect a change, we sort those lists by sampled_idx
+ *
+ * [x] Before calling first_reachable_filtered_entry_guard(), make sure
* that the filtered, primary, and confirmed flags are up-to-date.
*
* [x] Call entry_guard_consider_retry every time we are about to check
@@ -172,6 +175,7 @@ static entry_guard_t
*get_sampled_guard_by_bridge_addr(guard_selection_t *gs,
const tor_addr_port_t *addrport);
static int entry_guard_obeys_restriction(const entry_guard_t *guard,
const entry_guard_restriction_t *rst);
+static int compare_guards_by_sampled_idx(const void **a_, const void **b_);
/** Return 0 if we should apply guardfraction information found in the
* consensus. A specific consensus can be specified with the
@@ -890,6 +894,7 @@ entry_guard_add_to_sample_impl(guard_selection_t *gs,
tor_free(guard->sampled_by_version);
guard->sampled_by_version = tor_strdup(VERSION);
guard->currently_listed = 1;
+ guard->sampled_idx = gs->next_sampled_idx++;
guard->confirmed_idx = -1;
/* non-persistent fields */
@@ -1383,7 +1388,7 @@ sampled_guards_prune_obsolete_entries(guard_selection_t
*gs,
if (rmv) {
++n_changes;
- SMARTLIST_DEL_CURRENT(gs->sampled_entry_guards, guard);
+ SMARTLIST_DEL_CURRENT_KEEPORDER(gs->sampled_entry_guards, guard);
remove_guard_from_confirmed_and_primary_lists(gs, guard);
entry_guard_free(guard);
}
@@ -1707,7 +1712,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
}
/**
- * Return a random guard from the reachable filtered sample guards
+ * Return the first sampled guard from the reachable filtered sample guards
* in gs, subject to the exclusion rules listed in flags.
* Return NULL if no such guard can be found.
*
@@ -1718,7 +1723,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
* violate it.
**/
STATIC entry_guard_t *
-sample_reachable_filtered_entry_guards(guard_selection_t *gs,
+first_reachable_filtered_entry_guard(guard_selection_t *gs,
const entry_guard_restriction_t *rst,
unsigned flags)
{
@@ -1771,7 +1776,17 @@ sample_reachable_filtered_entry_guards(guard_selection_t
*gs,
flags, smartlist_len(reachable_filtered_sample));
if (smartlist_len(reachable_filtered_sample)) {
-result = smartlist_choose(reachable_filtered_sample);
+/**
+ * Get the first guard of the filtered set builds from
+ * sampled_entry_guards. Proposal 310 suggests this design to overcome
+ * performance and security issues linked to the previous selection
+ * method. The guard selected here should be filtered
[tor-commits] [tor/release-0.4.4] Fold in a changes file and update exceptions.txt.
commit 52edea121e34dbbecc009a9f18fbc508db247ebe Author: George Kadianakis Date: Thu Jun 11 13:45:00 2020 +0300 Fold in a changes file and update exceptions.txt. Co-authored-by: Florentin Rochet --- changes/ticket32088 | 13 + scripts/maint/practracker/exceptions.txt | 4 ++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/changes/ticket32088 b/changes/ticket32088 new file mode 100644 index 0..0d4fc7475 --- /dev/null +++ b/changes/ticket32088 @@ -0,0 +1,13 @@ + o Major features (Proposal 310, performance + security): +- Implements Proposal 310 - Bandaid on guard selection. + Proposal 310 solves a load-balancing issue within Prop271 which strongly + impact experimental research with Shadow. + Security improvement: Proposal 310 prevents any newly Guard relay to + have a chance to get into the primary list of older Tor clients, + except if the N first sampled guards of these clients are unreachable. + Implements recommendation from 32088. + + Proposal 310 is linked to the CLAPS project researching optimal + client location-aware path selections. This project is a collaboration + between the UCLouvain Crypto Group, the U.S. Naval Research Laboratory and + Princeton University. diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index fc9a05c84..35e860d8b 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -182,10 +182,10 @@ problem function-size /src/feature/client/addressmap.c:addressmap_rewrite() 109 problem function-size /src/feature/client/bridges.c:rewrite_node_address_for_bridge() 125 problem function-size /src/feature/client/circpathbias.c:pathbias_measure_close_rate() 108 problem function-size /src/feature/client/dnsserv.c:evdns_server_callback() 153 -problem file-size /src/feature/client/entrynodes.c 3827 +problem file-size /src/feature/client/entrynodes.c 4000 problem function-size /src/feature/client/entrynodes.c:entry_guards_upgrade_waiting_circuits() 155 problem function-size /src/feature/client/entrynodes.c:entry_guard_parse_from_state() 246 -problem file-size /src/feature/client/entrynodes.h 639 +problem file-size /src/feature/client/entrynodes.h 700 problem function-size /src/feature/client/transports.c:handle_proxy_line() 108 problem function-size /src/feature/client/transports.c:parse_method_line_helper() 110 problem function-size /src/feature/client/transports.c:create_managed_proxy_environment() 111 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.4.4] Refactor some guard state file parsing code into functions.
commit 7bf0587ef1c25d739a8eadf9b747d3a68c99ff51
Author: Florentin Rochet
Date: Wed Apr 22 20:36:16 2020 +0200
Refactor some guard state file parsing code into functions.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 128 +++-
1 file changed, 73 insertions(+), 55 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index ded7db969..3d2abd920 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2861,6 +2861,76 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
+ * Extract key=val from the state string s and duplicate the value to
+ * some string target declared in entry_guard_parse_from_state
+ */
+static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
+smartlist_t *extra, strmap_t *vals)
+{
+smartlist_split_string(entries, s, " ",
+ SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
+
+SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
+ const char *eq = strchr(entry, '=');
+ if (!eq) {
+smartlist_add(extra, entry);
+continue;
+ }
+ char *key = tor_strndup(entry, eq-entry);
+ char **target = strmap_get(vals, key);
+ if (target == NULL || *target != NULL) {
+/* unrecognized or already set */
+smartlist_add(extra, entry);
+tor_free(key);
+continue;
+ }
+
+ *target = tor_strdup(eq+1);
+ tor_free(key);
+ tor_free(entry);
+} SMARTLIST_FOREACH_END(entry);
+}
+
+/**
+ * Handle part of the parsing state file logic, focused on time related things
+ */
+static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
+char *unlisted_since, char *confirmed_on)
+{
+#define HANDLE_TIME(field) do { \
+if (field) {\
+ int r = parse_iso_time_nospace(field, &field ## _time); \
+ if (r < 0) { \
+log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
+ #field, escaped(field)); \
+field##_time = -1; \
+ } \
+} \
+ } while (0)
+
+ time_t sampled_on_time = 0;
+ time_t unlisted_since_time = 0;
+ time_t confirmed_on_time = 0;
+
+ HANDLE_TIME(sampled_on);
+ HANDLE_TIME(unlisted_since);
+ HANDLE_TIME(confirmed_on);
+
+ if (sampled_on_time <= 0)
+sampled_on_time = approx_time();
+ if (unlisted_since_time < 0)
+unlisted_since_time = 0;
+ if (confirmed_on_time < 0)
+confirmed_on_time = 0;
+
+ #undef HANDLE_TIME
+
+ guard->sampled_on_date = sampled_on_time;
+ guard->unlisted_since_date = unlisted_since_time;
+ guard->confirmed_on_date = confirmed_on_time;
+}
+
+/**
* Given a string generated by entry_guard_encode_for_state(), parse it
* (if possible) and return an entry_guard_t object for it. Return NULL
* on complete failure.
@@ -2920,29 +2990,8 @@ entry_guard_parse_from_state(const char *s)
FIELD(pb_unusable_circuits);
FIELD(pb_timeouts);
#undef FIELD
-
-smartlist_split_string(entries, s, " ",
- SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
-
-SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
- const char *eq = strchr(entry, '=');
- if (!eq) {
-smartlist_add(extra, entry);
-continue;
- }
- char *key = tor_strndup(entry, eq-entry);
- char **target = strmap_get(vals, key);
- if (target == NULL || *target != NULL) {
-/* unrecognized or already set */
-smartlist_add(extra, entry);
-tor_free(key);
-continue;
- }
-
- *target = tor_strdup(eq+1);
- tor_free(key);
- tor_free(entry);
-} SMARTLIST_FOREACH_END(entry);
+/* Extract from s the key=val that we recognize, put the others in extra*/
+parse_from_state_set_vals(s, entries, extra, vals);
smartlist_free(entries);
strmap_free(vals, NULL);
@@ -2990,38 +3039,7 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
-
-#define HANDLE_TIME(field) do { \
-if (field) {\
- int r = parse_iso_time_nospace(field, &field ## _time); \
- if (r < 0) { \
-log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
- #field, escaped(field)); \
-field##_time = -1; \
- } \
-} \
- } while (0)
-
- time_t sampled_on_time = 0;
- time_t unlisted_since_
[tor-commits] [tor/master] Merge branch 'maint-0.4.4'
commit 3cb77a9cca44e6ad4f582d6b68fec51a5d6efdff Merge: 1797d0516 52edea121 Author: George Kadianakis Date: Thu Jun 11 17:29:54 2020 +0300 Merge branch 'maint-0.4.4' changes/ticket32088 | 13 ++ scripts/maint/practracker/exceptions.txt | 4 +- src/feature/client/entrynodes.c | 275 +-- src/feature/client/entrynodes.h | 25 ++- src/test/test_entrynodes.c | 147 - 5 files changed, 326 insertions(+), 138 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix and update unittests.
commit 755b8252a431ecc07644dee7a98e4318fe2ff692
Author: George Kadianakis
Date: Thu Jun 11 13:44:50 2020 +0300
Fix and update unittests.
Co-authored-by: Florentin Rochet
---
src/test/test_entrynodes.c | 147 +++--
1 file changed, 102 insertions(+), 45 deletions(-)
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index 12b4fcde3..5ddd1a3db 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -390,12 +390,13 @@ test_entry_guard_encode_for_state_minimal(void *arg)
eg->confirmed_idx = -1;
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=wubwub "
"rsa_id=706C75727079666C75727079736C75727079646F "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"listed=0");
done:
@@ -421,10 +422,11 @@ test_entry_guard_encode_for_state_maximal(void *arg)
eg->currently_listed = 1;
eg->confirmed_on_date = 1479081690;
eg->confirmed_idx = 333;
+ eg->sampled_idx = 42;
eg->extra_state_fields = tor_strdup("and the green grass grew all around");
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=default "
@@ -432,6 +434,7 @@ test_entry_guard_encode_for_state_maximal(void *arg)
"bridge_addr=8.8.4.4: "
"nickname=Fred "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"sampled_by=1.2.3 "
"unlisted_since=2016-11-14T00:00:45 "
"listed=1 "
@@ -621,39 +624,47 @@ test_entry_guard_parse_from_state_full(void *arg)
const char STATE[] =
"Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 "
"nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=2 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=maibrunn sampled_on=2016-11-25T22:36:38 "
+"sampled_idx=3 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E "
"nickname=Unnamed sampled_on=2016-11-25T14:34:00 "
+"sampled_idx=10 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=bridges rsa_id=8F2E "
"bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev listed=1 "
"confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 "
"pb_circ_attempts=8.00 pb_circ_successes=8.00 "
"pb_successful_circuits_closed=13.00\n"
"Guard in=bridges rsa_id=5800 "
"bridge_addr=37.218.246.143:28366 "
-"sampled_on=2016-11-18T15:07:34 sampled_by=0.3.0.0-alpha-dev listed=1\n";
+"sampled_on=2016-11-18T15:07:34 sampled_idx=1 "
+"sampled_by=0.3.0.0-alpha-dev listed=1\n";
config_line_t *lines = NULL;
or_state_t *state = tor_malloc_zero(sizeof(or_state_t));
@@ -729,35 +740,42 @@ test_entry_guard_parse_from_state_full(void *arg)
tt_str_op(joined, OP_EQ,
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=mai
[tor-commits] [tor/master] Refactor some guard state file parsing code into functions.
commit 7bf0587ef1c25d739a8eadf9b747d3a68c99ff51
Author: Florentin Rochet
Date: Wed Apr 22 20:36:16 2020 +0200
Refactor some guard state file parsing code into functions.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 128 +++-
1 file changed, 73 insertions(+), 55 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index ded7db969..3d2abd920 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2861,6 +2861,76 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
+ * Extract key=val from the state string s and duplicate the value to
+ * some string target declared in entry_guard_parse_from_state
+ */
+static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
+smartlist_t *extra, strmap_t *vals)
+{
+smartlist_split_string(entries, s, " ",
+ SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
+
+SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
+ const char *eq = strchr(entry, '=');
+ if (!eq) {
+smartlist_add(extra, entry);
+continue;
+ }
+ char *key = tor_strndup(entry, eq-entry);
+ char **target = strmap_get(vals, key);
+ if (target == NULL || *target != NULL) {
+/* unrecognized or already set */
+smartlist_add(extra, entry);
+tor_free(key);
+continue;
+ }
+
+ *target = tor_strdup(eq+1);
+ tor_free(key);
+ tor_free(entry);
+} SMARTLIST_FOREACH_END(entry);
+}
+
+/**
+ * Handle part of the parsing state file logic, focused on time related things
+ */
+static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
+char *unlisted_since, char *confirmed_on)
+{
+#define HANDLE_TIME(field) do { \
+if (field) {\
+ int r = parse_iso_time_nospace(field, &field ## _time); \
+ if (r < 0) { \
+log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
+ #field, escaped(field)); \
+field##_time = -1; \
+ } \
+} \
+ } while (0)
+
+ time_t sampled_on_time = 0;
+ time_t unlisted_since_time = 0;
+ time_t confirmed_on_time = 0;
+
+ HANDLE_TIME(sampled_on);
+ HANDLE_TIME(unlisted_since);
+ HANDLE_TIME(confirmed_on);
+
+ if (sampled_on_time <= 0)
+sampled_on_time = approx_time();
+ if (unlisted_since_time < 0)
+unlisted_since_time = 0;
+ if (confirmed_on_time < 0)
+confirmed_on_time = 0;
+
+ #undef HANDLE_TIME
+
+ guard->sampled_on_date = sampled_on_time;
+ guard->unlisted_since_date = unlisted_since_time;
+ guard->confirmed_on_date = confirmed_on_time;
+}
+
+/**
* Given a string generated by entry_guard_encode_for_state(), parse it
* (if possible) and return an entry_guard_t object for it. Return NULL
* on complete failure.
@@ -2920,29 +2990,8 @@ entry_guard_parse_from_state(const char *s)
FIELD(pb_unusable_circuits);
FIELD(pb_timeouts);
#undef FIELD
-
-smartlist_split_string(entries, s, " ",
- SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
-
-SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
- const char *eq = strchr(entry, '=');
- if (!eq) {
-smartlist_add(extra, entry);
-continue;
- }
- char *key = tor_strndup(entry, eq-entry);
- char **target = strmap_get(vals, key);
- if (target == NULL || *target != NULL) {
-/* unrecognized or already set */
-smartlist_add(extra, entry);
-tor_free(key);
-continue;
- }
-
- *target = tor_strdup(eq+1);
- tor_free(key);
- tor_free(entry);
-} SMARTLIST_FOREACH_END(entry);
+/* Extract from s the key=val that we recognize, put the others in extra*/
+parse_from_state_set_vals(s, entries, extra, vals);
smartlist_free(entries);
strmap_free(vals, NULL);
@@ -2990,38 +3039,7 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
-
-#define HANDLE_TIME(field) do { \
-if (field) {\
- int r = parse_iso_time_nospace(field, &field ## _time); \
- if (r < 0) { \
-log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
- #field, escaped(field)); \
-field##_time = -1; \
- } \
-} \
- } while (0)
-
- time_t sampled_on_time = 0;
- time_t unlisted_since_
[tor-commits] [tor/master] Pick guards on the order they were sampled (prop310).
commit d2c3b6ea1e7eb0fb351df620517fd2e271899399
Author: George Kadianakis
Date: Thu Jun 11 13:49:00 2020 +0300
Pick guards on the order they were sampled (prop310).
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 91 +
src/feature/client/entrynodes.h | 22 --
2 files changed, 83 insertions(+), 30 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 3d2abd920..64005c1e6 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -47,8 +47,7 @@
* As a persistent ordered list whose elements are taken from the
* sampled set, we track a CONFIRMED GUARDS LIST. A guard becomes
* confirmed when we successfully build a circuit through it, and decide
- * to use that circuit. We order the guards on this list by the order
- * in which they became confirmed.
+ * to use that circuit.
*
* And as a final group, we have an ordered list of PRIMARY GUARDS,
* whose elements are taken from the filtered set. We prefer
@@ -59,7 +58,7 @@
*
* To build circuits, we take a primary guard if possible -- or a
* reachable filtered confirmed guard if no primary guard is possible --
- * or a random reachable filtered guard otherwise. If the guard is
+ * or the first (by sampled order) filtered guard otherwise. If the guard is
* primary, we can use the circuit immediately on success. Otherwise,
* the guard is now "pending" -- we won't use its circuit unless all
* of the circuits we're trying to build through better guards have
@@ -92,14 +91,18 @@
* [x] Whenever we remove a guard from the sample, remove it from the primary
* and confirmed lists.
*
- * [x] When we make a guard confirmed, update the primary list.
+ * [x] When we make a guard confirmed, update the primary list, and sort them
+ * by sampled order.
*
* [x] When we make a guard filtered or unfiltered, update the primary list.
*
* [x] When we are about to pick a guard, make sure that the primary list is
* full.
*
- * [x] Before calling sample_reachable_filtered_entry_guards(), make sure
+ * [x] When we update the confirmed list, or when we re-build the primary list
+ * and detect a change, we sort those lists by sampled_idx
+ *
+ * [x] Before calling first_reachable_filtered_entry_guard(), make sure
* that the filtered, primary, and confirmed flags are up-to-date.
*
* [x] Call entry_guard_consider_retry every time we are about to check
@@ -172,6 +175,7 @@ static entry_guard_t
*get_sampled_guard_by_bridge_addr(guard_selection_t *gs,
const tor_addr_port_t *addrport);
static int entry_guard_obeys_restriction(const entry_guard_t *guard,
const entry_guard_restriction_t *rst);
+static int compare_guards_by_sampled_idx(const void **a_, const void **b_);
/** Return 0 if we should apply guardfraction information found in the
* consensus. A specific consensus can be specified with the
@@ -890,6 +894,7 @@ entry_guard_add_to_sample_impl(guard_selection_t *gs,
tor_free(guard->sampled_by_version);
guard->sampled_by_version = tor_strdup(VERSION);
guard->currently_listed = 1;
+ guard->sampled_idx = gs->next_sampled_idx++;
guard->confirmed_idx = -1;
/* non-persistent fields */
@@ -1383,7 +1388,7 @@ sampled_guards_prune_obsolete_entries(guard_selection_t
*gs,
if (rmv) {
++n_changes;
- SMARTLIST_DEL_CURRENT(gs->sampled_entry_guards, guard);
+ SMARTLIST_DEL_CURRENT_KEEPORDER(gs->sampled_entry_guards, guard);
remove_guard_from_confirmed_and_primary_lists(gs, guard);
entry_guard_free(guard);
}
@@ -1707,7 +1712,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
}
/**
- * Return a random guard from the reachable filtered sample guards
+ * Return the first sampled guard from the reachable filtered sample guards
* in gs, subject to the exclusion rules listed in flags.
* Return NULL if no such guard can be found.
*
@@ -1718,7 +1723,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
* violate it.
**/
STATIC entry_guard_t *
-sample_reachable_filtered_entry_guards(guard_selection_t *gs,
+first_reachable_filtered_entry_guard(guard_selection_t *gs,
const entry_guard_restriction_t *rst,
unsigned flags)
{
@@ -1771,7 +1776,17 @@ sample_reachable_filtered_entry_guards(guard_selection_t
*gs,
flags, smartlist_len(reachable_filtered_sample));
if (smartlist_len(reachable_filtered_sample)) {
-result = smartlist_choose(reachable_filtered_sample);
+/**
+ * Get the first guard of the filtered set builds from
+ * sampled_entry_guards. Proposal 310 suggests this design to overcome
+ * performance and security issues linked to the previous selection
+ * method. The guard selected here should be filtered
[tor-commits] [tor/master] Update functions that load and write the guard state file.
commit 714e235a3c5d428d897e90ae586b6c0c8a3f4c8d
Author: George Kadianakis
Date: Thu Jun 11 13:49:13 2020 +0300
Update functions that load and write the guard state file.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 68 ++---
src/feature/client/entrynodes.h | 3 +-
2 files changed, 59 insertions(+), 12 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 64005c1e6..2a000a47b 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2812,10 +2812,12 @@ entry_guards_update_all(guard_selection_t *gs)
/**
* Return a newly allocated string for encoding the persistent parts of
- * guard to the state file.
+ * guard to the state file. dense_sampled_idx refers to the
+ * sampled_idx made dense for this guard. Encoding all guards should
+ * lead to a dense array of sampled_idx in the state file.
*/
STATIC char *
-entry_guard_encode_for_state(entry_guard_t *guard)
+entry_guard_encode_for_state(entry_guard_t *guard, int dense_sampled_idx)
{
/*
* The meta-format we use is K=V K=V K=V... where K can be any
@@ -2844,7 +2846,8 @@ entry_guard_encode_for_state(entry_guard_t *guard)
format_iso_time_nospace(tbuf, guard->sampled_on_date);
smartlist_add_asprintf(result, "sampled_on=%s", tbuf);
-
+ // Replacing the sampled_idx by dense array
+ smartlist_add_asprintf(result, "sampled_idx=%d", dense_sampled_idx);
if (guard->sampled_by_version) {
smartlist_add_asprintf(result, "sampled_by=%s",
guard->sampled_by_version);
@@ -2900,11 +2903,12 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
- * Extract key=val from the state string s and duplicate the value to
+ * Extract key=val from the state string s and duplicate the value to
* some string target declared in entry_guard_parse_from_state
*/
-static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
-smartlist_t *extra, strmap_t *vals)
+static void
+parse_from_state_set_vals(const char *s, smartlist_t *entries, smartlist_t
+*extra, strmap_t *vals)
{
smartlist_split_string(entries, s, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
@@ -2933,8 +2937,9 @@ static void parse_from_state_set_vals(const char *s,
smartlist_t *entries,
/**
* Handle part of the parsing state file logic, focused on time related things
*/
-static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
-char *unlisted_since, char *confirmed_on)
+static void
+parse_from_state_handle_time(entry_guard_t *guard, char *sampled_on, char
+*unlisted_since, char *confirmed_on)
{
#define HANDLE_TIME(field) do { \
if (field) {\
@@ -2985,6 +2990,7 @@ entry_guard_parse_from_state(const char *s)
char *rsa_id = NULL;
char *nickname = NULL;
char *sampled_on = NULL;
+ char *sampled_idx = NULL;
char *sampled_by = NULL;
char *unlisted_since = NULL;
char *listed = NULL;
@@ -3001,6 +3007,7 @@ entry_guard_parse_from_state(const char *s)
char *pb_collapsed_circuits = NULL;
char *pb_unusable_circuits = NULL;
char *pb_timeouts = NULL;
+ int invalid_sampled_idx = get_max_sample_size_absolute();
/* Split up the entries. Put the ones we know about in strings and the
* rest in "extra". */
@@ -3014,6 +3021,7 @@ entry_guard_parse_from_state(const char *s)
FIELD(rsa_id);
FIELD(nickname);
FIELD(sampled_on);
+FIELD(sampled_idx);
FIELD(sampled_by);
FIELD(unlisted_since);
FIELD(listed);
@@ -3078,12 +3086,12 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
- parse_from_state_handle_time(guard, sampled_on, unlisted_since,
confirmed_on);
+ parse_from_state_handle_time(guard, sampled_on, unlisted_since,
+ confirmed_on);
/* Take sampled_by_version verbatim. */
guard->sampled_by_version = sampled_by;
sampled_by = NULL; /* prevent free */
-
/* Listed is a boolean */
if (listed && strcmp(listed, "0"))
guard->currently_listed = 1;
@@ -3101,6 +3109,29 @@ entry_guard_parse_from_state(const char *s)
}
}
+ if (sampled_idx) {
+int ok = 1;
+long idx = tor_parse_long(sampled_idx, 10, 0, INT_MAX, &ok, NULL);
+if (!ok) {
+ log_warn(LD_GUARD, "Guard has invalid sampled_idx %s",
+ escaped(sampled_idx));
+ /* set it to a idx higher than the max sample size */
+ guard->sampled_idx = invalid_sampled_idx++;
+} else {
+ guard->sampled_idx = (int)idx;
+}
+ } else if (confirmed_idx) {
+/* This state has been written by an older Tor version which did not have
+ * sample ordering */
+
+guard->sampled_idx = guard->confirmed_idx;
+ } else {
+log_warn(LD_GUARD, "The state file seems to be into a status that could"
+" yield to weird entr
[tor-commits] [tor/master] Fold in a changes file and update exceptions.txt.
commit 52edea121e34dbbecc009a9f18fbc508db247ebe Author: George Kadianakis Date: Thu Jun 11 13:45:00 2020 +0300 Fold in a changes file and update exceptions.txt. Co-authored-by: Florentin Rochet --- changes/ticket32088 | 13 + scripts/maint/practracker/exceptions.txt | 4 ++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/changes/ticket32088 b/changes/ticket32088 new file mode 100644 index 0..0d4fc7475 --- /dev/null +++ b/changes/ticket32088 @@ -0,0 +1,13 @@ + o Major features (Proposal 310, performance + security): +- Implements Proposal 310 - Bandaid on guard selection. + Proposal 310 solves a load-balancing issue within Prop271 which strongly + impact experimental research with Shadow. + Security improvement: Proposal 310 prevents any newly Guard relay to + have a chance to get into the primary list of older Tor clients, + except if the N first sampled guards of these clients are unreachable. + Implements recommendation from 32088. + + Proposal 310 is linked to the CLAPS project researching optimal + client location-aware path selections. This project is a collaboration + between the UCLouvain Crypto Group, the U.S. Naval Research Laboratory and + Princeton University. diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index fc9a05c84..35e860d8b 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -182,10 +182,10 @@ problem function-size /src/feature/client/addressmap.c:addressmap_rewrite() 109 problem function-size /src/feature/client/bridges.c:rewrite_node_address_for_bridge() 125 problem function-size /src/feature/client/circpathbias.c:pathbias_measure_close_rate() 108 problem function-size /src/feature/client/dnsserv.c:evdns_server_callback() 153 -problem file-size /src/feature/client/entrynodes.c 3827 +problem file-size /src/feature/client/entrynodes.c 4000 problem function-size /src/feature/client/entrynodes.c:entry_guards_upgrade_waiting_circuits() 155 problem function-size /src/feature/client/entrynodes.c:entry_guard_parse_from_state() 246 -problem file-size /src/feature/client/entrynodes.h 639 +problem file-size /src/feature/client/entrynodes.h 700 problem function-size /src/feature/client/transports.c:handle_proxy_line() 108 problem function-size /src/feature/client/transports.c:parse_method_line_helper() 110 problem function-size /src/feature/client/transports.c:create_managed_proxy_environment() 111 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.4] Fix and update unittests.
commit 755b8252a431ecc07644dee7a98e4318fe2ff692
Author: George Kadianakis
Date: Thu Jun 11 13:44:50 2020 +0300
Fix and update unittests.
Co-authored-by: Florentin Rochet
---
src/test/test_entrynodes.c | 147 +++--
1 file changed, 102 insertions(+), 45 deletions(-)
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index 12b4fcde3..5ddd1a3db 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -390,12 +390,13 @@ test_entry_guard_encode_for_state_minimal(void *arg)
eg->confirmed_idx = -1;
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=wubwub "
"rsa_id=706C75727079666C75727079736C75727079646F "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"listed=0");
done:
@@ -421,10 +422,11 @@ test_entry_guard_encode_for_state_maximal(void *arg)
eg->currently_listed = 1;
eg->confirmed_on_date = 1479081690;
eg->confirmed_idx = 333;
+ eg->sampled_idx = 42;
eg->extra_state_fields = tor_strdup("and the green grass grew all around");
char *s = NULL;
- s = entry_guard_encode_for_state(eg);
+ s = entry_guard_encode_for_state(eg, 0);
tt_str_op(s, OP_EQ,
"in=default "
@@ -432,6 +434,7 @@ test_entry_guard_encode_for_state_maximal(void *arg)
"bridge_addr=8.8.4.4: "
"nickname=Fred "
"sampled_on=2016-11-14T00:00:00 "
+"sampled_idx=0 "
"sampled_by=1.2.3 "
"unlisted_since=2016-11-14T00:00:45 "
"listed=1 "
@@ -621,39 +624,47 @@ test_entry_guard_parse_from_state_full(void *arg)
const char STATE[] =
"Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 "
"nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=2 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=maibrunn sampled_on=2016-11-25T22:36:38 "
+"sampled_idx=3 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E "
"nickname=Unnamed sampled_on=2016-11-25T14:34:00 "
+"sampled_idx=10 "
"sampled_by=0.3.0.0-alpha-dev listed=1\n"
"Guard in=bridges rsa_id=8F2E "
"bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev listed=1 "
"confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 "
"pb_circ_attempts=8.00 pb_circ_successes=8.00 "
"pb_successful_circuits_closed=13.00\n"
"Guard in=bridges rsa_id=5800 "
"bridge_addr=37.218.246.143:28366 "
-"sampled_on=2016-11-18T15:07:34 sampled_by=0.3.0.0-alpha-dev listed=1\n";
+"sampled_on=2016-11-18T15:07:34 sampled_idx=1 "
+"sampled_by=0.3.0.0-alpha-dev listed=1\n";
config_line_t *lines = NULL;
or_state_t *state = tor_malloc_zero(sizeof(or_state_t));
@@ -729,35 +740,42 @@ test_entry_guard_parse_from_state_full(void *arg)
tt_str_op(joined, OP_EQ,
"Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
"nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
+"sampled_idx=0 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
"pb_circ_attempts=4.00 pb_circ_successes=2.00 "
"pb_successful_circuits_closed=2.00\n"
"Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
"nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
+"sampled_idx=1 "
"sampled_by=0.3.0.0-alpha-dev "
"listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 "
"pb_circ_attempts=5.00 pb_circ_successes=5.00 "
"pb_successful_circuits_closed=5.00\n"
"Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
"nickname=mai
[tor-commits] [tor/maint-0.4.4] Update functions that load and write the guard state file.
commit 714e235a3c5d428d897e90ae586b6c0c8a3f4c8d
Author: George Kadianakis
Date: Thu Jun 11 13:49:13 2020 +0300
Update functions that load and write the guard state file.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 68 ++---
src/feature/client/entrynodes.h | 3 +-
2 files changed, 59 insertions(+), 12 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 64005c1e6..2a000a47b 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2812,10 +2812,12 @@ entry_guards_update_all(guard_selection_t *gs)
/**
* Return a newly allocated string for encoding the persistent parts of
- * guard to the state file.
+ * guard to the state file. dense_sampled_idx refers to the
+ * sampled_idx made dense for this guard. Encoding all guards should
+ * lead to a dense array of sampled_idx in the state file.
*/
STATIC char *
-entry_guard_encode_for_state(entry_guard_t *guard)
+entry_guard_encode_for_state(entry_guard_t *guard, int dense_sampled_idx)
{
/*
* The meta-format we use is K=V K=V K=V... where K can be any
@@ -2844,7 +2846,8 @@ entry_guard_encode_for_state(entry_guard_t *guard)
format_iso_time_nospace(tbuf, guard->sampled_on_date);
smartlist_add_asprintf(result, "sampled_on=%s", tbuf);
-
+ // Replacing the sampled_idx by dense array
+ smartlist_add_asprintf(result, "sampled_idx=%d", dense_sampled_idx);
if (guard->sampled_by_version) {
smartlist_add_asprintf(result, "sampled_by=%s",
guard->sampled_by_version);
@@ -2900,11 +2903,12 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
- * Extract key=val from the state string s and duplicate the value to
+ * Extract key=val from the state string s and duplicate the value to
* some string target declared in entry_guard_parse_from_state
*/
-static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
-smartlist_t *extra, strmap_t *vals)
+static void
+parse_from_state_set_vals(const char *s, smartlist_t *entries, smartlist_t
+*extra, strmap_t *vals)
{
smartlist_split_string(entries, s, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
@@ -2933,8 +2937,9 @@ static void parse_from_state_set_vals(const char *s,
smartlist_t *entries,
/**
* Handle part of the parsing state file logic, focused on time related things
*/
-static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
-char *unlisted_since, char *confirmed_on)
+static void
+parse_from_state_handle_time(entry_guard_t *guard, char *sampled_on, char
+*unlisted_since, char *confirmed_on)
{
#define HANDLE_TIME(field) do { \
if (field) {\
@@ -2985,6 +2990,7 @@ entry_guard_parse_from_state(const char *s)
char *rsa_id = NULL;
char *nickname = NULL;
char *sampled_on = NULL;
+ char *sampled_idx = NULL;
char *sampled_by = NULL;
char *unlisted_since = NULL;
char *listed = NULL;
@@ -3001,6 +3007,7 @@ entry_guard_parse_from_state(const char *s)
char *pb_collapsed_circuits = NULL;
char *pb_unusable_circuits = NULL;
char *pb_timeouts = NULL;
+ int invalid_sampled_idx = get_max_sample_size_absolute();
/* Split up the entries. Put the ones we know about in strings and the
* rest in "extra". */
@@ -3014,6 +3021,7 @@ entry_guard_parse_from_state(const char *s)
FIELD(rsa_id);
FIELD(nickname);
FIELD(sampled_on);
+FIELD(sampled_idx);
FIELD(sampled_by);
FIELD(unlisted_since);
FIELD(listed);
@@ -3078,12 +3086,12 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
- parse_from_state_handle_time(guard, sampled_on, unlisted_since,
confirmed_on);
+ parse_from_state_handle_time(guard, sampled_on, unlisted_since,
+ confirmed_on);
/* Take sampled_by_version verbatim. */
guard->sampled_by_version = sampled_by;
sampled_by = NULL; /* prevent free */
-
/* Listed is a boolean */
if (listed && strcmp(listed, "0"))
guard->currently_listed = 1;
@@ -3101,6 +3109,29 @@ entry_guard_parse_from_state(const char *s)
}
}
+ if (sampled_idx) {
+int ok = 1;
+long idx = tor_parse_long(sampled_idx, 10, 0, INT_MAX, &ok, NULL);
+if (!ok) {
+ log_warn(LD_GUARD, "Guard has invalid sampled_idx %s",
+ escaped(sampled_idx));
+ /* set it to a idx higher than the max sample size */
+ guard->sampled_idx = invalid_sampled_idx++;
+} else {
+ guard->sampled_idx = (int)idx;
+}
+ } else if (confirmed_idx) {
+/* This state has been written by an older Tor version which did not have
+ * sample ordering */
+
+guard->sampled_idx = guard->confirmed_idx;
+ } else {
+log_warn(LD_GUARD, "The state file seems to be into a status that could"
+" yield to weird entr
[tor-commits] [tor/maint-0.4.4] Fold in a changes file and update exceptions.txt.
commit 52edea121e34dbbecc009a9f18fbc508db247ebe Author: George Kadianakis Date: Thu Jun 11 13:45:00 2020 +0300 Fold in a changes file and update exceptions.txt. Co-authored-by: Florentin Rochet --- changes/ticket32088 | 13 + scripts/maint/practracker/exceptions.txt | 4 ++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/changes/ticket32088 b/changes/ticket32088 new file mode 100644 index 0..0d4fc7475 --- /dev/null +++ b/changes/ticket32088 @@ -0,0 +1,13 @@ + o Major features (Proposal 310, performance + security): +- Implements Proposal 310 - Bandaid on guard selection. + Proposal 310 solves a load-balancing issue within Prop271 which strongly + impact experimental research with Shadow. + Security improvement: Proposal 310 prevents any newly Guard relay to + have a chance to get into the primary list of older Tor clients, + except if the N first sampled guards of these clients are unreachable. + Implements recommendation from 32088. + + Proposal 310 is linked to the CLAPS project researching optimal + client location-aware path selections. This project is a collaboration + between the UCLouvain Crypto Group, the U.S. Naval Research Laboratory and + Princeton University. diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index fc9a05c84..35e860d8b 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -182,10 +182,10 @@ problem function-size /src/feature/client/addressmap.c:addressmap_rewrite() 109 problem function-size /src/feature/client/bridges.c:rewrite_node_address_for_bridge() 125 problem function-size /src/feature/client/circpathbias.c:pathbias_measure_close_rate() 108 problem function-size /src/feature/client/dnsserv.c:evdns_server_callback() 153 -problem file-size /src/feature/client/entrynodes.c 3827 +problem file-size /src/feature/client/entrynodes.c 4000 problem function-size /src/feature/client/entrynodes.c:entry_guards_upgrade_waiting_circuits() 155 problem function-size /src/feature/client/entrynodes.c:entry_guard_parse_from_state() 246 -problem file-size /src/feature/client/entrynodes.h 639 +problem file-size /src/feature/client/entrynodes.h 700 problem function-size /src/feature/client/transports.c:handle_proxy_line() 108 problem function-size /src/feature/client/transports.c:parse_method_line_helper() 110 problem function-size /src/feature/client/transports.c:create_managed_proxy_environment() 111 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.4.4] Refactor some guard state file parsing code into functions.
commit 7bf0587ef1c25d739a8eadf9b747d3a68c99ff51
Author: Florentin Rochet
Date: Wed Apr 22 20:36:16 2020 +0200
Refactor some guard state file parsing code into functions.
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 128 +++-
1 file changed, 73 insertions(+), 55 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index ded7db969..3d2abd920 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2861,6 +2861,76 @@ entry_guard_encode_for_state(entry_guard_t *guard)
}
/**
+ * Extract key=val from the state string s and duplicate the value to
+ * some string target declared in entry_guard_parse_from_state
+ */
+static void parse_from_state_set_vals(const char *s, smartlist_t *entries,
+smartlist_t *extra, strmap_t *vals)
+{
+smartlist_split_string(entries, s, " ",
+ SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
+
+SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
+ const char *eq = strchr(entry, '=');
+ if (!eq) {
+smartlist_add(extra, entry);
+continue;
+ }
+ char *key = tor_strndup(entry, eq-entry);
+ char **target = strmap_get(vals, key);
+ if (target == NULL || *target != NULL) {
+/* unrecognized or already set */
+smartlist_add(extra, entry);
+tor_free(key);
+continue;
+ }
+
+ *target = tor_strdup(eq+1);
+ tor_free(key);
+ tor_free(entry);
+} SMARTLIST_FOREACH_END(entry);
+}
+
+/**
+ * Handle part of the parsing state file logic, focused on time related things
+ */
+static void parse_from_state_handle_time(entry_guard_t *guard, char
*sampled_on,
+char *unlisted_since, char *confirmed_on)
+{
+#define HANDLE_TIME(field) do { \
+if (field) {\
+ int r = parse_iso_time_nospace(field, &field ## _time); \
+ if (r < 0) { \
+log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
+ #field, escaped(field)); \
+field##_time = -1; \
+ } \
+} \
+ } while (0)
+
+ time_t sampled_on_time = 0;
+ time_t unlisted_since_time = 0;
+ time_t confirmed_on_time = 0;
+
+ HANDLE_TIME(sampled_on);
+ HANDLE_TIME(unlisted_since);
+ HANDLE_TIME(confirmed_on);
+
+ if (sampled_on_time <= 0)
+sampled_on_time = approx_time();
+ if (unlisted_since_time < 0)
+unlisted_since_time = 0;
+ if (confirmed_on_time < 0)
+confirmed_on_time = 0;
+
+ #undef HANDLE_TIME
+
+ guard->sampled_on_date = sampled_on_time;
+ guard->unlisted_since_date = unlisted_since_time;
+ guard->confirmed_on_date = confirmed_on_time;
+}
+
+/**
* Given a string generated by entry_guard_encode_for_state(), parse it
* (if possible) and return an entry_guard_t object for it. Return NULL
* on complete failure.
@@ -2920,29 +2990,8 @@ entry_guard_parse_from_state(const char *s)
FIELD(pb_unusable_circuits);
FIELD(pb_timeouts);
#undef FIELD
-
-smartlist_split_string(entries, s, " ",
- SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
-
-SMARTLIST_FOREACH_BEGIN(entries, char *, entry) {
- const char *eq = strchr(entry, '=');
- if (!eq) {
-smartlist_add(extra, entry);
-continue;
- }
- char *key = tor_strndup(entry, eq-entry);
- char **target = strmap_get(vals, key);
- if (target == NULL || *target != NULL) {
-/* unrecognized or already set */
-smartlist_add(extra, entry);
-tor_free(key);
-continue;
- }
-
- *target = tor_strdup(eq+1);
- tor_free(key);
- tor_free(entry);
-} SMARTLIST_FOREACH_END(entry);
+/* Extract from s the key=val that we recognize, put the others in extra*/
+parse_from_state_set_vals(s, entries, extra, vals);
smartlist_free(entries);
strmap_free(vals, NULL);
@@ -2990,38 +3039,7 @@ entry_guard_parse_from_state(const char *s)
}
/* Process the various time fields. */
-
-#define HANDLE_TIME(field) do { \
-if (field) {\
- int r = parse_iso_time_nospace(field, &field ## _time); \
- if (r < 0) { \
-log_warn(LD_CIRC, "Unable to parse %s %s from guard", \
- #field, escaped(field)); \
-field##_time = -1; \
- } \
-} \
- } while (0)
-
- time_t sampled_on_time = 0;
- time_t unlisted_since_
[tor-commits] [tor/maint-0.4.4] Pick guards on the order they were sampled (prop310).
commit d2c3b6ea1e7eb0fb351df620517fd2e271899399
Author: George Kadianakis
Date: Thu Jun 11 13:49:00 2020 +0300
Pick guards on the order they were sampled (prop310).
Co-authored-by: Florentin Rochet
---
src/feature/client/entrynodes.c | 91 +
src/feature/client/entrynodes.h | 22 --
2 files changed, 83 insertions(+), 30 deletions(-)
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 3d2abd920..64005c1e6 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -47,8 +47,7 @@
* As a persistent ordered list whose elements are taken from the
* sampled set, we track a CONFIRMED GUARDS LIST. A guard becomes
* confirmed when we successfully build a circuit through it, and decide
- * to use that circuit. We order the guards on this list by the order
- * in which they became confirmed.
+ * to use that circuit.
*
* And as a final group, we have an ordered list of PRIMARY GUARDS,
* whose elements are taken from the filtered set. We prefer
@@ -59,7 +58,7 @@
*
* To build circuits, we take a primary guard if possible -- or a
* reachable filtered confirmed guard if no primary guard is possible --
- * or a random reachable filtered guard otherwise. If the guard is
+ * or the first (by sampled order) filtered guard otherwise. If the guard is
* primary, we can use the circuit immediately on success. Otherwise,
* the guard is now "pending" -- we won't use its circuit unless all
* of the circuits we're trying to build through better guards have
@@ -92,14 +91,18 @@
* [x] Whenever we remove a guard from the sample, remove it from the primary
* and confirmed lists.
*
- * [x] When we make a guard confirmed, update the primary list.
+ * [x] When we make a guard confirmed, update the primary list, and sort them
+ * by sampled order.
*
* [x] When we make a guard filtered or unfiltered, update the primary list.
*
* [x] When we are about to pick a guard, make sure that the primary list is
* full.
*
- * [x] Before calling sample_reachable_filtered_entry_guards(), make sure
+ * [x] When we update the confirmed list, or when we re-build the primary list
+ * and detect a change, we sort those lists by sampled_idx
+ *
+ * [x] Before calling first_reachable_filtered_entry_guard(), make sure
* that the filtered, primary, and confirmed flags are up-to-date.
*
* [x] Call entry_guard_consider_retry every time we are about to check
@@ -172,6 +175,7 @@ static entry_guard_t
*get_sampled_guard_by_bridge_addr(guard_selection_t *gs,
const tor_addr_port_t *addrport);
static int entry_guard_obeys_restriction(const entry_guard_t *guard,
const entry_guard_restriction_t *rst);
+static int compare_guards_by_sampled_idx(const void **a_, const void **b_);
/** Return 0 if we should apply guardfraction information found in the
* consensus. A specific consensus can be specified with the
@@ -890,6 +894,7 @@ entry_guard_add_to_sample_impl(guard_selection_t *gs,
tor_free(guard->sampled_by_version);
guard->sampled_by_version = tor_strdup(VERSION);
guard->currently_listed = 1;
+ guard->sampled_idx = gs->next_sampled_idx++;
guard->confirmed_idx = -1;
/* non-persistent fields */
@@ -1383,7 +1388,7 @@ sampled_guards_prune_obsolete_entries(guard_selection_t
*gs,
if (rmv) {
++n_changes;
- SMARTLIST_DEL_CURRENT(gs->sampled_entry_guards, guard);
+ SMARTLIST_DEL_CURRENT_KEEPORDER(gs->sampled_entry_guards, guard);
remove_guard_from_confirmed_and_primary_lists(gs, guard);
entry_guard_free(guard);
}
@@ -1707,7 +1712,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
}
/**
- * Return a random guard from the reachable filtered sample guards
+ * Return the first sampled guard from the reachable filtered sample guards
* in gs, subject to the exclusion rules listed in flags.
* Return NULL if no such guard can be found.
*
@@ -1718,7 +1723,7 @@ entry_guards_update_filtered_sets(guard_selection_t *gs)
* violate it.
**/
STATIC entry_guard_t *
-sample_reachable_filtered_entry_guards(guard_selection_t *gs,
+first_reachable_filtered_entry_guard(guard_selection_t *gs,
const entry_guard_restriction_t *rst,
unsigned flags)
{
@@ -1771,7 +1776,17 @@ sample_reachable_filtered_entry_guards(guard_selection_t
*gs,
flags, smartlist_len(reachable_filtered_sample));
if (smartlist_len(reachable_filtered_sample)) {
-result = smartlist_choose(reachable_filtered_sample);
+/**
+ * Get the first guard of the filtered set builds from
+ * sampled_entry_guards. Proposal 310 suggests this design to overcome
+ * performance and security issues linked to the previous selection
+ * method. The guard selected here should be filtered
[tor-commits] [tor-browser/tor-browser-68.9.0esr-10.0-1] fixup! Bug 21952: Implement Onion-Location
commit 8c3168ab58f038cc1e72d2f408bee1e5f715c455
Author: Kathy Brade
Date: Tue Jun 9 14:59:00 2020 -0400
fixup! Bug 21952: Implement Onion-Location
Fixes bug 34379.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 66c44257c163..05bbfd63ef60 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -434,7 +434,7 @@ var TorStrings = {
tryThis: getString("tryThis", "Try this: Onionsite"),
onionAvailable: getString("onionAvailable", "Onionsite available"),
learnMore: getString("learnMore", "Learn more"),
- learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}`, //
TODO: replace when manual page is available.
+ learnMoreURL:
`https://tb-manual.torproject.org/${getLocale()}/onion-services/`,
always: getString("always", "Always"),
askEverytime: getString("askEverytime", "Ask you every time"),
prioritizeOnionsDescription: getString(
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-68.9.0esr-9.5-1] fixup! Bug 21952: Implement Onion-Location
commit e2d86fb3d25e5044c0b514c096b1af1a632829ab
Author: Kathy Brade
Date: Tue Jun 9 14:59:00 2020 -0400
fixup! Bug 21952: Implement Onion-Location
Fixes bug 34379.
---
browser/modules/TorStrings.jsm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
index 66c44257c163..05bbfd63ef60 100644
--- a/browser/modules/TorStrings.jsm
+++ b/browser/modules/TorStrings.jsm
@@ -434,7 +434,7 @@ var TorStrings = {
tryThis: getString("tryThis", "Try this: Onionsite"),
onionAvailable: getString("onionAvailable", "Onionsite available"),
learnMore: getString("learnMore", "Learn more"),
- learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}`, //
TODO: replace when manual page is available.
+ learnMoreURL:
`https://tb-manual.torproject.org/${getLocale()}/onion-services/`,
always: getString("always", "Always"),
askEverytime: getString("askEverytime", "Ask you every time"),
prioritizeOnionsDescription: getString(
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb] https://gitweb.torproject.org/translation.git/commit/?h=bridgedb
commit c30b42c8202234933b667ea90dc4c9bb1ce35b3b Author: Translation commit bot Date: Thu Jun 11 12:15:17 2020 + https://gitweb.torproject.org/translation.git/commit/?h=bridgedb --- nl/LC_MESSAGES/bridgedb.po | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nl/LC_MESSAGES/bridgedb.po b/nl/LC_MESSAGES/bridgedb.po index 71c26fcd12..89645cf237 100644 --- a/nl/LC_MESSAGES/bridgedb.po +++ b/nl/LC_MESSAGES/bridgedb.po @@ -8,7 +8,7 @@ # Ann Boen , 2014 # bacovane , 2018-2019 # Cleveridge , 2014,2016 -# Dick, 2014 +# d750abf749618fbe4373515716ded093_04912a2, 2014 # Johann Behrens , 2013 # Joren Vandeweyer , 2019 # kwadronaut , 2019 @@ -17,7 +17,7 @@ # Meteor0id, 2019-2020 # Not Much <1028484728...@protonmail.com>, 2018 # Shondoit Walker , 2011 -# Marco Brohet , 2012 +# 3f74806218aa7cde07d14719d1bb902d_de6e039 <14df31a60204a91ecbe9faa10731d537_25249>, 2012 # Tom Becht , 2014 # Tonko Mulder , 2015 # Tonnes , 2019-2020 @@ -28,8 +28,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2020-05-14 14:21-0700\n" -"PO-Revision-Date: 2020-05-15 08:24+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2020-06-11 12:09+\n" +"Last-Translator: Tonnes \n" "Language-Team: Dutch (http://www.transifex.com/otf/torproject/language/nl/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -110,7 +110,7 @@ msgstr "Deze QRCode bevat uw bridge regels. Scan het met een QRCode lezer om uw #: bridgedb/distributors/https/templates/bridges.html:110 msgid "BridgeDB encountered an error." -msgstr "" +msgstr "BridgeDB heeft een fout aangetroffen." #: bridgedb/distributors/https/templates/bridges.html:116 msgid "There currently aren't any bridges available..." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb_completed] https://gitweb.torproject.org/translation.git/commit/?h=bridgedb_completed
commit 5d2338debc4951c63118741a42de90258d63bcee Author: Translation commit bot Date: Thu Jun 11 12:15:24 2020 + https://gitweb.torproject.org/translation.git/commit/?h=bridgedb_completed --- nl/LC_MESSAGES/bridgedb.po | 35 +++ 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/nl/LC_MESSAGES/bridgedb.po b/nl/LC_MESSAGES/bridgedb.po index c92ca16941..43647db323 100644 --- a/nl/LC_MESSAGES/bridgedb.po +++ b/nl/LC_MESSAGES/bridgedb.po @@ -8,7 +8,7 @@ # Ann Boen , 2014 # bacovane , 2018-2019 # Cleveridge , 2014,2016 -# Dick, 2014 +# d750abf749618fbe4373515716ded093_04912a2, 2014 # Johann Behrens , 2013 # Joren Vandeweyer , 2019 # kwadronaut , 2019 @@ -17,7 +17,7 @@ # Meteor0id, 2019-2020 # Not Much <1028484728...@protonmail.com>, 2018 # Shondoit Walker , 2011 -# Marco Brohet , 2012 +# 3f74806218aa7cde07d14719d1bb902d_de6e039 <14df31a60204a91ecbe9faa10731d537_25249>, 2012 # Tom Becht , 2014 # Tonko Mulder , 2015 # Tonnes , 2019-2020 @@ -27,14 +27,14 @@ msgid "" msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" -"POT-Creation-Date: 2020-04-09 14:45-0700\n" -"PO-Revision-Date: 2020-04-15 19:46+\n" -"Last-Translator: Transifex Bot <>\n" +"POT-Creation-Date: 2020-05-14 14:21-0700\n" +"PO-Revision-Date: 2020-06-11 12:09+\n" +"Last-Translator: Tonnes \n" "Language-Team: Dutch (http://www.transifex.com/otf/torproject/language/nl/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.7.0\n" +"Generated-By: Babel 2.8.0\n" "Language: nl\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" @@ -98,31 +98,26 @@ msgstr "QRCode tonen" msgid "QRCode for your bridge lines" msgstr "QRCode voor uw bridge regels" -#. TRANSLATORS: Please translate this into some silly way to say -#. "There was a problem!" in your language. For example, -#. for Italian, you might translate this into "Mama mia!", -#. or for French: "Sacrebleu!". :) -#: bridgedb/distributors/https/templates/bridges.html:67 -#: bridgedb/distributors/https/templates/bridges.html:119 -msgid "Uh oh, spaghettios!" -msgstr "Helaas pindakaas!" - -#: bridgedb/distributors/https/templates/bridges.html:68 +#: bridgedb/distributors/https/templates/bridges.html:63 msgid "It seems there was an error getting your QRCode." msgstr "Er was een fout tijdens het ophalen van uw QRCode." -#: bridgedb/distributors/https/templates/bridges.html:73 +#: bridgedb/distributors/https/templates/bridges.html:68 msgid "" "This QRCode contains your bridge lines. Scan it with a QRCode reader to copy" " your bridge lines onto mobile and other devices." msgstr "Deze QRCode bevat uw bridge regels. Scan het met een QRCode lezer om uw bridge regels te kopiëren naar mobiele of andere apparaten." -#: bridgedb/distributors/https/templates/bridges.html:125 +#: bridgedb/distributors/https/templates/bridges.html:110 +msgid "BridgeDB encountered an error." +msgstr "" + +#: bridgedb/distributors/https/templates/bridges.html:116 msgid "There currently aren't any bridges available..." msgstr "Er zijn momenteel geen bridges beschikbaar..." -#: bridgedb/distributors/https/templates/bridges.html:127 -#: bridgedb/distributors/https/templates/bridges.html:131 +#: bridgedb/distributors/https/templates/bridges.html:118 +#: bridgedb/distributors/https/templates/bridges.html:122 #, python-format msgid "" " Perhaps you should try %s going back %s and choosing a different bridge " ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Padding spec update for Bug 30992's machine_ctr field.
commit f26e739db4d6d330165efe72cee8812d99a49598 Author: Mike Perry Date: Wed Jun 10 17:39:13 2020 -0500 Padding spec update for Bug 30992's machine_ctr field. --- padding-spec.txt | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/padding-spec.txt b/padding-spec.txt index 22ed171..b9d99b7 100644 --- a/padding-spec.txt +++ b/padding-spec.txt @@ -325,13 +325,19 @@ the anonymity and load-balancing implications of their choices. u8 command IN [CIRCPAD_COMMAND_START, CIRCPAD_COMMAND_STOP]; u8 machine_type IN [CIRCPAD_MACHINE_CIRC_SETUP]; + + u8 unused; // Formerly echo_request + + u32 machine_ctr; }; When a client wants to start a circuit padding machine, it first checks that the desired destination hop advertises the appropriate subprotocol version for that machine. It then sends a circpad_negotiate cell to that hop with command=CIRCPAD_COMMAND_START, and machine_type=CIRCPAD_MACHINE_CIRC_SETUP (for - the circ setup machine, the destination hop is the second hop in the circuit). + the circ setup machine, the destination hop is the second hop in the + circuit). The machine_ctr is the count of which machine instance this is on + the circuit. It is used to disambiguate shutdown requests. When a relay receives a circpad_negotiate cell, it checks that it supports the requested machine, and sends a circpad_negotiated cell, which is formatted @@ -343,6 +349,8 @@ the anonymity and load-balancing implications of their choices. u8 response IN [CIRCPAD_RESPONSE_OK, CIRCPAD_RESPONSE_ERR]; u8 machine_type IN [CIRCPAD_MACHINE_CIRC_SETUP]; + + u32 machine_ctr; }; If the machine is supported, the response field will contain @@ -352,6 +360,9 @@ the anonymity and load-balancing implications of their choices. (clients MUST only send circpad_negotiate, and relays MUST only send circpad_negotiated for this purpose). + If the machine_ctr does not match the current machine instance count + on the circuit, the command is ignored. + 3.2. Circuit Padding Machine Message Management Clients MAY send padding cells towards the relay before receiving the ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
