Re: [tor-bugs] #20730 [User Experience/Website]: Let the www.torproject.org/PT redirect work without a terminating slash

[Tor Bug Tracker & Wiki]

#20730: Let the www.torproject.org/PT redirect work without a terminating slash
-+---
 Reporter:  dcf  |  Owner:  Sebastian
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  User Experience/Website  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20675 [User Experience/Website]: remove cloud link from https://www.torproject.org/getinvolved/relays

[Tor Bug Tracker & Wiki]

#20675: remove cloud link from https://www.torproject.org/getinvolved/relays
-+---
 Reporter:  cypherpunks  |  Owner:  Sebastian
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  User Experience/Website  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20235 [Core Tor/Tor]: Configure misidentifies clock_gettime and getentropy on macOS Sierra/XCode8 when compiling for iOS 8

[Tor Bug Tracker & Wiki]

#20235: Configure misidentifies clock_gettime and getentropy on macOS 
Sierra/XCode8
when compiling for iOS 8
-+-
 Reporter:  rainwolf |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.2.9.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.8.8
 Severity:  Normal   | Resolution:
 Keywords:  Sierra, XCode 8, clock_gettime,  |  Actual Points:
  getentropy, libSystem.dylib 028-backport osx   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 For the record, my github branch `weak_link_getentropy` is an alternative
 solution.

 But I think it's much more complex in the clock_gettime case, and in
 general, it has more failure modes, so I would prefer nickm's solution.

 I have reviewed nickm's branch and it looks good, but I have no OS X 10.11
 or earlier to test it on.

 (To test, we need to compile on macOS 10.12 with `export
 MACOSX_DEPLOYMENT_TARGET=10.11`, then try to run the binary on an earlier
 OS X version.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20415 [User Experience/Website]: Add donation banner to homepage for 2016 campaign

[Tor Bug Tracker & Wiki]

#20415: Add donation banner to homepage for 2016 campaign
-+---
 Reporter:  arthuredelstein  |  Owner:  Sebastian
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  User Experience/Website  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  funding, crowdfunding|  Actual Points:
Parent ID:  #20413   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by Sebastian):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 [x]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20734 [User Experience/Website]: Update links and redirects to new donation site

[Tor Bug Tracker & Wiki]

#20734: Update links and redirects to new donation site
-+---
 Reporter:  arthuredelstein  |  Owner:  Sebastian
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  User Experience/Website  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  crowdfunding |  Actual Points:
Parent ID:  #20413   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by Sebastian):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 [x]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20235 [Core Tor/Tor]: Configure misidentifies clock_gettime and getentropy on macOS Sierra/XCode8 when compiling for iOS 8

[Tor Bug Tracker & Wiki]

#20235: Configure misidentifies clock_gettime and getentropy on macOS 
Sierra/XCode8
when compiling for iOS 8
-+-
 Reporter:  rainwolf |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.2.9.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.8.8
 Severity:  Normal   | Resolution:
 Keywords:  Sierra, XCode 8, clock_gettime,  |  Actual Points:
  getentropy, libSystem.dylib 028-backport osx   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => needs_review


Comment:

 Possible fix in branch `sierra_fix_028` in my public repository. I haven't
 tested it on OSX yet though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ronvandaal_):

 By the way. Also see. #20746 Question: what are MLF files (found in /tmp/)
 ?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20746 [Applications/Tor Browser]: TBB - What are /tmp/0123.mlf files (where 0123 is PID of Firefox)

[Tor Bug Tracker & Wiki]

#20746: TBB - What are /tmp/0123.mlf files (where 0123 is PID of Firefox)
--+--
 Reporter:  ronvandaal_   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Using tor-browser-linux64-6.0.6_en-US.tar.xz

 This is a general question, but related to the other ticket #200100

 In /tmp/ I found some files (*.MLF) , filename is the PID of Firefox.

 (for example, the process "0123 ./firefox --class Tor Browser -profile
 TorBrowser/Data/Browser/profile.default" relates to /tmp/1234.mlf)

 What are MLF files? Never seen them before. They appeared after a TBB's
 browser crashed and couldn't restart due to a faulty Browser/libxul.so.


 Anyway. They seem memory dumps. But why?

 (2268780 bytes) First bytes header (if any) starting with 010100790a2a21

 Example of readable contents:

 $ strings 0189.mlf
 /home/ronv/tor-browser/Browser/libnspr4.so
 /home/ronv/tor-browser/Browser/libplc4.so
 /home/ronv/tor-browser/Browser/libplds4.so
 /home/ronv/tor-browser/Browser/libnssutil3.so
 /home/ronv/tor-browser/Browser/libnss3.so
 /home/ronv/tor-browser/Browser/libsmime3.so
 /home/ronv/tor-browser/Browser/libssl3.so
 /home/ronv/tor-browser/Browser/libmozsqlite3.so
 /home/ronv/tor-browser/Browser/liblgpllibs.so
 /home/ronv/tor-browser/Browser/libxul.so
 /home/ronv/tor-browser/Browser/browser/components/libbrowsercomps.so
 /home/ronv/tor-browser/Browser/libsoftokn3.so
 /home/ronv/tor-browser/Browser/libfreebl3.so
 /home/ronv/tor-browser/Browser/libnssckbi.so

 Ideas? Anyone?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20530 [Core Tor/Tor]: undefined reference to 'munmap' and 'mmap' building tor on Windows

[Tor Bug Tracker & Wiki]

