| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |\ \
| | |
| | |
| | |
| | | |
Conflicts:
bridgedb.conf
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Further describe some config options
Rearrange and regroup some configuration file options
Clarify end-user distributor usage
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | | |
* FIXES #9988
|
| |/ / / |
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also add detailed, high-level description of the original usage of OT for
bridge distribution, and why this is not needed within the modified threat
model. However, it occurred to me while writing out the details that the k-TAA
blind signatures (Au, Susilo, et al.) used in the original scheme *also*
require a bilinear pairing, and are used independently to the usage of OT for
creating the zero-knowledge PoKs of valid blind signatures on user commitments
to the values representing the user's numbers of Credits (the coin-like things
generated through one's bridges not getting blocked) and the user's timestamp
for the last request for an Invite Ticket.
As such, the signature scheme must either be re-evaluated and a different
scheme used, or else we likely do not save any implementation overhead by
ripping out the Oblivious Transfer (although doing so *does* still save on the
rather high computational and network bandwidth complexities involved in OT).
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* ADD beginning of threat model as well.
* ADD defⁿ table for constants/variable names in
doc/proposal/XXX-bridgedb-social-distributor.txt.
|
| |/ / / |
|
| | | | |
|
| |\ \ \ |
|
| |/ / /
| | |
| | |
| | | |
* FIXES #9127.
|
| | | | |
|
| | | | |
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | | |
* CHANGE Mako template lookups to ignore atime filesystem checks, using
only compiled template and not reloading from file.
|
| | | | |
|
| | | | |
|
| |\ \ \ |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ADD HTTPServer.replaceErrorPage() function for catching templating
errors and sending them to the logger. The user is served a very
simply "Somthing went wrong page".
* CHANGE all calls to mako.templates.Template.render() to be wrapped in
a try/except block which directs to the new
HTTPServer.replaceErrorPage() function.
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* FIXES #10737, an issue where if a CAPTCHA was entered incorrectly, the
client would be redirected back to /bridges.html without the original HTTP
POST arguments (which specify the requested pluggable transports, IP
version, etc.).
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* CHANGE a line in HTTPServer.CaptchaProtectedResource which chained
several method calls together inside a return statement, into a
separate lines for each call.
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* REMOVE calls to `Util.safelog` which masked the IP addresses which
are randomly generated in
`HTTPServer.CaptchaProtectedResource.render_POST()`. These random IPs
are sent to the ReCaptcha server in order to not reveal the client's
real IP, and they are no more revealing/identifying of a particular
client than the `twisted.web.http.Request.args` which are logged.
|
| |\ \ \ |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
* ADD a new option, `COLLECT_TIMESTAMPS` to the config file to configure
whether or not to run the timestamp collection code, including
`Stability.addOrUpdateBridgeHistory()`, in `Main.load()`.
* FIXES #10724
|
| |\ \ \
| |/ /
|/| | |
|
| | | | |
|
| | | | |
|
| |/ / |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
There was a newly-added escaped double quote without a corresponding,
escaped pair, followed by a newline, i.e.: `\"\n` in the Thai
translation which didn't seem to mess up the template parser nor the
browsers I tested it in, but it did add an unnecessary double quote on
the page so I removed it.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Philipp Winter's scramblesuit paper has a section on creating easily
handwritable shared secrets. [0]
To my memory, this excludes using the character `O` (capital o) and the
integer `1`, because they are easily confused for the integer '0' and
the character 'l', respectively. However, Philipp mentioned on IRC that
scramblesuit `password=` fields in the `transport` line are actually
just the set of base32 characters. [1]
* ADD a line to doc/DESCRIPTORS.md which shows an example
scramblesuit-enabled bridge which uses a shared secret passed through
BridgeDB. See #9013.
[0]: http://arxiv.org/abs/1305.3199
[1]: https://tools.ietf.org/html/rfc4648
|
| | | |
|
| |\ \
| |/ |
|
| | |\
| |/
|/| |
|
| | | |
|
