Newer
Older
Changes in version 0.16.0 - 2023-05-31
* Add support for webtunnel bridges
* Update vulnerable dependencies
Changes in version 0.15.0 - 2023-03-07
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/119
Remove bridge fingerprint from sortedKeys as well as map
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/merge_requests/48
Frontend SCSS fixes
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40058
Add some padding between <main> and the site footer
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/118
Support multiple shim tokens
Changes in version 0.14.0 - 2022-08-17
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/34322
Make BridgeDB's web interface look like torproject.org
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40050
Change the 'select all' button for a 'copy all' when giving the bridges
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/99
Distributors should wait a delay to retry the connection to the rdsys backend
* Respond with dummy bridges if the request is not comming from the shim
Changes in version 0.13.2 - 2022-05-04
* Fix the description in /info
Changes in version 0.13.1 - 2022-04-29
* Add description of the new distribution mechanisms in /info
Changes in version 0.13.0 - 2022-02-25
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40031
Use rdsys as backend for BridgeDB distributors
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40034
Add a mechanism to don't distribute certain bridges in some countries
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40028
Improve email instructions for small screens and non Tor Browser usage
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40019
Provide bridges of the configured transport by default on the email distributor
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40030
Use an up to date geoip db
* Validate openDKIM headers
Changes in version 0.12.2 - 2021-06-01
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40014
HTML injection vulnerability with lang parameter
Changes in version 0.12.1 - 2021-05-17
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40013
Revert the translation update to don't loose translations.
Changes in version 0.12.0 - 2021-05-13
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/15404
The email distributor now uses the right language to reply emails sent to the
<user>+<lang>@<domain> address.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40008
Attach a QR code of bridges in the email sent by the email distributor.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40011
Give obfs4 bridges by default on the https distributor.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/27984
Changed the hostname check by using verify_certificate_hostname from the service
identity package for complete hostname verification.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40006
Pass extrainfo file objects to Stem so that if an exception is raised on a single
descriptor, the rest of the file can be parsed starting at the file seek position.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/33835
Only process text/plain part of emails.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/33647
Make init hook compatible with Python 3.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/33835
If a user sends a multipart email to our autoresponder, we now only parse
the part that has a text/plain encoding.
* FIXES https://bugs.torproject.org/33647
Fix broken link in the README and fix our Makefile's pylint target.
Changes in version 0.11.0 - 2020-07-08
* FIXES https://bugs.torproject.org/31422
Make BridgeDB report internal metrics, like the median number of users that
bridges were handed out to.
* FIXES https://bugs.torproject.org/34260
Parse bridge blocking information from SQL database.
* FIXES https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40001
Remove the --reload command line switch. It doesn't actually do anything.
* FIXES https://bugs.torproject.org/29184
Add a new configuration option, BLACKLISTED_TOR_VERSIONS, which contains a
list of Tor versions. BridgeDB won't hand out bridges whose Tor version
is present in this blacklist.
* FIXES https://bugs.torproject.org/19774
Add a favicon to BridgeDB's web UI.
Changes in version 0.10.1 - 2020-05-27
* FIXES https://bugs.torproject.org/33945
This patch fixes a bug that caused the email autoresponder to fail after
a while.
* FIXES https://bugs.torproject.org/34154
Add new fields to the SQLite table BlockedBridges in preparation for taking
into account OONI's bridge measurement results.
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
* FIXES https://bugs.torproject.org/31528
BridgeDB's UI uses a bunch of obscure "chatspeak" references in its UI. One
example is that it responds with "Uh oh, spaghettios!" if there are
currently no bridges available. While funny to some, this is difficult to
translate and shouldn't be part of software that's used by an international
audience. This patch removes such references.
* FIXES https://bugs.torproject.org/12802
Add a script that sends a bridge request over email, and then checks if it
received a response from BridgeDB. We use this script as part of our nagios
setup, so we notice when our autoresponder breaks.
* FIXES https://bugs.torproject.org/17548
This patch removes PGP support. BridgeDB's signing key expired on
2015-09-11. Nobody ever complained and maintaining the bits and pieces
necessary to sign emails isn't worth the effort, so this patch removes that
feature.
* FIXES https://bugs.torproject.org/30941
Make our email responder more usable. This patch removes the concept of
"valid" email commands and returns bridges (obfs4, for now) no matter what
the user sends. BridgeDB still supports email commands in case the user
needs a vanilla or IPv6 bridge.
* FIXES https://bugs.torproject.org/29686
Rename files that contain "Bridges" to "bridgerings", to eliminate headache
on file systems that are case insensitive.
Changes in version 0.10.0 - 2020-04-01
* FIXES https://bugs.torproject.org/30317
Update our "howto" box, which explains how one adds bridges to Tor Browser.
In addition to updating the instructions, this patch also links to
instructions for Android.
* FIXES https://bugs.torproject.org/33631
So far, BridgeDB remembered only the first distribution mechanism it ever
learned for a given bridge. That means that if a bridge would change its
mind and re-configure its distribution mechanism using BridgeDistribution,
BridgeDB would ignore it. This patch changes this behavior, so bridges can
actually change their distribution mechanism.
* FIXES https://bugs.torproject.org/31967
Use a CSPRNG for selecting cached CAPTCHAs.
* FIXES https://bugs.torproject.org/33008
Add an info page, available at bridges.torproject.org/info. Relay Search
links to this info page to explain to bridge operators what their bridge
distribution mechanism means.
Changes in version 0.9.4 - 2020-02-19
* FIXES https://bugs.torproject.org/30946
This patch ports BridgeDB to Python 3. Python 2 is no longer supported
since Jan 1, 2020.
Changes in version 0.9.3 - 2020-02-18
* FIXES <https://bugs.torproject.org/33299>
This patch disables the distribution of FTE, ScrambleSuit, and obfs3.
* FIXES <https://bugs.torproject.org/31427>
This patch updates the AUTHORS file, HACKING.md, contact information, the
Trac URL to report bugs, our instructions on BridgeDB's landing page, and it
fixes a small bug in descriptor generation.
Changes in version 0.9.1 - 2019-10-29
* FIXES https://bugs.torproject.org/32203
The metrics code used to weed out vanilla bridges, so they did not show up
in our metrics. This patch fixes this issue.
* FIXES https://bugs.torproject.org/32134
While implementing our language switcher (#26543), we added a new string,
"Language", that requires translations. This patch adds a new translation
request and also updates our instructions on how to request new
translations.
* FIXES https://bugs.torproject.org/32105
Mention an undocumented OS-level dependency: python3-dkim.
* FIXES https://bugs.torproject.org/26543
Implement a language switcher that allows users to override the locale that
BridgeDB automatically selects by inspecting the client's request headers.
* FIXES https://bugs.torproject.org/31903
Update existing translations and request new translations. Thanks to all
volunteers who helped translate BridgeDB!
* FIXES https://bugs.torproject.org/31780
We implemented BridgeDB's metrics in #9316 but haven't specified its format
until now. In addition to adding a specification, this patch also makes our
implementation consistent with our (slightly updated) specification.
* FIXES https://bugs.torproject.org/29484
Update BridgeDB's requirements to the latest respective versions. Among
others, this patch set updates Twisted to 19.7.0, pyOpenSSL to 19.0.0, and
replaces (the abandoned) PyCrypto with PyCryptodome, which fixes security
vulnerabilities.
Updated translations for the following languages:
bn, da, eo, fa, it, ko, nl, pt_BR, pt_PT, sr, zh_CN.
* FIXES https://bugs.torproject.org/17626
BridgeDB gets confused when users reply to a "get help" email. The issue is
that BridgeDB interprets commands anywhere in the email body, even if it's
in quoted text. To fix this issue, we are ignoring commands whose email
body line starts with a '>' character, which is typically used for email
quotes.
* FIXES https://bugs.torproject.org/28533
The frontdesk is seeing plenty of empty bogus emails. This fix removes the
email links and instead encourages users to take a look at the Tor Browser
Manual and at our Support Portal.
* FIXES https://bugs.torproject.org/9316
Make BridgeDB export usage metrics every 24 hours. At the end of each
24-hour measurement interval, BridgeDB will append usage metrics to the file
METRICS_FILE, which is configured in bridgedb.conf. Our metrics keep track
of the number of (un)successful requests per transport type per country code
(or email provider) per distribution method. This way, we get to learn
that, say, over the last 24 hours there were 31-40 users in Iran who
successfully requested an obfs4 bridge over Moat.
* FIXES #26542 https://bugs.torproject.org/26542
Make BridgeDB distribute vanilla IPv6 bridges again.
* FIXES #22755 https://bugs.torproject.org/22755
Use stem instead of leekspin to create test descriptors. We now don't need
to depend on leekspin anymore.
* FIXES #31252 https://bugs.torproject.org/31252
Add an anti-bot mechanism that allows us to detect bots by matching HTTP
request headers for blacklisted patterns. For example, bots may have their
Accept-Language set to "Klingon". Blacklisted patterns are configured in
BLACKLISTED_REQUEST_HEADERS_FILE. When BridgeDB detects a bot request, we
can answer their request with a decoy bridge that's only handed out to bots.
Decoy bridges are configured in DECOY_BRIDGES_FILE.
* FIXES #28496 https://bugs.torproject.org/28496
Remove Yahoo from the list of allowed email domains. Yahoo allows you to
create up to 500 disposable email addresses, which BridgeDB interprets as
unique:
https://bugs.torproject.org/28496#comment:8
We could address this issue in BridgeDB but at this point we seem better off
dropping support for Yahoo because the provider likely also fell behind in
Sybil protection.
* FIXES #28655 https://bugs.torproject.org/28655
When a bridge supports an active probing-resistant transport, it should not
give out flavors that are vulnerable to active probing. For example, if a
bridge supports obfs4 and obfs3, it should only give out obfs4.
* FIXES #30706 https://bugs.torproject.org/30706
Do some simple BridgeDB housekeeping: Add missing CHANGELOG entries, add
Philipp's contact info to the support section, fix a broken Trac URL, and
turn HTTP link into HTTPS.
* FIXES #30157: https://bugs.torproject.org/30157
Update BridgeDB translations. This ticket both adds new translations and
updates existing ones.
Changes in version 0.6.9 - 2018-11-20
* FIXES #23894 https://bugs.torproject.org/23894
Really change the contact address, in the correct place this time.
Changes in version 0.6.8 - 2018-11-19
* FIXES #28528 https://bugs.torproject.org/28528
Change maintainer info.
* FIXES #23894 https://bugs.torproject.org/23894
Change contact email address.
Changes in version 0.6.7 - 2018-05-21
Print fingerprints in hex thank you very much.
Changes in version 0.6.6 - 2018-05-21
* FIXES #26150 https://bugs.torproject.org/26150
Hotfix for strange bridges missing address fields.
Changes in version 0.6.5 - 2018-05-04
* FIXES #26023 https://bugs.torproject.org/26023
There's few bridges whose ed25519 certificates contain the year 491869,
which the datetime module (called from Stem) believes "out of range". So
instead we'll parse the descriptors one at a time and catch the errors as we
go.
* FIXES #25246 https://bugs.torproject.org/25246
Add script for assigning unallocated bridges to another distributor.
Changes in version 0.6.4 - 2018-02-13
* FIXES #24432 https://bugs.torproject.org/24432
Add config option to skip loopback addresses in X-Forwarded-For parsing.
Changes in version 0.6.3 - 2018-01-23
* FIXES #24432 https://bugs.torproject.org/24432
The production moat server had issues related to redirecting to resources
properly, which are now fixed.
* FIXES #24701 https://bugs.torproject.org/24701
Adds a special surprise for the special someone who has been automatedly
requesting bridges not through driving a browser, but through a script which
is so thoroughly stupid that it doesn't even send the URL parameters for the
CAPTCHA challenge and solution. Their script will now be delayed for quite
some time and then rickrolled. Mess with the best, die like the rest.
* FIXES #24704 https://bugs.torproject.org/24704
Bridges returned to a single request are now filtered such that there will
never be two bridges from the same IPv4 /16 or IPv6 /64.
And includes the following general changes:
* ADDS unittests for the legacy code in bridgedb/Bridges.py,
bringing the total test coverage above 90% for the first time.
Changes in version 0.6.2 - 2017-12-20
* FIXES #24636 https://bugs.torproject.org/24636
The moat API specification included an extra response type which could be
sent if there was no overlap between transports the client supported and
those which the server supported. This has been removed from the
specification, which now describes the behaviour moat has always exhibited:
if there is no overlap, the server responds with a CAPTCHA image response
which includes the list of transports it does support.
* FIXES #24637 https://bugs.torproject.org/24637
The moat server did not respond correctly with the specified JSON API error
type when there were no bridges available. It now responds correctly with a
404 error whose details describe why the request could not be fulfilled.
The moat server also now logs messages if there were not the configured
MOAT_BRIDGES_PER_RESPONSE number of bridges available.
Changes in version 0.6.1 - 2017-12-13
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
* ADDS a shell script, scripts/test-moat, for testing either a
locally-running moat server, or a remote one through a meek tunnel. Thanks
to David Fifield for his work on meek, assistance setting it up, and
providing the first version of this script.
* FIXES #24433 https://bugs.torproject.org/24433
The test-moat script wasn't sending an X-Forwarded-For header, which
triggered a bug in the moat server, since the CAPTCHA solution includes an
HMAC based on the client's IP (forwarded through all the several layers of
tunnels/proxies).
* FIXES #24443 https://bugs.torproject.org/24443
Due to a difference between how booleans are parsed by Python's json library
and normal Python booleans, the moat server was generating and returning
QRCodes… regardless of whether the remote client application asked for one.
This is now fixed.
* FIXES #24460 https://bugs.torproject.org/24460
There was an unhandled error when sending certain (what appears to be
possibly malicious? but in a very strange way) requests to BridgeDB's HTTPS
distributor. The robots making the requests were attempting to request
bridges, but were presenting a CAPTCHA solution without the correct HTML
form field parameters present, which isn't possible through normal usage of
the web interface. Whoever or whatever is doing this is now going to be
endlessly redirected so that they may forever spiral in their own private
internet hell. I reserve the right come up with a worse fate for them
later, should I get bored.
* FIXES #3015 https://bugs.torproject.org/3015
BridgeDB has had a partially-implemented concept of "buckets" since the age
of the dinosaurs: write some of the unallocated bridges to a file which
should (somehow) be manually distributed. In addition to be unused and
untested, there were several issues with the buckets, the most significant
of which were the inability to request pluggable transports in a bucket and
the fact that buckets were not persistent in any way (e.g. if i request a
bucket of 50 bridges for Gomez and another with 50 for Morticia, they might
end up with some of the same bridges, further, tomorrow they'll end up with
50 possibly different bridges than those they received today). All of this
code is now removed.
And includes the following general changes:
* FIXES issues with JSON quote syntax and a mistaken JSON API
"type" parameter in the specification of the moat server (in the README).
Thanks to Mark Smith and Kathy Brade for pointing out the issues.
Changes in version 0.6.0 - 2017-11-15
* ADDS a new JSON API distributor called "moat", which is intended
for use for Tor Launcher to use to build an in-browser UI for retrieving
bridges.
* CHANGES the organisation of code to add a new
bridgedb.distributors package as well as a bridgedb.distributors.common
package for code shared between multiple distributors.
Changes in version 0.5.0 - 2017-10-28
* FIXES #23957 https://bugs.torproject.org/23957
BridgeDB now supports bridge operators choosing how their bridge will be
distributed. See the "BridgeDistribution" torrc option in tor's manpage for
details.
* FIXES #16650 https://bugs.torproject.org/16650
BridgeDB is now accessible via select remote user interfaces through a meek
tunnel.
* FIXES #22998 https://bugs.torproject.org/23033
* FIXES #23033 https://bugs.torproject.org/23033
* FIXES #23034 https://bugs.torproject.org/23034
Upgrades BridgeDB to newer versions of Twisted and PyOpenSSL, and fixes
several issues due to non-backwards compatible changes within those
libraries.
* FIXES #21162 https://bugs.torproject.org/21162
BridgeDB now supports arbitrarily blacklisting suspected bad bridges from
being distributed to clients. This is in response to a suspected sybil
attack by an unknown party. For more details, see:
https://lists.torproject.org/pipermail/tor-project/2016-December/000851.html
Changes in version 0.3.8 - 2016-09-22
* FIXES #20088 https://bugs.torproject.org/20088
BridgeDB now supports receiving descriptors from multiple Bridge
Authorities. See also #19690.
* FIXES #20087 https://bugs.torproject.org/20087
BridgeDB's version of Stem now supports parsing transport lines in bridge
extrainfo descriptors which contain IPv6 addresses contained within square
brackets.
Changes in version 0.3.7 - 2016-08-04
* FIXES #19691 https://bugs.torproject.org
BridgeDB (as running on Tor Project infrastructure) is now invocated with a
redirection of stdout and stderr to the flog utility, in order to ensure
that file handles are properly closed and reopened when BridgeDB receives a
SIGHUP.
And includes the following general changes:
* ADDS some files which were missing from BridgeDB PyPI packages
to the MANIFEST.in, so that they are now included.
Changes in version 0.3.6 - 2016-07-28
* FIXES #18237 https://bugs.torproject.org/18237
During descriptor parsing, BridgeDB saves copies of descriptor files which
couldn't be parsed, for later debugging purposes. To avoid filing up the
runtime directory with these files, we now delete files older than 24 hours,
every 24 hours.
* FIXES #18949 https://bugs.torproject.org/18949
Since we've upgraded the host machine which runs The Tor Project's BridgeDB
instance to Debian Jessie, this patch updates the testing configurations and
continuous integration infrastructure to run tests on versions of Python
dependencies in Debian Jessie and Stretch.
Changes in version 0.3.4 - 0.3.5 - 2015-11-30
* FIXES #14685 https://bugs.torproject.org/14685
This disables distribution of obfs2 bridges. This pluggable transport has
known distiguishers which allow adversaries to identify client connections
to obfs2 bridges, which in turn allows these connections to be
blocked/censored. With numerous obfs3 and obfs4 bridges both readily
available, users should not be presented with an easily-configurable choice
that is known to be unsafe for the majority of users.
And includes the following general changes:
* ADDS error pages to BridgeDB's web interface, to provide
friendlier explanations for downtime, missing pages, and internal server
errors. For example: https://bridges.torproject.org/404
Changes in version 0.3.3 - 2015-10-25
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
* FIXES #12029 https://bugs.torproject.org/12029
BridgeDB now has an API for creating Bridge Distributors. See the
bridgedb.distribute module, or its developer documentation at
https://pythonhosted.org/bridgedb/bridgedb.distribute.html.
* FIXES PART OF #12506 https://bugs.torproject.org/12506
BridgeDB's two Distributors (HTTPS and Email) are now entirely modularised
and self-contained within separate subdirectories in the source code. This
is the first step to redesigning these Distributors into their own separate
processes, which will allow the Distributors to remain functional while
BridgeDB is reparsing bridge descriptors.
* FIXES #15968 https://bugs.torproject.org/15968
BridgeDB now sends a Content-Security-Policy header which explicitly allows
Javascript, images, CSS, and fonts, from https://bridges.torproject.org.
All other types of content are forbidden, including:
- embedding https://bridges.torproject.org within
<iframe>, <embed>, or <object>, and attempting to source
additional resources into its embedded context
- inline Javascript, including Javascript within SVG files
- inline CSS
- externally hosted fonts
- inline SVG, e.g. via the HTML5 <svg> tag
- any and all connections made via Javascript XMLHttpRequests,
WebSockets, sendBeacon(), and Web Workers
- plugins
- applets
BridgeDB's Content-Security-Policy does not yet make use of certain newer,
lesser supported, Content-Security-Policy v2.0 directives, such as
"reflected-xss" and "frame-ancestors", but may someday.
* FIXES #16273 https://bugs.torproject.org/16273
Several links to Tor Project gitweb URLs within the developer documentation
were outdated in that they still used the old gitweb URL format. These are
now updated. Thanks to David Fifield for the bug report and patches.
* FIXES #16330 https://bugs.torproject.org/16330
BridgeDB can now handle bridge-server-descriptors with extra-info-digest
fields which have two values, as well as both bridge-server-descriptors and
bridge-extrainfo descriptors which contain Ed25519 key material and
signatures. See Tor proposals #220 and #228 for more information on the
changes to these descriptors. Note that BridgeDB can now parse this
information, but does not yet make use of any Ed25519 cryptographic material
within bridge descriptors.
https://gitweb.torproject.org/torspec.git/tree/proposals/220-ecc-id-keys.txt
https://gitweb.torproject.org/torspec.git/tree/proposals/228-cross-certification-onionkeys.txt
Thanks to Atagar for patching Stem.
* FIXES #16616 https://bugs.torproject.org/16616
The HSDir flag can now be included within bridge-networkstatus documents.
BridgeDB now has unittests which guarantee that its parsers safely ignore
this flag, as well as any flags unknown to BridgeDB which may appear in the
future. Thanks to Roger Dingledine for alerting me about the change.
* FIXES #16649 https://bugs.torproject.org/16649
Mobile users, and other users with small screen pixel ratios, will find that
the UI of BridgeDB's HTTPS Distributor has greatly increased in usability
and readability.
And includes the following general changes:
* FIXES an error when requesting the non-HTML version of the
bridges page (e.g. https://bridges.torproject.org/bridges?format=plain)
* REMOVES the `bridgedb test` commandline option.
BridgeDB's tests can be run via `python setup.py test` or `make test` (or
`make coverage` for generating HTML test coverage statistics).
* CHANGES the HTTPS Distributor to HTML-encode Bridge Lines.
Previously, a malicious Pluggable Transport Bridge could include in its PT
arguments something like "evil=<script>[…]</script>" and if such a Bridge
were to be distributed to a user, that user's web browser would execute the
script (if Javacript was enabled). Other characters, including non-ASCII,
control characters, double quotes, and backslashes, are also sanitised from
Bridge Lines. Thanks to Robert Ransom for the patches.
* CHANGES BridgeDB's module/package version numbers to be compliant with
PEP440.
* CHANGES the layout of BridgeDB's source code directories.
Rather than storing BridgeDB's source in "lib/bridgedb/", it is now kept in
"bridgedb/". Similarly, the directory containing BridgeDB's tests has been
moved from "lib/bridgedb/test/" to "test/", which means that the tests are
no longer installed when running `python setup.py install` or `make
install`.
* ADDS several improvements to the developer documentation at
https://pythonhosted.org/bridgedb.
* UPDATE English (en_US) translations.
* UPDATE English (en) translations.
* ADD Serbian (sr) translations.
Thanks to obj.petit.a, Ivan Radeljic, and Milenko Doder.
* UPDATE Arabic (ar) translations.
Thanks to A. Hassan, debo debo, KACIMI LAMINE, and Nudroid A.
* UPDATE Catalan (ca) translations.
Thanks to laia_.
* UPDATE Czech (cs) translations.
Thanks to Tomas Palik and Vlastimil Burián.
* UPDATE Danish (da) translations.
Thanks to Mogelbjerg.
* UPDATE German (de) translations.
Thanks to jschfr, Junge Limba, and Toralf Förster.
* UPDATE English (en_GB) translations.
Thanks to Andi Chandler.
* UPDATE Farsi (fa) translations.
Thanks to some awesome anonymous person for helping out.
* UPDATE Finish (fi) translations.
Thanks to Riku Viitanen.
* UPDATE French (fr) translations.
Thanks to elouann, Trans-fr, and Towinet.
* UPDATE French (fr_CA) translations.
Thanks to Trans-fr.
* UPDATE Croatian (hr_HR) translations.
Thanks to some awesome anonymous person for helping out.
* UPDATE Hungarian (hu) translations.
Thanks to some awesome anonymous person for helping out.
* UPDATE Indonesian (id) translations.
Thanks to Anthony Santana, Astryd Viandila Dahlan, cholif yulian,
constantius damar wicaksono, Dwi Cahyono, L1Nus, km242saya, and Zamani
Karmana.
* UPDATE Italian (it) translations.
Thanks to Random_R.
* UPDATE Japanese (ja) translations.
Thanks to ABE Tsunehiko.
* UPDATE Latvian (lv) translations.
Thanks to Ojārs Balcers.
* UPDATE Norwegian Bokmål (nb) translations.
Thanks to Erik Matson and Kristian Andre Henriksen.
* UPDATE Dutch (nl) translations.
Thanks to Mart3000.
* UPDATE Polish (pl) translations.
Thanks to Karol Obartuch.
* UPDATE Portuguese (pt) translations.
Thanks to Bruno D. Rodrigues and MMSRS.
* UPDATE Brazillian Portuguese (pt_BR) translations.
Thanks to Communia.
* UPDATE Romanian (ro) translations.
Thanks to Ana, axel_89, and Di N.
* UPDATE Russian (ru) translations.
Thanks to Ivan.
* UPDATE Slovak (sk_SK) translations.
Thanks to StefanH.
* UPDATE Albanian (sq) translations.
Thanks to some awesome unknown anonymous person who didn't add their name
to the list of translators.
* UPDATE Swedish (sv) translations.
Thanks to Peter Michanek.
* UPDATE Turkish (tr) translations.
Thanks to Bullgeschichte and Fomas.
* UPDATE Ukranian (uk) translations.
Thanks to Yasha.
* UPDATE Chinese Mandarin (zh_CN) translations.
Thanks to khi.
* UPDATE Taiwanese Mandarin (zh_TW) translations.
Thanks to x4r.
Changes in version 0.3.2 - 2015-05-01
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
* FIXES a problem with the calculation of Levenshtein distances
between blacklisted email addresses and those on incoming email. This fixes
a problem with the fuzzy matching implemented in #9385:
https://bugs.torproject.org/9385.
* FIXES #1839 https://bugs.torproject.org/1839
BridgeDB's distributors now rotate their hashrings at configurable scheduled
intervals.
* FIXES #4771 https://bugs.torproject.org/4771
BridgeDB now records which of the HTTPS Distributor's sub-hashrings are used
for clients coming from Tor Exit nodes and other known proxies.
* FIXES #12504 https://bugs.torproject.org/12504
Which Pluggable Transports BridgeDB distributes is now easily configurable
via the bridgedb.conf configuration file.
* FIXES #13202 https://bugs.torproject.org/13202
Old bridges running Tor-0.2.4.x with Pluggable Transports like scramblesuit
and obfs4proxy have a bug which causes them to not include the PT arguments
in the `transport` line they submit to the BridgeAuthority in their
extrainfo descriptors. This causes BridgeDB to have broken bridge lines for
these bridges. For example, scramblesuit requires a `password=` in the
`ClientTransportPlugin` for clients to connect to it. If BridgeDB receives
a line in that bridge's extrainfo which says `transport scramblesuit
1.2.3.4:1234` (without a password), then when BridgeDB gives clients a
bridge line for that bridge, it'll look like "Bridge scramblesuit
1.2.3.4:1234" - meaning that it won't work. This fixes the issue by
excluding broken transports from being distributed to clients.
* FIXES #15517 https://bugs.torproject.org/15517
For all clients who are coming from IPv6 addresses and are not using Tor,
who go to https://bridges.torproject.org, BridgeDB now groups these clients
together by /32. This "grouping" causes all IPv6 clients within the same
IPv6 /32 to get the same bridges. Previously, BridgeDB grouped IPv6 clients
by /64 (which is ridiculously small, considering standard IPv6 allocation
sizes).
For all clients who are coming from IPv4 addresses and are not using Tor,
BridgeDB now groups these clients together by /16. Previously, BridgeDB
grouped IPv4 clients by /24. (This latter change was technically made as
part of #4771.)
* FIXES #15464 https://bugs.torproject.org/15464
The setup procedure for creating a BridgeDB Continuous Integration build
machine is now simplified and generalised to include build environments like
Jenkins, not just TravisCI.
* FIXES #15866 https://bugs.torproject.org/15866
BridgeDB now ignores nearly all the information in the networkstatus-bridges
file created by the BridgeAuthority.
* ADDS benchmark tests to BridgeDB's test suite, and some of
BridgeDB's algorithms have been revised to improve their speed.
Changes in version 0.3.1 - 2015-03-24
* FIXES #14065 https://bugs.torproject.org/14065
When requesting vanilla IPv6 bridges from https://bridges.torproject.org,
BridgeDB would respond with IPv4 addresses. It now correctly responds with
IPv6 addresses.
And includes the following general changes:
* FIXES an issue with the filtering of hashrings while answering
requests for Pluggable Transports. (commit 3ef37df6)
* FIXES the return value from the GnuPG interface initialization
function (bridgedb.crypto.initializeGnuPG) when creating a test signature
has failed.
* CHANGES the way BridgeDB handles the case where it parses to
duplicate extrainfo descriptors (for the same Bridge) which also have
identical timestamps. Before, we assumed this wasn't possible. It turns
out that it not only is possible, but that usually every batch of
descriptors has at least one Bridge with such a set of perfectly identical
extrainfo descriptors. Even stranger, it appears that only Bridges started
for the first time quite recently (within the last eight hours) display this
behaviour. BridgeDB now logs these errors, rather than leaving them
unhandled. (commit a27d7905)
* ADDS an environment variable check to setup.py which controls
whether the setup.py script tries to install the dependencies listed in the
requirements.txt file with easy_install. If the environment variable
BRIDGEDB_INSTALL_DEPENDENCIES=0, then setup.py will not use easy_install.
When BridgeDB is installed via `make install` the default is to not use
easy_install; however, when installed via `python setup.py install`, the
default is to use easy_install to check for, find, and install dependencies.
(NOTE: the latter is *not* recommended.) (commit d035fe64)
Changes in version 0.3.0 - 2015-03-21
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
* FIXES #2895 https://bugs.torproject.org/2895
BridgeDB no longer assumes that any extrainfo descriptor files are in
chronological order.
* FIXES #4405 https://bugs.torproject.org/4405
BridgeDB now has a built-in timer mechanism for scheduling cronjobesque
events. This is now used to routinely download and parse the list of Tor
exit relays in a completely asynchronous manner.
* FIXES #9380 https://bugs.torproject.org/9380
BridgeDB now uses Stem (https://stem.torproject.org) for its parsers, and
has better classes for parsing and storing information on Bridges and their
Pluggable Transports. Additionally, all of BridgeDB's parses and the new
Bridge/PluggableTransport classes all have 100% unittest and integration
test coverage.
* FIXES #10385 https://bugs.torproject.org/10385
BridgeDB now uses python-gnupg (https://pypi.python.org/gnupg) instead of
GPGME (libgpgme11 and pygpgme). Previously, when using GPGME, BridgeDB was
unable to sign emails with a subkey whose master private key was not
present, causing all signing to be broken. Additionally, GPGME tried to
access and modify the BridgeDB users $HOME directory, and GPGME would also
try to create signatures with encryption-only subkeys, and try to
encrypt/decrypt with signing-only subkeys. All of these issues are no more,
because the writhing tangled mass of bugs known ad GPGME is gone for good.
* FIXES #11216 https://bugs.torproject.org/11216
BridgeDB no longer parses any extrainfo descriptor files cumulatively.
Before, a Bridge which had a descriptor in cached-extrainfo and in
cached-extrainfo.new and supported obfs3, obfs4, and scramblesuit transports
would be parsed twice, resulting in the Bridge having six transports. This
is no longer the case.
* HOTFIXES an issue with non-deterministic unittest failures in
the Mechanize-based integrations tests in lib/bridgedb/test/test_https.py.
hotfix/0.2.4-mechanize-tags
* FIXES part of #12507 https://bugs.torproject.org/12507
BridgeDB now has semi-automated developer documentation builds at
https://pythonhosted.org/bridgedb/.
* FIXES #12805 https://bugs.torproject.org/12805
BridgeDB is now packaged on PyPI, in the hopes that someday other
organisations will be able to run their own BridgeDBs.
* FIXES #12843 https://bugs.torproject.org/12843
BridgeDB will no longer distribute bridges which it believes are located in
Iran or Syria.
* FIXES #12872 https://bugs.torproject.org/12872
BridgeDB now has geolocational information for Bridges, telling it which
country each Bridge's primary ORAddress is within, as well as geolocational
information for each PluggableTransport address. Thanks to Alden S. Page
for the patches.
* FIXES #15155 https://bugs.torproject.org/15155
The instructions for obtaining a copy of Tor Browser should now be more
clear. Thanks to Jens Kubieziel, Nick Mathewson, and Peter Palfrader.
And includes the following general changes:
* CHANGES BridgeDB's continuous integration infrastructure to run
tests for:
- Twisted-13.2.0 (Debian Wheezy version),
- Twisted-14.0.2 (Debian Jessie version), and
- Twisted-15.0.0 (latest and greatest)
As well as testing both:
- pyOpenSSL-0.13.1 (Debian Wheezy version), and
- pyOpenSSL-0.14 (Debian Jessie version).
See https://travis-ci.org/isislovecruft/bridgedb/builds
* FIXES an issue with the $PYTHON_EGG_CACHE directory being group
writable on Travis-CI build machines.
* UPDATE English (en_US) translations.
* UPDATE English (en) translations.
* ADD Tamil (ta) translations.
Thanks to git12a.
* ADD Albanian (sq) translations.
Thanks to Bujar Tafili.
* ADD Slovenian (sl_SI) translations.
Thanks to Dušan, marko, and Nwolfy.
* ADD Slovak (sk_SK) translations.
Thanks to once.
* ADD Esperanto (eo) translations.
Thanks to identity, Rico Chan, and trio.
* ADD Bulgarian (bg) translations.
Thanks to aramaic.
* ADD Azerbaijani (az) translations.
Thanks to E.
* UPDATE Chinese (zh_TW) translations.
Thanks to LNDDYL.
* UPDATE Chinese (zh_CN) translations.
Thanks to Wu Ming Shi and YF.
* UPDATE Ukranian (uk) translations.
Thanks to Eugene ghostishev, LinuxChata, Oleksii Golub, and
Андрій Бандура.
* UPDATE Turkish (tr) translations.
Thanks to eromytsatiffird, Emir Sarı, Idil Yuksel, ozkansib,
Volkan Gezer, and zeki.
* UPDATE Swedish (sv) translations.
Thanks to Anders Jensen-Urstad, Emil Johansson, GabSeb, ph AA, phst,
and leveebreaks.
* UPDATE Slovak (sk) translations.
Thanks to elo, FooBar, Michal Slovák, Roman 'Kaktuxista' Benji, and
StefanH.
* UPDATE Russian (ru) translations.
Thanks to Andrey Yoker Ogurchikov, Evgrafov Denis, foo,
joshuaridney, Oleg, Sergey Briskin, Valid Olov, and Vitaliy Grishenko.
* UPDATE Romanian (ro) translations.
Thanks to Isus Satanescu, laura berindei, and clopotel.
* UPDATE Portuguese (pt_BR) translations.
Thanks to João Paulo S.S.
* UPDATE Portuguese (pt) translations.
Thanks to alfalb.as, André Monteiro, kagazz, Manuela Silva,
alfalb_mansil, Andrew_Melim, Pedro Albuquerque, Sérgio Marques, and
TiagoJMMC.
* UPDATE Polish (pl) translations.
Thanks to Aron, JerBen, bogdrozd, Dawid, Rikson, Krzysztof Łojowski,
oirpos, and seb.
* UPDATE Dutch (nl) translations.
Thanks to Adriaan Callaerts, Ann Boen, Cleveridge, Dick,
Johann Behrens, Shondoit Walker, Marco Brohet, guryman, Marco
Brohet, Tom Becht, Tonko Mulder, math1985, and BBLN.
* UPDATE Norwegian Bokmål (nb) translations.
Thanks to Allan Nordhøy, Harald, lateralus, Per Thorsheim,
and thor574.
* UPDATE Latvian (lv) translations.
Thanks to Ojārs Balcers and ThePirateDuck.
* UPDATE Khmer (km) translations.
Thanks to Seng Sutha, Sokhem Khoem, and Sok Sophea.
* UPDATE Japanese (ja) translations.
Thanks to brt, ABE Tsunehiko, タカハシ, Masaki Saito, and
藤前 甲.
* UPDATE Italian (it) translations.
Thanks to fetidyoo, Francesca Ciceri, HostFat, ironbishop, and
Jacob Appelbaum.
* UPDATE Hungarian (hu) translations.
Thanks to Blackywantscookies, Lajos Pasztor, Cerbo, and vargaviktor.
* UPDATE Croatian (hr) translations.
Thanks to Ana B, Armando Vega, skiddiep, Tomislav Siroglavić,
and gogo.
* UPDATE French (fr_CA) translations.
Thanks to Lunar, mehditaileb, Onizuka, and yahoe.001.
* UPDATE French (fr) translations.
Thanks to apaddlingduck, fayçal fatihi, Boubou, Cryptie,
Frisson Reynald, hpatte, Lucas Leroy, Lunar, Onizuka, and mehditaileb.
* UPDATE Finnish (fi) translations.
Thanks to Jorma Karvonen, Spacha, Ossi Kallunki, Sami Kuusisto,
viljaminojonen, and Finland355.
* UPDATE Farsi (fa) translations.
Thanks to arashaalaei, signal89, ardeshir, Gilberto, johnholzer,
Mohammad Hossein, perspolis, and Setareh.
* UPDATE Spanish (es) translations.
Thanks to dark_yoshi, toypurina, BL, NinjaTuna, Noel Torres,
Paola Falcon, strel, and Jonis.
* UPDATE English (en_GB) translations.
Thanks to Andi Chandler, Richard Shaylor, and ronnietse.
* UPDATE Greek (el) translations.
Thanks to Adrian Pappas, andromeas, oahanx, isv31, and kotkotkot.
* UPDATE German (de) translations.
Thanks to trantor, Ettore Atalan, unknwon_anonymous, konstibae,
Locke, Tobias Bannert, qbi, Sebastian, and debakel.
* UPDATE Danish (da) translations.
Thanks to Christian Villum, David Nielsen, OliverMller, torebjornson,
Thomas Pryds, and Tore Bjørnson.