#20530: undefined reference to 'munmap' and 'mmap' building tor on Windows
-+-
 Reporter:  ice  |  Owner:
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:  fixed
 Keywords:  windows, mingw, CoreTorTeam201611,   |  Actual Points:  0.3
  review-group-12|
Parent ID:   | Points:  0.3
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Taking your patch in master; closing this ticket.  Please reopen if the
 problem still exists on git master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20650 [Core Tor/Tor]: confusing "I need to load the permanent master identity key" line

[Tor Bug Tracker & Wiki]

#20650: confusing "I need to load the permanent master identity key" line
---+---
 Reporter:  arma   |  Owner:  s7r
 Type:  defect | Status:  merge_ready
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.0.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.2.7.3-rc
 Severity:  Normal | Resolution:
 Keywords:  029-backport, review-group-12  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---
Changes (by nickm):

 * status:  needs_review => merge_ready
 * reviewer:   => nickm


Comment:

 Thanks! This looks good for me, with two issues:

  1) The commit message is really vague.
  2) Some of the lines are wide, so "make check-spaces" will complain.

 I'm okay with fixing those up as I merge, unless you'd rather fix them up
 yourself.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17847 [Core Tor/Tor]: Unify router_pick_directory_server_impl and router_pick_trusteddirserver_impl

[Tor Bug Tracker & Wiki]

#17847: Unify router_pick_directory_server_impl and
router_pick_trusteddirserver_impl
-+-
 Reporter:  teor |  Owner:
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy, refactor, review-group-12  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 Thanks for this patch!

 Many of the macros are missing arguments - it's confusing to have a macro
 use or modify a variable that isn't listed in its arguments.

 Almost all of SKIP_IF_ALREADY_DIR_FETCHING() could become a function,
 except for the body of the if statement, which is small enough to make it
 ok to duplicate.

 Some code just seems to move around or be reformatted - it might be better
 to put whitespace-only changes in their own commit.

 In general, these changes would be easier to review if each refactored
 macro or function was in its own commit.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19200 [Applications/Tor Browser]: HTML5 video not blocked with placeholder, plays automatically

[Tor Bug Tracker & Wiki]

#19200: HTML5 video not blocked with placeholder, plays automatically
-+-
 Reporter:  potato   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security-slider, |  Actual Points:
  tbb-6.0-issues, noscript, GeorgKoppen201611,   |
  TorBrowserTeam201611   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by ma1):

 Replying to [comment:43 i139]:
 > Replying to [comment:42 i139]:
 > > but I have to click in two placeholder for play the video
 >
 > it's because the page at first time reload

 It's probably because there are two separate MediaSource buffers with
 different content types, e.g. one for audio and one for video.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20400 [Core Tor/Tor]: Unreachable code in rend_service_derive_key_digests()

[Tor Bug Tracker & Wiki]

#20400: Unreachable code in rend_service_derive_key_digests()
-+
 Reporter:  twim |  Owner:
 Type:  defect   | Status:  needs_information
 Priority:  Very Low |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, review-group-12  |  Actual Points:
Parent ID:   | Points:  0.1
 Reviewer:  nickm|Sponsor:  SponsorR-can
-+
Changes (by nickm):

 * status:  needs_review => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20400 [Core Tor/Tor]: Unreachable code in rend_service_derive_key_digests()

[Tor Bug Tracker & Wiki]

#20400: Unreachable code in rend_service_derive_key_digests()
-+
 Reporter:  twim |  Owner:
 Type:  defect   | Status:  needs_review
 Priority:  Very Low |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, review-group-12  |  Actual Points:
Parent ID:   | Points:  0.1
 Reviewer:  nickm|Sponsor:  SponsorR-can
-+
Changes (by nickm):

 * reviewer:   => nickm


Comment:

 I'm not sure that computing a pk digest can ever actually fail if we've
 got a private key; can it?  As near as I can tell, both of the warnings
 are unreachable in practice.

 (To answer your question I bet that the "Internal error: " prefix pre-
 dates the LD_BUG domain.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18329 [Core Tor/Tor]: Let bridges indicate when they don't want BridgeDB to distribute their address

[Tor Bug Tracker & Wiki]

#18329: Let bridges indicate when they don't want BridgeDB to distribute their
address
-+-
 Reporter:  karsten  |  Owner:
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridge, review-group-12  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18329 [Core Tor/Tor]: Let bridges indicate when they don't want BridgeDB to distribute their address

[Tor Bug Tracker & Wiki]

#18329: Let bridges indicate when they don't want BridgeDB to distribute their
address
-+-
 Reporter:  karsten  |  Owner:
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridge, review-group-12  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Looks fine; needs a spec patch though.

 Also, I think that promising some the semantics for "none" would be smart.

 And we shouldn't actually merge this IMO until we get BridgeDB to respect
 it. Otherwise we'll be telling people that they can do something that
 won't actually work yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20568 [Core Tor/Tor]: Move encode_cert() from hs_descriptor.c into torcert.c

[Tor Bug Tracker & Wiki]

#20568: Move encode_cert() from hs_descriptor.c into torcert.c
-+-
 Reporter:  dgoulet  |  Owner:
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, easy, refactoring, review-   |  Actual Points:
  group-12   |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  SponsorR-can
-+-
Changes (by nickm):

 * status:  needs_review => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18054 [Core Tor/Tor]: prop224: Decide how to proceed with torrc options

[Tor Bug Tracker & Wiki]

#18054: prop224: Decide how to proceed with torrc options
-+---
 Reporter:  dgoulet  |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.???
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #20657   | Points:  3
 Reviewer:   |Sponsor:  SponsorR-must
-+---

Comment (by dgoulet):

 Discussion: https://lists.torproject.org/pipermail/tor-
 dev/2016-November/011661.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20745 [Core Tor/Stem]: test_installs_all_data_files fails with vim .swo files

