Re: [tor-bugs] #17808 [Core Tor/Tor]: Tor 0.2.7.6 doesn't produce a backtrace on gcc 4.9.3 on OS X 10.11.2

[Tor Bug Tracker & Wiki]

#17808: Tor 0.2.7.6 doesn't produce a backtrace on gcc 4.9.3 on OS X 10.11.2
---+---
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:  Tor: 0.2.7.6
 Severity:  Normal | Resolution:
 Keywords:  tor-03-unspecified-201612  |  Actual Points:
Parent ID: | Points:  ?large?
 Reviewer: |Sponsor:
---+---

Comment (by teor):

 Replying to [comment:6 nickm]:
 > This seems to be compiler-dependent and library-dependent, and not have
 much to do with Tor's actual behavior or use of backtrace.  I'm putting
 this in needs_information to get this information:
 >* Which compiler and version?  Which OS and version?

 gcc 4.9, 5, 6 on macOS 10.11 - 10.12 on x86_64
 (clang and gcc i386 are not affected)

 >* Is this or is this not a regression?

 Unlikely, because the default compiler on macOS has been clang for ages.

 >* What is the output in each case?

 {{{
 BAD
 Feb 24 13:20:34.917 [err] tor_assertion_failed_(): Bug:
 src/test/test_bt_cl.c:43: crash: Assertion 1 == 0 failed; aborting. (on
 Tor 0.3.1.0-alpha-dev efa5bbaba07d20d1)
 Feb 24 13:20:34.917 [err] Bug: Assertion 1 == 0 failed in crash at
 src/test/test_bt_cl.c:43. Stack trace: (on Tor 0.3.1.0-alpha-dev
 efa5bbaba07d20d1)
 Feb 24 13:20:34.917 [err] Bug: 0   test-bt-cl
 0x0001038d63c4 log_backtrace + 68 (on Tor 0.3.1.0-alpha-dev
 efa5bbaba07d20d1)
 BAD

  T= 1487902834
 Tor died: Caught signal 11
 0   test-bt-cl  0x00010e4b42aa crash_handler +
 58
 1   ??? 0x0130 0x0 + 304
 -158318
 Exit 1
 }}}

 > The best solution for the meantime I can find is to treat this failure
 as a "SKIP" on FreeBSD.

 macOS still suffers from this, but we can't skip the entire platform,
 because clang and i386 both work fine.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21415 [Core Tor/Tor]: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845: select_entry_guard_for_circuit: Non-fatal assertion !(!guard_has_descriptor(guard)) failed.

[Tor Bug Tracker & Wiki]

#21415: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845:
select_entry_guard_for_circuit: Non-fatal assertion
!(!guard_has_descriptor(guard)) failed.
--+
 Reporter:  cypherpunks   |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.3-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 In #21371 I updated chutney so `make test-network` will show you any
 unexpected warnings. (Unexpected warnings don't cause the tests in `make
 test-network-all` to fail, so you'd have to grep its logs to find any
 bugs.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21529 [Core Tor/Tor]: Bootstrap fails if one pinned ExitNode is not running

[Tor Bug Tracker & Wiki]

#21529: Bootstrap fails if one pinned ExitNode is not running
--+
 Reporter:  dgoulet   |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:  regression?   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => duplicate


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21529 [Core Tor/Tor]: Bootstrap fails if one pinned ExitNode is not running

[Tor Bug Tracker & Wiki]

#21529: Bootstrap fails if one pinned ExitNode is not running
--+
 Reporter:  dgoulet   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  regression?   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 This is a duplicate of #19989.
 A workaround is to use two exits in the EntryNodes list.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19989 [Core Tor/Tor]: Tor fails to bootstrap with an Exit as EntryNode

[Tor Bug Tracker & Wiki]

#19989: Tor fails to bootstrap with an Exit as EntryNode
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 #21529 has a user reporting this issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21371 [Core Tor/Chutney]: chutney should display bug warnings logged by tor

[Tor Bug Tracker & Wiki]

#21371: chutney should display bug warnings logged by tor
--+
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  closed
 Priority:  High  |  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:  2
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 9a1085a, b93c180, a503fef and child tickets.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21548 [Core Tor/Chutney]: Don't colour warnings when outputting to a file

[Tor Bug Tracker & Wiki]

#21548: Don't colour warnings when outputting to a file
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #21371| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 23b5d63.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21532 [Core Tor/Chutney]: Make warnings.sh output errs

[Tor Bug Tracker & Wiki]

#21532: Make warnings.sh output errs
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #21371| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 8f100b9.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21531 [Core Tor/Chutney]: Fix chutney warnings.sh spacing

[Tor Bug Tracker & Wiki]

#21531: Fix chutney warnings.sh spacing
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #21371| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in dd880b8.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21533 [Core Tor/Chutney]: Handle hidden services on old tor versions in hsaddress.sh

[Tor Bug Tracker & Wiki]

#21533: Handle hidden services on old tor versions in hsaddress.sh
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 85ed9bc.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21521 [Core Tor/Chutney]: Make chutney support relative paths

[Tor Bug Tracker & Wiki]

#21521: Make chutney support relative paths
--+---
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by teor):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Closing in favour of #21467.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17090 [Core Tor/Chutney]: chutney triggers tor warnings about ExitRelay not being set

[Tor Bug Tracker & Wiki]

#17090: chutney triggers tor warnings about ExitRelay not being set
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  SponsorS testing  |  Actual Points:
Parent ID:  #17011| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 12eceea.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16999 [Core Tor/Chutney]: chutney torrcs contain duplicate TestingDirAuthVoteExit entries

[Tor Bug Tracker & Wiki]

#16999: chutney torrcs contain duplicate TestingDirAuthVoteExit entries
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #16949| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 822ec7b.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17088 [Core Tor/Chutney]: chutney shouldn't set DirPort on bridge relays

[Tor Bug Tracker & Wiki]

#17088: chutney shouldn't set DirPort on bridge relays
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  SponsorS testing  |  Actual Points:
Parent ID:  #16949| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed
 * severity:   => Normal


Comment:

 Fixed in 8633713.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21467 [Core Tor/Chutney]: Make chutney work with relative paths (was: Make chutney tools work with relative paths)

[Tor Bug Tracker & Wiki]

#21467: Make chutney work with relative paths
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Turns out this is harder to fix than I thought.

 I'm about to merge a change that makes the paths absolute, and then cd's
 to the path before running chutney. But chutney still has templating and
 other code that assumes the current directory is 'chutney'. It should read
 CHUTNEY_PATH instead.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21548 [Core Tor/Chutney]: Don't colour warnings when outputting to a file

[Tor Bug Tracker & Wiki]

#21548: Don't colour warnings when outputting to a file
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #21371
   Points:  0.1   |   Reviewer:
  Sponsor:|
--+
 This is surprisingly easy to implement.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21415 [Core Tor/Tor]: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845: select_entry_guard_for_circuit: Non-fatal assertion !(!guard_has_descriptor(guard)) failed.

[Tor Bug Tracker & Wiki]

#21415: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845:
select_entry_guard_for_circuit: Non-fatal assertion
!(!guard_has_descriptor(guard)) failed.
--+
 Reporter:  cypherpunks   |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.3-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 I'm seeing this intermittently on master in a relay on the hs-ipv6 chutney
 network.
 I'll attach the info-level log.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21547 [Applications/Torbutton]: e10s and 52esr compatibility for tor circuit display

[Tor Bug Tracker & Wiki]

#21547: e10s and 52esr compatibility for tor circuit display
+
 Reporter:  arthuredelstein |  Owner:
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Torbutton  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:  #21201
   Points:  |   Reviewer:
  Sponsor:  |
+
 mcs and brade noticed a crash in the circuit display. Also first party key
 is now part of origin attributes, so that probably needs to operate
 differently as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21546 [Applications/Tor Browser]: Adapt Tor Launcher to TBB/FF52ESR

[Tor Bug Tracker & Wiki]

#21546: Adapt Tor Launcher to TBB/FF52ESR
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff52-esr
Actual Points:|  Parent ID:  #20680
   Points:|   Reviewer:
  Sponsor:|
--+--
 Tor Launcher probably needs some tweaks for ESR52, especially with e10s
 enabled.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21432 [Applications/Tor Browser]: Make a plan on how to deploy e10s in Tor Browser

[Tor Bug Tracker & Wiki]

#21432: Make a plan on how to deploy e10s in Tor Browser
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201702  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21406 [Core Tor/Tor]: The channel is_client flag is inaccurate

[Tor Bug Tracker & Wiki]

#21406: The channel is_client flag is inaccurate
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => needs_review
 * points:   => 0.5


Comment:

 See my branch `connection-with-client` which fixes the channel flag.
 Should this be equivalent to the connection flag? Should we set one, and
 then make both accessors use it?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21545 [Applications/Tor Browser]: Change "Tracking Protection List" URL to torproject's one.

[Tor Bug Tracker & Wiki]

#21545: Change "Tracking Protection List" URL to torproject's one.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Privacy > Use Tracking Protection in Private Windows

 If you enable it, TBB will connect to Amazon/Disconnect server.
 They are logging and it's bad.

 Instead, use .onion/ to fetch lists(host lists on Tor server).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19573 [Core Tor/Chutney]: Use fixedresolver.py from dnslib in chutney

[Tor Bug Tracker & Wiki]

#19573: Use fixedresolver.py from dnslib in chutney
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by teor:

Old description:

> Tor Exits in chuntey run DNS checks to external addresses.
> This is one of the things stopping chutney from working on
>
> We could redirect DNS queries to fixedresolver.py from Python's dnslib,
> and that would make sure DNS would all run locally.
>
> (Although we might have to reply with a few different addresses somehow,
> because tor gets suspicious if every address from DNS is the same.)

New description:

 Tor Exits in chuntey run DNS checks to external addresses.
 This is one of the things stopping chutney from working when there is no
 DNS.

 We could redirect DNS queries to fixedresolver.py from Python's dnslib,
 and that would make sure DNS would all run locally.

 (Although we might have to reply with a few different addresses somehow,
 because tor gets suspicious if every address from DNS is the same.)

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

[Tor Bug Tracker & Wiki]

#20680: Rebase Tor Browser patches to 52 ESR
+--
 Reporter:  arthuredelstein |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201702  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:  Sponsor4
+--

Comment (by arthuredelstein):

 Replying to [comment:15 mcs]:
 > Replying to [comment:14 gk]:
 > > Replying to [comment:13 gk]:
 > > > mcs/brade: the patch for #15640 got finally included in the big
 canvas one. Do you think it would be worthwhile noting this in the commit
 message as well? I saw we mentioned a bunch of other bugs there too and
 thought it might help clarifying things in case one is wondering where
 that patch is gone (as I did while updating the design doc).
 > >
 > > I feel mentioning our adapted logic from #17446 would be good as well.
 >
 > Yes, we should mention both of those tickets in the new #6253 commit
 message.
 > Arthur, can you add them when you create a new ESR52 branch or is that
 not something you will need to do soon?

 I have added mention of both of these tickets in our #6253 commit message.

 Replying to [comment:18 mcs]:
 > I just attached a fix that Kathy and I needed to make in order to build
 successfully on Linux (probably also needed for Windows).

 Thanks -- added to my branch.

 Here's the latest branch:
 https://github.com/arthuredelstein/tor-browser/commits/20680+3

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20512 [Core Tor/Tor]: Make a Tor 0.2.7.7 release, with the patch for #20384

[Tor Bug Tracker & Wiki]

#20512: Make a Tor 0.2.7.7 release, with the patch for #20384
--+
 Reporter:  arma  |  Owner:
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.2.7.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 maint-0.2.7-redux and release-0.2.7-redux are now real repositories on our
 official tor repository.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21544 [Core Tor/Chutney]: Make chutney use sockets rather than ports

[Tor Bug Tracker & Wiki]

#21544: Make chutney use sockets rather than ports
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 I often want to run multiple chutney networks at once.
 One way of doing this is to use unix sockets at unique paths.

 And we should do this anyway to test the unix socket code.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21543 [Core Tor/Chutney]: Make chutney use a different base port

[Tor Bug Tracker & Wiki]

#21543: Make chutney use a different base port
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 I often want to run multiple chutney networks at once.
 It would help if I could specify a different base port (for example,
 1) that would be added to all ports used by chutney.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19048 [Applications/Tor Browser]: Review Firefox Developer Docs and Undocumented bugs since FF45esr

[Tor Bug Tracker & Wiki]

#19048: Review Firefox Developer Docs and Undocumented bugs since FF45esr
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201702  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:  Sponsor4
+--
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21381 [Metrics/CollecTor]: CollecTor web-page should have new Metrics design

[Tor Bug Tracker & Wiki]

#21381: CollecTor web-page should have new Metrics design
---+
 Reporter:  iwakeh |  Owner:  metrics-team
 Type:  enhancement| Status:  needs_revision
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by karsten):

 Okay, let's just leave it blank.  The first column, "Descriptor Type",
 should just contain the descriptor type.  And if somebody really wonders
 why there's no recent button for certificates, they should follow the link
 and read the 2 sentences of text.

 Does that mean we have addressed all issues and suggestions above?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

[Tor Bug Tracker & Wiki]

#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  Actual Points:
  tor-03-unspecified-201612, review-group-16 |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 Thanks arma! It should go in the "Why Tor is like that?" FAQ :)

 Ok, I went over the patch. It's pretty solid. I made a small comment on
 the Gitlab about adding a `BUG()` macro in case a purpose can't be handled
 so we can get a stacktrace instead of a simple log line. With that, I'm
 confident this is `merge_ready`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21379 [Metrics/metrics-lib]: Metrics-lib web-site

[Tor Bug Tracker & Wiki]

#21379: Metrics-lib web-site
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 RaBe, thanks for starting this by providing another great prototype!  I
 can't think of any major design changes at this point.  For example, I
 second iwakeh's suggestion to add a button for the JavaDocs rather than
 including something on this page.

 But I also think that we should first have a discussion of what content we
 want to put on this page.  For example, it's great that you used
 `README.md` and `CONTRIB.md` as input for this prototype.  But we should
 probably remove most of the contents for contributors and focus on what a
 new developer would want to know without necessarily becoming a
 contributor yet.

 Another aspect is that we might want to include links rather than actual
 contents on this page to keep this page static.  For example, rather than
 including the change log (which I suggested above, I know), it would be
 easier to just include a link to the change log.  Otherwise we'll have to
 either update the website after a new release or automate that somehow.
 We can always make it more complex later, I'd say.

 iwakeh, what do you think about the following sections:

  - DescripTor - A Tor Descriptor API for Java (1 or 2 sentences with an
 overview what it is, including CollecTor link)
  - Download (link to dist.tpo folder, most important steps for verifying,
 link to change log)
  - Dependencies ("what you still need to get, or it just won't work";
 hint: we don't need JUnit or Hamcrest, but we need Gson and SLF4j)
  - Tutorials ("how you actually use it to get started")
  - JavaDocs (just the link, maybe with > as on CollecTor page)
  - Development (short paragraph with link to sources in gitweb.tpo, bug
 tracker bugs.tpo, and team wiki page wiki.tpo, link to reproducible builds
 doc in git when available)

 How should we work on the content?  Should we check in the current
 prototype as `index.html` and edit the content in Git, ideally with
 separate commits for additions and removals?  Or should we put it on a pad
 and edit concurrently?  Or should we first discuss sections and section
 contents on this ticket before moving elsewhere?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21283 [Core Tor/Tor]: Remove broken fallback directory mirrors

[Tor Bug Tracker & Wiki]

#21283: Remove broken fallback directory mirrors
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 028-backport,  |  Actual Points:
  029-backport   |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 9BF04559224F0F1C3C953D641F1744AF0192543A confirmed
 [2a01:4f8:190:34f0::2]:4223

 I need to add both these addresses to the whitelist, and manually add them
 to the generated fallback list.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21334 [Core Tor/Tor]: prop224: Update prop224 HS desriptor generation code to produce the latest descriptor format

[Tor Bug Tracker & Wiki]

#21334: prop224: Update prop224 HS desriptor generation code to produce the 
latest
descriptor format
--+
 Reporter:  asn   |  Owner:
 Type:  defect| Status:
  |  needs_revision
 Priority:  Very High |  Milestone:  Tor:
  |  0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-hs, prop224, review-group-16  |  Actual Points:
Parent ID:| Points:  3
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by dgoulet):

 * status:  needs_review => needs_revision
 * priority:  Medium => Very High


Comment:

 Ok I made some comments on the gitlab branch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21536 [Applications/Tor Browser]: Remove asn's scramblesuit bridge from Tor Browser

[Tor Bug Tracker & Wiki]

#21536: Remove asn's scramblesuit bridge from Tor Browser
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201702R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. This landed on `master`, `maint-6.5`, and `hardened-builds`
 (commits 09baf96adc8671e29af43aa91c83723dfc76d7fa,
 8f70f0da6a2d38c8954c5fc24ea92fc7c1e746a4, and
 258def4ae69ed4e6328f97319ff9dbcdd0d30a9f).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21542 [Applications/Tor Launcher]: use Subprocess.jsm to launch tor

[Tor Bug Tracker & Wiki]

#21542: use Subprocess.jsm to launch tor
---+---
 Reporter:  mcs|  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-usability, ff52-esr|  Actual Points:
Parent ID:  #10059 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * cc: gk (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21541 [Core Tor/Stem]: tor-prompt / tor-cli as a shell command line tool to talk to Tor's ControlPort

[Tor Bug Tracker & Wiki]

#21541: tor-prompt / tor-cli as a shell command line tool to talk to Tor's
ControlPort
---+
 Reporter:  adrelanos  |  Owner:  atagar
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by adrelanos):

 Great! Glad you like it. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21541 [Core Tor/Stem]: tor-prompt / tor-cli as a shell command line tool to talk to Tor's ControlPort

[Tor Bug Tracker & Wiki]

#21541: tor-prompt / tor-cli as a shell command line tool to talk to Tor's
ControlPort
---+
 Reporter:  adrelanos  |  Owner:  atagar
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by atagar):

 Hi adrelanos, both great ideas! I'll try to get this out over the weekend.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21538 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21538: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor | Resolution:  duplicate
 Keywords:  supressed |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dgoulet):

 * status:  new => closed
 * resolution:   => duplicate


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21539 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21539: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor | Resolution:  duplicate
 Keywords:  supressed |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dgoulet):

 * status:  new => closed
 * resolution:   => duplicate


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21246 [Internal Services/Service - trac]: Remove google recaptha

[Tor Bug Tracker & Wiki]

#21246: Remove google recaptha
--+-
 Reporter:  scootergrisen |  Owner:
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by lnl):

 * status:  assigned => new


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21246 [Internal Services/Service - trac]: Remove google recaptha

[Tor Bug Tracker & Wiki]

#21246: Remove google recaptha
--+--
 Reporter:  scootergrisen |  Owner:
 Type:  task  | Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by lnl):

 * owner:  lnl =>
 * status:  reopened => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21246 [Internal Services/Service - trac]: Remove google recaptha

[Tor Bug Tracker & Wiki]

#21246: Remove google recaptha
--+--
 Reporter:  scootergrisen |  Owner:  lnl
 Type:  task  | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by lnl):

 * component:  User Experience => Internal Services/Service - trac


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10059 [Core Tor/Tor]: capture tor log messages before control connection is opened

[Tor Bug Tracker & Wiki]

#10059: capture tor log messages before control connection is opened
-+-
 Reporter:  mcs  |  Owner:  nickm
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, extdev-interview, |  Actual Points:
  tor-03-unspecified-201612, tbb-wants   |
Parent ID:  #9675| Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Another solution would be for Tor Launcher to capture tor's stderr.
 Recently, Mozilla added a new "subprocess" module that may allow us to do
 that. I created #21542 to track this idea.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21542 [Applications/Tor Launcher]: use Subprocess.jsm to launch tor

[Tor Bug Tracker & Wiki]

#21542: use Subprocess.jsm to launch tor
---+---
 Reporter:  mcs|  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal |   Keywords:  tbb-usability,
   |  ff52-esr
Actual Points: |  Parent ID:  #10059
   Points: |   Reviewer:
  Sponsor: |
---+---
 In Firefox 49, Mozilla added a new Subprocess.jsm module (they use it to
 implement the WebExtensions Native Messaging API). Kathy and I have not
 looked at it closely yet, but this module may provide a better way for Tor
 Launcher to start and manage the tor process. In particular,
 Subprocess.jsm provides access to stderr which would allow Tor Launcher to
 capture all output produced by tor.

 Docs:
 
http://gecko.readthedocs.io/en/latest/toolkit/modules/subprocess/toolkit_modules/subprocess/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21541 [Core Tor/Stem]: tor-prompt / tor-cli as a shell command line tool to talk to Tor's ControlPort

[Tor Bug Tracker & Wiki]

#21541: tor-prompt / tor-cli as a shell command line tool to talk to Tor's
ControlPort
---+
 Reporter:  adrelanos  |  Owner:  atagar
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 Would be great if python-stem's existing {{{tor-prompt}}} linux command
 line tool could be enhanced so it could replace [https://github.com/Whonix
 /tor-ctrl/blob/master/usr/bin/tor-ctrl tor-ctrl].

 * not show the help "Welcome to Stem's interpreter prompt. This...",
 perhaps with a --no-help or --cli parameter?
 * using it in a pipe

 {{{
 echo signal newnym | tor-prompt --cli
 }}}

 {{{250 OK}}}

 Or.

 {{{
 echo signal newnym | tor-cli
 }}}

 {{{250 OK}}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21381 [Metrics/CollecTor]: CollecTor web-page should have new Metrics design

[Tor Bug Tracker & Wiki]

#21381: CollecTor web-page should have new Metrics design
---+
 Reporter:  iwakeh |  Owner:  metrics-team
 Type:  enhancement| Status:  needs_revision
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by iwakeh):

 Replying to [comment:41 karsten]:
 > Hmm, I'm not sure.  I see how it saves space to put the expiry date in
 the free spot.  But it seems counter-intuitive to include additional data
 that is only relevant for the archive in the place that is otherwise used
 for recent descriptors.  And note that we didn't stop collecting directory
 key certificates, we just don't provide recent ones because they are
 published so infrequently that we can put them all in a single tarball
 under archive.
 >
 > I think I still prefer leaving the spot of the recent button blank
 whenever we don't have recent descriptors.  Either that, or we should
 include start and possibly end dates for all descriptor types.


 Yes, just leave it blank.
 An idea for the certificates: the first column could be `Directory Key
 Certificates, archive only`.
 That would be similar to those with dates of availability.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by iwakeh):

 * status:  needs_review => merge_ready


Comment:

 CollecTor looks fine, too.

 Actually, also CollecTor and ExoneraTor can use descriptor-1.6.0 now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21540 [Core Tor/Tor]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21540: Warning "Failure from drain_fd"
--+
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.9.9
 Severity:  Minor | Resolution:
 Keywords:  supressed |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by dgoulet):

 * component:  - Select a component => Core Tor/Tor
 * milestone:   => Tor: 0.3.1.x-final


Old description:

> "Failure from drain_fd: No error [x similar messages suppressed in 72000
>  seconds]"
>
> "x" stands for any number
>
> '''Possible the same as #16992'''
>

> Feb 18 19:41:59.564 [Warnung] Failure from drain_fd: No error [5 similar
> message(s) suppressed in last 7200 seconds]
> Feb 18 20:04:08.501 [Hinweis] Heartbeat: Tor's uptime is 16:22 hours,
> with 2 circuits open. I've sent 31.55 MB and received 211.71 MB.
> Feb 18 20:04:08.501 [Hinweis] Average packaged cell fullness: 73.875%.
> TLS write overhead: 5%
> Feb 18 20:04:08.501 [Hinweis] Circuit handshake stats since last time:
> 1/1 TAP, 0/0 NTor.
> Feb 18 20:04:08.501 [Hinweis] Since startup, we have initiated 0 v1
> connections, 0 v2 connections, 0 v3 connections, and 43 v4 connections;
> and received 3 v1 connections, 12 v2 connections, 17 v3 connections, and
> 701 v4 connections.
> Feb 18 21:54:40.556 [Warnung] Failure from drain_fd: No error [1 similar
> message(s) suppressed in last 7200 seconds]
> Feb 19 00:00:07.179 [Warnung] Failure from drain_fd: No error [9 similar
> message(s) suppressed in last 7200 seconds]
> Feb 19 01:15:16.376 [Hinweis] Interrupt: we have stopped accepting new
> connections, and will shut down in 30 seconds. Interrupt again to exit
> now.
> Feb 19 15:14:06.133 [Hinweis] Tor 0.2.9.9 (git-56788a2489127072) running
> on Windows 7 with Libevent 2.0.22-stable, OpenSSL 1.0.2j and Zlib 1.2.8.
> Feb 19 15:14:06.134 [Hinweis] Tor can't help you if you use it wrong!
> Learn how to be safe at
> https://www.torproject.org/download/download#warning
> Feb 19 15:14:06.134 [Hinweis] Read configuration file "C:\Program Files
> (x86)\Vidalia Relay Bundle\Data\Tor\torrc".
> Feb 19 15:14:06.134 [Warnung] Path for DataDirectory (C:/Program Files
> (x86)/Vidalia Relay Bundle/Data/Tor) is relative and will resolve to
> C:\Program Files (x86)\Vidalia Relay Bundle\Data\Tor. Is this what you
> wanted?
> Feb 19 15:14:06.134 [Hinweis] Based on detected system memory,
> MaxMemInQueues is set to 2048 MB. You can override this by setting
> MaxMemInQueues by hand.
> Feb 19 15:14:06.134 [Hinweis] Opening Socks listener on 127.0.0.1:9050
> Feb 19 15:14:06.134 [Hinweis] Opening Control listener on 127.0.0.1:9051
> Feb 19 15:14:06.134 [Hinweis] Opening OR listener on 0.0.0.0:443
> Feb 19 15:14:06.135 [Hinweis] Opening Directory listener on 0.0.0.0:9030
> Feb 19 17:28:38.911 [Warnung] Failure from drain_fd: No error [74 similar
> message(s) suppressed in last 7200 seconds]
> Feb 19 20:48:42.369 [Warnung] Failure from drain_fd: No error [2 similar
> message(s) suppressed in last 7200 seconds]
> Feb 19 21:15:07.100 [Hinweis] Heartbeat: Tor's uptime is 5:59 hours, with
> 3 circuits open. I've sent 55.97 MB and received 935.17 MB.
> Feb 19 21:15:07.101 [Hinweis] Average packaged cell fullness: 57.651%.
> TLS write overhead: 5%
> Feb 19 21:15:07.101 [Hinweis] Circuit handshake stats since last time:
> 1/1 TAP, 115/115 NTor.
> Feb 19 21:15:07.101 [Hinweis] Since startup, we have initiated 0 v1
> connections, 0 v2 connections, 0 v3 connections, and 148 v4 connections;
> and received 0 v1 connections, 10 v2 connections, 11 v3 connections, and
> 377 v4 connections.

New description:

 "Failure from drain_fd: No error [x similar messages suppressed in 72000
  seconds]"

 "x" stands for any number

 '''Possible the same as #16992'''

 {{{
 Feb 18 19:41:59.564 [Warnung] Failure from drain_fd: No error [5 similar
 message(s) suppressed in last 7200 seconds]
 Feb 18 20:04:08.501 [Hinweis] Heartbeat: Tor's uptime is 16:22 hours, with
 2 circuits open. I've sent 31.55 MB and received 211.71 MB.
 Feb 18 20:04:08.501 [Hinweis] Average packaged cell fullness: 73.875%. TLS
 write overhead: 5%
 Feb 18 20:04:08.501 [Hinweis] Circuit handshake stats since last time: 1/1
 TAP, 0/0 NTor.
 Feb 18 20:04:08.501 [Hinweis] Since startup, we have initiated 0 v1
 connections, 0 v2 connections, 0 v3 connections, and 43 v4 connections;
 and received 3 v1 connections, 12 v2 connections, 17 v3 connections, and
 701 v4 connections.
 Feb 18 21:54:40.556 [Warnung] Failure from drain_fd: No error [1 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 00:00:07.179 [Warnung] Failure from drain_fd: No error [9 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 01:15:16.376 [Hinweis] Interrupt: we ha

Re: [tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by iwakeh):

 Please find [https://gitweb.torproject.org/user/iwakeh/metrics-
 web.git/log/?h=task-21535-2 two commits] on top of your metrics-web
 branch, which make a few steps toward the Metrics project layout standard
 and reduce duplication.

 `maxmemory` is set to `2g` throughout.  If a run should have a different
 value, I can introduce another property for that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20761 [Applications/Tor Launcher]: Tor Browser 6.5a4 is ignoring additional SocksPorts

[Tor Bug Tracker & Wiki]

#20761: Tor Browser 6.5a4 is ignoring additional SocksPorts
---+
 Reporter:  gk |  Owner:  mcs
 Type:  defect | Status:  needs_revision
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201702   |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor4
---+
Changes (by mcs):

 * status:  needs_review => needs_revision
 * keywords:  TorBrowserTeam201702R => TorBrowserTeam201702


Comment:

 Replying to [comment:33 gk]:
 > Hmm. What about stable users once they get the fix in this bug? Aren't
 they potentially affected as well?

 The versions of Tor Launcher that have shipped on our stable channel have
 never set SocksPort or ControlPort from code, so the likelihood that there
 will be a problem is much lower than for alpha channel users. But you are
 right: if someone has added additional SocksPort or ControlPort lines to
 their torrc, a conflict will occur.

 With some reluctance, Kathy and I believe the best thing to do is for Tor
 Launcher to perform a one-time "fixup" of the user's torrc file. We will
 write code to remove any ControlPort and SocksPort lines that match what
 Tor Launcher will automatically configure via args when it starts tor. We
 will prepare a revised patch soon so we can think about including it in
 the next alpha.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21540 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21540: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor | Resolution:
 Keywords:  supressed |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by PjotrV):

 I've added the most important block of the log file directly, because I've
 got an error at creation of this ticket - like ".. empty list .." - may be
 regarding to the add files option in the form.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21540 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21540: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor |   Keywords:  supressed
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 "Failure from drain_fd: No error [x similar messages suppressed in 72000
  seconds]"

 "x" stands for any number

 '''Possible the same as #16992'''


 Feb 18 19:41:59.564 [Warnung] Failure from drain_fd: No error [5 similar
 message(s) suppressed in last 7200 seconds]
 Feb 18 20:04:08.501 [Hinweis] Heartbeat: Tor's uptime is 16:22 hours, with
 2 circuits open. I've sent 31.55 MB and received 211.71 MB.
 Feb 18 20:04:08.501 [Hinweis] Average packaged cell fullness: 73.875%. TLS
 write overhead: 5%
 Feb 18 20:04:08.501 [Hinweis] Circuit handshake stats since last time: 1/1
 TAP, 0/0 NTor.
 Feb 18 20:04:08.501 [Hinweis] Since startup, we have initiated 0 v1
 connections, 0 v2 connections, 0 v3 connections, and 43 v4 connections;
 and received 3 v1 connections, 12 v2 connections, 17 v3 connections, and
 701 v4 connections.
 Feb 18 21:54:40.556 [Warnung] Failure from drain_fd: No error [1 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 00:00:07.179 [Warnung] Failure from drain_fd: No error [9 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 01:15:16.376 [Hinweis] Interrupt: we have stopped accepting new
 connections, and will shut down in 30 seconds. Interrupt again to exit
 now.
 Feb 19 15:14:06.133 [Hinweis] Tor 0.2.9.9 (git-56788a2489127072) running
 on Windows 7 with Libevent 2.0.22-stable, OpenSSL 1.0.2j and Zlib 1.2.8.
 Feb 19 15:14:06.134 [Hinweis] Tor can't help you if you use it wrong!
 Learn how to be safe at
 https://www.torproject.org/download/download#warning
 Feb 19 15:14:06.134 [Hinweis] Read configuration file "C:\Program Files
 (x86)\Vidalia Relay Bundle\Data\Tor\torrc".
 Feb 19 15:14:06.134 [Warnung] Path for DataDirectory (C:/Program Files
 (x86)/Vidalia Relay Bundle/Data/Tor) is relative and will resolve to
 C:\Program Files (x86)\Vidalia Relay Bundle\Data\Tor. Is this what you
 wanted?
 Feb 19 15:14:06.134 [Hinweis] Based on detected system memory,
 MaxMemInQueues is set to 2048 MB. You can override this by setting
 MaxMemInQueues by hand.
 Feb 19 15:14:06.134 [Hinweis] Opening Socks listener on 127.0.0.1:9050
 Feb 19 15:14:06.134 [Hinweis] Opening Control listener on 127.0.0.1:9051
 Feb 19 15:14:06.134 [Hinweis] Opening OR listener on 0.0.0.0:443
 Feb 19 15:14:06.135 [Hinweis] Opening Directory listener on 0.0.0.0:9030
 Feb 19 17:28:38.911 [Warnung] Failure from drain_fd: No error [74 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 20:48:42.369 [Warnung] Failure from drain_fd: No error [2 similar
 message(s) suppressed in last 7200 seconds]
 Feb 19 21:15:07.100 [Hinweis] Heartbeat: Tor's uptime is 5:59 hours, with
 3 circuits open. I've sent 55.97 MB and received 935.17 MB.
 Feb 19 21:15:07.101 [Hinweis] Average packaged cell fullness: 57.651%. TLS
 write overhead: 5%
 Feb 19 21:15:07.101 [Hinweis] Circuit handshake stats since last time: 1/1
 TAP, 115/115 NTor.
 Feb 19 21:15:07.101 [Hinweis] Since startup, we have initiated 0 v1
 connections, 0 v2 connections, 0 v3 connections, and 148 v4 connections;
 and received 0 v1 connections, 10 v2 connections, 11 v3 connections, and
 377 v4 connections.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21539 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21539: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor |   Keywords:  supressed
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 "Failure from drain_fd: No error [x similar messages suppressed in 72000
  seconds]"

 "x" stands for any number

 '''Possible the same as #16992'''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21538 [- Select a component]: Warning "Failure from drain_fd"

[Tor Bug Tracker & Wiki]

#21538: Warning "Failure from drain_fd"
--+--
 Reporter:  PjotrV|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:  Tor: 0.2.9.9
 Severity:  Minor |   Keywords:  supressed
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 "Failure from drain_fd: No error [x similar messages suppressed in 72000
  seconds]"

 "x" stands for any number

 '''Possible the same as #16992'''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses

[Tor Bug Tracker & Wiki]

#21537: Consider ignoring secure cookies for .onion addresses
--+--
 Reporter:  micah |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  secure cookies|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by micah):

 * version:  Tor: unspecified =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses

[Tor Bug Tracker & Wiki]

#21537: Consider ignoring secure cookies for .onion addresses
--+--
 Reporter:  micah |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  secure cookies|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by micah:

Old description:

> Its hard to setup onion services because you need to enable secure
> cookies some times and disable them other times. Right now you have to
> make a trade-off: work well with .onions, or work well with everyone
> else. One of the main problem points has been secure cookies.
>
> The idea of "secure cookies" is that they prevent you from leaking your
> cookie information over an insecure connection. There are a lot of ways
> you can leak your cookie info over an insecure connection:
>
> . dont have hsts setup
> . running an application server that sets the cookie before it redirects
> to https
> . or your server is not setup to redirect everything to https
>
> Using "secure cookies" allows the application (regardless of how it is
> run, or what intermediaries are in between), to make sure that the
> browser doesn't screw this up. It tells the browser to never submit the
> cookie over plaintext. Many frameworks have this set by default (such as
> Rails). Some applications, such as java/tomcat have as part of the stack
> the cookie setting that happens before that does the redirect to https.
>
> It is considered a best practice that every web developer is told to do,
> but its a best practice that doesn't work if you want to run an onion
> site. Running an onion site should not force you to violate established
> web application development best practices.
>
> The "secure cookies" spec is just a "suggestion" to the browser, so TBB
> is free to ignore them, and I think that maybe it should do so for .onion
> sites.
>
> As an example, if a user goes to https://example.com the first response
> back sends back a cookie with nothing but a session id. If you then
> login, you now have a sessionid that is privileged and associated with
> your account. If you then close that tab, but then realize you needed to
> do something else, so you open a new tab and go to http://example.com
> (NB: no https). If the site did not mark the original cookies as
> 'secure', then the browser will submit in that initial first request the
> cookie it had previously saved and it will send it over the cleartext
> channel before the webserver can redirect to the secured site. With the
> secure cookies flag set, the browser will not send the cookie until the
> TLS connection is up. This doesn't matter if you are going over onion
> services because the connection is already wrapped in TLS, and it also
> doesn't matter if the site has HSTS, because the second visit will go to
> https by default in that scenario.
>
> So what are the options?
>
> . Ignore secure cookie flags for .onions
> . Ignore tls verification for onions
>
> Either one would increase the security properties of onion and non
> onions, unfortunately the second one would not be appreciated by sites
> that have actually paid for a valid .onion cert.
>
> Pretty much every Rails application suffers with TBB because of this
> problem, I'm pretty sure other frameworks also suffer from this. Fixing
> this would fix a large number of tor problems related to this.
>
> I'm unsure of the broader implications of this, which is why I wanted to
> open this for discussion.

New description:

 One of the main problem points with adding onion services to existing web
 services has been interaction with secure cookies. Its hard to setup onion
 services because you need to enable secure cookies some times (over
 regular network+TLS) and disable them other times (over .onion network,
 without TLS). Right now you have to make a trade-off: work well with
 .onions, or work well with everyone else. This is an unfortunate trade-
 off.

 It is considered a best practice that every web developer is told to do,
 but its a best practice that doesn't work if you want to run an onion
 site. Running an onion site should not force you to violate established
 web application development best practices.

 The idea of "secure cookies" is that they prevent you from leaking your
 cookie information over an insecure connection. There are a lot of ways
 you can leak your cookie info over an insecure connection:

 . dont have hsts setup
 . running an application server that sets the cookie before it redirects
 to https
 . or your server is not setup to redirect everything to https

 Using 

[tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses

[Tor Bug Tracker & Wiki]

#21537: Consider ignoring secure cookies for .onion addresses
--+--
 Reporter:  micah |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:  secure cookies
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Its hard to setup onion services because you need to enable secure cookies
 some times and disable them other times. Right now you have to make a
 trade-off: work well with .onions, or work well with everyone else. One of
 the main problem points has been secure cookies.

 The idea of "secure cookies" is that they prevent you from leaking your
 cookie information over an insecure connection. There are a lot of ways
 you can leak your cookie info over an insecure connection:

 . dont have hsts setup
 . running an application server that sets the cookie before it redirects
 to https
 . or your server is not setup to redirect everything to https

 Using "secure cookies" allows the application (regardless of how it is
 run, or what intermediaries are in between), to make sure that the browser
 doesn't screw this up. It tells the browser to never submit the cookie
 over plaintext. Many frameworks have this set by default (such as Rails).
 Some applications, such as java/tomcat have as part of the stack the
 cookie setting that happens before that does the redirect to https.

 It is considered a best practice that every web developer is told to do,
 but its a best practice that doesn't work if you want to run an onion
 site. Running an onion site should not force you to violate established
 web application development best practices.

 The "secure cookies" spec is just a "suggestion" to the browser, so TBB is
 free to ignore them, and I think that maybe it should do so for .onion
 sites.

 As an example, if a user goes to https://example.com the first response
 back sends back a cookie with nothing but a session id. If you then login,
 you now have a sessionid that is privileged and associated with your
 account. If you then close that tab, but then realize you needed to do
 something else, so you open a new tab and go to http://example.com (NB: no
 https). If the site did not mark the original cookies as 'secure', then
 the browser will submit in that initial first request the cookie it had
 previously saved and it will send it over the cleartext channel before the
 webserver can redirect to the secured site. With the secure cookies flag
 set, the browser will not send the cookie until the TLS connection is up.
 This doesn't matter if you are going over onion services because the
 connection is already wrapped in TLS, and it also doesn't matter if the
 site has HSTS, because the second visit will go to https by default in
 that scenario.

 So what are the options?

 . Ignore secure cookie flags for .onions
 . Ignore tls verification for onions

 Either one would increase the security properties of onion and non onions,
 unfortunately the second one would not be appreciated by sites that have
 actually paid for a valid .onion cert.

 Pretty much every Rails application suffers with TBB because of this
 problem, I'm pretty sure other frameworks also suffer from this. Fixing
 this would fix a large number of tor problems related to this.

 I'm unsure of the broader implications of this, which is why I wanted to
 open this for discussion.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21525 [Core Tor/Tor]: Bootstrapping authorities sometimes expect a vote valid-after time of 0

[Tor Bug Tracker & Wiki]

#21525: Bootstrapping authorities sometimes expect a vote valid-after time of 0
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:
 Keywords:  tor-auth  |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * milestone:  Tor: unspecified => Tor: 0.3.1.x-final


Comment:

 That sure does sound like a bug to me; let's investigate a bit further so
 we know why this happens.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Replying to [comment:2 iwakeh]:
 > Yes, good idea, little by little thing get done!
 >
 > ExoneraTor is ready to merge.

 Merged.  Thanks for looking!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21507 [Core Tor/Tor]: Reject Tor versions that contain non-numeric prefixes

[Tor Bug Tracker & Wiki]

#21507: Reject Tor versions that contain non-numeric prefixes
+--
 Reporter:  teor|  Owner:
 Type:  defect  | Status:  merge_ready
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.1.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  029-backport, 030-backport  |  Actual Points:  0.3
Parent ID:  | Points:  0.2
 Reviewer:  |Sponsor:
+--

Comment (by dgoulet):

 Replying to [comment:5 teor]:
 > Replying to [comment:4 dgoulet]:
 > > Branch lgtm;
 > >
 > > Actually now that master has become 031, I believe we should put this
 in 031 and then consider it for backport else it will get somehow
 forgotten in 029... I'm not entirely sure if this fix qualifies for a
 stable backport. If we think 029 is a valid backport
 >
 > 0.2.9 is a valid backport so that authorities can filter badly formatted
 versions from the network. The reasons are the same as those for #21450
 and the authority parts of #21278.

 Ok agree. We expect dir auth to be either on the latest stable or one
 before and in this case 029 (and very soon 030).

 >
 > > then 025 should also be considered (LTS) but I'm not convinced of
 that.
 >
 > No authorities run any version earlier than 0.2.9.

 Indeed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by iwakeh):

 Yes, good idea, little by little thing get done!

 ExoneraTor is ready to merge.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21381 [Metrics/CollecTor]: CollecTor web-page should have new Metrics design

[Tor Bug Tracker & Wiki]

#21381: CollecTor web-page should have new Metrics design
---+
 Reporter:  iwakeh |  Owner:  metrics-team
 Type:  enhancement| Status:  needs_revision
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by karsten):

 Hmm, I'm not sure.  I see how it saves space to put the expiry date in the
 free spot.  But it seems counter-intuitive to include additional data that
 is only relevant for the archive in the place that is otherwise used for
 recent descriptors.  And note that we didn't stop collecting directory key
 certificates, we just don't provide recent ones because they are published
 so infrequently that we can put them all in a single tarball under
 archive.

 I think I still prefer leaving the spot of the recent button blank
 whenever we don't have recent descriptors.  Either that, or we should
 include start and possibly end dates for all descriptor types.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21536 [Applications/Tor Browser]: Remove asn's scramblesuit bridge from Tor Browser

[Tor Bug Tracker & Wiki]

#21536: Remove asn's scramblesuit bridge from Tor Browser
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201702R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mcs):

 r=mcs, r=brade
 This looks fine to us.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21536 [Applications/Tor Browser]: Remove asn's scramblesuit bridge from Tor Browser

[Tor Bug Tracker & Wiki]

#21536: Remove asn's scramblesuit bridge from Tor Browser
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201702R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  new => needs_review
 * keywords:  TorBrowserTeam201702 => TorBrowserTeam201702R


Comment:

 `bug_21536` (https://gitweb.torproject.org/user/gk/tor-browser-
 bundle.git/commit/?h=bug_21536&id=09baf96adc8671e29af43aa91c83723dfc76d7fa)
 has a patch for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21536 [Applications/Tor Browser]: Remove asn's scramblesuit bridge from Tor Browser

[Tor Bug Tracker & Wiki]

#21536: Remove asn's scramblesuit bridge from Tor Browser
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201702
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 asn's scramblesuit bridge can't keep up with the load, we need to remove
 it from Tor Browser.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21381 [Metrics/CollecTor]: CollecTor web-page should have new Metrics design

[Tor Bug Tracker & Wiki]

#21381: CollecTor web-page should have new Metrics design
---+
 Reporter:  iwakeh |  Owner:  metrics-team
 Type:  enhancement| Status:  needs_revision
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by RaBe):

 I'm not 100% sure this is what you want, but I put an expiry date to the
 descriptors that have no recent button, so no interface cluttering at all:
 collector.cc-ltd.net

 If you wanted something else, please give me a brief summary :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  new => needs_review


Comment:

 Please review these three branches:

  -
 https://gitweb.torproject.org/user/karsten/exonerator.git/log/?h=task-21535

  - https://gitweb.torproject.org/karsten/metrics-db.git/log/?h=task-21535

  - https://gitweb.torproject.org/karsten/metrics-web.git/log/?h=task-21535

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21535 [Metrics]: Use Java 7's diamond operator wherever possible

[Tor Bug Tracker & Wiki]

#21535: Use Java 7's diamond operator wherever possible
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 I'll shortly attach three branches that use Java 7's diamond operator
 wherever possible in ExoneraTor, CollecTor, and Metrics.  We already did
 this in Onionoo and metrics-lib, so that there aren't any metrics code
 bases left where we'd need to do this.

 Note that I didn't touch any nearby code.  There's lots to be cleaned up.
 But let's do one thing at a time.

 This was on my local TODO list for a while, and it seemed easiest to just
 make these changes and be able to cross out yet another item.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18379 [Applications/Tor Browser]: Mouse Tracking Defenses in Tor Browser

[Tor Bug Tracker & Wiki]

#18379: Mouse Tracking Defenses in Tor Browser
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by janywatson):

 ou are right http://www.essayhelperuk.co.uk I am more than sure it will
 cause a glitch in script-generated trigger.Same issue wit

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs