[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release

2021-01-27 Thread translation 
commit 9257b16aa7bc610e3bc7e9d79a5535d8103fe000
Author: Translation commit bot 
Date:   Thu Jan 28 03:16:38 2021 +

https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
---
 fa.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fa.po b/fa.po
index 5ba1a6f1c0..7aa6870f04 100644
--- a/fa.po
+++ b/fa.po
@@ -37,7 +37,7 @@ msgstr ""
 "Project-Id-Version: Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2021-01-05 11:44+0100\n"
-"PO-Revision-Date: 2021-01-16 21:48+\n"
+"PO-Revision-Date: 2021-01-28 02:49+\n"
 "Last-Translator: Reza Ghasemi\n"
 "Language-Team: Persian 
(http://www.transifex.com/otf/torproject/language/fa/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc

2021-01-27 Thread translation 
commit fed1627153ae93c6804e0b66288fa9fa0d17bb50
Author: Translation commit bot 
Date:   Thu Jan 28 03:15:57 2021 +

https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
---
 fa.po | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/fa.po b/fa.po
index 011e804f84..74c6b39501 100644
--- a/fa.po
+++ b/fa.po
@@ -37,7 +37,7 @@ msgstr ""
 "Project-Id-Version: Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2021-01-05 11:44+0100\n"
-"PO-Revision-Date: 2021-01-16 21:48+\n"
+"PO-Revision-Date: 2021-01-28 02:49+\n"
 "Last-Translator: Reza Ghasemi\n"
 "Language-Team: Persian 
(http://www.transifex.com/otf/torproject/language/fa/)\n"
 "MIME-Version: 1.0\n"
@@ -886,7 +886,7 @@ msgstr ""
 #: 
config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/source.py:66
 #, python-format
 msgid "\"%s\" is not a directory"
-msgstr ""
+msgstr "\"%s\" دایرکتوری نیست"
 
 #: 
config/chroot_local-includes/usr/lib/python3/dist-packages/tails_installer/source.py:77
 #, python-format
@@ -1077,7 +1077,7 @@ msgstr "ذخيره‌كردن فايل‌ها در 
پوشه مداوم"
 
 #: 
config/chroot_local-includes/usr/src/persistence-setup/lib/Tails/Persistence/Configuration/Presets.pm:68
 msgid "Welcome Screen"
-msgstr ""
+msgstr "صفحه خوش‌آمدگویی"
 
 #: 
config/chroot_local-includes/usr/src/persistence-setup/lib/Tails/Persistence/Configuration/Presets.pm:70
 msgid "Language, administration password, and additional settings"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tpo/master] Merge branch 'new-member-nytimes'

2021-01-27 Thread gus 
commit 926823903d5657016ac6fdebed5798c52537d660
Merge: 18829205 f73cb668
Author: gus 
Date:   Wed Jan 27 14:36:47 2021 -0500

Merge branch 'new-member-nytimes'

 templates/membership.html | 3 +++
 1 file changed, 3 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tpo/master] Add NYTimes to Membership Program page. Fix #150

2021-01-27 Thread gus 
commit f73cb668357f46c7f64f8fe1cc1a00f4be6bd023
Author: gus 
Date:   Wed Jan 27 14:25:50 2021 -0500

Add NYTimes to Membership Program page. Fix #150
---
 templates/membership.html | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/templates/membership.html b/templates/membership.html
index f847dfaa..62c924d5 100644
--- a/templates/membership.html
+++ b/templates/membership.html
@@ -117,6 +117,9 @@
   
 https://insurgo.ca; title="Insurgo, Inc" 
target="_blank">Insurgo
   
+  
+https://www.nytimes.com; title="The New York Times" 
target="_blank">The New York Times
+  
   
 
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [status-site/main] remove section output to silence warnings

2021-01-27 Thread anarcat 
commit 3219ce6b5f844dbbe88611a71a482cae8cfe2ebb
Author: Antoine Beaupré 
Date:   Wed Jan 27 13:38:33 2021 -0500

remove section output to silence warnings

Should be a noop, as per https://github.com/cstate/cstate/issues/167
---
 config.yml | 4 
 1 file changed, 4 deletions(-)

diff --git a/config.yml b/config.yml
index 32963e6..df39c7a 100644
--- a/config.yml
+++ b/config.yml
@@ -342,10 +342,6 @@ outputs:
   page:
 - html
 - json
-  section:
-- html
-- json
-- rss
   home:
 - html
 - json

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] bump version to 0.5.3

2021-01-27 Thread cohosh 
commit e298e97d79fbae7875cebee027bdba71f0b71645
Author: Cecylia Bocovich 
Date:   Wed Jan 27 12:29:30 2021 -0500

bump version to 0.5.3
---
 package.json | 4 ++--
 translation  | 2 +-
 webext/manifest.json | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 89c0e23..2a28ca8 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "snowflake-pt",
-  "version": "0.5.2",
+  "version": "0.5.3",
   "description": "Snowflake is a WebRTC pluggable transport for Tor.",
   "main": "build/snowflake.js",
   "directories": {
@@ -32,4 +32,4 @@
 "ws": "^3.3.1",
 "xmlhttprequest": "^1.8.0"
   }
-}
+}
\ No newline at end of file
diff --git a/translation b/translation
index b7a56ac..3628de8 16
--- a/translation
+++ b/translation
@@ -1 +1 @@
-Subproject commit b7a56ac0b238ce62bad850b83f4ca43609a771d3
+Subproject commit 3628de8b4e231f1a6a1ae93d665612a807212b17
diff --git a/webext/manifest.json b/webext/manifest.json
index e86011f..d8031e8 100644
--- a/webext/manifest.json
+++ b/webext/manifest.json
@@ -1,7 +1,7 @@
 {
   "manifest_version": 2,
   "name": "Snowflake",
-  "version": "0.5.2",
+  "version": "0.5.3",
   "description": "__MSG_appDesc__",
   "default_locale": "en_US",
   "background": {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] Set NAT type to restricted after 3 failed connects

2021-01-27 Thread cohosh 
commit 8bc32f580791c80a671cdb0a22ff56bbb4f244fb
Author: Cecylia Bocovich 
Date:   Thu Jan 21 10:20:50 2021 -0500

Set NAT type to restricted after 3 failed connects

Only set the NAT type to restricted after we fail to connect to a
restricted client 3 times in a row.
---
 snowflake.js | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/snowflake.js b/snowflake.js
index 1937fdb..091e046 100644
--- a/snowflake.js
+++ b/snowflake.js
@@ -23,6 +23,7 @@ class Snowflake {
 this.broker = broker;
 this.broker.setNATType(ui.natType);
 this.proxyPairs = [];
+this.natFailures = 0;
 this.pollInterval = this.config.defaultBrokerPollInterval;
 if (void 0 === this.config.rateLimitBytes) {
   this.rateLimit = new DummyRateLimit();
@@ -82,10 +83,12 @@ class Snowflake {
   this.pollInterval =
 Math.min(this.pollInterval + this.config.pollAdjustment,
   this.config.slowestBrokerPollInterval);
-  // if we fail to connect to a restricted client, assume restricted 
NAT
-  if (clientNAT == "restricted"){
+  // if we fail to connect to a restricted client 3 times in
+  // a row, assume we have a restricted NAT
+  if ((clientNAT == "restricted") && (this.natFailures > 3)){
 this.ui.natType = "restricted";
 console.log("Learned NAT type: restricted");
+this.natFailures = 0;
   }
   this.broker.setNATType(this.ui.natType);
 } else {
@@ -93,6 +96,7 @@ class Snowflake {
   this.pollInterval =
 Math.max(this.pollInterval - this.config.pollAdjustment,
   this.config.defaultBrokerPollInterval);
+  this.natFailures = 0;
 }
 return;
   }), this.config.datachannelTimeout);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] Fix a bug in NAT update process

2021-01-27 Thread cohosh 
commit 87cdf4546c126151bcc6610386f6ea9dcc885607
Author: Cecylia Bocovich 
Date:   Thu Jan 21 17:12:44 2021 -0500

Fix a bug in NAT update process

This fixes two bugs in the NAT update process:
- one bug wasn't updating the NAT type we advertize to the broker
- one bug passed an already evaluated function to setTimeout
---
 init-badge.js  | 33 +
 init-webext.js | 21 +++--
 snowflake.js   |  3 +++
 3 files changed, 31 insertions(+), 26 deletions(-)

diff --git a/init-badge.js b/init-badge.js
index 6233b10..3de6159 100644
--- a/init-badge.js
+++ b/init-badge.js
@@ -38,6 +38,21 @@ class BadgeUI extends UI {
 );
   }
 
+  checkNAT() {
+Util.checkNATType(config.datachannelTimeout).then((type) => {
+  console.log("Setting NAT type: " + type);
+  this.natType = type;
+}).catch((e) => {
+  console.log(e);
+});
+  }
+
+  initNATType() {
+this.natType = "unknown";
+this.checkNAT();
+return setInterval(() => {this.checkNAT();}, config.natCheckInterval);
+  }
+
   setStatus() {}
 
   missingFeature(missing) {
@@ -105,7 +120,7 @@ function getLang() {
   return defaultLang;
 }
 
-var debug, snowflake, config, broker, ui, log, dbg, init, update, initNATType, 
silenceNotifications, query, tryProbe;
+var debug, snowflake, config, broker, ui, log, dbg, init, update, 
silenceNotifications, query, tryProbe;
 
 (function() {
 
@@ -147,20 +162,6 @@ var debug, snowflake, config, broker, ui, log, dbg, init, 
update, initNATType, s
 );
   };
 
-  initNATType = function() {
-this.natType = "unknown";
-(function loop(_this) {
-  Util.checkNATType(config.datachannelTimeout).then((type) => {
-console.log("Setting NAT type: " + type);
-_this.natType = type;
-  }).catch((e) => {
-console.log(e);
-  });
-  // reset NAT type every 24 hours in case proxy location changed
-  setTimeout(_this.initNATType, config.natCheckInterval);
-})(this);
-  };
-
   update = function() {
 const cookies = Parse.cookie(document.cookie);
 if (cookies[COOKIE_NAME] !== '1') {
@@ -196,7 +197,7 @@ var debug, snowflake, config, broker, ui, log, dbg, init, 
update, initNATType, s
 log('== snowflake proxy ==');
 update();
 
-initNATType();
+ui.initNATType();
   };
 
   // Notification of closing tab with active proxy.
diff --git a/init-webext.js b/init-webext.js
index d9a37d0..3b7decf 100644
--- a/init-webext.js
+++ b/init-webext.js
@@ -25,18 +25,19 @@ class WebExtUI extends UI {
 }), 60 * 60 * 1000);
   }
 
+  checkNAT() {
+Util.checkNATType(config.datachannelTimeout).then((type) => {
+  console.log("Setting NAT type: " + type);
+  this.natType = type;
+}).catch((e) => {
+  console.log(e);
+});
+  }
+
   initNATType() {
 this.natType = "unknown";
-(function loop(_this) {
-  Util.checkNATType(config.datachannelTimeout).then((type) => {
-console.log("Setting NAT type: " + type);
-_this.natType = type;
-  }).catch((e) => {
-console.log(e);
-  });
-  // reset NAT type every 2 days in case proxy location changed
-  setTimeout(_this.initNATType, config.natCheckInterval);
-})(this);
+this.checkNAT();
+return setInterval(() => {this.checkNAT();}, config.natCheckInterval);
   }
 
   tryProbe() {
diff --git a/snowflake.js b/snowflake.js
index 091e046..9ac5fad 100644
--- a/snowflake.js
+++ b/snowflake.js
@@ -68,6 +68,9 @@ class Snowflake {
   msg += '[retries: ' + this.retries + ']';
 }
 this.ui.setStatus(msg);
+//update NAT type
+console.log("NAT type: "+ this.ui.natType);
+this.broker.setNATType(this.ui.natType);
 recv = this.broker.getClientOffer(pair.id);
 recv.then((resp) => {
   var clientNAT = resp.NAT;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] Recheck NAT type once every 2 days

2021-01-27 Thread cohosh 
commit ac2ad2060b3d49bf8e2411e5a6ba4b8724aab566
Author: Cecylia Bocovich 
Date:   Thu Jan 21 10:25:57 2021 -0500

Recheck NAT type once every 2 days
---
 config.js  | 3 +++
 init-badge.js  | 2 +-
 init-webext.js | 4 ++--
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/config.js b/config.js
index b5db8b5..2e7555a 100644
--- a/config.js
+++ b/config.js
@@ -28,6 +28,9 @@ Config.prototype.defaultBrokerPollInterval = 60.0 * 1000; //1 
poll every minutes
 Config.prototype.slowestBrokerPollInterval = 6 * 60 * 60.0 * 1000; //1 poll 
every 6 hours
 Config.prototype.pollAdjustment = 100.0 * 1000;
 
+// Recheck our NAT type once every 2 days
+Config.prototype.natCheckInterval = 2 * 24 * 60 * 60 * 1000;
+
 // Timeout after sending answer before datachannel is opened
 Config.prototype.datachannelTimeout = 20 * 1000;
 
diff --git a/init-badge.js b/init-badge.js
index 784ffc8..6233b10 100644
--- a/init-badge.js
+++ b/init-badge.js
@@ -157,7 +157,7 @@ var debug, snowflake, config, broker, ui, log, dbg, init, 
update, initNATType, s
 console.log(e);
   });
   // reset NAT type every 24 hours in case proxy location changed
-  setTimeout(_this.initNATType, 24 * 60 * 60 * 1000);
+  setTimeout(_this.initNATType, config.natCheckInterval);
 })(this);
   };
 
diff --git a/init-webext.js b/init-webext.js
index 8a756ec..d9a37d0 100644
--- a/init-webext.js
+++ b/init-webext.js
@@ -34,8 +34,8 @@ class WebExtUI extends UI {
   }).catch((e) => {
 console.log(e);
   });
-  // reset NAT type every 24 hours in case proxy location changed
-  setTimeout(_this.initNATType, 24 * 60 * 60 * 1000);
+  // reset NAT type every 2 days in case proxy location changed
+  setTimeout(_this.initNATType, config.natCheckInterval);
 })(this);
   }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] Do not set NAT type to unknown after failed test

2021-01-27 Thread cohosh 
commit fa578972db6d69fb9d2763b83c119a57fefe95a7
Author: Cecylia Bocovich 
Date:   Thu Jan 21 10:12:05 2021 -0500

Do not set NAT type to unknown after failed test

If a previous NAT check has succeeded and we fail to contact the probe
server, do not set the NAT type to unknown. Most proxies will probably
not change their NAT type frequently, so this will prevent an outage of
the probe service from wiping out our unrestricted proxy pool.
---
 init-badge.js  | 1 -
 init-webext.js | 1 -
 2 files changed, 2 deletions(-)

diff --git a/init-badge.js b/init-badge.js
index 6c4c7a7..784ffc8 100644
--- a/init-badge.js
+++ b/init-badge.js
@@ -155,7 +155,6 @@ var debug, snowflake, config, broker, ui, log, dbg, init, 
update, initNATType, s
 _this.natType = type;
   }).catch((e) => {
 console.log(e);
-_this.natType = "unknown";
   });
   // reset NAT type every 24 hours in case proxy location changed
   setTimeout(_this.initNATType, 24 * 60 * 60 * 1000);
diff --git a/init-webext.js b/init-webext.js
index 0a2c22b..8a756ec 100644
--- a/init-webext.js
+++ b/init-webext.js
@@ -33,7 +33,6 @@ class WebExtUI extends UI {
 _this.natType = type;
   }).catch((e) => {
 console.log(e);
-_this.natType = "unknown";
   });
   // reset NAT type every 24 hours in case proxy location changed
   setTimeout(_this.initNATType, 24 * 60 * 60 * 1000);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [snowflake-webext/master] Increment natFailures when snowflake is restricted

2021-01-27 Thread cohosh 
commit 31730750eecb14a2afda5bbf83f21e49357628db
Author: Cecylia Bocovich 
Date:   Mon Jan 25 13:33:16 2021 -0500

Increment natFailures when snowflake is restricted
---
 snowflake.js | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/snowflake.js b/snowflake.js
index 9ac5fad..7d4edb9 100644
--- a/snowflake.js
+++ b/snowflake.js
@@ -86,9 +86,12 @@ class Snowflake {
   this.pollInterval =
 Math.min(this.pollInterval + this.config.pollAdjustment,
   this.config.slowestBrokerPollInterval);
+  if (clientNAT == "restricted") {
+this.natFailures++;
+  }
   // if we fail to connect to a restricted client 3 times in
   // a row, assume we have a restricted NAT
-  if ((clientNAT == "restricted") && (this.natFailures > 3)){
+  if (this.natFailures >= 3){
 this.ui.natType = "restricted";
 console.log("Learned NAT type: restricted");
 this.natFailures = 0;

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [Git][tpo/applications/android-components] Pushed new branch android-components-72.0.1-10.5-1

2021-01-27 Thread Matthew Finkel 


Matthew Finkel pushed new branch android-components-72.0.1-10.5-1 at The Tor 
Project / Applications / android-components

-- 
View it on GitLab: 
https://gitlab.torproject.org/tpo/applications/android-components/-/tree/android-components-72.0.1-10.5-1
You're receiving this email because of your account on gitlab.torproject.org.


___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [status-site/main] downgrade google delivery problems

2021-01-27 Thread anarcat 
commit 940885936c2b38b1d390919bc0ae453620a4e15a
Author: Antoine Beaupré 
Date:   Wed Jan 27 11:52:27 2021 -0500

downgrade google delivery problems
---
 content/issues/2021-01-25-gmail-bounce.md | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/content/issues/2021-01-25-gmail-bounce.md 
b/content/issues/2021-01-25-gmail-bounce.md
index 42c000b..dba9281 100644
--- a/content/issues/2021-01-25-gmail-bounce.md
+++ b/content/issues/2021-01-25-gmail-bounce.md
@@ -1,7 +1,7 @@
 ---
 title: Email delivery problems to Google
 date: 2021-01-25 21:40:00
-resolved: false
+resolved: true
 resolvedWhen: 2021-01-25 21:40:00
 # Possible severity levels: down, disrupted, notice
 severity: notice
@@ -26,3 +26,7 @@ actually be in our normal "somewhat disrupted" delivery
 situation. [Stay tuned for more happy days][].
 
 [Stay tuned for more happy days]: 
https://en.wikipedia.org/wiki/Buddy_Holly_(song)
+
+**Update, 2021-01-27 16:51UTC**: it turns out this was a false alarm,
+and concerns only a single Google group that is refusing
+emails. Emails are being delivered to Google fine.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [status-site/main] rewrite README in markdown and expand

2021-01-27 Thread anarcat 
commit 1cc181f21dc0d3ccd8a0461fe939b8b1ca990ce6
Author: Antoine Beaupré 
Date:   Tue Jan 26 13:37:22 2021 -0500

rewrite README in markdown and expand

This is mostly to trigger a job to trigger a Nagios warning about the
union filesystems, to then silence them (phew!).
---
 README.md  | 12 
 README.txt |  5 -
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
new file mode 100644
index 000..6adedbd
--- /dev/null
+++ b/README.md
@@ -0,0 +1,12 @@
+This is the Torproject.org status site, based on the [cState][]
+[example site][].
+
+ [cState]: https://github.com/cstate/cstate
+ [example site]: https://github.com/cstate/example
+
+The actual website should be available at
+ and [documentation in the TPA wiki][]
+([archive][]).
+
+[documentation in the TPA wiki]: 
https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/status
+[archive]: 
https://web.archive.org/web/2/https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/status
diff --git a/README.txt b/README.txt
deleted file mode 100644
index e5829be..000
--- a/README.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-This is the default cState status page website directory/folder.
-
-https://github.com/cstate/example
-
-Available at: status.torproject.org



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [Git][tpo/applications/fenix] Pushed new branch tor-browser-86.0.0b1-10.5-1

2021-01-27 Thread Matthew Finkel 


Matthew Finkel pushed new branch tor-browser-86.0.0b1-10.5-1 at The Tor Project 
/ Applications / fenix

-- 
View it on GitLab: 
https://gitlab.torproject.org/tpo/applications/fenix/-/tree/tor-browser-86.0.0b1-10.5-1
You're receiving this email because of your account on gitlab.torproject.org.


___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-launcher-network-settings] https://gitweb.torproject.org/translation.git/commit/?h=tor-launcher-network-settings

2021-01-27 Thread translation 
commit 5f9d52acd87ae14130331ef7a43472d00597148c
Author: Translation commit bot 
Date:   Wed Jan 27 15:18:31 2021 +


https://gitweb.torproject.org/translation.git/commit/?h=tor-launcher-network-settings
---
 uk/network-settings.dtd | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/uk/network-settings.dtd b/uk/network-settings.dtd
index 2728247ced..5368608a80 100644
--- a/uk/network-settings.dtd
+++ b/uk/network-settings.dtd
@@ -1,10 +1,10 @@
 
 
 
-
+
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage

2021-01-27 Thread translation 
commit d6d2d27d49bdbcefca71519251079cffce37a6b8
Author: Translation commit bot 
Date:   Wed Jan 27 15:15:02 2021 +

https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage
---
 uk/aboutTor.dtd | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/uk/aboutTor.dtd b/uk/aboutTor.dtd
index ae8c2074e3..cc3e2cc9d5 100644
--- a/uk/aboutTor.dtd
+++ b/uk/aboutTor.dtd
@@ -13,14 +13,14 @@
 
 
 
-
+
 https://duckduckgo.com;>
 
 
-
+
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] Merge branch 'maint-0.4.5' into release-0.4.5

2021-01-27 Thread nickm 
commit 65d268c77bedef363b786924a0ec7e254af9945f
Merge: 9e6a276c26 3c0d398847
Author: Nick Mathewson 
Date:   Wed Jan 27 09:36:39 2021 -0500

Merge branch 'maint-0.4.5' into release-0.4.5

 changes/ticket40254 |  4 
 src/feature/relay/relay_find_addr.c | 24 +++
 src/feature/relay/router.c  | 39 -
 src/test/test_relay.c   | 33 ++-
 4 files changed, 64 insertions(+), 36 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] Merge branch 'mr_274_squashed' into maint-0.4.5

2021-01-27 Thread nickm 
commit 3c0d3988473b51b776207fdc8d1b0d332fed2284
Merge: af5250b1df f03047332c
Author: Nick Mathewson 
Date:   Wed Jan 27 09:36:29 2021 -0500

Merge branch 'mr_274_squashed' into maint-0.4.5

 changes/ticket40254 |  4 
 src/feature/relay/relay_find_addr.c | 24 +++
 src/feature/relay/router.c  | 39 -
 src/test/test_relay.c   | 33 ++-
 4 files changed, 64 insertions(+), 36 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] relay: Don't trigger an address discovery without an ORPort

2021-01-27 Thread nickm 
commit 2e600019ea32277525c46809244491970869b084
Author: David Goulet 
Date:   Fri Jan 22 10:35:32 2021 -0500

relay: Don't trigger an address discovery without an ORPort

We would before do an address discovery and then a lookup in the cache if 
not
found which is now simplified by calling relay_find_addr_to_publish() 
directly
which does all those combined.

Furthermore, by doing so, we won't trigger an address discovery every minute
if we have no ORPort configured for the family.

Fixes #40254

Signed-off-by: David Goulet 
---
 changes/ticket40254|  4 
 src/feature/relay/router.c | 17 +
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/changes/ticket40254 b/changes/ticket40254
new file mode 100644
index 00..9945e3d3b8
--- /dev/null
+++ b/changes/ticket40254
@@ -0,0 +1,4 @@
+  o Minor bugfixes (relay, configuration):
+- Don't attempt to discover address (IPv4 or IPv6) if no ORPort for it can
+  be found in the configuration. Fixes bug 40254; bugfix on 0.4.5.1-alpha.
+
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index e5111acd65..4bc71eb486 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2671,18 +2671,11 @@ check_descriptor_ipaddress_changed(time_t now)
   previous = _ri->ipv6_addr;
 }
 
-/* Ignore returned value because we want to notice not only an address
- * change but also if an address is lost (current == UNSPEC). */
-bool found = find_my_address(get_options(), family, LOG_INFO, ,
- , );
-if (!found) {
-  /* Address was possibly not found because it is simply not configured or
-   * discoverable. Fallback to our cache, which includes any suggestion
-   * sent by a trusted directory server. */
-  found = relay_find_addr_to_publish(get_options(), family,
- RELAY_FIND_ADDR_CACHE_ONLY,
- );
-}
+/* Attempt to discovery the publishable address for the family which will
+ * actively attempt to discover the address if we are configured with a
+ * port for the family. */
+relay_find_addr_to_publish(get_options(), family, RELAY_FIND_ADDR_NO_FLAG,
+   );
 
 /* The "current" address might be UNSPEC meaning it was not discovered nor
  * found in our current cache. If we had an address before and we have



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge branch 'maint-0.4.5'

2021-01-27 Thread nickm 
commit b019c8385348e94b2f5d898191af41abc978078b
Merge: 05a7624266 3c0d398847
Author: Nick Mathewson 
Date:   Wed Jan 27 09:36:39 2021 -0500

Merge branch 'maint-0.4.5'

 changes/ticket40254 |  4 
 src/feature/relay/relay_find_addr.c | 24 +++
 src/feature/relay/router.c  | 39 -
 src/test/test_relay.c   | 33 ++-
 4 files changed, 64 insertions(+), 36 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] relay: Simplify IPv6 discovery when building descriptor

2021-01-27 Thread nickm 
commit b4220a09b71a924e423798c4cf5001c0bdc07f89
Author: David Goulet 
Date:   Fri Jan 22 10:29:08 2021 -0500

relay: Simplify IPv6 discovery when building descriptor

Now that relay_find_addr_to_publish() checks if we actually have an ORPort, 
we
can simplify the descriptor building phase for IPv6.

This also avoid triggering an IPv6 discovery if the IPv4 can't be found in 
the
first place.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/router.c | 22 +++---
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index eb1d5a63f1..e5111acd65 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2047,12 +2047,11 @@ MOCK_IMPL(STATIC int,
 router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out))
 {
   routerinfo_t *ri = NULL;
-  tor_addr_t ipv4_addr, ipv6_addr;
+  tor_addr_t ipv4_addr;
   char platform[256];
   int hibernating = we_are_hibernating();
   const or_options_t *options = get_options();
   int result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
-  uint16_t ipv6_orport = 0;
 
   if (BUG(!ri_out)) {
 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
@@ -2064,10 +2063,6 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   bool have_v4 = relay_find_addr_to_publish(options, AF_INET,
 RELAY_FIND_ADDR_NO_FLAG,
 _addr);
-  bool have_v6 = relay_find_addr_to_publish(options, AF_INET6,
-RELAY_FIND_ADDR_NO_FLAG,
-_addr);
-
   /* Tor requires a relay to have an IPv4 so bail if we can't find it. */
   if (!have_v4) {
 log_info(LD_CONFIG, "Don't know my address while generating descriptor. "
@@ -2079,24 +2074,21 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   /* Log a message if the address in the descriptor doesn't match the ORPort
* and DirPort addresses configured by the operator. */
   router_check_descriptor_address_consistency(_addr);
-  router_check_descriptor_address_consistency(_addr);
 
   ri = tor_malloc_zero(sizeof(routerinfo_t));
+  tor_addr_copy(>ipv4_addr, _addr);
   ri->cache_info.routerlist_index = -1;
   ri->nickname = tor_strdup(options->Nickname);
 
   /* IPv4. */
-  tor_addr_copy(>ipv4_addr, _addr);
   ri->ipv4_orport = routerconf_find_or_port(options, AF_INET);
   ri->ipv4_dirport = routerconf_find_dir_port(options, 0);
 
-  /* IPv6. Do not publish an IPv6 if we don't have an ORPort that can be used
-   * with the address. This is possible for instance if the ORPort is
-   * IPv4Only. */
-  ipv6_orport = routerconf_find_or_port(options, AF_INET6);
-  if (have_v6 && ipv6_orport != 0) {
-tor_addr_copy(>ipv6_addr, _addr);
-ri->ipv6_orport = ipv6_orport;
+  /* Optionally check for an IPv6. We still publish without one. */
+  if (relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG,
+ >ipv6_addr)) {
+ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6);
+router_check_descriptor_address_consistency(>ipv6_addr);
   }
 
   ri->supports_tunnelled_dir_requests =



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] relay: Log if we can't find an address for configured ORPort

2021-01-27 Thread nickm 
commit f03047332ceaa465a13fac3ff3de6378f4f2794a
Author: David Goulet 
Date:   Fri Jan 22 10:59:05 2021 -0500

relay: Log if we can't find an address for configured ORPort

Everytime we try to discover an address we want to publish, emit a log 
notice
if we are unable to find it even though an ORPort was configured for it.

Because the function can be called quite often, we rate limit that notice to
every hour so it gets annoying just enough so the operator fixes that.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index e942a8fa77..39e1cc6a19 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -144,6 +144,17 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 if (find_my_address(options, family, LOG_INFO, addr_out, NULL, NULL)) {
   goto found;
 }
+/* No publishable address was found even though we have an ORPort thus
+ * print a notice log so operator can notice. We'll do that every hour so
+ * it is not too spammy but enough so operators address the issue. */
+static ratelim_t rlim = RATELIM_INIT(3600);
+log_fn_ratelim(, LOG_NOTICE, LD_CONFIG,
+   "Unable to find %s address for ORPort %u. "
+   "You might want to specify %sOnly to it or set an "
+   "explicit address or set Address.",
+   fmt_af_family(family),
+   routerconf_find_or_port(options, family),
+   fmt_af_family(family));
   }
 
   /* Third, consider address from our suggestion cache. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.4.5] relay: Skip address discovery if no ORPort is found

2021-01-27 Thread nickm 
commit b4f4af6ec5ba16e7ba5191dbd271c1754e0c21d4
Author: David Goulet 
Date:   Fri Jan 22 10:23:07 2021 -0500

relay: Skip address discovery if no ORPort is found

In other words, if we don't have an ORPort configured for a specific family
(IPv4/v6), we don't bother doing address discovery.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 13 +
 src/test/test_relay.c   | 33 -
 2 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index 2da2328b14..e942a8fa77 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -99,6 +99,13 @@ relay_address_new_suggestion(const tor_addr_t 
*suggested_addr,
  *   populated by the NETINFO cell content or HTTP header from a
  *   directory.
  *
+ * The AddressDisableIPv6 is checked here for IPv6 address discovery and if
+ * set, false is returned and addr_out is UNSPEC.
+ *
+ * Before doing any discovery, the configuration is checked for an ORPort of
+ * the given family. If none can be found, false is returned and addr_out is
+ * UNSPEC.
+ *
  * Return true on success and addr_out contains the address to use for the
  * given family. On failure to find the address, false is returned and
  * addr_out is set to an AF_UNSPEC address. */
@@ -118,6 +125,12 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 return false;
   }
 
+  /* There is no point on attempting an address discovery to publish if we
+   * don't have an ORPort for this family. */
+  if (!routerconf_find_or_port(options, family)) {
+return false;
+  }
+
   /* First, check our resolved address cache. It should contain the address
* we've discovered from the periodic relay event. */
   resolved_addr_get_last(family, addr_out);
diff --git a/src/test/test_relay.c b/src/test/test_relay.c
index 545cb4ac46..b287f0d38b 100644
--- a/src/test/test_relay.c
+++ b/src/test/test_relay.c
@@ -11,6 +11,7 @@
 #include "feature/stats/bwhist.h"
 #include "core/or/relay.h"
 #include "lib/container/order.h"
+#include "lib/encoding/confline.h"
 /* For init/free stuff */
 #include "core/or/scheduler.h"
 
@@ -23,6 +24,8 @@
 #include "feature/relay/routermode.h"
 #include "feature/dirclient/dir_server_st.h"
 
+#define CONFIG_PRIVATE
+#include "app/config/config.h"
 #include "app/config/resolve_addr.h"
 
 /* Test suite stuff */
@@ -298,11 +301,12 @@ test_find_addr_to_publish(void *arg)
   int family;
   bool ret;
   tor_addr_t ipv4_addr, ipv6_addr, cache_addr;
-  or_options_t options;
+  or_options_t *options;
 
   (void) arg;
 
-  memset(, 0, sizeof(options));
+  options = options_new();
+  options_init(options);
 
   /* Populate our resolved cache with a valid IPv4 and IPv6. */
   family = tor_addr_parse(_addr, "1.2.3.4");
@@ -317,13 +321,24 @@ test_find_addr_to_publish(void *arg)
   resolved_addr_get_last(AF_INET6, _addr);
   tt_assert(tor_addr_eq(_addr, _addr));
 
+  /* Setup ORPort config. */
+  {
+int n, w, r;
+char *msg = NULL;
+
+config_line_append(>ORPort_lines, "ORPort", "9001");
+
+r = parse_ports(options, 0, , , );
+tt_int_op(r, OP_EQ, 0);
+  }
+
   /* 1. Address located in the resolved cache. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -334,13 +349,13 @@ test_find_addr_to_publish(void *arg)
*the find_my_address() code path because that is extensively tested in
*another unit tests. */
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -348,15 +363,15 @@ test_find_addr_to_publish(void *arg)
   resolve_addr_reset_suggested(AF_INET6);
 
   /* 3. No IP anywhere. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(!ret);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,

[tor-commits] [tor/master] Merge branch 'mr_274_squashed' into maint-0.4.5

2021-01-27 Thread nickm 
commit 3c0d3988473b51b776207fdc8d1b0d332fed2284
Merge: af5250b1df f03047332c
Author: Nick Mathewson 
Date:   Wed Jan 27 09:36:29 2021 -0500

Merge branch 'mr_274_squashed' into maint-0.4.5

 changes/ticket40254 |  4 
 src/feature/relay/relay_find_addr.c | 24 +++
 src/feature/relay/router.c  | 39 -
 src/test/test_relay.c   | 33 ++-
 4 files changed, 64 insertions(+), 36 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] relay: Log if we can't find an address for configured ORPort

2021-01-27 Thread nickm 
commit f03047332ceaa465a13fac3ff3de6378f4f2794a
Author: David Goulet 
Date:   Fri Jan 22 10:59:05 2021 -0500

relay: Log if we can't find an address for configured ORPort

Everytime we try to discover an address we want to publish, emit a log 
notice
if we are unable to find it even though an ORPort was configured for it.

Because the function can be called quite often, we rate limit that notice to
every hour so it gets annoying just enough so the operator fixes that.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index e942a8fa77..39e1cc6a19 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -144,6 +144,17 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 if (find_my_address(options, family, LOG_INFO, addr_out, NULL, NULL)) {
   goto found;
 }
+/* No publishable address was found even though we have an ORPort thus
+ * print a notice log so operator can notice. We'll do that every hour so
+ * it is not too spammy but enough so operators address the issue. */
+static ratelim_t rlim = RATELIM_INIT(3600);
+log_fn_ratelim(, LOG_NOTICE, LD_CONFIG,
+   "Unable to find %s address for ORPort %u. "
+   "You might want to specify %sOnly to it or set an "
+   "explicit address or set Address.",
+   fmt_af_family(family),
+   routerconf_find_or_port(options, family),
+   fmt_af_family(family));
   }
 
   /* Third, consider address from our suggestion cache. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] relay: Simplify IPv6 discovery when building descriptor

2021-01-27 Thread nickm 
commit b4220a09b71a924e423798c4cf5001c0bdc07f89
Author: David Goulet 
Date:   Fri Jan 22 10:29:08 2021 -0500

relay: Simplify IPv6 discovery when building descriptor

Now that relay_find_addr_to_publish() checks if we actually have an ORPort, 
we
can simplify the descriptor building phase for IPv6.

This also avoid triggering an IPv6 discovery if the IPv4 can't be found in 
the
first place.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/router.c | 22 +++---
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index eb1d5a63f1..e5111acd65 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2047,12 +2047,11 @@ MOCK_IMPL(STATIC int,
 router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out))
 {
   routerinfo_t *ri = NULL;
-  tor_addr_t ipv4_addr, ipv6_addr;
+  tor_addr_t ipv4_addr;
   char platform[256];
   int hibernating = we_are_hibernating();
   const or_options_t *options = get_options();
   int result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
-  uint16_t ipv6_orport = 0;
 
   if (BUG(!ri_out)) {
 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
@@ -2064,10 +2063,6 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   bool have_v4 = relay_find_addr_to_publish(options, AF_INET,
 RELAY_FIND_ADDR_NO_FLAG,
 _addr);
-  bool have_v6 = relay_find_addr_to_publish(options, AF_INET6,
-RELAY_FIND_ADDR_NO_FLAG,
-_addr);
-
   /* Tor requires a relay to have an IPv4 so bail if we can't find it. */
   if (!have_v4) {
 log_info(LD_CONFIG, "Don't know my address while generating descriptor. "
@@ -2079,24 +2074,21 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   /* Log a message if the address in the descriptor doesn't match the ORPort
* and DirPort addresses configured by the operator. */
   router_check_descriptor_address_consistency(_addr);
-  router_check_descriptor_address_consistency(_addr);
 
   ri = tor_malloc_zero(sizeof(routerinfo_t));
+  tor_addr_copy(>ipv4_addr, _addr);
   ri->cache_info.routerlist_index = -1;
   ri->nickname = tor_strdup(options->Nickname);
 
   /* IPv4. */
-  tor_addr_copy(>ipv4_addr, _addr);
   ri->ipv4_orport = routerconf_find_or_port(options, AF_INET);
   ri->ipv4_dirport = routerconf_find_dir_port(options, 0);
 
-  /* IPv6. Do not publish an IPv6 if we don't have an ORPort that can be used
-   * with the address. This is possible for instance if the ORPort is
-   * IPv4Only. */
-  ipv6_orport = routerconf_find_or_port(options, AF_INET6);
-  if (have_v6 && ipv6_orport != 0) {
-tor_addr_copy(>ipv6_addr, _addr);
-ri->ipv6_orport = ipv6_orport;
+  /* Optionally check for an IPv6. We still publish without one. */
+  if (relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG,
+ >ipv6_addr)) {
+ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6);
+router_check_descriptor_address_consistency(>ipv6_addr);
   }
 
   ri->supports_tunnelled_dir_requests =



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] relay: Don't trigger an address discovery without an ORPort

2021-01-27 Thread nickm 
commit 2e600019ea32277525c46809244491970869b084
Author: David Goulet 
Date:   Fri Jan 22 10:35:32 2021 -0500

relay: Don't trigger an address discovery without an ORPort

We would before do an address discovery and then a lookup in the cache if 
not
found which is now simplified by calling relay_find_addr_to_publish() 
directly
which does all those combined.

Furthermore, by doing so, we won't trigger an address discovery every minute
if we have no ORPort configured for the family.

Fixes #40254

Signed-off-by: David Goulet 
---
 changes/ticket40254|  4 
 src/feature/relay/router.c | 17 +
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/changes/ticket40254 b/changes/ticket40254
new file mode 100644
index 00..9945e3d3b8
--- /dev/null
+++ b/changes/ticket40254
@@ -0,0 +1,4 @@
+  o Minor bugfixes (relay, configuration):
+- Don't attempt to discover address (IPv4 or IPv6) if no ORPort for it can
+  be found in the configuration. Fixes bug 40254; bugfix on 0.4.5.1-alpha.
+
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index e5111acd65..4bc71eb486 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2671,18 +2671,11 @@ check_descriptor_ipaddress_changed(time_t now)
   previous = _ri->ipv6_addr;
 }
 
-/* Ignore returned value because we want to notice not only an address
- * change but also if an address is lost (current == UNSPEC). */
-bool found = find_my_address(get_options(), family, LOG_INFO, ,
- , );
-if (!found) {
-  /* Address was possibly not found because it is simply not configured or
-   * discoverable. Fallback to our cache, which includes any suggestion
-   * sent by a trusted directory server. */
-  found = relay_find_addr_to_publish(get_options(), family,
- RELAY_FIND_ADDR_CACHE_ONLY,
- );
-}
+/* Attempt to discovery the publishable address for the family which will
+ * actively attempt to discover the address if we are configured with a
+ * port for the family. */
+relay_find_addr_to_publish(get_options(), family, RELAY_FIND_ADDR_NO_FLAG,
+   );
 
 /* The "current" address might be UNSPEC meaning it was not discovered nor
  * found in our current cache. If we had an address before and we have



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] relay: Skip address discovery if no ORPort is found

2021-01-27 Thread nickm 
commit b4f4af6ec5ba16e7ba5191dbd271c1754e0c21d4
Author: David Goulet 
Date:   Fri Jan 22 10:23:07 2021 -0500

relay: Skip address discovery if no ORPort is found

In other words, if we don't have an ORPort configured for a specific family
(IPv4/v6), we don't bother doing address discovery.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 13 +
 src/test/test_relay.c   | 33 -
 2 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index 2da2328b14..e942a8fa77 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -99,6 +99,13 @@ relay_address_new_suggestion(const tor_addr_t 
*suggested_addr,
  *   populated by the NETINFO cell content or HTTP header from a
  *   directory.
  *
+ * The AddressDisableIPv6 is checked here for IPv6 address discovery and if
+ * set, false is returned and addr_out is UNSPEC.
+ *
+ * Before doing any discovery, the configuration is checked for an ORPort of
+ * the given family. If none can be found, false is returned and addr_out is
+ * UNSPEC.
+ *
  * Return true on success and addr_out contains the address to use for the
  * given family. On failure to find the address, false is returned and
  * addr_out is set to an AF_UNSPEC address. */
@@ -118,6 +125,12 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 return false;
   }
 
+  /* There is no point on attempting an address discovery to publish if we
+   * don't have an ORPort for this family. */
+  if (!routerconf_find_or_port(options, family)) {
+return false;
+  }
+
   /* First, check our resolved address cache. It should contain the address
* we've discovered from the periodic relay event. */
   resolved_addr_get_last(family, addr_out);
diff --git a/src/test/test_relay.c b/src/test/test_relay.c
index 545cb4ac46..b287f0d38b 100644
--- a/src/test/test_relay.c
+++ b/src/test/test_relay.c
@@ -11,6 +11,7 @@
 #include "feature/stats/bwhist.h"
 #include "core/or/relay.h"
 #include "lib/container/order.h"
+#include "lib/encoding/confline.h"
 /* For init/free stuff */
 #include "core/or/scheduler.h"
 
@@ -23,6 +24,8 @@
 #include "feature/relay/routermode.h"
 #include "feature/dirclient/dir_server_st.h"
 
+#define CONFIG_PRIVATE
+#include "app/config/config.h"
 #include "app/config/resolve_addr.h"
 
 /* Test suite stuff */
@@ -298,11 +301,12 @@ test_find_addr_to_publish(void *arg)
   int family;
   bool ret;
   tor_addr_t ipv4_addr, ipv6_addr, cache_addr;
-  or_options_t options;
+  or_options_t *options;
 
   (void) arg;
 
-  memset(, 0, sizeof(options));
+  options = options_new();
+  options_init(options);
 
   /* Populate our resolved cache with a valid IPv4 and IPv6. */
   family = tor_addr_parse(_addr, "1.2.3.4");
@@ -317,13 +321,24 @@ test_find_addr_to_publish(void *arg)
   resolved_addr_get_last(AF_INET6, _addr);
   tt_assert(tor_addr_eq(_addr, _addr));
 
+  /* Setup ORPort config. */
+  {
+int n, w, r;
+char *msg = NULL;
+
+config_line_append(>ORPort_lines, "ORPort", "9001");
+
+r = parse_ports(options, 0, , , );
+tt_int_op(r, OP_EQ, 0);
+  }
+
   /* 1. Address located in the resolved cache. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -334,13 +349,13 @@ test_find_addr_to_publish(void *arg)
*the find_my_address() code path because that is extensively tested in
*another unit tests. */
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -348,15 +363,15 @@ test_find_addr_to_publish(void *arg)
   resolve_addr_reset_suggested(AF_INET6);
 
   /* 3. No IP anywhere. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(!ret);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,

[tor-commits] [tor/maint-0.4.5] Merge branch 'mr_274_squashed' into maint-0.4.5

2021-01-27 Thread nickm 
commit 3c0d3988473b51b776207fdc8d1b0d332fed2284
Merge: af5250b1df f03047332c
Author: Nick Mathewson 
Date:   Wed Jan 27 09:36:29 2021 -0500

Merge branch 'mr_274_squashed' into maint-0.4.5

 changes/ticket40254 |  4 
 src/feature/relay/relay_find_addr.c | 24 +++
 src/feature/relay/router.c  | 39 -
 src/test/test_relay.c   | 33 ++-
 4 files changed, 64 insertions(+), 36 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.4.5] relay: Simplify IPv6 discovery when building descriptor

2021-01-27 Thread nickm 
commit b4220a09b71a924e423798c4cf5001c0bdc07f89
Author: David Goulet 
Date:   Fri Jan 22 10:29:08 2021 -0500

relay: Simplify IPv6 discovery when building descriptor

Now that relay_find_addr_to_publish() checks if we actually have an ORPort, 
we
can simplify the descriptor building phase for IPv6.

This also avoid triggering an IPv6 discovery if the IPv4 can't be found in 
the
first place.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/router.c | 22 +++---
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index eb1d5a63f1..e5111acd65 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2047,12 +2047,11 @@ MOCK_IMPL(STATIC int,
 router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out))
 {
   routerinfo_t *ri = NULL;
-  tor_addr_t ipv4_addr, ipv6_addr;
+  tor_addr_t ipv4_addr;
   char platform[256];
   int hibernating = we_are_hibernating();
   const or_options_t *options = get_options();
   int result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
-  uint16_t ipv6_orport = 0;
 
   if (BUG(!ri_out)) {
 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
@@ -2064,10 +2063,6 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   bool have_v4 = relay_find_addr_to_publish(options, AF_INET,
 RELAY_FIND_ADDR_NO_FLAG,
 _addr);
-  bool have_v6 = relay_find_addr_to_publish(options, AF_INET6,
-RELAY_FIND_ADDR_NO_FLAG,
-_addr);
-
   /* Tor requires a relay to have an IPv4 so bail if we can't find it. */
   if (!have_v4) {
 log_info(LD_CONFIG, "Don't know my address while generating descriptor. "
@@ -2079,24 +2074,21 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t 
**ri_out))
   /* Log a message if the address in the descriptor doesn't match the ORPort
* and DirPort addresses configured by the operator. */
   router_check_descriptor_address_consistency(_addr);
-  router_check_descriptor_address_consistency(_addr);
 
   ri = tor_malloc_zero(sizeof(routerinfo_t));
+  tor_addr_copy(>ipv4_addr, _addr);
   ri->cache_info.routerlist_index = -1;
   ri->nickname = tor_strdup(options->Nickname);
 
   /* IPv4. */
-  tor_addr_copy(>ipv4_addr, _addr);
   ri->ipv4_orport = routerconf_find_or_port(options, AF_INET);
   ri->ipv4_dirport = routerconf_find_dir_port(options, 0);
 
-  /* IPv6. Do not publish an IPv6 if we don't have an ORPort that can be used
-   * with the address. This is possible for instance if the ORPort is
-   * IPv4Only. */
-  ipv6_orport = routerconf_find_or_port(options, AF_INET6);
-  if (have_v6 && ipv6_orport != 0) {
-tor_addr_copy(>ipv6_addr, _addr);
-ri->ipv6_orport = ipv6_orport;
+  /* Optionally check for an IPv6. We still publish without one. */
+  if (relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG,
+ >ipv6_addr)) {
+ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6);
+router_check_descriptor_address_consistency(>ipv6_addr);
   }
 
   ri->supports_tunnelled_dir_requests =



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.4.5] relay: Skip address discovery if no ORPort is found

2021-01-27 Thread nickm 
commit b4f4af6ec5ba16e7ba5191dbd271c1754e0c21d4
Author: David Goulet 
Date:   Fri Jan 22 10:23:07 2021 -0500

relay: Skip address discovery if no ORPort is found

In other words, if we don't have an ORPort configured for a specific family
(IPv4/v6), we don't bother doing address discovery.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 13 +
 src/test/test_relay.c   | 33 -
 2 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index 2da2328b14..e942a8fa77 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -99,6 +99,13 @@ relay_address_new_suggestion(const tor_addr_t 
*suggested_addr,
  *   populated by the NETINFO cell content or HTTP header from a
  *   directory.
  *
+ * The AddressDisableIPv6 is checked here for IPv6 address discovery and if
+ * set, false is returned and addr_out is UNSPEC.
+ *
+ * Before doing any discovery, the configuration is checked for an ORPort of
+ * the given family. If none can be found, false is returned and addr_out is
+ * UNSPEC.
+ *
  * Return true on success and addr_out contains the address to use for the
  * given family. On failure to find the address, false is returned and
  * addr_out is set to an AF_UNSPEC address. */
@@ -118,6 +125,12 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 return false;
   }
 
+  /* There is no point on attempting an address discovery to publish if we
+   * don't have an ORPort for this family. */
+  if (!routerconf_find_or_port(options, family)) {
+return false;
+  }
+
   /* First, check our resolved address cache. It should contain the address
* we've discovered from the periodic relay event. */
   resolved_addr_get_last(family, addr_out);
diff --git a/src/test/test_relay.c b/src/test/test_relay.c
index 545cb4ac46..b287f0d38b 100644
--- a/src/test/test_relay.c
+++ b/src/test/test_relay.c
@@ -11,6 +11,7 @@
 #include "feature/stats/bwhist.h"
 #include "core/or/relay.h"
 #include "lib/container/order.h"
+#include "lib/encoding/confline.h"
 /* For init/free stuff */
 #include "core/or/scheduler.h"
 
@@ -23,6 +24,8 @@
 #include "feature/relay/routermode.h"
 #include "feature/dirclient/dir_server_st.h"
 
+#define CONFIG_PRIVATE
+#include "app/config/config.h"
 #include "app/config/resolve_addr.h"
 
 /* Test suite stuff */
@@ -298,11 +301,12 @@ test_find_addr_to_publish(void *arg)
   int family;
   bool ret;
   tor_addr_t ipv4_addr, ipv6_addr, cache_addr;
-  or_options_t options;
+  or_options_t *options;
 
   (void) arg;
 
-  memset(, 0, sizeof(options));
+  options = options_new();
+  options_init(options);
 
   /* Populate our resolved cache with a valid IPv4 and IPv6. */
   family = tor_addr_parse(_addr, "1.2.3.4");
@@ -317,13 +321,24 @@ test_find_addr_to_publish(void *arg)
   resolved_addr_get_last(AF_INET6, _addr);
   tt_assert(tor_addr_eq(_addr, _addr));
 
+  /* Setup ORPort config. */
+  {
+int n, w, r;
+char *msg = NULL;
+
+config_line_append(>ORPort_lines, "ORPort", "9001");
+
+r = parse_ports(options, 0, , , );
+tt_int_op(r, OP_EQ, 0);
+  }
+
   /* 1. Address located in the resolved cache. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -334,13 +349,13 @@ test_find_addr_to_publish(void *arg)
*the find_my_address() code path because that is extensively tested in
*another unit tests. */
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
 
   resolved_addr_set_suggested(_addr);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(ret);
   tt_assert(tor_addr_eq(_addr, _addr));
@@ -348,15 +363,15 @@ test_find_addr_to_publish(void *arg)
   resolve_addr_reset_suggested(AF_INET6);
 
   /* 3. No IP anywhere. */
-  ret = relay_find_addr_to_publish(, AF_INET,
+  ret = relay_find_addr_to_publish(options, AF_INET,
RELAY_FIND_ADDR_CACHE_ONLY, _addr);
   tt_assert(!ret);
-  ret = relay_find_addr_to_publish(, AF_INET6,
+  ret = relay_find_addr_to_publish(options, AF_INET6,

[tor-commits] [tor/maint-0.4.5] relay: Log if we can't find an address for configured ORPort

2021-01-27 Thread nickm 
commit f03047332ceaa465a13fac3ff3de6378f4f2794a
Author: David Goulet 
Date:   Fri Jan 22 10:59:05 2021 -0500

relay: Log if we can't find an address for configured ORPort

Everytime we try to discover an address we want to publish, emit a log 
notice
if we are unable to find it even though an ORPort was configured for it.

Because the function can be called quite often, we rate limit that notice to
every hour so it gets annoying just enough so the operator fixes that.

Related to #40254

Signed-off-by: David Goulet 
---
 src/feature/relay/relay_find_addr.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/src/feature/relay/relay_find_addr.c 
b/src/feature/relay/relay_find_addr.c
index e942a8fa77..39e1cc6a19 100644
--- a/src/feature/relay/relay_find_addr.c
+++ b/src/feature/relay/relay_find_addr.c
@@ -144,6 +144,17 @@ relay_find_addr_to_publish, (const or_options_t *options, 
int family,
 if (find_my_address(options, family, LOG_INFO, addr_out, NULL, NULL)) {
   goto found;
 }
+/* No publishable address was found even though we have an ORPort thus
+ * print a notice log so operator can notice. We'll do that every hour so
+ * it is not too spammy but enough so operators address the issue. */
+static ratelim_t rlim = RATELIM_INIT(3600);
+log_fn_ratelim(, LOG_NOTICE, LD_CONFIG,
+   "Unable to find %s address for ORPort %u. "
+   "You might want to specify %sOnly to it or set an "
+   "explicit address or set Address.",
+   fmt_af_family(family),
+   routerconf_find_or_port(options, family),
+   fmt_af_family(family));
   }
 
   /* Third, consider address from our suggestion cache. */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.4.5] relay: Don't trigger an address discovery without an ORPort

2021-01-27 Thread nickm 
commit 2e600019ea32277525c46809244491970869b084
Author: David Goulet 
Date:   Fri Jan 22 10:35:32 2021 -0500

relay: Don't trigger an address discovery without an ORPort

We would before do an address discovery and then a lookup in the cache if 
not
found which is now simplified by calling relay_find_addr_to_publish() 
directly
which does all those combined.

Furthermore, by doing so, we won't trigger an address discovery every minute
if we have no ORPort configured for the family.

Fixes #40254

Signed-off-by: David Goulet 
---
 changes/ticket40254|  4 
 src/feature/relay/router.c | 17 +
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/changes/ticket40254 b/changes/ticket40254
new file mode 100644
index 00..9945e3d3b8
--- /dev/null
+++ b/changes/ticket40254
@@ -0,0 +1,4 @@
+  o Minor bugfixes (relay, configuration):
+- Don't attempt to discover address (IPv4 or IPv6) if no ORPort for it can
+  be found in the configuration. Fixes bug 40254; bugfix on 0.4.5.1-alpha.
+
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index e5111acd65..4bc71eb486 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -2671,18 +2671,11 @@ check_descriptor_ipaddress_changed(time_t now)
   previous = _ri->ipv6_addr;
 }
 
-/* Ignore returned value because we want to notice not only an address
- * change but also if an address is lost (current == UNSPEC). */
-bool found = find_my_address(get_options(), family, LOG_INFO, ,
- , );
-if (!found) {
-  /* Address was possibly not found because it is simply not configured or
-   * discoverable. Fallback to our cache, which includes any suggestion
-   * sent by a trusted directory server. */
-  found = relay_find_addr_to_publish(get_options(), family,
- RELAY_FIND_ADDR_CACHE_ONLY,
- );
-}
+/* Attempt to discovery the publishable address for the family which will
+ * actively attempt to discover the address if we are configured with a
+ * port for the family. */
+relay_find_addr_to_publish(get_options(), family, RELAY_FIND_ADDR_NO_FLAG,
+   );
 
 /* The "current" address might be UNSPEC meaning it was not discovered nor
  * found in our current cache. If we had an address before and we have



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add IPv6 to mdfnet fallbackdirs

2021-01-27 Thread asn 
commit 62f5114c094e180271432605195b5039cf8ce1cb
Author: MarkusK 
Date:   Fri Jan 22 07:50:47 2021 +0100

Add IPv6 to mdfnet fallbackdirs
---
 src/app/config/fallback_dirs.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/app/config/fallback_dirs.inc b/src/app/config/fallback_dirs.inc
index a7ef39bb96..83834890ce 100644
--- a/src/app/config/fallback_dirs.inc
+++ b/src/app/config/fallback_dirs.inc
@@ -354,6 +354,7 @@ URL: 
https:onionoo.torproject.orguptime?typerelay_seen_days90-_seen_d
 /* = */
 ,
 "193.11.114.45:9031 orport=9002 id=80AAF8D5956A43C197104CEF2550CD42D165C6FB"
+" ipv6=[2001:6b0:30:1000::100]:9050"
 /* nickname=mdfnet2 */
 /* extrainfo=0 */
 /* = */
@@ -552,6 +553,7 @@ URL: 
https:onionoo.torproject.orguptime?typerelay_seen_days90-_seen_d
 /* = */
 ,
 "193.11.114.46:9032 orport=9003 id=B83DC1558F0D34353BB992EF93AFEAFDB226A73E"
+" ipv6=[2001:6b0:30:1000::101]:9050"
 /* nickname=mdfnet3 */
 /* extrainfo=0 */
 /* = */



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'tor-gitlab/mr/272'

2021-01-27 Thread asn 
commit 05a762426681ce5e37c7f222c2337a4a1915286c
Merge: dbbd603313 62f5114c09
Author: George Kadianakis 
Date:   Wed Jan 27 15:47:10 2021 +0200

Merge remote-tracking branch 'tor-gitlab/mr/272'

 src/app/config/fallback_dirs.inc | 2 ++
 1 file changed, 2 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'tor-gitlab/mr/248'

2021-01-27 Thread asn 
commit dbbd60331352da8f985ddfc988fbe5f97e3f23af
Merge: a7ca089343 3d993d4d85
Author: George Kadianakis 
Date:   Wed Jan 27 15:43:01 2021 +0200

Merge remote-tracking branch 'tor-gitlab/mr/248'

 changes/bug40235| 5 +
 src/app/config/config.c | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Do not require a valid torrc for

2021-01-27 Thread asn 
commit 3d993d4d8569617acf8059a6d6f7702aaf41bba4
Author: Neel Chauhan 
Date:   Wed Jan 6 10:41:27 2021 -0800

Do not require a valid torrc for
---
 changes/bug40235| 5 +
 src/app/config/config.c | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/changes/bug40235 b/changes/bug40235
new file mode 100644
index 00..baf72c3da7
--- /dev/null
+++ b/changes/bug40235
@@ -0,0 +1,5 @@
+  o Minor bugfixes (key generation):
+- Do not require a valid torrc when using the `--keygen` argument
+  to generate a signing key. This allows us to generate keys on
+  systems or users which may not run Tor. Fixes bug 40235; bugfix
+  on 0.2.7.2-alpha. Patch by Neel Chauhan.
diff --git a/src/app/config/config.c b/src/app/config/config.c
index bf2f49ead4..e6fde2d62f 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -4338,6 +4338,7 @@ find_torrc_filename(const config_line_t *cmd_arg,
   const config_line_t *p_index;
   const char *fname_opt = defaults_file ? "--defaults-torrc" : "-f";
   const char *ignore_opt = defaults_file ? NULL : "--ignore-missing-torrc";
+  const char *keygen_opt = "--keygen";
 
   if (defaults_file)
 *ignore_missing_torrc = 1;
@@ -4359,7 +4360,8 @@ find_torrc_filename(const config_line_t *cmd_arg,
   }
 
   *using_default_fname = 0;
-} else if (ignore_opt && !strcmp(p_index->key,ignore_opt)) {
+} else if ((ignore_opt && !strcmp(p_index->key, ignore_opt)) ||
+   (keygen_opt && !strcmp(p_index->key, keygen_opt))) {
   *ignore_missing_torrc = 1;
 }
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'tor-gitlab/mr/247'

2021-01-27 Thread asn 
commit a7ca08934341deab05d48fa0f074543116a29c38
Merge: 37ea6cd9eb 1811bded77
Author: George Kadianakis 
Date:   Wed Jan 27 15:39:29 2021 +0200

Merge remote-tracking branch 'tor-gitlab/mr/247'

 changes/bug40207| 4 
 src/feature/hs/hs_circuit.c | 2 +-
 src/feature/hs/hs_client.c  | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Downgrade the severity of a few rendezvous circuit-related warnings.

2021-01-27 Thread asn 
commit 1811bded77015efde34294a94884495e796efcba
Author: Neel Chauhan 
Date:   Thu Dec 24 11:32:03 2020 -0800

Downgrade the severity of a few rendezvous circuit-related warnings.
---
 changes/bug40207| 4 
 src/feature/hs/hs_circuit.c | 2 +-
 src/feature/hs/hs_client.c  | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/changes/bug40207 b/changes/bug40207
new file mode 100644
index 00..ca633f88db
--- /dev/null
+++ b/changes/bug40207
@@ -0,0 +1,4 @@
+  o Minor bugfixes (onion services, logging):
+- Downgrade the severity of a few rendezvous circuit-related
+  warnings from warning to info. Fixes bug 40207; bugfix on
+  0.3.2.1-alpha. Patch by Neel Chauhan.
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
index eaf99cf8b2..f0059a1a7c 100644
--- a/src/feature/hs/hs_circuit.c
+++ b/src/feature/hs/hs_circuit.c
@@ -1181,7 +1181,7 @@ hs_circ_send_introduce1(origin_circuit_t *intro_circ,
   /* We should never select an invalid rendezvous point in theory but if we
* do, this function will fail to populate the introduce data. */
   if (setup_introduce1_data(ip, exit_node, subcredential, _data) < 0) {
-log_warn(LD_REND, "Unable to setup INTRODUCE1 data. The chosen rendezvous "
+log_info(LD_REND, "Unable to setup INTRODUCE1 data. The chosen rendezvous "
   "point is unusable. Closing circuit.");
 goto close;
   }
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 7cec2e0dce..9721909fa5 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1130,7 +1130,7 @@ handle_introduce_ack_success(origin_circuit_t *intro_circ)
   rend_circ =
   hs_circuitmap_get_established_rend_circ_client_side(rendezvous_cookie);
   if (rend_circ == NULL) {
-log_warn(LD_REND, "Can't find any rendezvous circuit. Stopping");
+log_info(LD_REND, "Can't find any rendezvous circuit. Stopping");
 goto end;
   }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-bundle-testsuite/master] Bug 40014: Update tests for 85

2021-01-27 Thread gk 
commit 17d1464de523a8c4972f237bad9f7d376073fa2a
Author: Alex Catarineu 
Date:   Tue Jan 26 12:52:19 2021 +0100

Bug 40014: Update tests for 85
---
 marionette/tor_browser_tests/test_dom-objects-enumeration.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/marionette/tor_browser_tests/test_dom-objects-enumeration.py 
b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
index 66fc8be..26ff945 100644
--- a/marionette/tor_browser_tests/test_dom-objects-enumeration.py
+++ b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
@@ -764,6 +764,8 @@ class Test(testsuite.TorBrowserTest):
 expectedObjects = expectedObjects.union({"onbeforeinput"})
 if self.get_version() >= 84:
 expectedObjects = 
expectedObjects.union({"PerformancePaintTiming"}).difference({"Sanitizer"})
+if self.get_version() >= 85:
+expectedObjects = expectedObjects.difference({"onshow", 
"HTMLMenuItemElement"})
 
 with self.marionette.using_context('content'):
 self.marionette.navigate(self.test_page_file_url)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Bug 33274: Use YAML::XS instead of YAML in update_responses

2021-01-27 Thread gk 
commit 6d4081c0a5d5f7094203c208df5e633f9dada54c
Author: Nicolas Vigier 
Date:   Sun Jan 24 22:04:05 2021 +0100

Bug 33274: Use YAML::XS instead of YAML in update_responses
---
 tools/update-responses/README.md| 8 
 tools/update-responses/update_responses | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/tools/update-responses/README.md b/tools/update-responses/README.md
index 5209ed5..8326983 100644
--- a/tools/update-responses/README.md
+++ b/tools/update-responses/README.md
@@ -12,14 +12,14 @@ Dependencies
 
 
 The following perl modules need to be installed to run the script:
-  FindBin YAML File::Slurp Digest::SHA XML::Writer File::Temp
+  FindBin YAML::XS File::Slurp Digest::SHA XML::Writer File::Temp
   IO::CaptureOutput Parallel::ForkManager XML::LibXML LWP JSON
 
 On Debian / Ubuntu you can install them with:
 
 ```
-  # apt-get install libfindbin-libs-perl libyaml-perl libfile-slurp-perl \
-libdigest-sha-perl libxml-writer-perl \
+  # apt-get install libfindbin-libs-perl libyaml-libyaml-perl \
+libfile-slurp-perl libdigest-sha-perl libxml-writer-perl \
 libio-captureoutput-perl libparallel-forkmanager-perl \
 libxml-libxml-perl libwww-perl libjson-perl
 ```
@@ -27,7 +27,7 @@ On Debian / Ubuntu you can install them with:
 On Red Hat / Fedora you can install them with:
 
 ```
-  # for module in FindBin YAML File::Slurp Digest::SHA XML::Writer \
+  # for module in FindBin YAML::XS File::Slurp Digest::SHA XML::Writer \
   File::Temp IO::CaptureOutput Parallel::ForkManager \
   XML::LibXML LWP JSON
 do yum install "perl($module)"; done
diff --git a/tools/update-responses/update_responses 
b/tools/update-responses/update_responses
index de24235..35b971f 100755
--- a/tools/update-responses/update_responses
+++ b/tools/update-responses/update_responses
@@ -4,7 +4,7 @@ use strict;
 use feature "state";
 use English;
 use FindBin;
-use YAML qw(LoadFile);
+use YAML::XS qw(LoadFile);
 use File::Slurp;
 use File::Path qw(make_path);
 use Digest::SHA qw(sha256_hex);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Merge remote-tracking branch 'gitlab/merge-requests/202'

2021-01-27 Thread gk 
commit 39b14d15d26f7b56e13c48c02f7fda1cbd6703eb
Merge: 79f54e6 6d4081c
Author: Georg Koppen 
Date:   Wed Jan 27 11:17:57 2021 +

Merge remote-tracking branch 'gitlab/merge-requests/202'

 tools/update-responses/README.md| 8 
 tools/update-responses/update_responses | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-spec/master] Bug 40012: Add FF85 audit

2021-01-27 Thread gk 
commit b72a5306255a41b46a6b86d9189e3833cf35019e
Author: Matthew Finkel 
Date:   Tue Jan 19 03:15:14 2021 +

Bug 40012: Add FF85 audit
---
 audits/FF85_NETWORK_AUDIT | 159 ++
 1 file changed, 159 insertions(+)

diff --git a/audits/FF85_NETWORK_AUDIT b/audits/FF85_NETWORK_AUDIT
new file mode 100644
index 000..17ad0db
--- /dev/null
+++ b/audits/FF85_NETWORK_AUDIT
@@ -0,0 +1,159 @@
+`git diff 2a47450172493d64c311336281c1860802b3c9fc 
5a2e34d5821fa203454eb9a8b12d7749a7c50d00`
+and then go over all the changes containing the
+below mentioned potentially dangerous calls and features. Grep the diff for
+the following strings and examine surrounding usage.
+
+=== Native DNS Portion =
+
+PR_GetHostByName
+PR_GetIPNodeByName
+PR_GetAddrInfoByName
+PR_StringToNetAddr (itself is good as it passes AI_NUMERICHOST to getaddrinfo. 
No resolution.)
+
+# FF85: Nothing new
+
+MDNS
+TRR (DNS Trusted Recursive Resolver)
+Direct Paths to DNS resolution:
+nsDNSService::Resolve
+nsDNSService::AsyncResolve
+nsHostResolver::ResolveHost
+
+# FF85:
+# Bug 1667743:
+#  - Deleting unused esni code
+#  - Review Result: Safe
+
+# Bug 1634065:
+#  - ensure nsIDNSService is only created on the main thread
+#  - Review Result: Safe
+
+# Bug 1678614
+#  - Don't retry with native DNS if it's trr only mode
+#  - Review Result: Safe
+
+# Bug 1670982
+#  - Make the bitfields in nsHostResolver atomic
+#  - Review Result: Safe
+
+ Misc Socket Portion ==
+
+SOCK_
+SOCKET_
+_SOCKET
+
+# FF85:
+# - Bug 1675491
+#- Count number of bytes send and received over a socket
+#- Review Result: Safe
+
+UDPSocket
+TCPSocket
+  PR_NewTCPSocket
+  AsyncTCPSocket
+
+# FF85: Nothing of interest
+
+
+Misc PR_Socket
+
+# FF85: Nothing new
+
+=== Misc XPCOM Portion 
+
+Misc XPCOM (including commands for pre-diff review approach)
+ *SocketProvider
+ grep -R udp-socket .
+ grep -R tcp-socket .
+ grep for tcpsocket
+ grep -R "NS_" | grep SOCKET | grep "_C"
+ grep -R "@mozilla.org/network/" . | grep socket | grep -v udp-socket
+
+# FF85:
+# Bug 1673931:
+#  - Resolve Document/Element cycle, no harm
+#  - Review Result: Safe
+
+# Bug 1626278
+#  - Shutdown MediaTransportHandlerSTS on STS shutdown
+#  - Review Result: Safe
+
+# Bug 1677759
+#  - Mark STUN/TURN client contexts failed when we encounter a socket 
read/write failure for TCP
+#  - Review Result: Safe
+
+ Rust Portion 
+
+Rust
+ - XXX: What do we grep for here? Or do we rely on Ritter's compile-time tool?
+ - Check for new sendmsg and recvmsg usage
+
+# FF85:
+# Bug 1662868
+#  - Create a Viaduct-based Glean uploader
+#  - Review Result: Safe
+
+ Android Portion =
+
+Android Java calls
+ - URLConnection
+   - XXX: getInputStream? other methods?
+ - HttpURLConnection
+ - UrlConnectionDownloader
+ - ch.boye.httpclientandroidlib.impl.client.* (look for execute() calls)
+ - grep -n openConnection\( mobile/android/thirdparty/
+ - java.net.URL -- has SEVERAL proxy bypass URL fetching methods :/
+ - java.net
+ - javax.net
+ - ch.boye.httpclientandroidlib.conn.* (esp ssl)
+ - ch.boye.httpclientandroidlib.impl.conn.* (esp ssl)
+ - Sudden appearance of thirdparty libs:
+   - OkHttp
+   - Retrofit
+   - Glide
+   - com.amitshekhar.android
+ - IntentHelper
+   - openUriExternal (can come from GeckoAppShell too)
+   - getHandlersForMimeType
+   - getHandlersForURL
+   - getHandlersForIntent
+ - android.content.Intent - too common; instead find launch methods:
+   - startActivity
+   - startActivities
+   - sendBroadcast
+   - sendOrderedBroadcast
+   - startService
+   - bindService
+ - android.app.PendingIntent
+ - android.app.DownloadManager
+ - ActivityHandlerHelper.startIntentAndCatch
+
+# FF85: Nothing new (using `java_audit.sh`)
+
+ Application Services Portion =
+
+Start: 6a234c2b1e1972f11e585551d4cf2e40e84bf16f # v67.0.0
+End:   4cc798c8cd8a1e38ce88e0bb22a05692be63b164 # v67.2.0
+
+# FF85: Nothing related to networking in Java/Koltlin/Rust code (using 
`java_audit.sh`)
+
+ Android Components Portion =
+
+Start: 2095f1a5d0ed42c3680aa8582934ea2739ff02c9 # v67.0.17
+End:   21ce9abdda0bc4001a72835fbbe7d71026ac0e66 # v70.0.16
+
+# FF85: Zero new usage found of known proxy-bypass APIs (using `java_audit.sh`)
+
+ Fenix Portion =
+
+Start: 2d1e15692ebe5ec697abdeacaa332f25ce406a3b # v84.1.4
+End:   24995d51a12d8e0bb10166f9f286c68d23b84a6a # v85.1.0
+
+# FF85: Nothing new (using `java_audit.sh`)
+
+ Regression/Prior Vuln Review =
+
+Review proxy bypass bugs; check for new vectors to look for:
+ - https://trac.torproject.org/projects/tor/query?keywords=~tbb-proxy
+   - Look for new features like these. Especially external app launch vectors
+

___
tor-commits mailing list
tor-commits@lists.torproject.org