[Tor Bug Tracker & Wiki]

#20745: test_installs_all_data_files fails with vim .swo files
---+
 Reporter:  chelseakomlo   |  Owner:  atagar
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by chelseakomlo):

 I have a patch for this here: `g...@github.com:chelseakomlo/stem.git`,
 branch `swo_unit`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20745 [Core Tor/Stem]: test_installs_all_data_files fails with vim .swo files

[Tor Bug Tracker & Wiki]

#20745: test_installs_all_data_files fails with vim .swo files
---+
 Reporter:  chelseakomlo   |  Owner:  atagar
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 I received the following failure:

 AssertionError: setup.py doesn't install stem/stem/.prereq.py.swo

 It might be useful to have a set of file types to include, rather than
 exclude, but this is a larger refactor (but something to think about if
 this error happens with another file type).

 Another possible refactor is to extract this list as it is used in several
 different places (so we have one single list of file types that we
 exclude). Specifically, we have the same logic in
 test/integ/installation.py and test/unit/installation.py, for example.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #19882, #19885, #19886, #19889, ...

[Tor Bug Tracker & Wiki]

Batch modification to #19882, #19885, #19886, #19889, #20720 by nickm:


Action: resolve

Comment:
(batch change): These are now done in my prop271-wip branch.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ronvandaal_):

 OK, so no attachments due to huge filesizes and limits on the trac.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ronvandaal_):

 Replying to [comment:6 cypherpunks]:
 > > is it normal for libxul.so binaries to change when run?
 >
 > On disk? No, of course.
 > What hash of your libxul?

 The question was for my own sanity. Thank you ;-)

 See attached files:
 tor-browser-linux64-6.0.6_en-libxul.so-STOCK-VALID
 eaa0cb53cea58ced3a8182d81c9b48c9
 tor-browser-linux64-6.0.6_en-libxul.so-POWNED
 cc2fc415dda6632cf67b285ae41808b4

 For records: tor-browser-linux64-6.0.6_en-US.tar.xz
 e71f92bc24cc8325a328561c2f6d6aa7


 These don't relate to TBB but Debian's Iceweasel (patchlevel unsure, did
 reinstall after):
 libxul.so-debian-jessie-amd64-STOCK cad4639bff84298c3af0340c19714e46
 libxul.so-debian-jessie-amd64-POWN 3eb2b8139fd24211e5a787f2510a3aff
 (changed while browsing)

 I'm certain when the TBB init scripts (same goes for Tails) run a simple
 hashchecker, perhaps with the option to feedback a mismatch, more
 background info on the bug can be obtained. Just an idea.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11506 [Applications/Tor Browser]: Users are confused by the 2000-01-01 00:00 UTC timestamp

[Tor Bug Tracker & Wiki]

#11506: Users are confused by the 2000-01-01 00:00 UTC timestamp
-+-
 Reporter:  lunar|  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-helpdesk-frequent, tbb-gitian,   |  Actual Points:
  TorBrowserTeam201601, GeorgKoppen201601|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Using current timestamp of commit or tag or anything has some complicated
 issues to work out, understandable.
 What's wrong with just setting to 2020/1/1 00:00:00? No more issues with
 OSX saying the current version is newer, and minimal effort needed, or am
 I missing something?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20716 [Core Tor/Tor]: memory leak in connection_handle_listener_read()

[Tor Bug Tracker & Wiki]

#20716: memory leak in connection_handle_listener_read()
--+
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.2.9.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.6.3-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by arma):

 Replying to [comment:7 icanhasaccount]:
 > The other thing is we aren't checking the return code for
 tor_addr_from_sockaddr - not sure if this is an issue though..

 The function can only fail if the family isn't v4, v6, or unix. So it
 can't fail here.

 I wonder if Nick would happily take a patch to clean up all the return
 codes? It seems awfully messy to have a bunch of error handling that we
 should never use though. I wonder if there's a way to refactor (our use
 of) the function so it's never expected to fail?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20744 [Applications/Tor Browser]: add 'media.source.enabled' change in security setting

[Tor Bug Tracker & Wiki]

#20744: add 'media.source.enabled' change in security setting
--+--
 Reporter:  i139  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * cc: tbb-team (added)
 * owner:   => tbb-team
 * component:  - Select a component => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20744 [- Select a component]: add 'media.source.enabled' change in security setting

[Tor Bug Tracker & Wiki]

#20744: add 'media.source.enabled' change in security setting
--+-
 Reporter:  i139  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 media source extensions (MSE)is a "specification allows JavaScript to
 dynamically construct media streams for  and "

 the advances of MSE are:

 Allow JavaScript to construct media streams independent of how the
 media is fetched.
 Define a splicing and buffering model that facilitates use cases like
 adaptive streaming, ad-insertion, time-shifting, and video editing.
 Minimize the need for media parsing in JavaScript.
 Leverage the browser cache as much as possible.
 Provide requirements for byte stream format specifications.
 Not require support for any particular media format or codec.

 but as user ma1 say in #19200#comment:38

 >As a side effect the data flow *appears* less transparent, but what we
 should focus on is that the JavaScript on a certain webpage has now the
 power to fuzz (and possibly exploit) any available HTML 5 media codec
 *without even touching the network*.

 put from true to false in 'media.source.enabled' when using high in
 security settings, probably will be a good for hypothetical security

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19200 [Applications/Tor Browser]: HTML5 video not blocked with placeholder, plays automatically

[Tor Bug Tracker & Wiki]

#19200: HTML5 video not blocked with placeholder, plays automatically
-+-
 Reporter:  potato   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security-slider, |  Actual Points:
  tbb-6.0-issues, noscript, GeorgKoppen201611,   |
  TorBrowserTeam201611   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by i139):

 NoScript 2.9.5 was released with this correction, is just update

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20670 [Metrics/Onionoo]: provide Operator's guide for Onionoo

[Tor Bug Tracker & Wiki]

#20670: provide Operator's guide for Onionoo
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Yes, geoip needs a monthly update.  Except that recent files have issues
 and we're not updating anymore.  But yes, in theory, monthly update.  Same
 as little-t-tor updates that happen once per month.

 Squashed and pushed!  Thanks, everyone involved!  Closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20712 [Metrics/Onionoo]: Put out Onionoo 3.1-1.0.0 release

[Tor Bug Tracker & Wiki]

#20712: Put out Onionoo 3.1-1.0.0 release
-+---
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by karsten):

 Quick reminder: tomorrow is the release date! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20670 [Metrics/Onionoo]: provide Operator's guide for Onionoo

[Tor Bug Tracker & Wiki]

#20670: provide Operator's guide for Onionoo
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by iwakeh):

 * status:  assigned => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 > is it normal for libxul.so binaries to change when run?

 On disk? No, of course.
 What hash of your libxul?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19210 [Applications/Tor Browser]: NoScript places WebM videos too late behind click-to-play in higher security levels

[Tor Bug Tracker & Wiki]

#19210: NoScript places WebM videos too late behind click-to-play in higher
security levels
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-regression, tbb-security-|  Actual Points:
  slider, tbb-6.0-issues, noscript   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by i139):

 Replying to [comment:15 ma1]:
 > Replying to [comment:14 i139]:
 >
 > > the holder still too behind
 >
 > How did you decide that?
 >
 > This is what NoScript 2.9.5.x is doing for top-level documents (the
 scenario you are presumably testing):
 yes, it is

 > Thanks!

 you're welcome.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ronvandaal_):

 Replying to [comment:2 gk]:
 > That's the first crash of this type I've seen. So, no, we don't know of
 any other user having this problem.

 That's probably because most of this goes under the radar since there's no
 validation on the lib during startup. Some modded ie. patched (see
 previous post) libxul.so just runs fine without the user noticing. Besides
 that, when TBB suddenly exits it doesn't always generate a segfault. Not
 all users investigate and report bugs, etc. I would like so suggest
 checksum validation on at least libxul.so as a enhancement for your
 project.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20707 [Applications/Tor Browser]: Preferences tab is broken in non-en-US 6.5a4(-hardened) builds

[Tor Bug Tracker & Wiki]

#20707: Preferences tab is broken in non-en-US 6.5a4(-hardened) builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  tbb-usability,   |  Actual Points:
  TorBrowserTeam201611R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, let's take it for the alpha. Seems to be an okay stopgap solution.
 This is commit 70b2e4769bc4a7dd877e8ca82403d71561dbeec8 on tor-
 browser-45.5.0esr-6.5-1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20743 [Applications/Tor Browser]: Suggestion for additional checks on Tor browser bundle startup script

[Tor Bug Tracker & Wiki]

#20743: Suggestion for additional checks on Tor browser bundle startup script
--+
 Reporter:  ronvandaal_   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:  libxul.so bundle
  |  TBB
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 In addition to ticket #200100 (bug) - a new ticket for a suggestion.


 Another libxul.so oddity. Fresh system, stock Debian using TBB now. This
 one affects tor-browser-linux64-6.0.6_en-US.tar.xz

 Fresh unpack and run of TBB. Crashes after surfing to a popular website.

 Here only one byte changed:

 before crash: 1d66170 -- bytes: e800 f39a fec4 8948 48ea c389 8948 4cc7
 after crash: 1d66170 -- bytes: e900 f39a fec4 8948 48ea c389 8948 4cc7

 0xe8 turned 0xe9 (elf64-x86-64 format)

 1d66171: e8 9a f3 c4 fe callq 9b5510 
 1d66171: e9 9a f3 c4 fe jmpq 9b5510 

 I have to ask: is it normal for libxul.so binaries to change when run?
 (not a coder here, sorry)

 If not, maybe TBB could implement a integrity checker on the libs?

 I believe there's an issue with libxul in general, which also may affect
 the Tor Browser Bundle, Tails, etc.

 The difference here is 1 byte. It didn't expand like in other settings.
 With JMPQ there's no need for the CALL routine to return using RET, JMPQ
 discards proper control using addresses pushed on the stack. This
 behaviour could explain the segfaults in the other configurations.

 Right now TBB startup scripts don't check hashes of packaged libs. And why
 not? It's an easy feat to add to the start-tor-browser-desktop script.
 Call it an early warning system if you will. Now TBB runs REGARDLESS if a
 modded libxul.so is residing in the Browser/ directory. This is also a way
 to find users with similar problems (in case of no segfault, when TBB
 appears to "just" exit)

 Just my 2 cts

 ronvandaal

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20739 [Community/Tor Browser Manual]: https://tb-manual.torproject.org should redirect to the manual for the platform the user is actually on

[Tor Bug Tracker & Wiki]

#20739: https://tb-manual.torproject.org should redirect to the manual for the
platform the user is actually on
--+--
 Reporter:  gk|  Owner:  phoul
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by phoul):

 * status:  new => accepted


Comment:

 I think option 2 makes more sense at this time. If we eventually require
 different versions on different platforms, we can revisit patching
 torbutton.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by ronvandaal_):

 * priority:  Medium => High
 * severity:  Normal => Major


Comment:

 Another libxul.so oddity. Fresh system, stock Debian using TBB now. This
 one affects tor-browser-linux64-6.0.6_en-US.tar.xz

 Fresh unpack and run of TBB. Crashes after surfing to a popular website.

 Here only one byte changed:

 before crash: 1d66170 -- bytes: e800 f39a fec4 8948 48ea c389 8948 4cc7
 after crash:  1d66170 -- bytes: e900 f39a fec4 8948 48ea c389 8948 4cc7

 0xe8 turned 0xe9 (elf64-x86-64 format)

 1d66171:e8 9a f3 c4 fe  callq  9b5510 
 1d66171:e9 9a f3 c4 fe  jmpq   9b5510 


 I have to ask: is it normal for libxul.so binaries to change when run?
 (not a coder here, sorry)

 If not, maybe TBB could implement a integrity checker on the libs?

 I believe there's an issue with libxul in general, which also may affect
 the Tor Browser Bundle, Tails, etc.


 The difference here is 1 byte. It didn't expand like in other settings.
 With JMPQ there's no need for the CALL routine to return using RET, JMPQ
 discards proper control using addresses pushed on the stack. This
 behaviour could explain the segfaults in the other configurations.

 Right now TBB startup scripts don't check hashes of packaged libs. And why
 not? It's an easy feat to add to the start-tor-browser-desktop script.
 Call it an early warning system if you will. Now TBB runs REGARDLESS if a
 modded libxul.so is residing in the Browser/ directory. This is also a way
 to find users with similar problems (in case of no segfault, when TBB
 appears to "just" exit)

 Just my 2 cts

 ronvandaal

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20742 [Core Tor/Tor]: prop224: Implement stealth client authorization

[Tor Bug Tracker & Wiki]

#20742: prop224: Implement stealth client authorization
-+--
 Reporter:  asn  |  Owner:
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.???
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop224, needs-proposal  |  Actual Points:
Parent ID:  #20700   | Points:  3
 Reviewer:   |Sponsor:  SponsorR-can
-+--
Changes (by dgoulet):

 * keywords:  prop224, prop224 => prop224, needs-proposal
 * component:  - Select a component => Core Tor/Tor
 * milestone:   => Tor: 0.3.???


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20707 [Applications/Tor Browser]: Preferences tab is broken in non-en-US 6.5a4(-hardened) builds

[Tor Bug Tracker & Wiki]

#20707: Preferences tab is broken in non-en-US 6.5a4(-hardened) builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-usability,   |  Actual Points:
  TorBrowserTeam201611R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:5 mcs]:
 > Replying to [comment:2 arthuredelstein]:
 > > ... Therefore I'm proposing this separate follow-up patch that removes
 the references for Tor Browser only.
 > >
 > > https://github.com/arthuredelstein/tor-browser/commit/20707
 >
 > r=mcs
 > I think this is an okay solution, although it looks strange to use hard-
 coded strings.
 > Maybe the commit message state that this is a fixup for 20244 instead of
 using this new ticket number?

 The reason I did it this way is that I wanted to keep the original patch
 separate for possible uplift. The hard-coded strings are merely
 placeholders that are hidden by the torbutton overlay.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16494 [Applications/Tor Messenger]: Port Tor Button-like functionality

[Tor Bug Tracker & Wiki]

#16494: Port Tor Button-like functionality
+--
 Reporter:  lunar   |  Owner:  sukhbir
 Type:  defect  | Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Messenger  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by arlolra):

 For the security slider, consider stricter TLS settings.
 See, https://blog.torproject.org/blog/tor-messenger-
 030b1-released#comment-220657

 Also, see Mike's comments about the messaging window in
 ticket:10941#comment:10

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19210 [Applications/Tor Browser]: NoScript places WebM videos too late behind click-to-play in higher security levels

[Tor Bug Tracker & Wiki]

#19210: NoScript places WebM videos too late behind click-to-play in higher
security levels
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-regression, tbb-security-|  Actual Points:
  slider, tbb-6.0-issues, noscript   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by ma1):

 Replying to [comment:14 i139]:

 > the holder still too behind

 How did you decide that?

 This is what NoScript 2.9.5.x is doing for top-level documents (the
 scenario you are presumably testing):
 1. As soon as the HTTP headers are available (well before the stream
 starts to be parsed), it checks for any content-type matching
 {{{/^(?:video|audio|application)\//}}}
 2. If the load matches, NoScript suspend the networking channel (no bytes
 are parsed anymore until resumed)
 3. At this point, based on the content type, Firefox creates the relevant
 media document (i.e. a document containing a full-page HTML 5 media
 element, either `` or ``
 4. As soon as the page is created, NoScript enforces the current
 permissions and, if needed to honor them, aborts the channel (it could not
 be done earlier because otherwise there would be no container for the
 placeholder). Immediately after that it creates the placeholder which
 replaces the media element.

 Therefore you may indeed notice a little delay (the default player appears
 briefly, immediately replaced by the placeholder), but no (potentially
 harmful) stream reaches the (potentially exploitable) decoder.

 Are you noticing anything different? If so, how I can reproduce and verify
 what you're observing?

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20100 [Applications/Tor Browser]: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in locally linked shared object)

[Tor Bug Tracker & Wiki]

#20100: persistent libxul.so bug crashing TBB Linux/64 (but probably a bug in
locally linked shared object)
--+--
 Reporter:  sjamaan   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ronvandaal):

 Bump. This problem exists outside TBB. Seems to be a (remote)
 vulnerability in libxul not TBB. Surely managed to hit Iceweasel binaries
 on disk.. Segfaults, Iceweasel (default Debian Jessie/amd64 builds)
 basically stopped working. Hopefully more details for debugging on next
 occurrence.


 Modified object name:  /usr/lib/iceweasel/libxul.so

   Property:ExpectedObserved
   ---- ---
 * CRC32ANY2Ld  BF2LwO
 * MD5  Bbag4ohsGADzwEm2fKZ88P  BiEha5mIlm4mmKifQ0AuZC



 -ronvandaal

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11031 [Applications/Quality Assurance and Testing]: TBB Test suite: check that the noscript extension is functional

[Tor Bug Tracker & Wiki]

#11031: TBB Test suite: check that the noscript extension is functional
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11027 [Applications/Quality Assurance and Testing]: Make the TBB test suite work on Mac OS X

[Tor Bug Tracker & Wiki]

#11027: Make the TBB test suite work on Mac OS X
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  new => closed
 * keywords:  needs-triage =>
 * resolution:   => fixed
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11083 [Applications/Quality Assurance and Testing]: TBB Test suite: check that tor-launcher is working

[Tor Bug Tracker & Wiki]

#11083: TBB Test suite: check that tor-launcher is working
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11038 [Applications/Quality Assurance and Testing]: TBB Test suite: Fingerprint test

[Tor Bug Tracker & Wiki]

#11038: TBB Test suite: Fingerprint test
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11037 [Applications/Quality Assurance and Testing]: TBB Test suite: remanence checks

[Tor Bug Tracker & Wiki]

#11037: TBB Test suite: remanence checks
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11035 [Applications/Quality Assurance and Testing]: TBB Test suite: check browser localization

[Tor Bug Tracker & Wiki]

#11035: TBB Test suite: check browser localization
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11034 [Applications/Quality Assurance and Testing]: TBB Test suite: check that we can visit .onion web sites

[Tor Bug Tracker & Wiki]

#11034: TBB Test suite: check that we can visit .onion web sites
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11033 [Applications/Quality Assurance and Testing]: TBB Test suite: check that the tor browser supports WebSockets

[Tor Bug Tracker & Wiki]

#11033: TBB Test suite: check that the tor browser supports WebSockets
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:   => tbb-testcase


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11032 [Applications/Quality Assurance and Testing]: TBB Test suite: check that the new identity button works

[Tor Bug Tracker & Wiki]

#11032: TBB Test suite: check that the new identity button works
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testcase |  Actual Points:
Parent ID:  #11024   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage => tbb-testcase
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11024 [Applications/Quality Assurance and Testing]: Have a TBB test suite

[Tor Bug Tracker & Wiki]

#11024: Have a TBB test suite
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  needs-triage =>
 * component:  Applications/Tor bundles/installation => Applications/Quality
 Assurance and Testing
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20739 [Community/Tor Browser Manual]: https://tb-manual.torproject.org should redirect to the manual for the platform the user is actually on

[Tor Bug Tracker & Wiki]

#20739: https://tb-manual.torproject.org should redirect to the manual for the
platform the user is actually on
--+---
 Reporter:  gk|  Owner:  phoul
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20739 [Community/Tor Browser Manual]: https://tb-manual.torproject.org should redirect to the manual for the platform the user is actually on

[Tor Bug Tracker & Wiki]

#20739: https://tb-manual.torproject.org should redirect to the manual for the
platform the user is actually on
--+---
 Reporter:  gk|  Owner:  phoul
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by arthuredelstein):

 Yes, as far as I know, the manual is currently the identical for all
 platforms. I see two possible alternative solutions:
 1. Add a patch to torbutton to send the user to the appropriate link for a
 given platform: `https://tb-manual.torproject.org/${platform}/en-US`. (I
 don't think tb-manual.torproject.org should be responsible for detecting
 the Tor Browser platform.)
 2. Change the manual so there is a single version for all platforms on
 each locale: `https://tb-manual.torproject.org/en-US`

 Both of these options are easy to implement. The disadvantage I see for
 (1) is complexity. Do we really need a separate manual for each platform?
 And if we do have a separate manual for each platform, are we going to
 need separate screenshot images for each platform?

 I guess the main difference in usage Tor Browser platforms has to do with
 installation and startup. Right now, there isn't such a page, but if there
 were, it could simply have a section for each platform.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20569 [Core Tor/Tor]: hs: Use AES256 prop224 descriptors

[Tor Bug Tracker & Wiki]

#20569: hs: Use AES256 prop224 descriptors
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  defect   | Status:
 |  accepted
 Priority:  High |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224, TorCoreTeam201611,  |  Actual Points:
  review-group-12|
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  SponsorR-must
-+-

Comment (by asn):

 Replying to [comment:7 dgoulet]:
 > Replying to [comment:5 chelseakomlo]:
 >
 > Ok, I won't make any of the suggested fixes to the branch yet because
 asn raised concerns with AES-256 specifically regarding the size of the
 output and how it will influence the final size of the descriptor. Let's
 figure that one out and then fix our code.

 FWIW, after all there are no serious concerns about AES-256 and the size
 of the output, so I think it's fine to use AES-256.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20700 [Core Tor/Tor]: prop224: Implement client authorization (was: prop224: Implement client authentication)

[Tor Bug Tracker & Wiki]

#20700: prop224: Implement client authorization
-+
 Reporter:  dgoulet  |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop224, tor-hs  |  Actual Points:
Parent ID:  #12424   | Points:  3
 Reviewer:   |Sponsor:  SponsorR-can
-+
Changes (by asn):

 * sponsor:  SponsorR-must => SponsorR-can


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20742 [- Select a component]: prop224: Implement stealth client authorization

[Tor Bug Tracker & Wiki]

#20742: prop224: Implement stealth client authorization
--+--
 Reporter:  asn   |  Owner:
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:  prop224, prop224
Actual Points:|  Parent ID:  #20700
   Points:  3 |   Reviewer:
  Sponsor:  SponsorR-can  |
--+--
 prop224 currently does not specify stealth client authorization.

 This is a feature from `rend-spec.txt` which makes the HS create a unique
 onion address for each authorized client. This way revoked clients cannot
 get presense information about the hidden service, since they don't know
 the onion addresses of other clients.

 This is useful for cases where authorized clients have a chance of turning
 adversarial and there is a need for total revocation.

 tl;dr: We need to specify stealth auth in prop224, and implement it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20738 [Internal Services/Service - git]: Delete tag from tor-messenger-build.git repository

[Tor Bug Tracker & Wiki]

#20738: Delete tag from tor-messenger-build.git repository
-+
 Reporter:  sukhbir  |  Owner:  tor-gitadm
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20738 [Internal Services/Service - git]: Delete tag from tor-messenger-build.git repository

[Tor Bug Tracker & Wiki]

#20738: Delete tag from tor-messenger-build.git repository
-+
 Reporter:  sukhbir  |  Owner:  tor-gitadm
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Description changed by sukhbir:

Old description:

> Please delete the tag 0.3.0b1 (most recent) on tor-messenger-build.git
> repository. Thanks.
>
> (I have  [wiki:doc/TorMessenger/Release?version=18 ensured] that this
> doesn't happen again.)

New description:

 Please delete the tag v0.3.0b1 (most recent) on tor-messenger-build.git
 repository. Thanks.

 (I have  [wiki:doc/TorMessenger/Release?version=18 ensured] that this
 doesn't happen again.)

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20739 [Community/Tor Browser Manual]: https://tb-manual.torproject.org should redirect to the manual for the platform the user is actually on

[Tor Bug Tracker & Wiki]

#20739: https://tb-manual.torproject.org should redirect to the manual for the
platform the user is actually on
--+---
 Reporter:  gk|  Owner:  phoul
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by mcs):

 * cc: mcs (added)


Comment:

 I saw a similar problem on OSX as well and assumed we did not yet have
 platform-specific variants of the manual. But we might as well fix the
 redirects now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19200 [Applications/Tor Browser]: HTML5 video not blocked with placeholder, plays automatically

[Tor Bug Tracker & Wiki]

#19200: HTML5 video not blocked with placeholder, plays automatically
-+-
 Reporter:  potato   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security-slider, |  Actual Points:
  tbb-6.0-issues, noscript, GeorgKoppen201611,   |
  TorBrowserTeam201611   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by i139):

 Replying to [comment:42 i139]:
 > but I have to click in two placeholder for play the video

 it's because the page at first time reload

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20502 [Core Tor/Tor]: Setting UseBridges=1 UseEntryGuards=0 means you bypass your bridges

[Tor Bug Tracker & Wiki]

#20502: Setting UseBridges=1 UseEntryGuards=0 means you bypass your bridges
--+
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  config|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19210 [Applications/Tor Browser]: NoScript places WebM videos too late behind click-to-play in higher security levels

[Tor Bug Tracker & Wiki]

#19210: NoScript places WebM videos too late behind click-to-play in higher
security levels
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-regression, tbb-security-|  Actual Points:
  slider, tbb-6.0-issues, noscript   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by i139):

 don't worked

 tested at http://ftp.acc.umu.se/pub/debian-meetings/2016/mini-debconf-
 vienna/webm/Debian_Installer_for_Novena.webm

 in TBB 6.5a4 and NoScript 2.9.5.1rc1
 security setting at medium

 the holder still too behind

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20741 [Internal Services/Service - trac]: hiro should get tracadm permissions

[Tor Bug Tracker & Wiki]

#20741: hiro should get tracadm permissions
--+
 Reporter:  qbi   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #20737
   Points:|   Reviewer:
  Sponsor:|
--+
 hiro should be added to the tracadm group.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19200 [Applications/Tor Browser]: HTML5 video not blocked with placeholder, plays automatically

[Tor Bug Tracker & Wiki]

#19200: HTML5 video not blocked with placeholder, plays automatically
-+-
 Reporter:  potato   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security-slider, |  Actual Points:
  tbb-6.0-issues, noscript, GeorgKoppen201611,   |
  TorBrowserTeam201611   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by i139):

 working properly, but I have to click in two placeholder for play the
 video

 tested in youtube and dailymotion on security setting medium with 6.5a4

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20740 [Internal Services/Service - trac]: Assign trac admin permission to hiro

[Tor Bug Tracker & Wiki]

#20740: Assign trac admin permission to hiro
--+
 Reporter:  qbi   |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #20737| Points:
 Reviewer:|Sponsor:
--+
Changes (by qbi):

 * status:  new => closed
 * resolution:   => fixed
 * component:  - Select a component => Internal Services/Service - trac


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20740 [- Select a component]: Assign trac admin permission to hiro

[Tor Bug Tracker & Wiki]

#20740: Assign trac admin permission to hiro
--+
 Reporter:  qbi   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #20737
   Points:|   Reviewer:
  Sponsor:|
--+
 Hiro should get {{{TRAC_ADMIN}}} permissions within trac.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20614 [Applications/Tor Browser]: Add link to Tor Browser manual to about:tor

[Tor Bug Tracker & Wiki]

#20614: Add link to Tor Browser manual to about:tor
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201611R |  Actual Points:
Parent ID:  #11698| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  TorBrowserTeam201611 => TorBrowserTeam201611R
 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 This is commit 24e2f3aa02b40274e20e27aa568c076bd74f7b2f on master now.
 Note, though, that the URL is not properly redirecting to the manual I'd
 like to see: the one for Linux users. Currently I get redirected to the
 Windows one. I think this is a blocker for getting this shipped in the
 stable series and I opened #20739 to fix that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20739 [Community/Tor Browser Manual]: https://tb-manual.torproject.org should redirect to the manual for the platform the user is actually on

[Tor Bug Tracker & Wiki]

#20739: https://tb-manual.torproject.org should redirect to the manual for the
platform the user is actually on
--+---
 Reporter:  gk|  Owner:  phoul
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 I just tested the patch for #20614 on my Linux box and get redirected to
 https://tb-manual.torproject.org/windows/en-US/. I should, however, get
 redirected to https://tb-manual.torproject.org/linux/en-US/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20735 [Applications/Tor Browser]: Add snowflake pt to alpha linux builds

[Tor Bug Tracker & Wiki]

#20735: Add snowflake pt to alpha linux builds
--+--
 Reporter:  arlolra   |  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201611R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20379 [Applications/Tor Browser]: Can't initially connect to bridges after new network connection

[Tor Bug Tracker & Wiki]

#20379: Can't initially connect to bridges after new network connection
--+--
 Reporter:  qbi   |  Owner:  tbb-team
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  closed => reopened
 * resolution:  duplicate =>


Comment:

 Upon closer inspection #19969 got reopened and might describe a related
 but not this issue. Anyway, fixed by switching to 0.2.9.5-alpha.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20379 [Applications/Tor Browser]: Can't initially connect to bridges after new network connection

[Tor Bug Tracker & Wiki]

#20379: Can't initially connect to bridges after new network connection
--+--
 Reporter:  qbi   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  reopened => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20379 [Applications/Tor Browser]: Can't initially connect to bridges after new network connection

[Tor Bug Tracker & Wiki]

#20379: Can't initially connect to bridges after new network connection
--+---
 Reporter:  qbi   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  needs_information => closed
 * resolution:   => duplicate


Comment:

 Replying to [comment:15 qbi]:
 > I just upgraded to 6.5a4 and couldn't reproduce the behaviour anymore.

 Great. Resolving this as duplicate of #19969 then, thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20670 [Metrics/Onionoo]: provide Operator's guide for Onionoo

[Tor Bug Tracker & Wiki]

#20670: provide Operator's guide for Onionoo
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by hiro):

 Looks fine to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20738 [Internal Services/Service - git]: Delete tag from tor-messenger-build.git repository

[Tor Bug Tracker & Wiki]

#20738: Delete tag from tor-messenger-build.git repository
-+
 Reporter:  sukhbir  |  Owner:  tor-gitadm
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Please delete the tag 0.3.0b1 (most recent) on tor-messenger-build.git
 repository. Thanks.

 (I have  [wiki:doc/TorMessenger/Release?version=18 ensured] that this
 doesn't happen again.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20737 [Internal Services/Tor Sysadmin Team]: ssh access to bracteata and troodi for hiro

[Tor Bug Tracker & Wiki]

#20737: ssh access to bracteata and troodi for hiro
-+-
 Reporter:  hiro |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Minor| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 In general, please make one ticket per request.  Also, for things like
 more access, somebody who already has access needs to ask that you be
 given access.

 Also, I think you already are part of the storm group.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20670 [Metrics/Onionoo]: provide Operator's guide for Onionoo

[Tor Bug Tracker & Wiki]

#20670: provide Operator's guide for Onionoo
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by iwakeh):

 Replying to [comment:8 karsten]:
 > The guide looks good to me!  Please find
 [https://gitweb.torproject.org/user/karsten/onionoo.git/log/?h=task-20670
 my branch task-20670] with a few tweaks and with another commit that
 renames the file to `INSTALL.md`.

 Looks fine.  Ready for merge.
 Does geoip really need a monthly update?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20670 [Metrics/Onionoo]: provide Operator's guide for Onionoo

[Tor Bug Tracker & Wiki]

#20670: provide Operator's guide for Onionoo
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:  Onionoo 3.1-1.0.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by karsten):

 The guide looks good to me!  Please find
 [https://gitweb.torproject.org/user/karsten/onionoo.git/log/?h=task-20670
 my branch task-20670] with a few tweaks and with another commit that
 renames the file to `INSTALL.md`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20737 [Internal Services/Tor Sysadmin Team]: ssh access to bracteata and troodi for hiro

[Tor Bug Tracker & Wiki]

#20737: ssh access to bracteata and troodi for hiro
-+-
 Reporter:  hiro |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Minor|   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Can I get ssh access to bracteata and troodi to start working on storm and
 track?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20348 [Metrics/Censorship analysis]: kz no need tor, tor no need kz, if anybody want they can to use ultrasurf. cyberoam assists bloody dictatorships.

[Tor Bug Tracker & Wiki]

#20348: kz no need tor, tor no need kz, if anybody want they can to use 
ultrasurf.
cyberoam assists bloody dictatorships.
-+-
 Reporter:  dcf  |  Owner:
 Type:  project  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:  censorship block kz  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Phy capacity limits leads to reproducible timings, maybe. Look at default
 bridges they all (except 192.95.36.142) reports 50-100Mbit/s observed
 bandwidth, like they reach limits.

 > What I read on IRC was that this bridge is now CPU-limited, using 100%
 CPU on all cores. It's obfs4proxy using most of the CPU, not tor.

 It reports near 300Mbit/s already, no wonder if cores can't handle all
 encrypted bytes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs