[tor-bugs] #22470 [Applications/Tor Browser Sandbox]: Resync the bridges.

[Tor Bug Tracker & Wiki]

#22470: Resync the bridges.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  task  | Status:  new
 Priority:  Low   |  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 #22429 bridge: Add Lisbeth IPv6 address
 #22468 Add default obfs4 bridges frosty and dragon

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21862 [Applications/Tor Browser]: Make rust code in ESR 52 proxy safe

[Tor Bug Tracker & Wiki]

#21862: Make rust code in ESR 52 proxy safe
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by arthuredelstein):

 I don't know rust either, but I was curious what happens if these
 functions are ripped out. Is any code calling them?

 I tried building with `ac_add_options --enable-rust` in the mozconfig file
 and I got the follow error message:

 {{{
  2:45.75 error: the listed checksum of `/home/arthur/tor-
 browser/third_party/rust/url/src/lib.rs` has changed:
  2:45.75 expected:
 c3542aabc733f76a3b9c7d24b5c41e60e9eb84d2712660611300d1de0e7c2072
  2:45.75 actual:
 3abae55faf84f05be573d6275fa49ca2e61a4a95e3717a9059e3971b5d53101a
  2:45.75
  2:45.75 directory sources are not intended to be edited, if modifications
 are required then it is recommended that [replace] is used with a forked
 copy of the source
  2:45.76 /home/arthur/tor-browser/config/rules.mk:939: recipe for target
 'force-cargo-build' failed
  2:45.76 make[5]: *** [force-cargo-build] Error 101
  2:45.76 /home/arthur/tor-browser/config/recurse.mk:71: recipe for target
 'toolkit/library/rust/target' failed
  2:45.76 make[4]: *** [toolkit/library/rust/target] Error 2
  2:45.76 make[4]: *** Waiting for unfinished jobs
 }}}

 The "expected" hash (c3542aab...) is located in `third_party/rust/url
 /.cargo-checksum.json`. The README in the same directory says this code is
 a
 {{{
 URL library for Rust, based on the [URL
 Standard](https://url.spec.whatwg.org/).
 }}}

 So it looks to me like this is patching a "third-party library", whereas
 we should probably be ripping out something considered to be "first-party"
 gecko code.

 Another option might be just to remove the whole third-party directory or
 even all rust files from the source code.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22469 [Core Tor/Tor]: tor should ignore invalid ipv6 address:port definitions

[Tor Bug Tracker & Wiki]

#22469: tor should ignore invalid ipv6 address:port definitions
--+
 Reporter:  toralf|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.2-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Sebastian):

 Is the ticket meant to say "should not ignore"? Or can you clarify what
 you mean?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22469 [Core Tor/Tor]: tor should ignore invalid ipv6 address:port definitions

[Tor Bug Tracker & Wiki]

#22469: tor should ignore invalid ipv6 address:port definitions
--+
 Reporter:  toralf|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.2-alpha
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 something like
 {{{
 ExitPolicy reject6 [2a00:1450:4001:0815::::200e]:0x00
 }}}
 should spew an error message.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed while trying to download a file

[Tor Bug Tracker & Wiki]

#21766: Tor Browser based on ESR52 with e10s enabled crashed while trying to
download a file
-+-
 Reporter:  gk   |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-crash,   |  Actual Points:
  TorBrowserTeam201706, tbb-7.0-must |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 We have not found a fix for the pdfjs download problem, but I think the
 reason our earlier fix is ineffective is because a blobURI is used for the
 download, and therefore the channel associated with the download cannot be
 suspended (suspend and resume are only implemented for some channel
 types). So in this case the suspend/resume solution won't work.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22443 [Webpages/Blog]: Direct links to comments (old style) no longer work

[Tor Bug Tracker & Wiki]

#22443: Direct links to comments (old style) no longer work
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 Replying to [comment:2 dcf]:
 Script which redirects
 >   https://blog.torproject.org/blog/tor-browser-
 70a3-released#comment-263144
 to
 >   https://blog.torproject.org/blog/tor-browser-
 70a3-released?page=1#comment-263144

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22328 [Applications/Tor Browser]: Check if we can remove OSX clang PIE wrappers

[Tor Bug Tracker & Wiki]

#22328: Check if we can remove OSX clang PIE wrappers
--+---
 Reporter:  boklm |  Owner:  boklm
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by boklm):

 After removing the clang wrappers in rbm, and doing a test build, the
 binaries produced are still PIE. So it looks like the wrappers are no
 longer needed.

 I have now started a build in gitian with the same changes to confirm.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
+--
 Reporter:  arthuredelstein |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_review
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201706R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 r=mcs
 This looks good to me, and it seems to fix the problem.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22455 [Core Tor/Tor]: Enumerate cases where we want to retry circuits, and correctly balance retry robustness with guard discovery

[Tor Bug Tracker & Wiki]

#22455: Enumerate cases where we want to retry circuits, and correctly balance
retry robustness with guard discovery
--+
 Reporter:  arma  |  Owner:
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  needs-proposal prop224-extra  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by catalyst):

 * cc: catalyst (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22468 [Applications/Tor Browser]: Add default obfs4 bridges frosty and dragon

[Tor Bug Tracker & Wiki]

#22468: Add default obfs4 bridges frosty and dragon
---+---
 Reporter:  dcf|  Owner:  tbb-team
 Type:  task   | Status:
   |  needs_review
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-bridges TorBrowserTeam201706R  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by dcf):

 * status:  new => needs_review
 * keywords:  tbb-bridges => tbb-bridges TorBrowserTeam201706R


Comment:

 Here is a patch. It applies over the top of the one from #22429 (in order
 to keep sequential numbering).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22468 [Applications/Tor Browser]: Add default obfs4 bridges frosty and dragon

[Tor Bug Tracker & Wiki]

#22468: Add default obfs4 bridges frosty and dragon
--+-
 Reporter:  dcf   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-bridges
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Here are two new bridges.

 obfs4 37.218.240.34:40035 88CD36D45A35271963EF82E511C8827A24730913
 cert=eGXYfWODcgqIdPJ+rRupg4GGvVGfh25FWaIXZkit206OSngsp7GAIiGIXOJJROMxEqFKJg
 iat-mode=1
 obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D
 cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg
 iat-mode=0

 This is the thread where the operator offered to run them:
 https://lists.torproject.org/pipermail/tor-project/2017-March/001025.html
 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEEeXoyauxKR4rwUMw64rk9gVzTiOUFAlkwfv8ACgkQ4rk9gVzT
 iOXhBRAAmqp422FpZ9HtaucEuBlmrVywQu6F6baONvMSLQsVmBsL9xwRszKdwMY+
 O1Fyurxrf0huRo1vCcEoiV7yckMNUuYXhcLQwT4jIPQAXeowhfunh7FhPeugmsyn
 K3l7Oh8YDRH17rs2IwWtKz8H6ge+5+j2jNIAf005hQaIBLPOTTbYMJh1ed5dyY5Q
 1AZv0h1VB0Q00Hqyq7l9NYHonGzoQqtoF4IPrHouzz5GDEYYHd/fmsfHrjtAyqjj
 1f8RbFgJIFHalOTgrVbwb9aNZPqwVphGhJMF5rtl7JCdc3xCRtBDLJx7UhWaxup0
 7Vqn/SaiIb49f3p90cypaC2z1cdeW/qV4swj4S29IrcPfeP6q69eajSCWmZvIiai
 QY7V9kJAhrXU+JYWVQlEX1ftEWZ//Ox6gplJn/59bkQGSAg3K2kfxiau4JJbgWDd
 nFV1rcab4yOqUgD/4PyUdBPHQzbRaI+FcSAotdsJpnZhRbd36x0ct8tUgWz3SX89
 LHE/9OX7Vdtu1KfDixCh7F/4WroCGdZN7WX3ZZm4BCjLo6RWQTr1sGBQJhdwqByT
 OpRkQZKV5jq35erUGid21sR8+tk8a4LOiUa+YULqtw5jWk9ETI96T9D9/7g3f4/W
 E0dZJESXEtg5VfRsD+fPAg78/iWVoGdES9ONRUvyXsKFjw+YEZw=
 =byGS
 -END PGP SIGNATURE-
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22443 [Webpages/Blog]: Direct links to comments (old style) no longer work

[Tor Bug Tracker & Wiki]

#22443: Direct links to comments (old style) no longer work
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by dcf):

 I think it depends on comment pagination, whether the old-style anchor
 links work. For example, from the ticket description,
   https://blog.torproject.org/blog/tor-browser-
 70a3-released#comment-263144
 doesn't work, because it's not on the first page of comments. On the other
 hand, it works if you link to the next page of comments:
   https://blog.torproject.org/blog/tor-browser-
 70a3-released?page=1#comment-263144
 Similarly, direct linking to a different comment, that happens to be on
 the first page of comments, does work:
   https://blog.torproject.org/blog/tor-browser-
 70a3-released#comment-261646

 I believe this was a problem with the old blog too, where anchor links
 wouldn't work once the comment was pushed off the first page of comments.
 I'm glad that now we have the /comment/XX style for more reliable
 permalinks.

 Since the anchor links were slightly broken even in the old blog, I'm not
 sure anything needs to be done for this ticket. Though a possible
 workaround would be to make the number of comments per page in the new
 blog equal to that of the old blog. (Unless threading messes that up.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work on view-source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 r=brade, r=mcs
 The code changes look fine and the patch seems to fix the problem (we did
 a quick test on OSX).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by catalyst):

 Both branches also look good to me.  I have no easy way to test the "OS
 thinks it's 1970" aspect of this issue, though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21862 [Applications/Tor Browser]: Make rust code in ESR 52 proxy safe

[Tor Bug Tracker & Wiki]

#21862: Make rust code in ESR 52 proxy safe
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 r=mcs
 I don't read or write Rust, but your changes look okay. Maybe we should
 ask a Rust person to look at them? Certainly your patch is good enough to
 serve as a reminder that we need to look at the Rust code more closely
 once we start compiling it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
+--
 Reporter:  arthuredelstein |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_review
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201706R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by arthuredelstein):

 * keywords:  tbb-7.0-must TorBrowserTeam201705 => tbb-7.0-must
 TorBrowserTeam201706R
 * status:  new => needs_review


Comment:

 It turns out this bug was already fixed in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1329521, but unfortunately
 ESR52 was not patched. Here is my backport for review:
 https://github.com/arthuredelstein/tor-browser/commit/22462

 I tried reproducing the "Browser console" issue also reported in that
 Mozilla bug but was unable to do so, so I am not backporting the other
 patch from that bug.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16485 [Applications/Tor Browser]: Firefox bug - Unrecognized storage name 'null' in about:cache URL

[Tor Bug Tracker & Wiki]

#16485: Firefox bug - Unrecognized storage name 'null' in about:cache URL
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability,   |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 r=brade, r=mcs
 I have trouble making sense of what is displayed in about:cache, but this
 fix looks okay.

 Is there a Firefox bug filed for this issue?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22255 [Core Tor/Tor]: Frequent OOM kills of tor process

[Tor Bug Tracker & Wiki]

#22255: Frequent OOM kills of tor process
--+
 Reporter:  DeS   |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Replying to [comment:46 DeS]:
 > 1) as you can see on this pictures the system "dies" once at 19 k
 connections. But two times later everything is fine at more than 20k
 connections

 I would not be so sure about that since who knows what amount of
 connections it reached when it failed.


 > 4) How do we explain the tor process just uses 400 Meg of memory each
 (see arma comment above)
 > Something is not adding up here and this is what we have to find out.

 You didn't provide the OOM and your other logs this time that would tell
 us how much it used this time? Please provide all logs you have for all
 new OOMs (not just munin graphs).


 I think running two instances with MaxMemInQueues at 2000MB is to high,
 because you do not have more than 4GB memory.


 Lets try to set it to
 x = (4000 MB - (memory_your_os_uses_without_tor + 400 MB safety)) /
 number_of_tor_instances

 Are these physical or virtual machines?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22443 [Webpages/Blog]: Direct links to comments (old style) no longer work

[Tor Bug Tracker & Wiki]

#22443: Direct links to comments (old style) no longer work
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 And now developers started to use new permalinks in Trac tickets, e.g.
 #22457, so both schemes need to be preserved.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7869 [Core Tor/Tor]: ntor-onion-key is padded with an equal sign

[Tor Bug Tracker & Wiki]

#7869: ntor-onion-key is padded with an equal sign
--+
 Reporter:  rransom   |  Owner:  Jigsaw52
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay, intro  |  Actual Points:
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+

Comment (by Jigsaw52):

 I've tested it now and it seems to work fine without the memcpy.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22429 [Applications/Tor Browser]: bridge: Add Lisbeth IPv6 address

[Tor Bug Tracker & Wiki]

#22429: bridge: Add Lisbeth IPv6 address
---+---
 Reporter:  dgoulet|  Owner:  tbb-team
 Type:  enhancement| Status:
   |  needs_review
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-bridges TorBrowserTeam201706R  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by dcf):

 * keywords:  tbb-bridges => tbb-bridges TorBrowserTeam201706R
 * status:  needs_information => needs_review


Comment:

 Here is a patch. I tested the bridge line by itself in a torrc file, but I
 wasn't able to test it in Tor Browser on an IPv6-capable system.

 When Tor Browser tries to use the bridge line on an IPv4-only system, this
 is what appears in the log:
 {{{
 06/01/2017 13:06:18.700 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 06/01/2017 13:06:18.700 [NOTICE] Opening Socks listener on 127.0.0.1:9150
 06/01/2017 13:06:20.600 [NOTICE] Bootstrapped 5%: Connecting to directory
 server
 06/01/2017 13:06:20.600 [NOTICE] Bootstrapped 10%: Finishing handshake
 with directory server
 06/01/2017 13:06:20.600 [WARN] Proxy Client: unable to connect to
 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 ("general SOCKS server failure")
 06/01/2017 13:06:25.400 [NOTICE] Closing no-longer-configured Socks
 listener on 127.0.0.1:9150
 06/01/2017 13:06:25.400 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 06/01/2017 13:06:25.400 [NOTICE] Closing old Socks listener on
 127.0.0.1:9150
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22458 [Applications/Tor Browser]: Fix broken `about:cache` pages on higher security levels

[Tor Bug Tracker & Wiki]

#22458: Fix broken `about:cache` pages on higher security levels
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201706R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. Applied to `master` and `maint-7.0` (commit
 e385532fa600616740bf9a92cf8d3325c0507774 and
 0cc98ba1bb0f3c15d00760a1ca05713489f5085a).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work on view-source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:12 arthuredelstein]:
 > Replying to [comment:10 gk]:
 > > Replying to [comment:7 gk]:
 > > > Replying to [comment:5 gk]:
 > > > > I think I have a better fix for that: view-source should not be
 available anymore in esr52, so we can allow it unconditionally I think.
 > > >
 > > > On second thought that might not help much as the blocked CSS is the
 problem.
 > >
 > > But we can work around that using `aRequestOrigin`. See `bug_22457_v2`
 () for a possible fix that avoids the plaform fingerprinting. Note: For
 testing purposes you need either disabled e10s or apply the patch on top
 of the one in #22459.
 >
 > I couldn't find the `bug_22457_v2` patch. Does it need to be pushed?

 It did indeed:
 
https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_22457_v2&id=7d65c8297fe862906bcb3d7c9c13e5c5b628943a

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22458 [Applications/Tor Browser]: Fix broken `about:cache` pages on higher security levels

[Tor Bug Tracker & Wiki]

#22458: Fix broken `about:cache` pages on higher security levels
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201706R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arthuredelstein):

 The patch looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22104 [Applications/Tor Browser]: Adjust #19837 for ff52-esr (update our content policy whitelist)

[Tor Bug Tracker & Wiki]

#22104: Adjust #19837 for ff52-esr (update our content policy whitelist)
-+-
 Reporter:  cypherpunks  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-regression,|  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 I just tested the video file and it looks good. The code also looks good
 to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work on view-source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:10 gk]:
 > Replying to [comment:7 gk]:
 > > Replying to [comment:5 gk]:
 > > > I think I have a better fix for that: view-source should not be
 available anymore in esr52, so we can allow it unconditionally I think.
 > >
 > > On second thought that might not help much as the blocked CSS is the
 problem.
 >
 > But we can work around that using `aRequestOrigin`. See `bug_22457_v2`
 () for a possible fix that avoids the plaform fingerprinting. Note: For
 testing purposes you need either disabled e10s or apply the patch on top
 of the one in #22459.

 I couldn't find the `bug_22457_v2` patch. Does it need to be pushed?

 I agree with Yawning that hiding differences between platforms is a
 hopeless cause, so I would also be happy with whitelisting the appropriate
 css files.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dgoulet):

 Both branches lgtm;

 Also deployed on my dirauth on the testnet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

[Tor Bug Tracker & Wiki]

#22460: Link handshake trouble: certificates and keys can get out of sync
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:  1
  needs-analysis 030-backport 029-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 lgtm `bug22460_030_01`. I unfortunately cannot confirm if this resolves
 the situation until I deploy this on the testnet (or arma on moria1) but
 code looks good.

 For `bug22460_case2_029_01`, the comment of this function should mention
 that a newly allocated object is returned. We aren't returning a global
 value or something in a state somewhere.

 {{{
 +/** Return the cerficate we used on the connection, or NULL if somehow
 + * we didn't use one. */
 +MOCK_IMPL(tor_x509_cert_t *,
 +tor_tls_get_own_cert,(tor_tls_t *tls))
 }}}

 Second thing, maybe `tor_x509_cert_dup()` should be unit test only for
 now? It's dead code if no unit tests.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+---
 Reporter:  Wonder|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  assigned => needs_information


Comment:

 I actually think #22362 is too recent to be an explanation for the
 freezing already happening 1.5 month ago.

 Wonder: Thanks for the detailed feedback, really appreciated. Can you test
 whether a normal Firefox ESR shows the same symptoms on your computer? You
 can find the latest version on https://www.mozilla.org/en-
 US/firefox/organizations/all/. If not then we could start looking closer
 at possible Tor Browser issues. Could you disable extensions one by one
 and see whether changes things (you need the tor launcher one but all the
 other three should leave you with a somewhat functioning Tor Browser.
 Note, though, that disabling those extensions is only for testing
 purposes!)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22398 [Applications/Tor Browser]: Upgrade Go to 1.7.6 / 1.8.3

[Tor Bug Tracker & Wiki]

#22398: Upgrade Go to 1.7.6 / 1.8.3
---+--
 Reporter:  yawning|  Owner:  tbb-team
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  tbb-gitian, TorBrowserTeam201706R  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:4 dcf]:
 > I am having problems building off of master
 ([https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/log/?id=082738a4bd83943d97e084fa04045e481772b998 082738a4bd])
 that do not appear to be related to the Go upgrade, so I'll leave the
 patch here so you can try it.
 > * attachment:0001-Bug-22398-Upgrade-go-to-1.8.3.patch

 Looks good to me, compiles for all three platforms and works at least on
 Linux and Windows. Applied to `master` and `maint-7.0` as commit
 fbe1263eb9601e5d435131aa3d96306b8bfdb465 and
 28c582f8aad09c2d2a8e166024841ac7014bb590.

 > Trying to build stable, I get an error in `make prep`:
 > {{{
 > $ make TORSOCKS=
 > ...
 > File ‘libcxxabi-3.8.0.src.tar.xz.sig’ not modified on server. Omitting
 download.
 >
 > ./fetch-inputs.sh: line 125: !PACKAGE: unbound variable
 > Makefile:93: recipe for target 'prep' failed
 > make: *** [prep] Error 1
 > }}}

 Yes, using effectively `versions` on `master` (which `make prep` is doing)
 is going to fail. We have the `maint-x.x` branches for that.

 > Trying to build alpha, the build gets a lot farther, but fails while
 doing the system upgrade in `--- Building sandbox-linux for jessie amd64
 ---`.
 > {{{
 > $ make resume-alpha TORSOCKS=
 > ...
 > Updating apt-get repository (log in var/install.log)
 > Installing additional packages (log in var/install.log)
 > Upgrading system, may take a while
 > ./bin/gbuild:21:in `system!': failed to run on-target -u root bash <
 target-bin/upgrade-system.sh > var/install.log 2>&1 (RuntimeError)
 > from ./bin/gbuild:112:in `build_one_configuration'
 > from ./bin/gbuild:289:in `block (2 levels) in '
 > from ./bin/gbuild:284:in `each'
 > from ./bin/gbuild:284:in `block in '
 > from ./bin/gbuild:282:in `each'
 > from ./bin/gbuild:282:in `'
 > Makefile:27: recipe for target 'build-alpha' failed
 > make: *** [build-alpha] Error 1
 > }}}
 > If I set the `-x` flag in target-bin/upgrade-system.sh to get some
 debugging output, I see an error relating to a missing /usr/sbin/update-
 grub:
 > {{{
 > $ ssh -o NoHostAuthenticationForLocalhost=yes root@127.0.0.1 -p 2223 -i
 var/id_rsa < target-bin/upgrade-system.sh
 > Pseudo-terminal will not be allocated because stdin is not a terminal.
 >
 > The programs included with the Debian GNU/Linux system are free
 software;
 > the exact distribution terms for each program are described in the
 > individual files in /usr/share/doc/*/copyright.
 >
 > Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 > permitted by applicable law.
 > stdin: is not a tty
 > + mkdir -p /var/cache/gitian
 > + apt-get -q -y purge grub
 > + true
 > + DEBIAN_FRONTEND=noninteractive
 > + apt-get -y dist-upgrade
 > Reading package lists...
 > Building dependency tree...
 > Reading state information...
 > The following packages were automatically installed and are no longer
 required:
 >   bcron fgetty grub-common lib32ncurses5 lib32tinfo5 libbg1 libbg1-doc
 >   libc6-i386 libfuse2 os-prober runit ucspi-unix
 > Use 'apt-get autoremove' to remove them.
 > perl: warning: Setting locale failed.
 > perl: warning: Please check that your locale settings:
 > LANGUAGE = (unset),
 > LC_ALL = (unset),
 > LANG = "en_US.UTF-8"
 > are supported and installed on your system.
 > perl: warning: Falling back to the standard locale ("C").
 > locale: Cannot set LC_CTYPE to default locale: No such file or directory
 > locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 > locale: Cannot set LC_ALL to default locale: No such file or directory
 > 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
 > 1 not fully installed or removed.
 > After this operation, 0 B of additional disk space will be used.
 > Setting up linux-image-3.16.0-4-amd64 (3.16.43-2) ...
 > locale: Cannot set LC_CTYPE to default locale: No such file or directory
 > locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 > locale: Cannot set LC_ALL to default locale: No such file or directory
 > Running /usr/sbin/update-grub.
 > Can't exec "/usr/sbin/update-grub": No such fi

Re: [tor-bugs] #22467 [Applications/Tor Browser]: System upgrade on a Jessie VM in Gitian is randomly failing

[Tor Bug Tracker & Wiki]

#22467: System upgrade on a Jessie VM in Gitian is randomly failing
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: boklm (added)


Comment:

 dcf did some debugging and traced the down to:

 If I set the `-x` flag in target-bin/upgrade-system.sh to get some
 debugging output, I see an error relating to a missing /usr/sbin/update-
 grub:
 {{{
 $ ssh -o NoHostAuthenticationForLocalhost=yes root@127.0.0.1 -p 2223 -i
 var/id_rsa < target-bin/upgrade-system.sh
 Pseudo-terminal will not be allocated because stdin is not a terminal.

 The programs included with the Debian GNU/Linux system are free software;
 the exact distribution terms for each program are described in the
 individual files in /usr/share/doc/*/copyright.

 Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 permitted by applicable law.
 stdin: is not a tty
 + mkdir -p /var/cache/gitian
 + apt-get -q -y purge grub
 + true
 + DEBIAN_FRONTEND=noninteractive
 + apt-get -y dist-upgrade
 Reading package lists...
 Building dependency tree...
 Reading state information...
 The following packages were automatically installed and are no longer
 required:
   bcron fgetty grub-common lib32ncurses5 lib32tinfo5 libbg1 libbg1-doc
   libc6-i386 libfuse2 os-prober runit ucspi-unix
 Use 'apt-get autoremove' to remove them.
 perl: warning: Setting locale failed.
 perl: warning: Please check that your locale settings:
 LANGUAGE = (unset),
 LC_ALL = (unset),
 LANG = "en_US.UTF-8"
 are supported and installed on your system.
 perl: warning: Falling back to the standard locale ("C").
 locale: Cannot set LC_CTYPE to default locale: No such file or directory
 locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 locale: Cannot set LC_ALL to default locale: No such file or directory
 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
 1 not fully installed or removed.
 After this operation, 0 B of additional disk space will be used.
 Setting up linux-image-3.16.0-4-amd64 (3.16.43-2) ...
 locale: Cannot set LC_CTYPE to default locale: No such file or directory
 locale: Cannot set LC_MESSAGES to default locale: No such file or
 directory
 locale: Cannot set LC_ALL to default locale: No such file or directory
 Running /usr/sbin/update-grub.
 Can't exec "/usr/sbin/update-grub": No such file or directory at
 /var/lib/dpkg/info/linux-image-3.16.0-4-amd64.postinst line 604.
 User postinst hook script [/usr/sbin/update-grub] failed to execute: No
 such file or directory
 dpkg: error processing package linux-image-3.16.0-4-amd64 (--configure):
  subprocess installed post-installation script returned error exit status
 255
 Errors were encountered while processing:
  linux-image-3.16.0-4-amd64
 E: Sub-process /usr/bin/dpkg returned an error code (1)
 }}}
 (originally reported in #22398)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22467 [Applications/Tor Browser]: System upgrade on a Jessie VM in Gitian is randomly failing

[Tor Bug Tracker & Wiki]

#22467: System upgrade on a Jessie VM in Gitian is randomly failing
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-gitian
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Sometimes upgrades on Jessie VM's in Gitian are failing and the only
 workaround I've found so far is recreating the base VM or copying one over
 that is still working.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22255 [Core Tor/Tor]: Frequent OOM kills of tor process

[Tor Bug Tracker & Wiki]

#22255: Frequent OOM kills of tor process
--+
 Reporter:  DeS   |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by DeS):

 ... btw. no OOM today last one (blank zone on immages) yesterday:
 Mit Mai 31 16:01:23 CEST 2017 Process tor1 is not running -> starting
 Mit Mai 31 16:01:23 CEST 2017 Process tor1 is not running -> starting
 Mit Mai 31 17:33:53 CEST 2017 Process tor2 is not running -> starting

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22255 [Core Tor/Tor]: Frequent OOM kills of tor process

[Tor Bug Tracker & Wiki]

#22255: Frequent OOM kills of tor process
--+
 Reporter:  DeS   |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by DeS):

 > Also note: Be aware that connection graphs at that granularity are
 considered sensitive.

 I´m open to other ideas how to exchange this information. But you will
 agree this problem needs to be looked at.

 Clearly there is a correlation between memory an connections. Please refer
 to:

 https://trac.torproject.org/projects/tor/attachment/ticket/22255/memory-
 pinpoint%3D1496233206%2C1496341206.png

 https://trac.torproject.org/projects/tor/attachment/ticket/22255/netstat-
 pinpoint%3D1496233206%2C1496341206.png

 BUT
 1) as you can see on this pictures the system "dies" once at 19 k
 connections. But two times later everything is fine at more than 20k
 connections
 2) At every time (execpt the blank obviously) there is plenty of free
 memory.
 3) Our machines operatate limited to ~320 - 400 Mbits and memory has never
 been an issue in 1-2 years
 4) How do we explain the tor process just uses 400 Meg of memory each (see
 arma comment above)

 Something is not adding up here and this is what we have to find out.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18048 [Metrics/Atlas]: Update Atlas's jQuery

[Tor Bug Tracker & Wiki]

#18048: Update Atlas's jQuery
---+--
 Reporter:  cypherpunks|  Owner:  RaBe
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Minor  | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by jvoisin):

 [https://dustri.org/atlas My instance of Atlas] is running with the latest
 jQuery 1.X version (1.12.4), and everything is working :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by jvoisin):

 The machine had a small
 [https://atlas.torproject.org/#details/F156A78C5CBFF5609FAE96F2C7791307161082E4
 power outage], but except this, nothing interesting happened to it.

 {{{
 root@jafar:~# uptime
  18:02:20 up 7 days,  9:54,  2 users,  load average: 0.45, 0.45, 0.48
 root@jafar:~# tor --version
 Tor version 0.3.0.7 (git-4e55cb9db769b11c).
 root@jafar:~# date
 Thu Jun  1 18:02:35 UTC 2017
 root@jafar:~#
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22104 [Applications/Tor Browser]: Adjust #19837 for ff52-esr (update our content policy whitelist)

[Tor Bug Tracker & Wiki]

#22104: Adjust #19837 for ff52-esr (update our content policy whitelist)
-+-
 Reporter:  cypherpunks  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-regression,|  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * keywords:  ff52-esr, tbb-regression, TorBrowserTeam201705 => ff52-esr,
 tbb-regression, TorBrowserTeam201706R
 * status:  assigned => needs_review


Comment:

 Here is a patch that expands the whitelist:
 https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug22104-01

 Kathy and I decided to use a regex pattern match for the items under
 chrome://global/skin/media because there are a lot of items there that
 need to be whitelisted. I don't think using regex will slow things down
 too much and it will be less fragile, e.g., currently things break when
 Mozilla adds an image and we don't have test cases that exposes everything
 that needs to be whitelisted for audio/video playback.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22462 [Applications/Tor Browser]: In a debug build of Tor Browser, Page Info causes an assert

[Tor Bug Tracker & Wiki]

#22462: In a debug build of Tor Browser, Page Info causes an assert
---+--
 Reporter:  arthuredelstein|  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-7.0-must TorBrowserTeam201705  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 It looks like such assertions are not rare
 https://bugzilla.mozilla.org/show_bug.cgi?id=1319908

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+--
 Reporter:  Wonder|  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 ticket:22362#comment:13

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+--
 Reporter:  Wonder|  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Wonder):

 Just to make clear, after the tb freezes, the only option is to force quit
 - I said it crashes to describe this process, but it is not quitting
 unexpectedly. Sorry if I didn't make that clear.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+--
 Reporter:  Wonder|  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Wonder):

 1. Steps - I first noticed it was a consistent problem following these
 steps (if this is what you mean): launch, duckduckgo search 'posteo de,'
 open new tab, search 'posteo de mail guardian article' and then freezes
 after about 30 seconds. If I change the order of the steps and stay on Tor
 project homepage and then, say, open same search in new tab, it takes
 longer - up to a couple minutes to freeze.

 It seems as though when I stay on the search result page of duckduckgo or
 tor project homepage for that matter instead of navigating on, it takes
 longer to freeze.

 2. Same issue 1.5 months ago when I first installed the browser on a new
 computer. Could not use tb and left it, came back to it today,
 reinstalled, same problem - tried to troubleshoot which brought me here.
 So it is '''not''' a new problem in that I've not used tb before
 successfully on it.


 3. Has been consistently set at Low (default). Changed to medium, exactly
 same thing & same time span (30 seconds).
 '''Changed to high, has been no crashes so far (30 mins)'''

 4. With the latest alpha 7.0a4, I get exactly the same issue (followed the
 steps above, same time frame freeze) (security setting at default). Same
 with security setting at medium. '''I'm still waiting to see if a crash
 occurs at high but it hasn't happened so far (+5 mins) so my guess is,
 same as stable version, security set as high then no crash occurs.'''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  GeorgKoppen201705, tbb-7.0-must,   |
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. Looks good to me. I merged the patch to master with commit
 2e301c0a5bbc62fd5f8e66ac973c71f0bc10c81b.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21627 [Applications/Tor Browser]: HTTP 304 responses not handled correctly

[Tor Bug Tracker & Wiki]

#21627: HTTP 304 responses not handled correctly
-+-
 Reporter:  mcs  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-torbutton,   |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good to me. Applied to master: commit
 ad937183266423425e166b417659b1db14aaeced.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22104 [Applications/Tor Browser]: Adjust #19837 for ff52-esr (update our content policy whitelist) (was: Adjust #19837 for ff52-esr)

[Tor Bug Tracker & Wiki]

#22104: Adjust #19837 for ff52-esr (update our content policy whitelist)
-+-
 Reporter:  cypherpunks  |  Owner:  mcs
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-regression,|  Actual Points:
  TorBrowserTeam201705   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21627 [Applications/Tor Browser]: HTTP 304 responses not handled correctly

[Tor Bug Tracker & Wiki]

#21627: HTTP 304 responses not handled correctly
-+-
 Reporter:  mcs  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton,   |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * status:  new => needs_review
 * keywords:  tbb-torbutton, TorBrowserTeam201705 => tbb-torbutton,
 TorBrowserTeam201706R


Comment:

 Here is a patch:
 https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug21627-01
 Rather than adding a try/catch, it seems easiest to simply ignore 304
 responses.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Hi!  I think case 1 above is impossible, since do_hup() is a signal
 handler, and the signal handlers aren't even installed until later in
 tor_main() than first update_approx_time() call.  I agree that case 2 is
 unlikely, given OS behavior.

 Based on our earlier discussion with jvoisin, we found that the relay
 "jafar" had gotten an unexpected crash.  Also, it's running on an
 ODROID-C1.  Those together make it seem likelier to me that your case 4
 ("The OS believes it's 1970") is the likeliest explanation.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  GeorgKoppen201705, tbb-7.0-must,   |
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Here is a revised patch that removes the #21627 fix (I forgot about that
 ticket):
 https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug22459-02

 I will post a separate patch in #21627.

 Kathy and I are working on a revised whitelist; we will post a patch for
 that in #22104.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 The other reason that time(NULL) could return 0 (or -1, or a small
 integer) is if tor starts on a machine which thinks the time is 1970. This
 can happen when the clock battery fails. If the machine then updates its
 time using ntp or similar, tor could bootstrap, but would have an old
 certificate.

 This seems like another possible cluster of bugs: or do we renew
 everything else when it expires? Or do we do other long-term things once
 at startup, and expect them to be right forever?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 There appear to be 3 ways an error like this could happen:

 1. do_hup() is called before the first call to update_approx_time() in
 main().
(Since cached_approx_time is always set to time(NULL), all subsequent
 calls to do_hup() are safe, unless...)
 2. time(NULL) returns 0 or -1 (or some small value), or
 3. RAM is corrupted, most likely by overwriting a static array stored
 somewhere near cached_approx_time.

 It seems to me that 1. is the most likely, particularly if obtaining the
 log lock hangs.

 Eliminating 2. requires a close reading of the OS documentation and source
 code (see below).

 Eliminating 3. requires checking all the operations on static arrays in
 tor (I checked the ones in util.c, they seem fine). And I think we'd
 notice if we were overwriting a lot of static variables.

 The man page for my system (macOS) describes time()'s return value this
 way:

 {{{
  The time() function returns the value of time in seconds since 0
 hours, 0
  minutes, 0 seconds, January 1, 1970, Coordinated Universal Time,
 without
  including leap seconds.  If an error occurs, time() returns the value
  (time_t)-1.
 ...
  The time() function may fail for any of the reasons described in
  gettimeofday(2).
 ...
  Neither ISO/IEC 9899:1999 (``ISO C99'') nor IEEE Std 1003.1-2001
  (``POSIX.1'') requires time() to set errno on failure; thus, it is
 impos-
  sible for an application to distinguish the valid time value -1
 (repre-
  senting the last UTC second of 1969) from the error return value.
 }}}

 But gettimeofday says:

 {{{
  The following error codes may be set in errno:

  [EFAULT]  An argument address referenced invalid memory.

  [EPERM]   A user other than the super-user attempted to set the time.
 }}}

 Neither of which apply in this case.

 Linux is much more explicit:

 {{{
  When tloc is NULL, the call cannot fail.
 }}}

 So I think we should fix case 1 (initialise approx_time in our signal
 handler if it is invalid, or, if time() is not signal safe, defer any
 actions that depend on time() to the main loop), and see if the issue
 keeps on happening.

 We should also payoff the technical debt we incurred by calling so many
 things from our signal handlers. Because if this is the cause, there is
 likely to be a cluster of race-condition bugs here, not just one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 And also my branch `bug22466_regenerate_030` regenerates crosscerts when
 they are close to expiring (and lowers the lifetime to 6 months)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Another "fix" we could do here is to check whether the crosscert is
 expired when we're making  new keys.  We don't currently do that, since
 the cert is regenerated on startup and lives for 10 years ... but we could
 afford to shorten the lifetime if we make that change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22104 [Applications/Tor Browser]: Adjust #19837 for ff52-esr

[Tor Bug Tracker & Wiki]

#22104: Adjust #19837 for ff52-esr
-+-
 Reporter:  cypherpunks  |  Owner:  mcs
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-regression,|  Actual Points:
  TorBrowserTeam201705   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * cc: tbb-team (added)
 * owner:  yawning => mcs


Comment:

 I am updating the whitelist along with other followup work for #22459.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arma):

 * cc: jvoisin (added)


Comment:

 jvoisin: your relay 'jafar' is one of the relays suffering from this bug.
 Do you know if anything unusual happened to this relay in the past weeks?
 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  030-backport tor-relay certificate   |  Actual Points:
  expired 1970   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 My branch `bug22466_diagnostic_030` adds some assertions to try to catch
 this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22466 [Core Tor/Tor]: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice apparently made in 1970?

[Tor Bug Tracker & Wiki]

#22466: "Crosscert is expired" warnings: RSA->Ed25519 identity crosscertifice
apparently made in 1970?
-+-
 Reporter:  nickm|  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.1.x-final
Component:  Core |Version:
  Tor/Tor|   Keywords:  030-backport tor-relay certificate
 Severity:  Normal   |  expired 1970
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 On #22460, we found one mysterious case of link handshake failure: An
 RSA->Ed25519 identity cross-certificate expiring at Dec 30, 1979.  This
 could likely be caused by passing "0" as the now value in load_ed_keys() :
 see comment:19:ticket:22460 .

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

[Tor Bug Tracker & Wiki]

#22460: Link handshake trouble: certificates and keys can get out of sync
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:  1
  needs-analysis 030-backport 029-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Opened #22466 to track the remaining mysterious case.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22454 [Applications/Tor Browser]: Make switch to e10s separate from the switch to esr52

[Tor Bug Tracker & Wiki]

#22454: Make switch to e10s separate from the switch to esr52
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  tbb-e10s  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:2 cypherpunks]:
 > You didn't follow Mozilla with enabling Win64 in esr45-based Tor Browser
 versions. Though it was much

 If you look at the issues Mozilla had with it since then I think that was
 the right decision. Apart from that we didn't have the resources to adapt
 our build and release infrastructure for it. We plan to do so for Tor
 Browser 7.5, though.

 > easier, then e10s. And now you have no sandboxing on Windows and
 incompatibility on macOS (and does

 What do you mean with "incompatibility"?

 > everything work in linux32?). Also Mozilla didn't fix all the bugs to
 ship e10s for everybody (everybody? add-ons? who cares? (c) Mozilla). But
 sandboxing is available only on top of e10s, well, its bogus version, the
 proper sandboxing is still in development...

 Well, fixing all the bugs is tricky. The sandboxing we get is still
 strictly better than not having sandboxing at all.

 > So, instead of well-tested esr52-based Tor Browser we'll get all-in-one
 with bugs from switching and more weird bugs from multiprocessing, called
 the new "stable". Great.

 Which weird bugs do you have in mind? Are they already filed in our bug
 tracker? (the same goes for those due to switching)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

[Tor Bug Tracker & Wiki]

#22460: Link handshake trouble: certificates and keys can get out of sync
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:  1
  needs-analysis 030-backport 029-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay certs handshake ed25519 needs-analysis 030-backport
 =>
 tor-relay certs handshake ed25519 needs-analysis 030-backport
 029-backport
 * actualpoints:   => 1


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

[Tor Bug Tracker & Wiki]

#22460: Link handshake trouble: certificates and keys can get out of sync
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 I've updated the branches above.  The tests pass, and I've fixed the
 remaining race condition.

 The mysterious "Crosscert is expired" case is still mysterious.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21704 [Applications/Tor Browser]: Warn users when installing Tor Browser based on ESR 52 on not SSE2 capable Windows machines

[Tor Bug Tracker & Wiki]

#21704: Warn users when installing Tor Browser based on ESR 52 on not SSE2 
capable
Windows machines
-+-
 Reporter:  gk   |  Owner:  boklm
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by boklm):

 * cc: tbb-team (added)
 * status:  new => assigned
 * owner:  tbb-team => boklm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22454 [Applications/Tor Browser]: Make switch to e10s separate from the switch to esr52

[Tor Bug Tracker & Wiki]

#22454: Make switch to e10s separate from the switch to esr52
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  tbb-e10s  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 You didn't follow Mozilla with enabling Win64 in esr45-based Tor Browser
 versions. Though it was much easier, then e10s. And now you have no
 sandboxing on Windows and incompatibility on macOS (and does everything
 work in linux32?). Also Mozilla didn't fix all the bugs to ship e10s for
 everybody (everybody? add-ons? who cares? (c) Mozilla). But sandboxing is
 available only on top of e10s, well, its bogus version, the proper
 sandboxing is still in development...
 So, instead of well-tested esr52-based Tor Browser we'll get all-in-one
 with bugs from switching and more weird bugs from multiprocessing, called
 the new "stable". Great.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21704 [Applications/Tor Browser]: Warn users when installing Tor Browser based on ESR 52 on not SSE2 capable Windows machines

[Tor Bug Tracker & Wiki]

#21704: Warn users when installing Tor Browser based on ESR 52 on not SSE2 
capable
Windows machines
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * keywords:  ff52-esr, TorBrowserTeam201706 => ff52-esr,
 TorBrowserTeam201706, tbb-7.0-must
 * priority:  Medium => High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21704 [Applications/Tor Browser]: Warn users when installing Tor Browser based on ESR 52 on not SSE2 capable Windows machines

[Tor Bug Tracker & Wiki]

#21704: Warn users when installing Tor Browser based on ESR 52 on not SSE2 
capable
Windows machines
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:  Sponsor4
+--
Changes (by gk):

 * keywords:  ff52-esr => ff52-esr, TorBrowserTeam201706


Comment:

 boklm: Can you put that on your plate? It might be a bit late for 7.0 but
 we'll want that for our installer, too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22455 [Core Tor/Tor]: Enumerate cases where we want to retry circuits, and correctly balance retry robustness with guard discovery

[Tor Bug Tracker & Wiki]

#22455: Enumerate cases where we want to retry circuits, and correctly balance
retry robustness with guard discovery
--+
 Reporter:  arma  |  Owner:
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  needs-proposal prop224-extra  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Description changed by arma:

Old description:

> In Tor, and especially in the onion service subsystem, we have a bunch of
> situations where a circuit could fail and we ought to retry:
>
> * the onion service attempting to connect to the rendezvous point
> * the onion service attempting to publish an hsdesc to the hsdir
> * the client attempts to reach the intro point to send its intro1 cell
>
> If we retry too many times, we open ourselves up to new guard discovery
> attacks (see prop 247). If we retry too few times, we end up with
> robustness or reachability problems ("Tor doesn't work").
>
> It would be nice to just design the single best retry algorithm, and then
> apply it to all cases. That way we do the hard design and analysis work
> once, and we don't end up with extra complexity when we combine multiple
> retry designs. But I think a single best design might not be possible --
> compare the hsdir case, where it might be best to wait a while before
> retrying, to the rend point case, where waiting a while before retrying
> is not so good. Maybe that argues that we can get away with two best
> designs, one in the "online, somebody's waiting on me" case, and the
> other in the "offline, let's get this done reliably but there's no
> immediate rush" case?
>
> Suggested next step: We should write a proposal, with a section
> enumerating all of the retry situations that tor has; and a section
> enumerating what we can learn about where the circuit failures are, and
> how, and how reliable each is (network failure? last hop faillure? guard
> failure?); and then a section trying to produce the smallest possible
> number of good designs such that every retry situation is handled well.

New description:

 In Tor, and especially in the onion service subsystem, we have a bunch of
 situations where a circuit could fail and we ought to retry:

 * the onion service attempting to connect to the rendezvous point
 * the onion service attempting to publish an hsdesc to the hsdir
 * the client attempts to reach the intro point to send its intro1 cell

 If we retry too many times, we open ourselves up to new guard discovery
 attacks (see prop 247). If we retry too few times, we end up with
 robustness or reachability problems ("Tor doesn't work").

 It would be nice to just design the single best retry algorithm, and then
 apply it to all cases. That way we do the hard design and analysis work
 once, and we don't end up with extra complexity when we combine multiple
 retry designs. But I think a single best design might not be possible --
 compare the service-side hsdir case, where it might be best to wait a
 while before retrying, to the rend point case, where waiting a while
 before retrying is not so good. Maybe that argues that we can get away
 with two best designs, one in the "online, somebody's waiting on me" case,
 and the other in the "offline, let's get this done reliably but there's no
 immediate rush" case?

 Suggested next step: We should write a proposal, with a section
 enumerating all of the retry situations that tor has; and a section
 enumerating what we can learn about where the circuit failures are, and
 how, and how reliable each is (network failure? last hop faillure? guard
 failure?); and then a section trying to produce the smallest possible
 number of good designs such that every retry situation is handled well.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22361 [Applications/Tor Browser]: Some binaries are missing RELRO in latest linux nightly builds

[Tor Bug Tracker & Wiki]

#22361: Some binaries are missing RELRO in latest linux nightly builds
--+
 Reporter:  boklm |  Owner:  boklm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201706R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by gk):

 * keywords:  TorBrowserTeam201706R, tbb-7.0-must => TorBrowserTeam201706R
 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good to me. This won't make it into `maint-7.0` as the selfrando
 commits are backed out on it. (Removing `tbb-7.0-must` for that reason)
 Applied to `master` as commit 095845a8bc96997b50c5208d831ae32272ca6f85.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync (was: Received a bad CERTS cell: Link certificate does not match TLS certificate)

[Tor Bug Tracker & Wiki]

#22460: Link handshake trouble: certificates and keys can get out of sync
-+-
 Reporter:  teor |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Major| Resolution:
 Keywords:  tor-relay certs handshake ed25519|  Actual Points:
  needs-analysis 030-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22104 [Applications/Tor Browser]: Adjust #19837 for ff52-esr

[Tor Bug Tracker & Wiki]

#22104: Adjust #19837 for ff52-esr
-+-
 Reporter:  cypherpunks  |  Owner:  yawning
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-regression,|  Actual Points:
  TorBrowserTeam201705   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * keywords:  tbb-regression, TorBrowserTeam201705 => ff52-esr, tbb-
 regression, TorBrowserTeam201705
 * status:  needs_information => assigned
 * owner:  tbb-team => yawning


Comment:

 yawning, we need you to update the whitelist, while TBB devs are lurking
 for other bugs :)
 (Upgrading to "chrome://global/content/bindings/videocontrols.css",
 "chrome://global/skin/media/videocontrols.css", etc)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21403 [Core Tor/Tor]: prop224: Implement HS descriptor fetching

[Tor Bug Tracker & Wiki]

#21403: prop224: Implement HS descriptor fetching
-+
 Reporter:  haxxpop  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #17242   | Points:  7
 Reviewer:  asn  |Sponsor:  SponsorR-must
-+
Changes (by asn):

 * points:   => 7


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21403 [Core Tor/Tor]: prop224: Implement HS descriptor fetching

[Tor Bug Tracker & Wiki]

#21403: prop224: Implement HS descriptor fetching
-+
 Reporter:  haxxpop  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #17242   | Points:
 Reviewer:  asn  |Sponsor:  SponsorR-must
-+
Changes (by asn):

 * status:  accepted => needs_review


Comment:

 I pushed an initial branch for this (and #21855) in my branch
 `bug21403_draft`.

 It handles everything from the point where the user requests an onion
 address, to picking HSDirs, fetching descriptors, storing them in the
 cache, looking them up, and retrying dir requests when needed. It doesn't
 do any introduction-related actions.

 Please check it out!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21855 [Core Tor/Tor]: prop224: Client descriptor cache

[Tor Bug Tracker & Wiki]

#21855: prop224: Client descriptor cache
-+
 Reporter:  dgoulet  |  Owner:
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  duplicate
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #17242   | Points:  3
 Reviewer:   |Sponsor:  SponsorR-must
-+
Changes (by asn):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 The client-side HS desc cache is very tightly connected with #21403  so
 let's track both features there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+--
 Reporter:  Wonder|  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_information => assigned
 * owner:  linda => tbb-team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Applications/Tor Browser]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+---
 Reporter:  Wonder|  Owner:  linda
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information
 * keywords:  tor browser, freezing, crashing, bug => tbb-crash
 * component:  Webpages/Website => Applications/Tor Browser


Comment:

 Thanks for the bug report. I am particularly interested in the crashes. Do
 you have steps to reproduce which I could try to follow? Is that crashing
 a new thing? That means did older versions work for you? If so, do you
 happen to know then this started? Does it change things for you if you
 change the level of the security slider (you find it behind the onion menu
 item and then Security Setting...

 Does the latest alpha (7.0a4) help with is based on Firefox ESR52? See:
 https://dist.torproject.org/torbrowser/7.0a4/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22465 [Webpages/Website]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
-+-
 Reporter:  Wonder   |  Owner:  linda
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:   |Version:
  Webpages/Website   |   Keywords:  tor browser, freezing, crashing,
 Severity:  Major|  bug
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 My Tor Browser keeps freezing and crashing minutes after launching. It is
 completely unusable. I run Linux Mint 18.00 (64 bit).

 Details: I have the latest stable version of Tor.


 I launch Tor and a webpage opens. It is then usually a minute or less
 before it freezes and I have to force quit. This happens every time I
 launch Tor. I have uninstalled and reinstalled Tor Browser with the same
 result.

 The issue '''is''' repeatable and I can cause it to happen:
 The amount of time before it freezes depends on what websites I access,
 for example if I stay on Tor Project homepage it takes a few more minutes
 to crash. If I open The Guardian news site it crashes almost immediately,
 as it does if I have more than one tab open.

 I get notified by Lebevite that the window is not responding and I must
 force quit. (My Lebevite is up-to-date and I followed the FAQ guidelines
 first before opening a new ticket -couldn't find a similar issue already
 up.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22465 [Webpages/Website]: Tor Broswer Freezing, Crashing

[Tor Bug Tracker & Wiki]

#22465: Tor Broswer Freezing, Crashing
--+---
 Reporter:  Wonder|  Owner:  linda
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Major | Resolution:
 Keywords:  tor browser, freezing, crashing, bug  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by Wonder):

 * priority:  Medium => High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed while trying to download a file

[Tor Bug Tracker & Wiki]

#21766: Tor Browser based on ESR52 with e10s enabled crashed while trying to
download a file
-+-
 Reporter:  gk   |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-crash,   |  Actual Points:
  TorBrowserTeam201706, tbb-7.0-must |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 FWIW: the patch in comment:41 made it into `tor-browser-52.1.1esr-7.0-1`
 as commit 4a4285cbd06a825e5f2277d12a2e5165eab59837 and into `tor-
 browser-52.1.0est-7.0-2` as commit
 1d1fdea85218586354a1294cb94026279e74a0e3. The items mentioned in
 comment:45 could be separate patches.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed while trying to download a file

[Tor Bug Tracker & Wiki]

#21766: Tor Browser based on ESR52 with e10s enabled crashed while trying to
download a file
-+-
 Reporter:  gk   |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-crash,   |  Actual Points:
  TorBrowserTeam201706, tbb-7.0-must |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * keywords:  ff52-esr, tbb-e10s, tbb-crash, TorBrowserTeam201705R,
 tbb-7.0-must => ff52-esr, tbb-e10s, tbb-crash, TorBrowserTeam201706,
 tbb-7.0-must
 * status:  needs_information => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #22459, #17965, #16485, #18022, ...

[Tor Bug Tracker & Wiki]

Batch modification to #22459, #17965, #16485, #18022, #21862, #22398, #22458 by 
gk:
keywords to TorBrowserTeam201706R

Comment:
Moving review tickets to 201706

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work on view-source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-regression, tbb-6.5-issues, TorBrowserTeam201705R => tbb-
 regression, tbb-6.5-issues, TorBrowserTeam201706R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work on view-source pages (was: Line wrapping and syntax highlighting do not work in non-e10s-mode on vie

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work on view-source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-regression, tbb-6.5-issues, TorBrowserTeam201705 => tbb-
 regression, tbb-6.5-issues, TorBrowserTeam201705R
 * status:  new => needs_review


Old description:

> While the switch to multiprocess mode solves the linewrapping issue
> (#22440) on view-source pages for the vast majority of our users, those
> that don't have that mode activated are still affected.

New description:

 https://blog.torproject.org/comment/241854#comment-241854 pointed out that
 view-source pages are broken wrt line wrapping. Additionally, it turns our
 that syntax highlighting is affected as well. This is a regression caused
 by #8725.

--

Comment:

 Replying to [comment:7 gk]:
 > Replying to [comment:5 gk]:
 > > I think I have a better fix for that: view-source should not be
 available anymore in esr52, so we can allow it unconditionally I think.
 >
 > On second thought that might not help much as the blocked CSS is the
 problem.

 But we can work around that using `aRequestOrigin`. See `bug_22457_v2` ()
 for a possible fix that avoids the plaform fingerprinting. Note: For
 testing purposes you need either disabled e10s or apply the patch on top
 of the one in #22459.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7869 [Core Tor/Tor]: ntor-onion-key is padded with an equal sign

[Tor Bug Tracker & Wiki]

#7869: ntor-onion-key is padded with an equal sign
--+
 Reporter:  rransom   |  Owner:  Jigsaw52
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay, intro  |  Actual Points:
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+

Comment (by Jigsaw52):

 I just realized the memcpy is unnecessary. I removed it but I cannot test
 right now. I'll recheck that it compiles and the tests run later.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22457 [Applications/Tor Browser]: Line wrapping and syntax highlighting do not work in non-e10s-mode on view-source pages

[Tor Bug Tracker & Wiki]

#22457: Line wrapping and syntax highlighting do not work in non-e10s-mode on 
view-
source pages
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression, tbb-6.5-issues,  |  Actual Points:
  TorBrowserTeam201705   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: gapegas7uftp (added)


Comment:

 Resolved #22440 as duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22440 [Applications/Tor Browser]: wrap long lines not working in view source mode in TBB

[Tor Bug Tracker & Wiki]

#22440: wrap long lines not working in view source mode in TBB
-+-
 Reporter:  gapegas7uftp |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201705, tbb-   |  duplicate
  regression, tbb-6.5-issues |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  reopened => closed
 * resolution:   => duplicate


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22440 [Applications/Tor Browser]: wrap long lines not working in view source mode in TBB

[Tor Bug Tracker & Wiki]

#22440: wrap long lines not working in view source mode in TBB
-+-
 Reporter:  gapegas7uftp |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201705, tbb-   |  Actual Points:
  regression, tbb-6.5-issues |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Replying to [comment:10 cypherpunks]:
 > Replying to [comment:9 gk]:
 > > Replying to [comment:8 cypherpunks]:
 > > > Who are you trying to fool?
 > >
 > > Nobody, I just did not look closely enough at the issue.
 > Then reopen this ticket and close #22457 as a duplicate of it.

 Let's keep this as duplicate instead as #22457 has a proposed patch and
 some further discussion that could be helpful for addressing this problem.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22464 [Webpages/Blog]: Upcoming events are in reversed order

[Tor Bug Tracker & Wiki]

#22464: Upcoming events are in reversed order
---+
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:  #22013
   Points: |   Reviewer:
  Sponsor: |
---+
 Copied from ticket:22383#comment:9
 >It looks like the events are ordered "farthest in the future" to "nearest
 in the future"?
 >
 >Which means that on the frontpage, we have events in August, and the
 events in June and July are hidden?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22279 [Metrics/metrics-lib]: simplify and avoid repetition in ParserHelper methods

[Tor Bug Tracker & Wiki]

#22279: simplify and avoid repetition in ParserHelper methods
-+---
 Reporter:  iwakeh   |  Owner:  karsten
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  metrics-lib 1.8.0
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:  implemented
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 Looks great!  Squashed all four commits together and pushed to master.
 Closing.  Thanks! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  TorBrowserTeam201705R, GeorgKoppen201705,  |
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 mcs, some feedback for the patch: it works for me on Linux and Windows.
 The code looks good to me as well. I noticed you fixed #21627 in it, too.
 Could you provide that fix in a separate patch to not mix both issues?

 Additionally, regarding what Arthur said: the whitelist gets activated.
 The problem is that it needs to get updated it seems. (FWIW scrollbars are
 gone as well).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22311 [Core Tor/Tor]: authdir_mode_any_nonhidserv() is an obsolete concept

[Tor Bug Tracker & Wiki]

#22311: authdir_mode_any_nonhidserv() is an obsolete concept
--+
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy, tor-hs  |  Actual Points:
Parent ID:| Points:
 Reviewer:  arma  |Sponsor:
--+
Changes (by huyvq):

 * reviewer:   => arma


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  TorBrowserTeam201705R, GeorgKoppen201705,  |
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:4 gk]:
 > I wonder if #22104 is somehow related.

 Might be, I get a similar looking error in the error console:
 {{{
 TypeError: this.scrubberThumb is null  videocontrols.xml:763:21
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  TorBrowserTeam201705R, GeorgKoppen201705,  |
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 I wonder if #22104 is somehow related.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22459 [Applications/Tor Browser]: Adapt our use of the nsIContentPolicy to e10s mode

[Tor Bug Tracker & Wiki]

#22459: Adapt our use of the nsIContentPolicy to e10s mode
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-e10s,  |  Actual Points:
  TorBrowserTeam201705R, GeorgKoppen201705,  |
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 I built the latest tor-browser.git, applied this patch to torbutton.

 * First I visited https://arthuredelstein.github.io/tordemos/resource-
 locale.html. I could see in the web console that it correctly blocked
 reading the resource:// files.
 * Then I visited https://mdn.github.io/learning-area/html/multimedia-and-
 embedding/video-and-audio-content/simple-video.html and found that the
 video controls are not available and clicking on the video does not cause
 it to play. Reverting the patch from comment:2 restores the video
 controls.

 So it appears something additional needs to be done to activate the
 whitelist? As we're on a tight deadline I will continue to investigate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs