aboutsummaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/Makefile.am15
-rwxr-xr-xcontrib/checkSpace.pl2
-rwxr-xr-xcontrib/exitlist26
-rwxr-xr-xcontrib/findMergedChanges.pl70
-rwxr-xr-xcontrib/make-signature.sh79
-rw-r--r--contrib/tor-exit-notice.html4
-rw-r--r--contrib/tor-mingw.nsi.in2
-rwxr-xr-xcontrib/torify.in98
8 files changed, 225 insertions, 71 deletions
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
index 5aae2c819e..795c351f3a 100644
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -3,7 +3,20 @@ DIST_SUBDIRS = suse
confdir = $(sysconfdir)/tor
-EXTRA_DIST = exitlist tor-tsocks.conf tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh linux-tor-prio.sh tor-exit-notice.html
+EXTRA_DIST = \
+ cross.sh \
+ exitlist \
+ linux-tor-prio.sh \
+ package_nsis-mingw.sh \
+ rc.subr \
+ tor-ctrl.sh \
+ tor-exit-notice.html \
+ tor-mingw.nsi.in \
+ tor-tsocks.conf \
+ tor.ico \
+ tor.nsi.in \
+ tor.sh \
+ torctl
conf_DATA = tor-tsocks.conf
diff --git a/contrib/checkSpace.pl b/contrib/checkSpace.pl
index 6eb32e5620..a18df99b16 100755
--- a/contrib/checkSpace.pl
+++ b/contrib/checkSpace.pl
@@ -97,7 +97,7 @@ for $fn (@ARGV) {
if ($1 ne "if" and $1 ne "while" and $1 ne "for" and
$1 ne "switch" and $1 ne "return" and $1 ne "int" and
$1 ne "elsif" and $1 ne "WINAPI" and $2 ne "WINAPI" and
- $1 ne "void" and $1 ne "__attribute__") {
+ $1 ne "void" and $1 ne "__attribute__" and $1 ne "op") {
print " fn ():$fn:$.\n";
}
}
diff --git a/contrib/exitlist b/contrib/exitlist
index ba682b5c06..3fd26b5166 100755
--- a/contrib/exitlist
+++ b/contrib/exitlist
@@ -8,23 +8,25 @@
exitlist -- Given a Tor directory on stdin, lists the Tor servers
that accept connections to given addreses.
- example usage (Tor 0.2.0.7-alpha and earlier):
-
- cat ~/.tor/cached-routers* | python exitlist 18.244.0.188:80
-
- example usage (Tor 0.2.0.8-alpha and later):
+ example usage:
cat ~/.tor/cached-descriptors* | python exitlist 18.244.0.188:80
- You should look at the "FetchUselessDescriptors" config option in the
- man page. For 0.2.0.13-alpha and later, also look at the
- "FetchDirInfoEarly" config option.
+ You should look at the "FetchUselessDescriptors" and "FetchDirInfoEarly"
+ config options in the man page.
Note that this script won't give you a perfect list of IP addresses
- that might connect to you using Tor, since some Tor servers might exit
- from other addresses than the one they publish. See
- https://check.torproject.org/ for an alternative (more
- accurate!) approach.
+ that might connect to you using Tor.
+ False negatives:
+ - Some Tor servers might exit from other addresses than the one they
+ publish in their descriptor.
+ False positives:
+ - This script just looks at the descriptor lists, so it counts relays
+ that were running a day in the past and aren't running now (or are
+ now running at a different address).
+
+ See https://check.torproject.org/ for an alternative (more accurate!)
+ approach.
"""
diff --git a/contrib/findMergedChanges.pl b/contrib/findMergedChanges.pl
new file mode 100755
index 0000000000..46e070f943
--- /dev/null
+++ b/contrib/findMergedChanges.pl
@@ -0,0 +1,70 @@
+#!/usr/bin/perl
+
+use warnings;
+use strict;
+
+sub nChanges {
+ my ($branches, $fname) = @_;
+ local *F;
+ # requires perl 5.8. Avoids shell issues if we ever get a changes
+ # file named by the parents of Little Johnny Tables.
+ open F, "-|", "git", "log", "--pretty=format:%H", $branches, "--", $fname
+ or die "$!";
+ my @changes = <F>;
+ return scalar @changes
+}
+
+my $look_for_type = "merged";
+
+if (! @ARGV) {
+ print <<EOF
+Usage:
+ findMergedChanges.pl [--merged/--unmerged/--weird/--list] changes/*
+
+A change is "merged" if it has ever been merged to release-0.2.2 and it has had
+no subsequent changes in master.
+
+A change is "unmerged" if it has never been merged to release-0.2.2 and it
+has had changes in master.
+
+A change is "weird" if it has been merged to release-0.2.2 and it *has* had
+subsequent changes in master.
+
+Suggested application:
+ findMergedChanges.pl --merged changes/* | xargs -n 1 git rm
+
+EOF
+}
+
+my $target_branch = "origin/release-0.2.2";
+
+while (@ARGV and $ARGV[0] =~ /^--/) {
+ my $flag = shift @ARGV;
+ if ($flag =~ /^--(weird|merged|unmerged|list)/) {
+ $look_for_type = $1;
+ } elsif ($flag =~ /^--branch=(\S+)/) {
+ $target_branch = $1;
+ } else {
+ die "Unrecognized flag $flag";
+ }
+}
+
+for my $changefile (@ARGV) {
+ my $n_merged = nChanges($target_branch, $changefile);
+ my $n_postmerged = nChanges("${target_branch}..origin/master", $changefile);
+ my $type;
+
+ if ($n_merged != 0 and $n_postmerged == 0) {
+ $type = "merged";
+ } elsif ($n_merged == 0 and $n_postmerged != 0) {
+ $type = "unmerged";
+ } else {
+ $type = "weird";
+ }
+
+ if ($type eq $look_for_type) {
+ print "$changefile\n";
+ } elsif ($look_for_type eq 'list') {
+ printf "% 8s: %s\n", $type, $changefile;
+ }
+}
diff --git a/contrib/make-signature.sh b/contrib/make-signature.sh
new file mode 100755
index 0000000000..4aba08b754
--- /dev/null
+++ b/contrib/make-signature.sh
@@ -0,0 +1,79 @@
+#!/bin/sh
+
+set -eu
+
+if test "$1" = "" ; then
+ echo "I need a package as an argument."
+ exit 1
+fi
+
+PACKAGEFILE=$1
+
+if test ! -f "$PACKAGEFILE" ; then
+ echo "$PACKAGEFILE is not a file."
+ exit 1
+fi
+
+DIGESTNAME=sha256
+DIGESTOUTPUT=`gpg --print-md $DIGESTNAME $PACKAGEFILE`
+
+RAWDIGEST=`gpg --print-md $DIGESTNAME $PACKAGEFILE | sed -e 's/^[^ ]*: //' `
+
+# These regexes are a little fragile, but I think they work for us.
+VERSION=`echo $PACKAGEFILE | sed -e 's/^[a-z\-]*//' -e 's/\.[\.a-z]*$//' `
+PACKAGE=`echo $PACKAGEFILE | sed -e 's/-[0-9].*//'`
+SIGFILE_UNSIGNED="$PACKAGE-$VERSION-signature"
+SIGNATUREFILE="$SIGFILE_UNSIGNED.asc"
+
+cat >$SIGFILE_UNSIGNED <<EOF
+This is the signature file for "$PACKAGEFILE",
+which contains version "$VERSION" of "$PACKAGE".
+
+Here's how to check this signature.
+
+1) Make sure that this is really a signature file, and not a forgery,
+ with:
+
+ "gpg --verify $SIGNATUREFILE"
+
+ The key should be one of the keys that signs the Tor release; the
+ official Tor website has more information on those.
+
+ If this step fails, then either you are missing the correct key, or
+ this signature file was not really signed by a Tor packager.
+ Beware!
+
+2) Make sure that the package you wanted is indeed "$PACKAGE", and that
+ its version you wanted is indeed "$VERSION". If you wanted a
+ different package, or a different version, this signature file is
+ not the right one!
+
+3) Now that you're sure you have the right signature file, make sure
+ that you got the right package. Check its $DIGESTNAME digest with
+
+ "gpg --print-md $DIGESTNAME $PACKAGEFILE"
+
+ The output should match this, exactly:
+
+$DIGESTOUTPUT
+
+ Make sure that every part of the output matches: don't just check the
+ first few characters. If the digest does not match, you do not have
+ the right package file. It could even be a forgery.
+
+Frequently asked questions:
+
+Q: Why not just sign the package file, like you used to do?
+A: GPG signatures authenticate file contents, but not file names. If
+ somebody gave you a renamed file with a matching renamed signature
+ file, the signature would still be given as "valid".
+
+--
+FILENAME: $PACKAGEFILE
+PACKAGE: $PACKAGE
+VERSION: $VERSION
+DIGESTALG: $DIGESTNAME
+DIGEST: $RAWDIGEST
+EOF
+
+gpg --clearsign $SIGFILE_UNSIGNED
diff --git a/contrib/tor-exit-notice.html b/contrib/tor-exit-notice.html
index de3be1744b..8cf5c294f2 100644
--- a/contrib/tor-exit-notice.html
+++ b/contrib/tor-exit-notice.html
@@ -87,7 +87,7 @@ seize this router will accomplish nothing.</p>
<p>
Furthermore, this machine also serves as a carrier of email, which means that
its contents are further protected under the ECPA. <a
-href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-.html">18
+href="http://www.law.cornell.edu/uscode/text/18/2707">18
USC 2707</a> explicitly allows for civil remedies ($1000/account
<i><b>plus</b></i> legal fees)
in the event of a seizure executed without good faith or probable cause (it
@@ -105,7 +105,7 @@ used to violate the DMCA, please be aware that this machine does not host or
contain any illegal content. Also be aware that network infrastructure
maintainers are not liable for the type of content that passes over their
equipment, in accordance with <a
-href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA
+href="http://www.law.cornell.edu/uscode/text/17/512">DMCA
"safe harbor" provisions</a>. In other words, you will have just as much luck
sending a takedown notice to the Internet backbone providers. Please consult
<a href="https://www.torproject.org/eff/tor-dmca-response">EFF's prepared
diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in
index 6b359ad8e0..2fb0b187c3 100644
--- a/contrib/tor-mingw.nsi.in
+++ b/contrib/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
!include "LogicLib.nsh"
!include "FileFunc.nsh"
!insertmacro GetParameters
-!define VERSION "0.2.2.34-dev"
+!define VERSION "0.2.3.15-alpha-dev"
!define INSTALLER "tor-${VERSION}-win32.exe"
!define WEBSITE "https://www.torproject.org/"
!define LICENSE "LICENSE"
diff --git a/contrib/torify.in b/contrib/torify.in
index d430da8ce7..54acfed654 100755
--- a/contrib/torify.in
+++ b/contrib/torify.in
@@ -1,71 +1,61 @@
#! /bin/sh
-# Wrapper script for use of the tsocks(8) transparent socksification library
-# See the tsocks(1) and torify(1) manpages.
-
+# This script used to call (the now deprecated) tsocks as a fallback in case
+# torsocks wasn't installed.
+# Now, it's just a backwards compatible shim around torsocks with reasonable
+# behavior if -v/--verbose or -h/--help arguments are passed.
+#
# Copyright (c) 2004, 2006, 2009 Peter Palfrader
# Modified by Jacob Appelbaum <jacob@appelbaum.net> April 16th 2006
+# Stripped of all the tsocks cruft by ugh on February 22nd 2012
# May be distributed under the same terms as Tor itself
-# taken from Debian's Developer's Reference, 6.4
-pathfind() {
- OLDIFS="$IFS"
- IFS=:
- for p in $PATH; do
- if [ -x "$p/$*" ]; then
- IFS="$OLDIFS"
- return 0
- fi
- done
- IFS="$OLDIFS"
- return 1
-}
-# Check for any argument list
-if [ "$#" = 0 ]; then
- echo "Usage: $0 [-hv] <command> [<options>...]" >&2
- exit 1
-fi
+compat() {
+ echo "torify is now just a wrapper around torsocks(1) for backwards compatibility."
+}
-if [ "$#" = 1 ] && ( [ "$1" = "-h" ] || [ "$1" = "--help" ] ); then
+usage() {
+ compat
echo "Usage: $0 [-hv] <command> [<options>...]"
- exit 0
-fi
-
-if [ "$1" = "-v" ] || [ "$1" = "--verbose" ]; then
- verbose=1
- shift 1
-else
- verbose=0
-fi
-
-if pathfind torsocks; then
- ! [ "$verbose" -ge 1 ] || echo "Using torsocks as socksifier." >&2
+}
- exec torsocks "$@"
- echo "$0: Failed to exec torsocks $@" >&2
+case $# in 0)
+ usage >&2
exit 1
+esac
-elif pathfind tsocks; then
- ! [ "$verbose" -ge 1 ] || echo "Using tsocks as socksifier." >&2
+case $# in 1)
+ case $1 in -h|--help)
+ usage
+ exit 0
+ esac
+esac
- # Define our tsocks config file
- TSOCKS_CONF_FILE="/etc/tor/tor-tsocks.conf"
- export TSOCKS_CONF_FILE
+case $1 in -v|--verbose)
+ compat >&2
+ shift
+esac
- # Check that we've got a tsocks config file
- if [ -r "$TSOCKS_CONF_FILE" ]
- then
- echo "WARNING: tsocks is known to leak DNS and UDP data. If you had torsocks we would use that." >&2
- exec tsocks "$@"
- echo "$0: Failed to exec tsocks $@" >&2
- exit 1
- else
- echo "$0: Missing tsocks configuration file \"$TSOCKS_CONF_FILE\"." >&2
- exit 1
- fi
+# taken from Debian's Developer's Reference, 6.4
+pathfind() {
+ OLDIFS="$IFS"
+ IFS=:
+ for p in $PATH; do
+ if [ -x "$p/$*" ]; then
+ IFS="$OLDIFS"
+ return 0
+ fi
+ done
+ IFS="$OLDIFS"
+ return 1
+}
+if pathfind torsocks; then
+ exec torsocks "$@"
+ echo "$0: Failed to exec torsocks $@" >&2
+ exit 1
else
- echo "$0: Can't find either tsocks or torsocks in your PATH. Perhaps you haven't installed either?" >&2
- exit 1
+ echo "$0: torsocks not found in your PATH. Perhaps it isn't installed? (tsocks is no longer supported, for security reasons.)" >&2
fi
+
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion