Re: [tor-bugs] #7869 [Core Tor/Tor]: ntor-onion-key is padded with an equal sign

[Tor Bug Tracker & Wiki]

#7869: ntor-onion-key is padded with an equal sign
--+
 Reporter:  rransom   |  Owner:  Jigsaw52
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay, intro  |  Actual Points:
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+

Comment (by teor):

 Looks decent to me at a quick glance, but I'll leave it to others more
 familiar with the code to do the full review and test.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
---+--
 Reporter:  arthuredelstein|  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by arthuredelstein):

 The pref that causes a crash with Page Info in a debug build turns out to
 be "browser.privatebrowsing.autostart". And indeed if I turn that pref
 off, but after Firefox starts, I open a "New Private Window", then Page
 Info also hits the assert.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22463 [Core Tor/Tor]: Reduce REACHABLE_TIMEOUT in test networks

[Tor Bug Tracker & Wiki]

#22463: Reduce REACHABLE_TIMEOUT in test networks
--+--
 Reporter:  teor  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  easy intro chutney-needs
Actual Points:|  Parent ID:
   Points:  0.5   |   Reviewer:
  Sponsor:|
--+--
 When we test relay failure in chutney networks, relays aren't removed from
 the consensus for 45 minutes. That's way too long.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
---+--
 Reporter:  arthuredelstein|  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by arthuredelstein):

 My progress so far: I have narrowed the problem down to one of our
 preferences, set in
 `TB4: Tor Browser's Firefox preference overrides.` Working on figuring out
 which one it is.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address

[Tor Bug Tracker & Wiki]

#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked 
IP
address
--+-
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by arma):

 To be clear, the problem to warn about is when an application is using a
 fundamentally unsafe variant of socks -- e.g. socks4 rather than socks4a,
 or socks5-with-ip-address rather than socks5-with-fqdn.

 If the application is correctly using socks5-with-fqdn, yet the address
 that gets asked for is a string that happens to be an ipv4 address, I
 think everything is going according to plan.

 (I acknowledge that there could be edge cases where the user has set up
 some complex machinery to do resolves some other unsafe way, and then pass
 them to an application that does the correct sort of variant of socks. But
 I don't think it's our place for Tor to warn in that case.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13315 [Core Tor/Tor]: Our SOCKS hostname validation is overly lax.

[Tor Bug Tracker & Wiki]

#13315: Our SOCKS hostname validation is overly lax.
-+--
 Reporter:  yawning  |  Owner:  rl1987
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-client, easy, socks  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by arma):

 * severity:   => Normal


Comment:

 Fyi, I opened #22461 for the bug caused by this patch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22383 [Webpages/Blog]: Upcoming events are not showing up

[Tor Bug Tracker & Wiki]

#22383: Upcoming events are not showing up
---+
 Reporter:  anadahz|  Owner:  hiro
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+

Comment (by arma):

 Thanks!

 It looks like the events are ordered "farthest in the future" to "nearest
 in the future"?

 Which means that on the frontpage, we have events in August, and the
 events in June and July are hidden?

 Getting closer! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22361 [Applications/Tor Browser]: Some binaries are missing RELRO in latest linux nightly builds

[Tor Bug Tracker & Wiki]

#22361: Some binaries are missing RELRO in latest linux nightly builds
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201706R, tbb-7.0-must  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  new => needs_review
 * keywords:  TorBrowserTeam201705, tbb-7.0-must => TorBrowserTeam201706R,
 tbb-7.0-must


Comment:

 I made a patch to fix that in branch `bug_22361`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 bundle.git/commit/?h=bug_22361

 I tried a build with this patch, which fixed the missing RELRO and stack
 canaries.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22398 [Applications/Tor Browser]: Upgrade Go to 1.7.6 / 1.8.3

[Tor Bug Tracker & Wiki]

#22398: Upgrade Go to 1.7.6 / 1.8.3
--+
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  task  | Status:
  |  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian TorBrowserTeam201705R  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by dcf):

 I am having problems building off of master
 ([https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/log/?id=082738a4bd83943d97e084fa04045e481772b998 082738a4bd])
 that do not appear to be related to the Go upgrade, so I'll leave the
 patch here so you can try it.
 * attachment:0001-Bug-22398-Upgrade-go-to-1.8.3.patch

 Trying to build stable, I get an error in `make prep`:
 {{{
 $ make TORSOCKS=
 ...
 File ‘libcxxabi-3.8.0.src.tar.xz.sig’ not modified on server. Omitting
 download.

 ./fetch-inputs.sh: line 125: !PACKAGE: unbound variable
 Makefile:93: recipe for target 'prep' failed
 make: *** [prep] Error 1
 }}}

 Trying to build alpha, the build gets a lot farther, but fails while doing
 the system upgrade in `--- Building sandbox-linux for jessie amd64 ---`.
 {{{
 $ make resume-alpha TORSOCKS=
 ...
 Updating apt-get repository (log in var/install.log)
 Installing additional packages (log in var/install.log)
 Upgrading system, may take a while
 ./bin/gbuild:21:in `system!': failed to run on-target -u root bash <
 target-bin/upgrade-system.sh > var/install.log 2>&1 (RuntimeError)
 from ./bin/gbuild:112:in `build_one_configuration'
 from ./bin/gbuild:289:in `block (2 levels) in '
 from ./bin/gbuild:284:in `each'
 from ./bin/gbuild:284:in `block in '
 from ./bin/gbuild:282:in `each'
 from ./bin/gbuild:282:in `'
 Makefile:27: recipe for target 'build-alpha' failed
 make: *** [build-alpha] Error 1
 }}}
 If I set the `-x` flag in target-bin/upgrade-system.sh to get some
 debugging output, I see an error relating to a missing /usr/sbin/update-
 grub:
 {{{
 $ ssh -o NoHostAuthenticationForLocalhost=yes root@127.0.0.1 -p 2223 -i
 var/id_rsa < target-bin/upgrade-system.sh
 Pseudo-terminal will not be allocated because stdin is not a terminal.

 The programs included with the Debian GNU/Linux system are free software;
 the exact distribution terms for each program are described in the
 individual files in /usr/share/doc/*/copyright.

 Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 permitted by applicable law.
 stdin: is not a tty
 + mkdir -p /var/cache/gitian
 + apt-get -q -y purge grub
 + true
 + DEBIAN_FRONTEND=noninteractive
 + apt-get -y dist-upgrade
 Reading package lists...
 Building dependency tree...
 Reading state information...
 The following packages were automatically installed and are no longer
 required:
   bcron fgetty grub-common lib32ncurses5 lib32tinfo5 libbg1 libbg1-doc
   libc6-i386 libfuse2 os-prober runit ucspi-unix
 Use 'apt-get autoremove' to remove them.
 perl: warning: Setting locale failed.
 perl: warning: Please check that your locale settings:
 LANGUAGE = (unset),
 LC_ALL = (unset),
 LANG = "en_US.UTF-8"
 are supported and installed on your system.
 perl: warning: Falling back to the standard locale ("C").
 locale: Cannot set LC_CTYPE to default locale: No such file or directory
 locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 locale: Cannot set LC_ALL to default locale: No such file or directory
 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
 1 not fully installed or removed.
 After this operation, 0 B of additional disk space will be used.
 Setting up linux-image-3.16.0-4-amd64 (3.16.43-2) ...
 locale: Cannot set LC_CTYPE to default locale: No such file or directory
 locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 locale: Cannot set LC_ALL to default locale: No such file or directory
 Running /usr/sbin/update-grub.
 Can't exec "/usr/sbin/update-grub": No such file or directory at
 /var/lib/dpkg/info/linux-image-3.16.0-4-amd64.postinst line 604.
 User postinst hook script [/usr/sbin/update-grub] failed to execute: No
 such file or directory
 dpkg: error processing package linux-image-3.16.0-4-amd64 (--configure):
  subprocess installed post-installation script returned error exit status
 255
 Errors were encountered while processing:
  linux-image-3.16.0-4-amd64
 E: Sub-process /usr/bin/dpkg returned an error code (1)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 

Re: [tor-bugs] #7869 [Core Tor/Tor]: ntor-onion-key is padded with an equal sign

[Tor Bug Tracker & Wiki]

#7869: ntor-onion-key is padded with an equal sign
--+
 Reporter:  rransom   |  Owner:  Jigsaw52
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay, intro  |  Actual Points:
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+
Changes (by Jigsaw52):

 * status:  needs_revision => needs_review


Comment:

 I did the required changes and merged again with the current master. Here
 are the branches:

 tor: https://github.com/Jigsaw52/tor/tree/remove-padding-fix-
 7869_v2_squashed
 torspec: https://github.com/Jigsaw52/torspec/tree/remove-padding-fix-7869

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Replying to [comment:26 nickm]:
 > > I bet that the "The link certificate didn't match the TLS public key"
 thing is similar, but I'm not sure.
 >
 > It's similar, I think.  I believe this bug happens when we send an x.509
 cert as part of a TLS handshake, then rotate our TLS context, then send
 our certs cell from connection_or_send_certs_cell().  This timing for this
 rotation means that the link certificate in our certs cell won't match the
 one from the TLS handshake.

 I'm trying to think of a good bugfix for this one that doesn't have a race
 condition.  The problem with this case is that it means that my fix above
 is incomplete -- we need to update the signing->link certificate on TLS
 rotation, yes, but we should still serve the old signing->link certificate
 on all connections that existed before the TLS context rotated.

 I think the answer may be to cache the signing->link certificate at the
 time that the connection is created?  It's not perfectly elegant, but it
 would work.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 > I bet that the "The link certificate didn't match the TLS public key"
 thing is similar, but I'm not sure.

 It's similar, I think.  I believe this bug happens when we send an x.509
 cert as part of a TLS handshake, then rotate our TLS context, then send
 our certs cell from connection_or_send_certs_cell().  This timing for this
 rotation means that the link certificate in our certs cell won't match the
 one from the TLS handshake.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => needs_review


Comment:

 Bugfix for "At least one Ed25519 certificate was badly signed" thing, and
 it explains the "Link certificate does not match TLS certificate" in
 bug22460_030_01.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21932 [Metrics/metrics-lib]: Stop relying on the platform's default charset

[Tor Bug Tracker & Wiki]

#21932: Stop relying on the platform's default charset
-+---
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  metrics-lib 1.8.0
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by karsten):

 Alright, I worked on a major revision of that fifth commit (while leaving
 the first four untouched).  The commit messages says it all.  Please find
 it in [https://gitweb.torproject.org/user/karsten/metrics-
 lib.git/log/?h=task-21932-3 my task-21932-3 branch].  I believe the
 [https://gitweb.torproject.org/user/karsten/metrics-
 lib.git/commit/?h=task-21932-3=bb501d20c3fb5c82339878ffc95dfaa9ec8fec0b
 fifth commit] in particular requires thorough review and much more testing
 than existing unit tests.  Thoughts? :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 The above explanation explains the "At least one Ed25519 certificate was
 badly signed" thing, and it explains the "Link certificate does not match
 TLS certificate" thing.

 I bet that the "The link certificate didn't match the TLS public key"
 thing is similar, but I'm not sure.  More investigation needed.

 The "Crosscert is expired" case is still mysterious.  It looks as if we
 were passing 0 or -1 to load_ed_keys() for "now", but looking at the code
 in maint-0.3.0, I don't see how we could actually do that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 BINGO.  I have a diagnosis for at least part of the bug.  Specifically,
 this would explain the "At least one Ed25519 certificate was badly signed"
 case.

 In load_ed_keys(), and in generate_ed_link_cert(), we check to see whether
 our SIGNING->AUTH certificate and our SIGNING->LINK certificate have a
 signed key that matches our current key... but we don't make sure that the
 _signing_ key matches the current _signing_ key.  So when the _signing
 key_ is updated, we'll keep serving certificates signed with the old
 signing key.

 Furthermore, in rotate_x509_certificate_callback(), we don't call
 generate_ed_link_cert(), which means that our link cert will remain
 outdated for a while.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22255 [Core Tor/Tor]: Frequent OOM kills of tor process

[Tor Bug Tracker & Wiki]

#22255: Frequent OOM kills of tor process
--+
 Reporter:  DeS   |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Now you should have the tools to see if the spike in tor's memory usage is
 related to a spike in connections or bandwidth, but you won't have any
 data to compare with (from times where you didn't have the OOM problem).

 On the graph around 2017-05-31 9:00 there is an (usual?) spike from 13k to
 19k connections, I guess the memory spiked as well (you didn't provide
 memory graphs).

 Also note: Be aware that connection graphs at that granularity are
 considered sensitive.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
---+--
 Reporter:  arthuredelstein|  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by mcs):

 * cc: brade, mcs (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22452 [Applications/Tor Browser]: favicons in tab drop down list are not first-party isolated

[Tor Bug Tracker & Wiki]

#22452: favicons in tab drop down list are not first-party isolated
+--
 Reporter:  arthuredelstein |  Owner:
|  arthuredelstein
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tbb-7.0-must TorBrowserTeam201705R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Added to `tor-browser-52.1.0esr-7.0-2` as commit
 1cb4d06b54d26e35c78b398abdd456444b26acd7 and to `tor-
 browser-52.1.1esr-7.0-1` as commit
 93469df805f4001dc837299bc3076855d7bff6ae.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  TorBrowserTeam201705R, GeorgKoppen201705,  |
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * keywords:
 ff52-esr, tbb-e10s, TorBrowserTeam201705, GeorgKoppen201705,
 tbb-7.0-must
 =>
 ff52-esr, tbb-e10s, TorBrowserTeam201705R, GeorgKoppen201705,
 tbb-7.0-must
 * status:  new => needs_review


Comment:

 Here is a fix for review:
 
https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug22459-01=4a405563313866d7c76eb03e97de4863e9556bc2

 More testing would be appreciated (Kathy and I only tested it on OSX).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21762 [Applications/Tor Browser]: Check new Firefox favicon code for first-party isolation

[Tor Bug Tracker & Wiki]

#21762: Check new Firefox favicon code for first-party isolation
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  reopened
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201705,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Err, wrong ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21762 [Applications/Tor Browser]: Check new Firefox favicon code for first-party isolation

[Tor Bug Tracker & Wiki]

#21762: Check new Firefox favicon code for first-party isolation
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff52-esr, TorBrowserTeam201705,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * status:  accepted => closed
 * resolution:   => fixed


Comment:

 Added to `tor-browser-52.1.0esr-7.0-2` as commit
 1cb4d06b54d26e35c78b398abdd456444b26acd7 and to `tor-
 browser-52.1.1esr-7.0-1` as commit
 93469df805f4001dc837299bc3076855d7bff6ae.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22327 [Applications/Tor Browser]: First party isolation of Page Info

[Tor Bug Tracker & Wiki]

#22327: First party isolation of Page Info
---+---
 Reporter:  arthuredelstein|  Owner:
   |  arthuredelstein
 Type:  defect | Status:  closed
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, I looked over it. Both the backport and the patch on top of it look
 good to me but I have to echo what mcs said that I am not very familiar
 with the new way of isolation either. That said, I compiled and tested the
 code and it works fine for me. Let it get into our next nightly build.

 Applied to `tor-browser-52.1.0esr-7.0-2` (commits
 ef0f9d150d4210bed5b517763cf8872e7f729649 and
 af4e5af7cfa3cfd73ff53fd6ec1be4e97e43f630) and `tor-
 browser-51.1.1esr-7.0-1` (commit 24862c15f6f719cd05a42d784ed7a7b7bb05c567
 and 2d4d11e1e6bad5f384c409fa0391e97a9c202439).

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Replying to [comment:21 arma]:
 > {{{
 > May 31 16:01:10.334 [info] channel_tls_process_versions_cell():
 Negotiated version 4 with 179.43.158.176:443; Sending cells: CERTS
 > May 31 16:01:10.334 [info] or_handshake_certs_ed25519_ok(): Received a
 bad CERTS cell: At least one Ed25519 certificate was badly signed
 > May 31 16:01:10.334 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 179.43.158.176:443: Invalid certificate chain!
 > May 31 16:01:10.334 [info] dump_certs_cell(): certificate 4/5: type 5,
 body
 
0105000657BB018FA6D469EA74707EC7EBBC8AE79A75434287ADBDAF1678B003736535228D76C200FE2D6FF56E4A9D5D15105B7891C6B58A284178DBA0EE9FEFEF1A60DBC571BA1FCAD6BC5D5C22F76314DE1D9A7A7518ABC36EB60B1FDBC45D7ACB722FA9520709

 This checks out okay; it's a master->signing cert, with an expiration time
 of 0x00065A5D ('Fri Jun 30 21:00:00 2017')

 > {{{
 > May 31 16:01:10.334 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 
9D6030D9CD31261C33BFAD4571D6171C83ADEF6F2D1FAD82EC9451301FA6EAD7AB37800EA89BB84B2256FEE30A6842B4AE0F236489C826D4162C43EF434B8F9D965A1F4DDC44785B097E0431471F88783BFE0042214A619BD1037961441CA2F6AFEE56C042C5B6EC679BFC2262A37E65F8ECCC9C76014D56650040C1FD98A697B3DB956B7EE9B25C3A6CF30C33036E27FFD88F85C42C9D54547E1E0401A6FA5549A578
 > }}}

 This one also looks okay (this time as a sign->link) but the signature
 does not validate as being correctly signed with the signing key from the
 first cert. Maybe it was signed with a different key? Maybe it's munged?
 This one has expiration of 0x657BB ('Fri Jun  2 19:00:00 2017').

 The RSA->Ed cert seems to be a also signing the claimed identity key.

 > {{{
 > ...
 > r greenlantern aYuHCM9OoC0nygknTzNRtPZqWDQ CkAtDfZZdApxyUSzF6FOq9OeC9A
 2017-05-31 13:56:02 179.43.158.176 443 80
 > s Fast Guard HSDir Running Stable V2Dir Valid
 > v Tor 0.3.0.6
 > }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 {{{
 May 31 16:01:10.334 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 179.43.158.176:443; Sending cells: CERTS
 May 31 16:01:10.334 [info] or_handshake_certs_ed25519_ok(): Received a bad
 CERTS cell: At least one Ed25519 certificate was badly signed
 May 31 16:01:10.334 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 179.43.158.176:443: Invalid certificate chain!
 May 31 16:01:10.334 [info] dump_certs_cell(): certificate 1/5: type 1,
 body
 
3082023A308201A3A0030201020208403CFF88309D1952300D06092A864886F70D01010B0500301E311C301A06035504031313772E6466636D627A34363567322E636F6D301E170D3137303432333030303030305A170D3137303632343233353935395A301D311B301906035504031312772E64696E35717A617533632E6E657430820122300D06092A864886F70D01010105000382010F003082010A02820101009FDA187D1D0E46D09ABDD3952047D134DDF2EE849E59C19D4965E94EAAF25759C8A3A64AADA5382971A05EAE73E8577D591C6551BA6AE844320086F3C2676754AF70808038D4CD621710F8DE027095BC8F688121373A01FB3B3A04518D258F90963AB502BB6E180B3BAC00086223442EBB8FDA00CAC4F1D4C52243E3E6774A35729DCC3C7216E1D808E8A341F99EDE1CCF282104901BC70537BE7DB6C13B95A5A6E5084BC944C9C349939AB8A4976F4988A242AAD64C7A556524543D5E713B5800DF8395C947681F7BE57B0A02B55319A2E41E157B2A1EC2B40F70D210FD0BC86D053FF8EEDE8020241B72626D275C1A5CC096A14EB56FB2C8F808D751B25C4D0203010001300D06092A864886F70D01010B050003818100853CAC504C71B7327648D93C2385A119A1314936492FCD92E3E24D1DF25B3DE12D21EEAB0E0DE4A20142FB944DDF8F3000DC41616
 
9658F81FD4391C2F4E2D32C21CD88AD906009B30F55ED6E63A9A81C9BF00B3EEF362A2F25C47853370C7228E4A93598CFB29032FCC9C3564238526484731BBF15C738E8355741273DE67642
 May 31 16:01:10.334 [info] dump_certs_cell(): certificate 2/5: type 2,
 body
 
308201B730820120A00302010202086B8573A0774DCC4B300D06092A864886F70D01010B0500301E311C301A06035504031313772E6466636D627A34363567322E636F6D301E170D3137303132323030303030305A170D3138303132323030303030305A301E311C301A06035504031313772E6466636D627A34363567322E636F6D30819F300D06092A864886F70D010101050003818D0030818902818100CE66F4ED20424502B424EB5841B588971CA3C5AC9A1D21EB2F8411F80F6CFA4B4B616BE457CDC5F542360987BA9B10BD7AF9C22C58E1E8949FC9AAC4CD7903DFE95F9884230B50309DC284F409DF08366048AC5BF2A8EAD92870086609365A70B6AF38D1426E4586C517F4BB29F32F8C53AD5BB66A610CC79978E73E05C0EEA90203010001300D06092A864886F70D01010B0500038181001FA628267EAE49A1D4B661D2355A30FB2AB093E8EC5F154C9F922D3E0B04E8B238904FF5F1B69224806C77194C5DD1C6C6F2EEDCCE34913D20864676A615D6B26E664351FD50428E0F2EE653011294536580F96EC0F2B8464FC24CD9F53F5B2E584609DF0D79B2C161B22194D75E854ED47622DE5312A2E2CAE9E5F92E57CE0E
 May 31 16:01:10.334 [info] dump_certs_cell(): certificate 3/5: type 4,
 body
 
010400065A5D0113828B6B956E21DFC1627EC1650723219DE19D0605FBBFC222E2C742AC81A31D01002004009D6030D9CD31261C33BFAD4571D6171C83ADEF6F2D1FAD82EC9451301FA6EAD0F148CDA928E407A428B3DCE870A3297C74FD08ECD07AF95197CEFB57B4E4BEA0681222BC2D4C13F79785AF2736B572435D246543591935FF11765C570E1EC30C
 May 31 16:01:10.334 [info] dump_certs_cell(): certificate 4/5: type 5,
 body
 
0105000657BB018FA6D469EA74707EC7EBBC8AE79A75434287ADBDAF1678B003736535228D76C200FE2D6FF56E4A9D5D15105B7891C6B58A284178DBA0EE9FEFEF1A60DBC571BA1FCAD6BC5D5C22F76314DE1D9A7A7518ABC36EB60B1FDBC45D7ACB722FA9520709
 May 31 16:01:10.334 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 
9D6030D9CD31261C33BFAD4571D6171C83ADEF6F2D1FAD82EC9451301FA6EAD7AB37800EA89BB84B2256FEE30A6842B4AE0F236489C826D4162C43EF434B8F9D965A1F4DDC44785B097E0431471F88783BFE0042214A619BD1037961441CA2F6AFEE56C042C5B6EC679BFC2262A37E65F8ECCC9C76014D56650040C1FD98A697B3DB956B7EE9B25C3A6CF30C33036E27FFD88F85C42C9D54547E1E0401A6FA5549A578

 r greenlantern aYuHCM9OoC0nygknTzNRtPZqWDQ CkAtDfZZdApxyUSzF6FOq9OeC9A
 2017-05-31 13:56:02 179.43.158.176 443 80
 s Fast Guard HSDir Running Stable V2Dir Valid
 v Tor 0.3.0.6
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Roger reports another relay is doing the "invalid RSA->Ed crosscert" thing
 too , and pastebinned it at https://paste.debian.net/956374/ .  That relay
 is also reporting an expiration time of 0x15631 in its RSA->Ed crosscert,
 which is very weird.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Replying to [comment:18 arma]:
 > {{{
 > May 31 15:20:00.993 [info] channel_tls_process_versions_cell():
 Negotiated version 4 with 78.52.211.211:443; Sending cells: CERTS
 > May 31 15:20:00.993 [info] rsa_ed25519_crosscert_check(): Received a bad
 RSA->Ed25519 crosscert: Crosscert is expired
 > May 31 15:20:00.993 [info] or_handshake_certs_ed25519_ok(): Received a
 bad CERTS cell: Invalid RSA->Ed25519 crosscert
 > May 31 15:20:00.993 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 78.52.211.211:443: Invalid certificate chain!
 > May 31 15:20:00.993 [info] dump_certs_cell(): certificate 3/5: type 4,
 body
 
0104000658E501A85A541FF2B5D4FBC156155D939779733E3AB55E8607D99942D470EBA1E79D96010020040006232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0824974D7B657073ACEBB35EC2B12C0DA6BC3E602A7AAB3F8523633E073CFAD3E099100B33C9B5DBA09346D5CADD577A0216E0A09BF7895534B01566DBB796907
 > ...
 > }}}

 This is the master cert; it says that the master ID key is
 06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0, and that
 the current signing key is
 A85A541FF2B5D4FBC156155D939779733E3AB55E8607D99942D470EBA1E79D96.  The
 expiration type is 3600 * 0x000658E5, or Jun 15 at 5 am.

 > {{{
 > ...
 > May 31 15:20:00.993 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 
06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF1563180463B800A78747A0759A51E037CA30C5253F5CAE555B8B3E9C50520FC3C72259E50339FA76474BC6A693043E443BDEA73F82A82CD94FD550945E9690BC610DB1938E12926781D37B5E72BB0F1991ACD376F45D29B9B8837CC49F5A128130CD553017BF1A4CE9770EE694403F9CE9E9A3C362EC59142B42DC3982A17653ABB64C5
 > }}}

 This one is the RSA->Ed crosscert.  The signed key is
 06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0, which is
 what we had hoped for.  But the expiration date here is 0x15631 * 3600 ==
 1979, Dec 30, 1am!  That's very wrong.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21762 [Applications/Tor Browser]: Check new Firefox favicon code for first-party isolation

[Tor Bug Tracker & Wiki]

#21762: Check new Firefox favicon code for first-party isolation
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  accepted
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201705,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 Do we have things left to do in this ticket?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22327 [Applications/Tor Browser]: First party isolation of Page Info

[Tor Bug Tracker & Wiki]

#22327: First party isolation of Page Info
---+---
 Reporter:  arthuredelstein|  Owner:
   |  arthuredelstein
 Type:  defect | Status:
   |  needs_review
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by gk):

 Replying to [comment:12 arthuredelstein]:
 > Replying to [comment:11 gk]:
 > > Here is the stacktrace in case it helps:
 > > {{{
 > > Thread 1 "firefox" received signal SIGSEGV, Segmentation fault.
 > > 0x7fffecc13b77 in mozilla::net::GetLoadContextInfo (aLoadContext=
 > > 0x7fffbd7e3c00, aIsAnonymous=false)
 > > [...]
 > > }}}
 > >
 > > FWIW it happens with an optimized build as well.
 >
 > It turns out this assertion failure happens in a debug build when you
 open "Page Info" even without the patches in comment:4. I'm currently
 trying to track down the cause of the assertion by binary search. But my
 feeling is that the fix for this ticket shouldn't be delayed for what
 appears to be an unrelated issue.

 Good catch, I agree.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22327 [Applications/Tor Browser]: First party isolation of Page Info

[Tor Bug Tracker & Wiki]

#22327: First party isolation of Page Info
---+---
 Reporter:  arthuredelstein|  Owner:
   |  arthuredelstein
 Type:  defect | Status:
   |  needs_review
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by arthuredelstein):

 * status:  needs_revision => needs_review


Comment:

 I opened a ticket for the assert: #22462

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-7.0-must
 Severity:  Normal   |  TorBrowserTeam201705
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Stack trace from gk:
 https://trac.torproject.org/projects/tor/ticket/22327#comment:11

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22327 [Applications/Tor Browser]: First party isolation of Page Info

[Tor Bug Tracker & Wiki]

#22327: First party isolation of Page Info
---+---
 Reporter:  arthuredelstein|  Owner:
   |  arthuredelstein
 Type:  defect | Status:
   |  needs_revision
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by arthuredelstein):

 Replying to [comment:11 gk]:
 > Here is the stacktrace in case it helps:
 > {{{
 > Thread 1 "firefox" received signal SIGSEGV, Segmentation fault.
 > 0x7fffecc13b77 in mozilla::net::GetLoadContextInfo (aLoadContext=
 > 0x7fffbd7e3c00, aIsAnonymous=false)
 > [...]
 > }}}
 >
 > FWIW it happens with an optimized build as well.

 It turns out this assertion failure happens in a debug build when you open
 "Page Info" even without the patches in comment:4. I'm currently trying to
 track down the cause of the assertion by binary search. But my feeling is
 that the fix for this ticket shouldn't be delayed for what appears to be
 an unrelated issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 {{{
 May 31 15:20:00.993 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 78.52.211.211:443; Sending cells: CERTS
 May 31 15:20:00.993 [info] rsa_ed25519_crosscert_check(): Received a bad
 RSA->Ed25519 crosscert: Crosscert is expired
 May 31 15:20:00.993 [info] or_handshake_certs_ed25519_ok(): Received a bad
 CERTS cell: Invalid RSA->Ed25519 crosscert
 May 31 15:20:00.993 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 78.52.211.211:443: Invalid certificate chain!
 May 31 15:20:00.993 [info] dump_certs_cell(): certificate 1/5: type 1,
 body
 
30820244308201ADA00302010202081259849D5624B00F300D06092A864886F70D01010B050030253123302106035504030C1A772E68626D366C63356E33786F7062733462726C2E636F6D301E170D3137303431313030303030305A170D3137313132383030303030305A3020311E301C06035504030C15772E66767962726B77793570326B772E6E657430820122300D06092A864886F70D01010105000382010F003082010A0282010100D02AEF06951D49654A67C777E56F4E2A0B3249B5D0B560A1AB69A4135C2BEA9160C7E94AFDE033CCA4F7E8C56805D5E25CF3B4D1D4FB2F51EACEECA9A000C4EEAEE52AE3F7FAC61FF50B3B62819339ACACEDD1BEFD352F2D6886AAB68962E99FEC1E2C2DE6CF0204361BF6A6E3F5BC317639A101E762469DB8A73A651B1609EEBAFB5D06158450DF3152455E5551580A9D66BCB758882ADAE9408B6863BAF21ECFA6FD608E5F224468F70B5F9DC340D8F8F45A86476BE6F10FDBC44471B26651297EBEAC01C70E8BB8354C0A334EC48C32474380278690CCDEC71C46684B5775320E945F141ABF2074FDF9E663E71705CC0448704028E4AF943A29EE1201609B0203010001300D06092A864886F70D01010B0500038181006969DEBA09A81EBB32F5EF51495C93EB879398422BCF5993EA8086D9EBA2C573E9551953E78BA203D3579
 
1EFC8E117EA3B3370D205080AC6CDCF70863A7995B77CCFD067A311071F5F9C9A0F09DC4E1B0FF02ED34F71F59B4EB5B9E7D326D6A18371C536521644EAA19BBE1A0E1EDC8596D8491D6963ACF756060D91B9E53A19
 May 31 15:20:00.993 [info] dump_certs_cell(): certificate 2/5: type 2,
 body
 
308201C63082012FA003020102020900A12C926977359128300D06092A864886F70D01010B050030253123302106035504030C1A772E68626D366C63356E33786F7062733462726C2E636F6D301E170D3137303130373030303030305A170D3138303130373030303030305A30253123302106035504030C1A772E68626D366C63356E33786F7062733462726C2E636F6D30819F300D06092A864886F70D010101050003818D0030818902818100C8857E852A4991705CA30D3460172F42815C5F1E659692B795BDD1E4A00AD319017B565DB2F25C2E8959DF87E4493C4E1455D91C7BB68FF55E6E7FCF818D8308C6D4B70BD066F44FAE33519AD10C7404AC05497DA4E0F20E7F0FAB0A9FC7E320D859D62410CF95E045553730ACCBCFE34C52A3C1AD0ECF0EF8AAD94672685A0F0203010001300D06092A864886F70D01010B0500038181009BD2EFFDBABA39AC6365AEC34976AF2BF2BEB8E3718AF9F113A6ABEB66885441D0DF455B55C4835855BA50E053A42C81003DCDF4C7B6C2AB900CB4D14088575B32DF39A63DB7C6360D8D3893D85070123D63AB18DA42961A7B091F41597A762675C4A37FC5B45B275A15D1F7386AE2F7915896CE716BC26BA09FD3958C679911
 May 31 15:20:00.993 [info] dump_certs_cell(): certificate 3/5: type 4,
 body
 
0104000658E501A85A541FF2B5D4FBC156155D939779733E3AB55E8607D99942D470EBA1E79D96010020040006232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF0824974D7B657073ACEBB35EC2B12C0DA6BC3E602A7AAB3F8523633E073CFAD3E099100B33C9B5DBA09346D5CADD577A0216E0A09BF7895534B01566DBB796907
 May 31 15:20:00.993 [info] dump_certs_cell(): certificate 4/5: type 5,
 body
 
0105000657BA011D59E5BFECC9EC1C894AD8F97E38524120526B48891CF6EF4794FD8006595A12004CD4EEA7DE9517EC1D862154465A8BECFF321547A8BAB3C9C824A09919903CE3CC79460ED5B743F664D8CD5E6007C86CCAEE1502C81C93EE8423A4AD1D82BD05
 May 31 15:20:00.993 [info] dump_certs_cell(): certificate 5/5: type 7,
 body
 
06232608577AC3AF530DF8B046C51722C0C9529C5C98557F5515ACEB195ABCF1563180463B800A78747A0759A51E037CA30C5253F5CAE555B8B3E9C50520FC3C72259E50339FA76474BC6A693043E443BDEA73F82A82CD94FD550945E9690BC610DB1938E12926781D37B5E72BB0F1991ACD376F45D29B9B8837CC49F5A128130CD553017BF1A4CE9770EE694403F9CE9E9A3C362EC59142B42DC3982A17653ABB64C5
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 {{{
 May 31 14:39:49.919 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 216.218.222.12:443; Sending cells: CERTS
 May 31 14:39:49.919 [info] or_handshake_certs_rsa_ok(): Received a bad
 CERTS cell: The link certificate didn't match the TLS public key
 May 31 14:39:49.919 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 216.218.222.12:443: Invalid certificate chain!
 May 31 14:39:49.919 [info] dump_certs_cell(): certificate 1/2: type 1,
 body
 
308201BE30820127A003020102020811A589D8189F7A5C300D06092A864886F70D01010505003027312530230603550403131C772E6B6B79737A6D6761357571666E6D6F73346E70712E636F6D301E170D3137303231383030303030305A170D3137303932313233353935395A301C311A301806035504031311772E6C786E6366746D32762E6E657430819F300D06092A864886F70D010101050003818D0030818902818100C8752AFAB82E416B18C29F375AC502AEFFE29C420AA4B279915E129EF2C14F574EB99862874ED3EDE216C94453704153564032CE7A7036400F2593411B5BE16A0EED9EFD3E3CA98F7C3F402C10EAD0A0F0342C8857278F23F0B93D714E71FFCD2291CA5910E90688EEE5BC48DECD018A87D86BF5E59A40BF3AF4E6F8AB7F2B730203010001300D06092A864886F70D010105050003818100638BA8A0138EA477E7F0722A88FFB7805909FDD932F4E8D8560BB7DC68C405843A4C36C3BDDC0B476B5D08FF3AC5389C5A3C58CB09A8E4014E442D522CCAD25C4DF816FB950FBA3EEFC4C7127C1CED7291F409A590179D4BCA35C8AEBD01A2F3372F547549B7FE10F5D8E70DC5537799D54E1AA929530951BDD55926C367540D
 May 31 14:39:49.919 [info] dump_certs_cell(): certificate 2/2: type 2,
 body
 
308201CA30820133A003020102020900F3C0E09F5BECE149300D06092A864886F70D01010505003027312530230603550403131C772E6B6B79737A6D6761357571666E6D6F73346E70712E636F6D301E170D3137303132303030303030305A170D3138303132303030303030305A3027312530230603550403131C772E6B6B79737A6D6761357571666E6D6F73346E70712E636F6D30819F300D06092A864886F70D010101050003818D0030818902818100C6B225FCD79B8E1B1722B43C6A614AF692D16396617625377AB738CD00591D0161BFD35A9A8162CC7E7D2AEF09903648F9CCF0449FA451B66BD2E6239BE7B4ACABD7B71263206CD3FA171AC9C3D43D17ABF897C828C772FF5BCB9AEE516C617E0AD5F2B71CFFFC855C4922A69CF9FFBC8656B44DB97F525F9FCE11D135A10203010001300D06092A864886F70D0101050500038181006744BDA3DA62CDC6F14BC216212A7D57E19F1D0F59F23366EDB975B6FB3594A7CD8715C770098E696A2E90FAB455601028E85FC170F6C5213408221B35B98D1C85235F3888284B806B856B4B27806600AA60477A6040DC376D0268A464CFDF443F9CB932D346CBDDFB53AF4EB62F81FEEE3D89D37E07E7983B493CA73407574F
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22255 [Core Tor/Tor]: Frequent OOM kills of tor process

[Tor Bug Tracker & Wiki]

#22255: Frequent OOM kills of tor process
--+
 Reporter:  DeS   |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by DeS):

 better now:
 
https://trac.torproject.org/projects/tor/attachment/ticket/22255/Screenshot_2017-05-31_20-43-46.png

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 My branch `bug22460_diagnostic_1` is based on maint-0.3.0, and logs the
 certificates in the cell when the thing fails.  If you can get me the
 certs for '''ONE OR TWO''' failing cases, with the attendant log messages,
 that'd rock.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address

[Tor Bug Tracker & Wiki]

#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked 
IP
address
--+-
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by arma):

 Replying to [ticket:22461 arma]:
 > This bug went in to Tor 0.2.6.2-alpha during commit 2862b769.

 For archeology purposes, this commit was for #13315.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10165 [Applications/Tor Browser]: Torbrowser surf localhost through Tor

[Tor Bug Tracker & Wiki]

#10165: Torbrowser surf localhost through Tor
--+--
 Reporter:  toldmikl  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  tbb-torbutton |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arma):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 Closing original bug as wontfix, because localhost isn't something you
 should usefully go to with Tor Browser.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10165 [Applications/Tor Browser]: Torbrowser surf localhost through Tor

[Tor Bug Tracker & Wiki]

#10165: Torbrowser surf localhost through Tor
--+--
 Reporter:  toldmikl  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-torbutton |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arma):

 For the original ticket: you are never going to be able to surf to
 localhost via Tor Browser, because that would open up too many proxy
 bypass holes.

 For the new comment: neat bug! I have opened #22461 to track it. It's
 harmless -- just a scary warning if you happen to be listening to the
 warnings.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address

[Tor Bug Tracker & Wiki]

#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked 
IP
address
--+-
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Start your Tor client, then connect to the control port and ask for
 {{{setevents STATUS_CLIENT}}}.

 Then {{{torify wget 128.31.0.34}}}

 And on the control port you'll get
 {{{
 650 STATUS_CLIENT WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=128.31.0.34:80
 }}}

 That warn event happens if you use the current socks5 variant, but you
 give it a fqdn that happens to be an IP address:
 {{{
   if (string_is_valid_ipv4_address(req->address) ||
   string_is_valid_ipv6_address(req->address)) {
 log_unsafe_socks_warning(5,req->address,req->port,safe_socks);
 }}}

 This bug went in to Tor 0.2.6.2-alpha during commit 2862b769.

 Bug noticed because of #10165.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10165 [Applications/Tor Browser]: Torbrowser surf localhost through Tor

[Tor Bug Tracker & Wiki]

#10165: Torbrowser surf localhost through Tor
--+--
 Reporter:  toldmikl  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-torbutton |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 I opened online banking site only and saw
 {{{
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:445
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5985
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:80
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:8080
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:51
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:443
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5931
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5938
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5939
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:3389
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5650
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:6900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5985
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:445
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:8080
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:3389
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:80
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5939
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5938
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5931
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:443
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:51
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5650
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:6900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:445
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5985
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5939
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:80
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:3389
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:8080
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:443
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5931
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5938
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:51
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5650
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:6900
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5985
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:445
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:5938
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:8080
 [05-31 15:46:17] TorLauncher NOTE: WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
 ADDRESS=127.0.0.1:3389
 [05-31 15:46:17] TorLauncher 

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 It doesn't look like that relay has restarted during that time:
 {{{
 May 26 12:06:28.959 [info] directory_handle_command_post(): New descriptor
 post, because: bandwidth has changed
 May 26 12:06:28.960 [info] dirserv_add_descriptor(): Added descriptor from
 'NAVcoinKAction' (source: 193.233.60.159): Valid server updated.
 [...]
 May 26 16:05:29.172 [info] directory_handle_command_post(): New descriptor
 post, because: bandwidth has changed
 May 26 16:05:29.172 [info] dirserv_add_descriptor(): Added descriptor from
 'NAVcoinKAction' (source: 193.233.60.159): Valid server updated.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9968 [Core Tor/Tor]: Time out quicker on microdesc fetch failures while we're bootstrapping

[Tor Bug Tracker & Wiki]

#9968: Time out quicker on microdesc fetch failures while we're bootstrapping
-+-
 Reporter:  arma |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client bootstrap download|  Actual Points:
  sponsor8-maybe |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by catalyst):

 * cc: catalyst (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dgoulet):

 I can also say that this doesn't happen every time with a relay. The logs
 show it happened twice in two hours for a specific relay and then nothing
 for that relay even though it is up and running.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 Ok, I picked out a random 0.3.0.7 relay to investigate:
 {{{
 r NAVcoinKAction AMwQ/0JOq/Nc3H/asneNQUzzlaE BqKk6i3DDnYFzMbH1PrN1MEkCCM
 2017-05-31 04:44:34 193.233.60.159 443 80
 s Exit Fast Running Stable V2Dir Valid
 v Tor 0.3.0.7
 }}}

 moria1 is voting Running for it currently.

 There is one instance, in the past few weeks, of being unhappy with its
 certs:
 {{{
 May 26 18:05:31.511 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 193.233.60.159:443; Sending cells: CERTS
 May 26 18:05:31.511 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 193.233.60.159:443: Invalid certificate chain!
 }}}

 Whereas both earlier than that and later than that there are successes,
 e.g.:
 {{{
 May 26 18:15:08.709 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 193.233.60.159:443; Sending cells: CERTS
 May 26 18:15:08.709 [info] connection_or_client_learned_peer_id(): learned
 peer id for 0x7fdacda3a6b0 (193.233.60.159):
 00CC10FF424EABF35CDC7FDAB2778D414CF395A1,
 K4sLttyh2+YfOPF/70MZGNTRQ+Iy6tYui/BdUYVs0ks
 May 26 18:15:08.709 [info] dirserv_orconn_tls_done(): Found router
 $00CC10FF424EABF35CDC7FDAB2778D414CF395A1~NAVcoinKAction at 193.233.60.159
 to be reachable at 193.233.60.159:443. Yay.
 May 26 18:15:08.709 [info] channel_tls_process_certs_cell(): Got some good
 certificates from 193.233.60.159:443: Authenticated it with RSA and
 Ed25519
 May 26 18:15:08.709 [info] channel_tls_process_auth_challenge_cell(): Got
 an AUTH_CHALLENGE cell from 193.233.60.159:443: Sending authentication
 type 3
 May 26 18:15:08.709 [info] channel_tls_process_netinfo_cell(): Got good
 NETINFO cell from 193.233.60.159:443; OR connection is now open, using
 protocol version 4. Its ID digest is
 00CC10FF424EABF35CDC7FDAB2778D414CF395A1. Our address is apparently
 128.31.0.34.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 I asked dgoulet what he meant by "unstable", and he said that they are
 ones that come and go often.

 I wonder: do the relays only seem to come and go because of this bug?  Or
 do the relays cause this bug by starting and stopping a lot?

 One possible cause for this bug would be if there's some problem with
 keeping keys and certs in sync as we save them to disk, reload them,
 generate new ones, etc.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * keywords:  tor-relay certs handshake ed25519 needs-analysis => tor-relay
 certs handshake ed25519 needs-analysis 030-backport


Comment:

 (Trac merge removed the keyword...)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * keywords:  tor-relay certs handshake ed25519 needs-analysis 030-backport
 => tor-relay certs handshake ed25519 needs-analysis


Comment:

 Another data point. For every `[info] or_handshake_certs_ed25519_ok():
 Received a bad CERTS cell: At least one Ed25519 certificate was badly
 signe`, I get this two lines above:

 `[info] channel_register(): Channel 0x61630680 (global ID 30923) in
 state opening (1) registered with no identity digest`

 As far as I can tell on my testnet dirauth, this *only* happens with >=
 030. I also see that weirdly only with unstable relays. For instance (IP
 removed because from testnet):

 {{{
 May 29 23:27:08.000 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with :80; Sending cells: CERTS
 May 29 23:27:08.000 [warn] Received a bad CERTS cell: At least one Ed25519
 certificate was badly signed
 May 29 23:27:08.000 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from :80: Invalid certificate chain!
 May 29 23:27:08.000 [info] conn_close_if_marked(): Conn (addr "", fd
 21, type OR, state 7) marked, but wants to flush 1334 bytes. (Marked at
 src/or/connection_or.c:1319)
 May 29 23:27:08.000 [info] conn_close_if_marked(): We stalled too much
 while trying to write 1334 bytes to address "".  If this happens a
 lot, either something is wrong with your network connection, or something
 is wrong with theirs. (fd 21, type OR, state 7, marked at
 src/or/connection_or.c:1319).
 May 29 23:27:08.000 [info] connection_or_note_state_when_broken():
 Connection died in state 'handshaking (Tor, v3 handshake) with SSL state
 SSL negotiation finished successfully in OPEN'
 May 29 23:27:08.000 [info] connection_handle_write_impl(): in-progress
 connect failed. Removing. (Connection timed out)
 May 29 23:27:08.000 [info] connection_close_immediate(): fd 24, type
 Directory, state connecting, 1370 bytes on outbuf.
 May 29 23:27:08.000 [info] connection_handle_write_impl(): in-progress
 connect failed. Removing. (Connection timed out)
 May 29 23:27:08.000 [info] connection_close_immediate(): fd 22, type
 Directory, state connecting, 1373 bytes on outbuf.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay certs handshake ed25519 needs-analysis => tor-relay
 certs handshake ed25519 needs-analysis 030-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * priority:  Medium => High
 * keywords:   => tor-relay certs handshake ed25519 needs-analysis
 * severity:  Normal => Major


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 What I'd really like to know here is:
   * Between what versions of Tor do these errors occur?
   * Are they relay<->relay only, or can they happen relay<->client?
   * Between a given pair of Tor instances, do they happen every time the
 pair tries to connect, or only some times?
   * Between a pair of Tor instances, do they occur no matter who initiates
 the connection, or do they occur only if the connection starts in a
 certain direction?
   * Between which versions of Tor ''exactly'' can these occur?  They're
 impossible with 0.2.9, I believe, since they seem to depend on the ed
 handshake introduced in 0.3.0.x, but do they occur only with some
 0.3.x.y<->0.3.x.y pairs, or all?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9972 [Core Tor/Tor]: Failed to find node for hop 0 of our path. Discarding this circuit.

[Tor Bug Tracker & Wiki]

#9972: Failed to find node for hop 0 of our path. Discarding this circuit.
--+--
 Reporter:  mr-4  |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.2.4.17-rc
 Severity:  Normal| Resolution:  fixed
 Keywords:  tor-client|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 Prop271 completely rewrote the logic for applying restrictions to guard
 node selection. Closing this as fixed.  There are probably other ways to
 trigger that message above, but they are different bugs than this one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9968 [Core Tor/Tor]: Time out quicker on microdesc fetch failures while we're bootstrapping

[Tor Bug Tracker & Wiki]

#9968: Time out quicker on microdesc fetch failures while we're bootstrapping
-+-
 Reporter:  arma |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client bootstrap download|  Actual Points:
  sponsor8-maybe |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-client => tor-client bootstrap download sponsor8-maybe


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9957 [Core Tor/Tor]: Tor should consider stderr output of transport proxies

[Tor Bug Tracker & Wiki]

#9957: Tor should consider stderr output of transport proxies
-+-
 Reporter:  wfn  |  Owner:  yawning
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Very Low |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tor-pt, SponsorS-deferred, tor-  |  Actual Points:
  bridge |
Parent ID:   | Points:  small
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-pt, SponsorS-deferred => tor-pt, SponsorS-deferred, tor-
 bridge
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9954 [Core Tor/Tor]: Replace broadcast voting protocol with something more robust

[Tor Bug Tracker & Wiki]

#9954: Replace broadcast voting protocol with something more robust
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dirauth robustness voting|  Actual Points:
  needs-proposal research-program|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-dirauth => tor-dirauth robustness voting needs-proposal
 research-program
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9932 [Core Tor/Tor]: dir-spec.txt: Clarify Exit flag

[Tor Bug Tracker & Wiki]

#9932: dir-spec.txt: Clarify Exit flag
--+--
 Reporter:  ra|  Owner:
 Type:  enhancement   | Status:  closed
 Priority:  Low   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  needs_revision => closed
 * resolution:   => worksforme
 * severity:   => Normal


Comment:

 The description has been updated at least once since this ticket was
 opened.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by arma):

 And yet another case. Man, there are a lot of ways we can be upset with
 the CERTS cell we get.
 {{{
 May 31 10:33:36.957 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 2.86.150.234:41648; Sending cells: CERTS
 May 31 10:33:36.957 [info] or_handshake_certs_ed25519_ok(): Received a bad
 CERTS cell: At least one Ed25519 certificate was badly signed
 May 31 10:33:36.957 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 2.86.150.234:41648: Invalid certificate chain!
 May 31 10:33:36.957 [info] conn_close_if_marked(): Conn (addr
 "2.86.150.234", fd 8039, type OR, state 7) marked, but wants to flush 1321
 bytes. (Marked at src/or/connection_or.c:1319)
 May 31 10:33:36.957 [info] conn_close_if_marked(): We stalled too much
 while trying to write 1321 bytes to address "2.86.150.234".  If this
 happens a lot, either something is wrong with your network connection, or
 something is wrong with theirs. (fd 8039, type OR, state 7, marked at
 src/or/connection_or.c:1319).
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by arma):

 Here's another case. Also legit looking, but it makes me wonder if the
 relay operator got told anything in their logs:

 {{{
 May 31 09:42:26.114 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 81.65.22.106:9001; Sending cells: CERTS
 May 31 09:42:26.114 [info] rsa_ed25519_crosscert_check(): Received a bad
 RSA->Ed25519 crosscert: Crosscert is expired
 May 31 09:42:26.114 [info] or_handshake_certs_ed25519_ok(): Received a bad
 CERTS cell: Invalid RSA->Ed25519 crosscert
 May 31 09:42:26.114 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 81.65.22.106:9001: Invalid certificate chain!
 May 31 09:42:26.114 [info] conn_close_if_marked(): Conn (addr
 "81.65.22.106", fd 8175, type OR, state 7) marked, but wants to flush 1321
 bytes. (Marked at src/or/connection_or.c:1319)
 May 31 09:42:26.114 [info] conn_close_if_marked(): We stalled too much
 while trying to write 1321 bytes to address "81.65.22.106".  If this
 happens a lot, either something is wrong with your network connection, or
 something is wrong with theirs. (fd 8175, type OR, state 7, marked at
 src/or/connection_or.c:1319).
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9982 [Core Tor/Tor]: Use a better password-based KDF for controller passwords, authority identity key encryption, and more

[Tor Bug Tracker & Wiki]

#9982: Use a better password-based KDF for controller passwords, authority
identity key encryption, and more
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay scrypt passphrase tor- |  Actual Points:
  dirauth tor-control easy   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay => tor-relay scrypt passphrase tor-dirauth tor-
 control easy


Comment:

 We now have scrypt support, but it isn't actually used in controller
 passphrases or authority key encryption passphrases.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9998 [Core Tor/Tor]: resolve "localhost", "host", "hostname" and "host.localdomain" to 127.0.0.1

[Tor Bug Tracker & Wiki]

#9998: resolve "localhost", "host", "hostname" and "host.localdomain" to 
127.0.0.1
-+-
 Reporter:  proper   |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, dns, naming,  hosts, |  Actual Points:
  easy needs-analysis|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-client, needs-proposal => tor-client, dns, naming,  hosts,
 easy needs-analysis
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9925 [Core Tor/Tor]: Directory Authorities can crash client/relay by scrambling microdesc assignments (was: Directory Authorities can crash client/relay)

[Tor Bug Tracker & Wiki]

#9925: Directory Authorities can crash client/relay by scrambling microdesc
assignments
-+-
 Reporter:  sysrqb   |  Owner:
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client nickm-patch, SponsorU-|  Actual Points:
  deferred, needs-testing|
Parent ID:   | Points:  medium
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  nickm-patch, SponsorU-deferred => tor-client nickm-patch,
 SponsorU-deferred, needs-testing


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9894 [Core Tor/Tor]: Sandbox doesn't work with obfsproxy

[Tor Bug Tracker & Wiki]

#9894: Sandbox doesn't work with obfsproxy
-+-
 Reporter:  zoltan   |  Owner:
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.5.1-alpha
 Severity:  Normal   | Resolution:  duplicate
 Keywords:  sandbox, tor-client, tor-pt  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => closed
 * resolution:   => duplicate
 * severity:   => Normal


Comment:

 We've permitted getrlimit since we first merged this code, and pipe since
 #16363 for ages. Closing as fixed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9860 [Core Tor/Tor]: junk log messages every time SETCONF changes the set of ORPorts

[Tor Bug Tracker & Wiki]

#9860: junk log messages every time SETCONF changes the set of ORPorts
-+-
 Reporter:  zwol |  Owner:
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very Low |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.17-rc
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, tor-relay, easy, |  Actual Points:
  deferrable, logging, usability torrc   | Points:
Parent ID:   |  small/medium
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-client, tor-relay, easy, deferrable => tor-client, tor-
 relay, easy, deferrable, logging, usability torrc


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9826 [Core Tor/Tor]: tor process priority in windows

[Tor Bug Tracker & Wiki]

#9826: tor process priority in windows
-+-
 Reporter:  bolvan   |  Owner:
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  priority, tor-relay windows win32|  worksforme
  configuration needs-windows|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * keywords:  priority, tor-relay => priority, tor-relay windows win32
 configuration needs-windows
 * resolution:   => worksforme
 * severity:   => Normal


Comment:

 Closing as worksforme, since apparently this is something users can do for
 themselves without Tor modifications.  Please reopen if that isn't true.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9797 [Core Tor/Tor]: Reload of configuration with conflicting options causes immediate shutdown

[Tor Bug Tracker & Wiki]

#9797: Reload of configuration with conflicting options causes immediate 
shutdown
+--
 Reporter:  damogets|  Owner:
 Type:  enhancement | Status:  closed
 Priority:  Low |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:  Tor: 0.2.4.17-rc
 Severity:  Normal  | Resolution:  wontfix
 Keywords:  configuration,reload,crash  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix
 * severity:   => Normal


Comment:

 Closing this as wontfix unless somebody comes up with a way to solve this
 issue:
 >Surviving the hup but not using what's in the torrc file produces even
 more surprise in users (once upon a time we tried that).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9786 [Core Tor/Tor]: Don't show non-exit relay nodes in the list

[Tor Bug Tracker & Wiki]

#9786: Don't show non-exit relay nodes in the list
--+--
 Reporter:  cypherpunks   |  Owner:
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix
 * severity:   => Normal


Comment:

 Our architecture really needs to have all the relay IPs publicly known. If
 you want to be relay privately, you have to run a bridge instead.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9775 [Core Tor/Tor]: Authorities should report when they don't vote Running but some addresses are still reachable

[Tor Bug Tracker & Wiki]

#9775: Authorities should report when they don't vote Running but some addresses
are still reachable
+--
 Reporter:  arma|  Owner:
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-dirauth logging reporting easy  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * keywords:  tor-dirauth => tor-dirauth logging reporting easy
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9754 [Core Tor/Tor]: Tor 0.2.4.17-rc crashed with failed assertion

[Tor Bug Tracker & Wiki]

#9754: Tor 0.2.4.17-rc crashed with failed assertion
--+--
 Reporter:  communicator  |  Owner:
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:  worksforme
 Keywords:  tor-relay |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  needs_information => closed
 * resolution:   => worksforme
 * severity:   => Normal


Comment:

 This didn't wind up recurring, did it? Please reopen if so.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9729 [Core Tor/Tor]: Make bridges publish additional ORPort addresses in their descriptor

[Tor Bug Tracker & Wiki]

#9729: Make bridges publish additional ORPort addresses in their descriptor
-+-
 Reporter:  sqrt2|  Owner:
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.5.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  ORPort, censorship, pt, multiple,|  Actual Points:
  addresses, andrea-review, tor-bridge   |
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:
 |  SponsorS-can
-+-
Changes (by nickm):

 * keywords:  ORPort, bridge, multiple, addresses, andrea-review, tor-bridge
 => ORPort, censorship, pt, multiple, addresses, andrea-review, tor-
 bridge
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9689 [Core Tor/Tor]: Write proposal for RELAY_AUTHENTICATE/multipath AUTHENTICATE delivery

[Tor Bug Tracker & Wiki]

#9689: Write proposal for RELAY_AUTHENTICATE/multipath AUTHENTICATE delivery
-+-
 Reporter:  mikeperry|  Owner:
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  key-theft mike-0.2.5 needs-proposal  |  Actual Points:
  so-crazy-it-just-might-work research-program   |
  term-project   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  key-theft mike-0.2.5 proposal-needed so-crazy-it-just-might-
 work =>
 key-theft mike-0.2.5 needs-proposal so-crazy-it-just-might-work
 research-program term-project
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9680 [Core Tor/Tor]: get_datadir_fname2_suffix() should create missing directories as needd

[Tor Bug Tracker & Wiki]

#9680: get_datadir_fname2_suffix() should create missing directories as needd
+--
 Reporter:  nickm   |  Owner:
 Type:  enhancement | Status:  new
 Priority:  Low |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-relay robustness mkdir  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * keywords:  tor-relay => tor-relay robustness mkdir
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9685 [Core Tor/Tor]: Improve Tor2web mode performance by having Tor2web client to be the RendezVous Point

[Tor Bug Tracker & Wiki]

#9685: Improve Tor2web mode performance by having Tor2web client to be the
RendezVous Point
+--
 Reporter:  naif|  Owner:
 Type:  enhancement | Status:  reopened
 Priority:  Very Low|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs tor2web performance  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * priority:  Medium => Very Low
 * keywords:  tor-hs tor2web => tor-hs tor2web performance
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9667 [Core Tor/Tor]: Consider batch-exponentiation tricks to improve ntor performance

[Tor Bug Tracker & Wiki]

#9667: Consider batch-exponentiation tricks to improve ntor performance
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor:
  |  unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  tor-relay, performance, ntor  |  Actual Points:
Parent ID:  #9662 | Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9662 [Core Tor/Tor]: Make ntor handshake faster

[Tor Bug Tracker & Wiki]

#9662: Make ntor handshake faster
-+-
 Reporter:  nickm|  Owner:  yawning
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, performance, ntor,|  Actual Points:
  SponsorU-deferred, cpu |
Parent ID:   | Points:  large
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay, performance, ntor, SponsorU-deferred => tor-relay,
 performance, ntor, SponsorU-deferred, cpu


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9664 [Core Tor/Tor]: Precompute ephemeral keypairs for ntor

[Tor Bug Tracker & Wiki]

#9664: Precompute ephemeral keypairs for ntor
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.7
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, ntor, performance, cpu,   |  Actual Points:
  latency|
Parent ID:  #9662| Points:  3
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay, ntor, performance => tor-relay, ntor, performance,
 cpu, latency


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9655 [Core Tor/Tor]: Tor manual's config default options could be clearer

[Tor Bug Tracker & Wiki]

#9655: Tor manual's config default options could be clearer
-+-
 Reporter:  Ry   |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Very Low |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay docs defaults easy |  Actual Points:
  english style manpage  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:   => tor-relay docs defaults easy english style manpage
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22406 [Applications/Tor Browser]: Tor hangs when I try to access guardian.com Cartoons with 5 tabs open (cartoon page + 4 cartoons)

[Tor Bug Tracker & Wiki]

#22406: Tor hangs when I try to access guardian.com Cartoons with 5 tabs open
(cartoon page + 4 cartoons)
--+---
 Reporter:  mwolfe|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 ticket:22362#comment:13

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9498 [Core Tor/Tor]: Allow bridge descriptors to contain no address if they are not being published

[Tor Bug Tracker & Wiki]

#9498: Allow bridge descriptors to contain no address if they are not being
published
-+-
 Reporter:  nwf  |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridge, need-spec, bridgedb, |  Actual Points:
  needs-proposal censorship  |
Parent ID:   | Points:  large
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-bridge, need-spec, bridgedb, needs-proposal => tor-bridge,
 need-spec, bridgedb, needs-proposal censorship
 * priority:  Medium => Very High
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work in non-e10s-mode on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work in non-e10s-mode on 
view-
source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201705   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 You can experiment with
 https://bugzilla.mozilla.org/show_bug.cgi?id=863246, because they're going
 to land it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22156 [Core Tor/Tor]: Add Rust linting/formatting tools

[Tor Bug Tracker & Wiki]

#22156: Add Rust linting/formatting tools
--+--
 Reporter:  chelseakomlo  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  rust  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by chelseakomlo):

 Hey, thanks for the further info on clippy.

 Replying to [comment:1 hdevalence]:
 > `cargo clippy` is a great tool, but I don't think that it should be part
 of a CI run, and I don't think that it makes sense (or is worthwhile) to
 spend time deciding which rules should be included or not.
 >
 > The reason is that `cargo clippy` is meant to be **extremely
 enthusiastic** about giving suggestions.  Often, these suggestions are
 helpful, but sometimes, they aren't.  And, for a given rule, there's no
 way to know whether it will always be useful or not (i.e., there's no way
 to decide in advance whether it should be "required").  For instance,
 consider [https://github.com/Manishearth/rust-
 clippy/wiki#needless_range_loop `needless_range_loop`].  This is often a
 good warning, but sometimes it really does make more sense to use an
 explicit index.  There's no way to know, except by using context and
 judgement.
 >

 Yes, we'll definitely need to slowly build up which warnings we
 follow/ignore, mostly on a as-needed basis, as you said. It isn't
 practical to decide everything in one go.

 >
 > I wonder whether a focus on requiring linting tools as part of a
 development/CI process is a legacy from C development.  Since `rustc`
 already includes quite extensive errors and warnings, is a required
 linting process beyond "no warnings on compilation" necessary?
 >

 Linting is a pretty common practice in languages other than C. For
 example, Golang has its own linter: https://github.com/golang/lint and
 JavaScript has JSHint and other tools.

 >
 > To put it another way, what errors are people hoping to catch using a
 linter that `rustc` wouldn't already warn about?
 >

 It is true that we'll lean on rustc for compile errors, but using a linter
 helps ensure a certain coding style.

 Because clippy is so opinionated and also in flux, we hope starting simple
 and iterating when needed will have the best result. Hopefully we can give
 feedback to clippy developers to help improve the usefulness of it as
 well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9478 [Core Tor/Tor]: Operational crypto enhancements

[Tor Bug Tracker & Wiki]

#9478: Operational crypto enhancements
--+--
 Reporter:  grarpamp  |  Owner:
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.2.4.16-rc
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => worksforme
 * severity:   => Normal


Comment:

 Replying to [ticket:9478 grarpamp]:
 > Subject of managing key material has come up a few times on the lists.

 Recommendation for most of these: use a ramdisk if you want ephemeral, and
 an encrypted volume if you want persistent but encrypted.

 Additionally, offline ed25519 id keys are supported, and nifty.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9476 [Core Tor/Tor]: Completely drop support for Tor 0.2.2.x

[Tor Bug Tracker & Wiki]

#9476: Completely drop support for Tor 0.2.2.x
-+-
 Reporter:  nickm|  Owner:
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, tor-dirauth, needs-   |  Actual Points:
  analysis   | Points:
Parent ID:  #15940   |  medium/large
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay, unfrozen, tor-dirauth => tor-relay, tor-dirauth,
 needs-analysis


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9432 [Core Tor/Tor]: [PATCH] respect RFC5735 and disallow 'Special Use IPv4 Addresses' per default

[Tor Bug Tracker & Wiki]

#9432: [PATCH] respect RFC5735 and disallow 'Special Use IPv4 Addresses' per
default
-+--
 Reporter:  cypherpunks  |  Owner:
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:  duplicate
 Keywords:  tor-relay, privaddr  |  Actual Points:
Parent ID:  #7971| Points:
 Reviewer:   |Sponsor:
-+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => duplicate
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9426 [Core Tor/Tor]: multicast connection tries

[Tor Bug Tracker & Wiki]

#9426: multicast connection tries
---+--
 Reporter:  cypherpunks|  Owner:
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:  Tor: 0.2.3.25
 Severity:  Normal | Resolution:  duplicate
 Keywords:  tor-relay private-address  |  Actual Points:
Parent ID:  #7971  | Points:
 Reviewer: |Sponsor:
---+--
Changes (by nickm):

 * keywords:   => tor-relay private-address
 * status:  new => closed
 * resolution:   => duplicate
 * severity:   => Normal
 * parent:   => #7971


Comment:

 Another piece for #7971

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9323 [Core Tor/Tor]: Option to start as a bridge by default, but change to relay if bw is super-high. (was: Convertible node type)

[Tor Bug Tracker & Wiki]

#9323: Option to start as a bridge by default, but change to relay if bw is 
super-
high.
+--
 Reporter:  saint   |  Owner:  chiiph
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-relay tor-bridge usability  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * keywords:  tor-relay => tor-relay tor-bridge usability
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7971 [Core Tor/Tor]: review address lists in tor_addr_is_internal_()

[Tor Bug Tracker & Wiki]

#7971: review address lists in tor_addr_is_internal_()
-+-
 Reporter:  cypherpunks  |  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client internal-addrs private-   |  Actual Points:
  address needs-design needs-spec|
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-client internal-addrs needs-design needs-spec => tor-
 client internal-addrs private-address needs-design needs-spec


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5166 [Core Tor/Tor]: 198.18.0.0/15 is reserved and in use by home routers

[Tor Bug Tracker & Wiki]

#5166: 198.18.0.0/15 is reserved and in use by home routers
---+--
 Reporter:  rransom|  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-relay private-address  |  Actual Points:
Parent ID:  #7971  | Points:
 Reviewer: |Sponsor:
---+--
Changes (by nickm):

 * parent:   => #7971


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9394 [Core Tor/Tor]: Proposal to facilitate resetting entry guards

[Tor Bug Tracker & Wiki]

#9394: Proposal to facilitate resetting entry guards
-+-
 Reporter:  mirimir  |  Owner:
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tor-client reset-entry-guards|  duplicate
  guards security needs-proposal |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => closed
 * resolution:   => duplicate
 * severity:   => Normal


Comment:

 DROPGUARDS exists since 0.2.5.2-alpha, though I don't have to like it. :)
 See #9934 (whose ticket ID is an anagram of this ticket's ID).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9390 [Core Tor/Tor]: Warn if you're being a public relay but have too-low file descriptor limit

[Tor Bug Tracker & Wiki]

#9390: Warn if you're being a public relay but have too-low file descriptor 
limit
-+-
 Reporter:  arma |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay easy dos resources |  Actual Points:
  logging|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay => tor-relay easy dos resources logging
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9368 [Core Tor/Tor]: Turn static throttling on in the live network

[Tor Bug Tracker & Wiki]

#9368: Turn static throttling on in the live network
-+-
 Reporter:  arma |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dirauth bandwidth analysis dos   |  Actual Points:
  needs-analysis |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-dirauth => tor-dirauth bandwidth analysis dos needs-
   analysis
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9320 [Core Tor/Tor]: Assign bandwidth to new relays faster

[Tor Bug Tracker & Wiki]

#9320: Assign bandwidth to new relays faster
--+--
 Reporter:  hsn   |  Owner:
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix
 * severity:   => Normal


Comment:

 Closing as "wontfix", not because this is a bad idea, but because if it
 happens, it's got to happen as part of a better bandwidth measurement
 architecture.  The existing bwauth code is (I'm told) held together with
 duct tape, good intentions, and muttered profanities.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9290 [Core Tor/Tor]: Use something other than "known relay" to decide on rate in connection_or_update_token_buckets_helper() on authorities (was: Use something other than "known relay"

[Tor Bug Tracker & Wiki]

#9290: Use something other than "known relay" to decide on rate in
connection_or_update_token_buckets_helper() on authorities
---+---
 Reporter:  nickm  |  Owner:
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:  Tor:
   |  unspecified
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-relay, bandwidth, tor-dirauth  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by nickm):

 * priority:  Medium => Low
 * keywords:  tor-relay, bandwidth => tor-relay, bandwidth, tor-dirauth
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9272 [Core Tor/Tor]: Dirport lacks a method for fetching all microdescriptors

[Tor Bug Tracker & Wiki]

#9272: Dirport lacks a method for fetching all microdescriptors
---+--
 Reporter:  atagar |  Owner:
 Type:  enhancement| Status:  closed
 Priority:  Low|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  wontfix
 Keywords:  tor-relay, dir, microdesc  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix
 * severity:   => Normal


Comment:

 This is probably not actually what we should have; instead we should have
 some more specific way to query the microdescs that we actually need in a
 terser form than is possible today.

 (Asking the control port about "all microdescs" is reasonable, though.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9241 [Core Tor/Tor]: Abstract and decouple path selection from circuit construction

[Tor Bug Tracker & Wiki]

#9241: Abstract and decouple path selection from circuit construction
-+-
 Reporter:  mikeperry|  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.7
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, path-selection mike- |  Actual Points:
  can, tor-route-testing refactor technical- |
  debt   |
Parent ID:  #9001| Points:  6
 Reviewer:   |Sponsor:
 |  SponsorU-can
-+-
Changes (by nickm):

 * keywords:  tor-client, mike-can, tor-route-testing =>
 tor-client, path-selection mike-can, tor-route-testing refactor
 technical-debt
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9213 [Core Tor/Tor]: Shouldn't ~/.torrc override /etc/torrc ? (was: configuration files used in wrong order)

[Tor Bug Tracker & Wiki]

#9213: Shouldn't ~/.torrc override /etc/torrc ?
--+-
 Reporter:  hsn   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.2.4.13-alpha
 Severity:  Normal| Resolution:
 Keywords:  tor-client|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by nickm):

 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9208 [Core Tor/Tor]: Allow node operator to avoid Guard flag

[Tor Bug Tracker & Wiki]

#9208: Allow node operator to avoid Guard flag
+--
 Reporter:  cypherpunks |  Owner:
 Type:  enhancement | Status:
|  needs_information
 Priority:  Medium  |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  guard tor-relay needs-proposal  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9165 [Core Tor/Tor]: Evaluate datagram-based transports; build and merge as appropriate

[Tor Bug Tracker & Wiki]

#9165: Evaluate datagram-based transports; build and merge as appropriate
-+-
 Reporter:  nickm|  Owner:
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  very long term
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay datagram needs-proposal|  Actual Points:
  research-program   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay datagram needs-proposal => tor-relay datagram needs-
 proposal research-program
 * severity:   => Normal
 * milestone:  Tor: unspecified => Tor: very long term


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9105 [Core Tor/Tor]: make heartbeat messages describe hibernation consistently (was: make heartbeat messages consistent)

[Tor Bug Tracker & Wiki]

#9105: make heartbeat messages describe hibernation consistently
-+-
 Reporter:  hsn  |  Owner:
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.13-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay accounting heartbeat easy  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay => tor-relay accounting heartbeat easy
 * severity:   => Normal


Comment:

 > Upon hibernating Tor uptime is reset, but transferred GB are not.

 So, this is in one sense correct behavior.  Hibernating makes the relay go
 down (as far as anybody else is concerned), which ought to reset its
 uptime.

 That said, it would be good to log both the amount of time that the tor
 process has been running, and the uptime for the current session.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #9125 [Obfuscation/Pluggable transport]: Allow reporting different obfs ports to bridge db

[Tor Bug Tracker & Wiki]

#9125: Allow reporting different obfs ports to bridge db
-+-
 Reporter:  hsn  |  Owner:  asn
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:  Tor:
 |  0.2.4.14-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, tor-pt|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * severity:   => Normal
 * milestone:  Tor: unspecified =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate

[Tor Bug Tracker & Wiki]

#22460: Received a bad CERTS cell: Link certificate does not match TLS 
certificate
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by arma):

 Here is another case, which also looks legit:
 {{{
 May 31 09:40:36.170 [info] channel_tls_process_versions_cell(): Negotiated
 version 4 with 23.252.50.179:9001; Sending cells: CERTS
 May 31 09:40:36.170 [info] Certificate already expired. Either their clock
 is set wrong, or your clock is wrong.
 May 31 09:40:36.170 [info] (certificate lifetime runs from Sep 29 00:00:00
 2015 GMT through Feb 23 00:00:00 2016 GMT. Your time is May 31 13:40:36
 2017 UTC.)
 May 31 09:40:36.170 [info] or_handshake_certs_rsa_ok(): Received a bad
 CERTS cell: The link certificate was not valid
 May 31 09:40:36.170 [info] channel_tls_process_certs_cell(): Received a
 bad CERTS cell from 23.252.50.179:9001: Invalid certificate chain!
 May 31 09:40:36.170 [info] conn_close_if_marked(): Conn (addr
 "23.252.50.179", fd 1639, type OR, state 7) marked, but wants to flush
 1321 bytes. (Marked at src/or/connection_or.c:1319)
 May 31 09:40:36.170 [info] conn_close_if_marked(): We stalled too much
 while trying to write 1321 bytes to address "23.252.50.179".  If this
 happens a lot, either something is wrong with your network connection, or
 something is wrong with theirs. (fd 1639, type OR, state 7, marked at
 src/or/connection_or.c:1319).
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs