Re: [tor-bugs] #22951 [Core Tor/Tor]: NETINFO cells are mandatory, but tor-spec says "may"

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22951: NETINFO cells are mandatory, but tor-spec says "may"
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-spec easy doc  |  Actual Points:
Parent ID:  #18856 | Points:
 Reviewer: |Sponsor:
---+
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Oops

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider, TorBrowserTeam201707R |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  needs_review => merge_ready


Comment:

 Thanks, this works on macOS 10.12.5/6 in both my VM (non-retina) and
 standard (retina) environments. I'll attach before and after screenshots
 for the VM case.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22977 [Applications/Tor Browser]: TorBrowser 7.0.2 crash on Mac OS X 10.12.5 (was: TorBrowser 7.0.2 crash on Mac OS X 10.12.6)

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22977: TorBrowser 7.0.2 crash on Mac OS X 10.12.5
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by teor):

 I corrected the OS version in the title to match the OS version in the
 crash report.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23027 [Applications/Tor Browser Sandbox]: Tor sandbox should to reset all of tor browser bundle settings at launch

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23027: Tor sandbox should to reset all of tor browser bundle settings at launch
--+
 Reporter:  Dbryrtfbcbhgf |  Owner:  yawning
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.2.x-final
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by yawning):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Dup of #22932.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23027 [Applications/Tor Browser Sandbox]: Tor sandbox should to reset all of tor browser bundle settings at launch

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23027: Tor sandbox should to reset all of tor browser bundle settings at launch
-+-
 Reporter:  Dbryrtfbcbhgf|  Owner:  yawning
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
Component:  Applications/Tor Browser |  0.3.2.x-final
  Sandbox|Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 If a zero day JavaScript exploit is able to compromise Firefox,  it may be
 able to override TBB’s Settings.  If it overrides the default homepage
 setting, every single time the user opens TBB  it will open up a possibly
 malicious homepage.  In attacker may be able to do much worse if they’re
 able to TBB  Preferences.  A simple way to solve this would be have the
 sandbox launcher reset the settings every single time tor browser starts,
 adding an option for users to opt out my also be useful.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23007 [Webpages/Blog]: Get a second blog maintainer

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23007: Get a second blog maintainer
---+--
 Reporter:  arma   |  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by hiro):

 Following up with pantheon and the cron issue they mention. More updates
 soon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23007 [Webpages/Blog]: Get a second blog maintainer

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23007: Get a second blog maintainer
---+--
 Reporter:  arma   |  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by hiro):

 Hi,

 I will get in touch with them now. Sorry for being late about this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22636 [Core Tor/Tor]: Add Travis configs so GitHub forks get CI coverage

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22636: Add Travis configs so GitHub forks get CI coverage
-+-
 Reporter:  catalyst |  Owner:
 |  patrickod
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  continuous-integration ci testing|  Actual Points:  .5
  best-practice unit-testing new-developers  |
  travis review-group-21 |
Parent ID:   | Points:  .5
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 Oh, one more thing:

* --enable-fatal-warnings was called --enable-gcc-warnings before
 0.2.9.x

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22592 [Applications/Tor Launcher]: Tor Launcher does not remove settings and does therefore not connect directly

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22592: Tor Launcher does not remove settings and does therefore not connect
directly
---+--
 Reporter:  gk |  Owner:  brade
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201707R  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by brade):

 * cc: tbb-team (added)
 * keywords:   => TorBrowserTeam201707R
 * status:  new => needs_review


Comment:

 Here is a fix:
 https://gitweb.torproject.org/user/brade/tor-
 launcher.git/commit/?h=bug22592-01=f51241241cc06240156428f93621b69ea06c1cfe

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22957 [Internal Services/Tor Sysadmin Team]: Please update my key on db.tpo

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22957: Please update my key on db.tpo
-+
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  needs_information => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Added account.  Added darkk to group ooni.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23011 [Obfuscation/BridgeDB]: Update leekspin's requirements.txt

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23011: Update leekspin's requirements.txt
--+--
 Reporter:  Samdney   |  Owner:  isis
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  leekspin  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by isis):

 Hi Samdney! (Wow, TIL our Trac has syntax highlighting, neat!)

 This makes sense, and yes we should update it. Would you like to make a
 patch or should I?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22957 [Internal Services/Tor Sysadmin Team]: Please update my key on db.tpo

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22957: Please update my key on db.tpo
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by hellais):

 Replying to [comment:11 weasel]:
 > I don't see those sigs yet.

 pgp.mit.edu has them:
 http://pgp.mit.edu/pks/lookup?op=vindex=0x5D67CD18702287F4

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22957 [Internal Services/Tor Sysadmin Team]: Please update my key on db.tpo

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22957: Please update my key on db.tpo
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 I don't see those sigs yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hellais):

 * status:  needs_revision => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by hellais):

 Ok, so my key is now signed by Roger (see:
 https://trac.torproject.org/projects/tor/ticket/22957#comment:10), so I
 guess https://trac.torproject.org/projects/tor/ticket/22957 can be
 satisfied and as a result so can this ticket.

 Am I missing any other token?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22997 [Internal Services/Tor Sysadmin Team]: update Alison's GPG key in db.torproject.org

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22997: update Alison's GPG key in db.torproject.org
-+
 Reporter:  alison   |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22923 [Internal Services/Tor Sysadmin Team]: Create a Virtual Machine for Tor Browser Crash Dumps

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22923: Create a Virtual Machine for Tor Browser Crash Dumps
-+
 Reporter:  tom  |  Owner:  tpa
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 We now have a crispum.torproject.org, a tb-crashes role account that the
 relevant people should have access to.

 Please install service related things into /srv/tb-crashes.torproject.org,
 not the user's home directory.

 If you need more services on the host, please file new tickets.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21969 [Core Tor/Tor]: We're missing descriptors for some of our primary entry guards

2017-07-24 Thread Tor Bug Tracker & Wiki 
#21969: We're missing descriptors for some of our primary entry guards
---+---
 Reporter:  asn|  Owner:  asn
 Type:  defect | Status:  assigned
 Priority:  High   |  Milestone:  Tor:
   |  0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.3.0.6
 Severity:  Normal | Resolution:
 Keywords:  tor-guard, tor-bridge, tor-client  |  Actual Points:
Parent ID: | Points:  1.5
 Reviewer: |Sponsor:  SponsorU
---+---

Comment (by cypherpunks):

 Same here with system-wide Tor instance on Arch Linux x86_64, not using
 bridges.
 Three hours after bootstrapping and running smoothly, Tor suddenly lost
 all circuits.  I decided to wait if it would reconnect by itself, but it
 didn't.  After restarting Tor, everything went back to normal.

 {{{
 Jul 24 10:17:13.122 [notice] Tor 0.3.0.9 (git-22b3bf094e327093) running on
 Linux with Libevent 2.1.8-stable, OpenSSL 1.1.0f and Zlib 1.2.11.
 Jul 24 10:17:13.122 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Jul 24 10:17:13.122 [notice] Read configuration file "/etc/tor/torrc".
 Jul 24 10:17:13.125 [notice] Opening Socks listener on 127.0.0.1:9050
 Jul 24 10:17:13.000 [notice] {GENERAL} Parsing GEOIP IPv4 file
 /usr/share/tor/geoip.
 Jul 24 10:17:13.000 [notice] {GENERAL} Parsing GEOIP IPv6 file
 /usr/share/tor/geoip6.
 Jul 24 10:17:13.000 [notice] {CONTROL} Bootstrapped 0%: Starting
 Jul 24 10:17:13.000 [notice] {GUARD} Starting with guard context "default"
 Jul 24 10:17:13.000 [notice] {CONTROL} Bootstrapped 80%: Connecting to the
 Tor network
 Jul 24 10:17:14.000 [notice] {CONTROL} Bootstrapped 85%: Finishing
 handshake with first hop
 Jul 24 10:17:14.000 [notice] {CONTROL} Bootstrapped 90%: Establishing a
 Tor circuit
 Jul 24 10:17:14.000 [notice] {GENERAL} Tor has successfully opened a
 circuit. Looks like client functionality is working.
 Jul 24 10:17:14.000 [notice] {CONTROL} Bootstrapped 100%: Done
 Jul 24 13:21:14.000 [notice] {DIR} Our directory information is no longer
 up-to-date enough to build circuits: We're missing descriptors for some of
 our primary entry guards
 Jul 24 13:21:14.000 [notice] {DIR} I learned some more directory
 information, but not enough to build a circuit: We're missing descriptors
 for some of our primary entry guards
 Jul 24 13:21:26.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:30.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:30.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:31.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:48.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:48.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:48.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:48.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying directory fetches
 again.
 Jul 24 13:21:48.000 [notice] {DIR,APP} Application request when we haven't
 used client functionality lately. Optimistically trying

Re: [tor-bugs] #22957 [Internal Services/Tor Sysadmin Team]: Please update my key on db.tpo

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22957: Please update my key on db.tpo
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 Ok, I signed Arturo's new key (and uploaded the sig to the keyservers).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22979 [Core Tor/Tor]: prop224: Add an introduction point onion key in the descriptor

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22979: prop224: Add an introduction point onion key in the descriptor
---+---
 Reporter:  dgoulet|  Owner:  dgoulet
 Type:  enhancement| Status:  needs_revision
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-hs, prop224, tor-spec  |  Actual Points:
Parent ID:  #21888 | Points:  0.1
 Reviewer:  asn|Sponsor:  SponsorR-must
---+---
Changes (by nickm):

 * status:  merge_ready => needs_revision


Comment:

 I don't think that's what I meant: I meant that an intro point should be
 able to have an ntor onion key, and also (say) have some other kind of
 onion key for some day in the future, too, in case we add a successor to
 ntor.

 So I think the code in decode_introduction_point needs to handle looking
 for the first `onion-key ntor` line.  Otherwise it will ignore it if the
 ntor one isn't in the first position.

 Also the spec should say something like "At least once per intro point;
 each key type must be unique per intro point"

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23026 [Core Tor/Tor]: Rename hybrid_encrypt functions to prevent accidental use

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23026: Rename hybrid_encrypt functions to prevent accidental use
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * component:  - Select a component => Core Tor/Tor


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23026 [- Select a component]: Rename hybrid_encrypt functions to prevent accidental use

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23026: Rename hybrid_encrypt functions to prevent accidental use
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed in 6c8c9731915a796c8a1bc11f376793459db1200f

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22987 [Core Tor/Tor]: TAP Hybrid Encryption case 1 is used when the payload is equal to the maximum length

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22987: TAP Hybrid Encryption case 1 is used when the payload is equal to the
maximum length
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  tor-spec  |  Actual Points:
Parent ID:  #18856| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 See also #23026

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23026 [- Select a component]: Rename hybrid_encrypt functions to prevent accidental use

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23026: Rename hybrid_encrypt functions to prevent accidental use
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:  0 |   Reviewer:
  Sponsor:|
--+
 The old hybrid_encrypt functions are necessary for implementing TAP and
 old-style hidden services, but they're also obsolete, since they produce
 malleable output.  We shouldn't encourage anybody to use them.  We should
 add a comment to this effect, and rename them to something less general-
 sounding.

 See also #22987

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22987 [Core Tor/Tor]: TAP Hybrid Encryption case 1 is used when the payload is equal to the maximum length

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22987: TAP Hybrid Encryption case 1 is used when the payload is equal to the
maximum length
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-spec  |  Actual Points:
Parent ID:  #18856| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 I've made this change, and some others, in
 c444e527a05314cad6ef1e39d31ad7e74cc2f018

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23010 [Core Tor/Tor]: prop224: make sure the protocol handshakes are extensible

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23010: prop224: make sure the protocol handshakes are extensible
--+
 Reporter:  teor  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop224   |  Actual Points:
Parent ID:| Points:  2
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 > Using relay versions from the consensus leaks which consensus clients
 and services have, which reduces the anonymity set.
 Deeply suspicious and skeptical of the claim that, in the real world, that
 is an applicable, important, valid issue and the right tradeoff.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

2017-07-24 Thread Tor Bug Tracker & Wiki 
#13398: at startup, browser gleans user FULL NAME (real name, given name) from 
O/S
--+--
 Reporter:  zinc  |  Owner:  pospeselr
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201707R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  accepted => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

2017-07-24 Thread Tor Bug Tracker & Wiki 
#13398: at startup, browser gleans user FULL NAME (real name, given name) from 
O/S
--+---
 Reporter:  zinc  |  Owner:  pospeselr
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201707R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * keywords:   => TorBrowserTeam201707R


Comment:

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22964 [Core Tor/Tor]: Clarify comment about all tor data being encrypted

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22964: Clarify comment about all tor data being encrypted
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  comment   |  Actual Points:
Parent ID:  #22961| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 I did something similar in db1664e5932ae0435b23c2ca92e74f3a5c64c1f8,
 moving the comment, referencing the CRIME attack, and being less specific
 about what's encrypted, but more specific about why it matters in this
 context what's encrypted.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23023 [Core Tor/Tor]: test: some prop224 unit tests fail only sometimes

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23023: test: some prop224 unit tests fail only sometimes
+--
 Reporter:  dgoulet |  Owner:  dgoulet
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tor-tests, prop224, tor-hs  |  Actual Points:
Parent ID:  | Points:  0.1
 Reviewer:  |Sponsor:  SponsorR-can
+--
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

2017-07-24 Thread Tor Bug Tracker & Wiki 
#13398: at startup, browser gleans user FULL NAME (real name, given name) from 
O/S
--+---
 Reporter:  zinc  |  Owner:  pospeselr
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by pospeselr):

 I've attached a patch addressing this issue as well as the modified
 'hello-world' add-on I used to manually verify the change (on Linux).
 Here's a description of the patch:

 Change Summary:

 - added new 'privacy.hide_user_info' setting which defaults to 'false' in
 firefox, but is set to 'true' in tor-browser via the 000-tor-browser.js
 script
 - added static bool sHideUserInfo bool to the nsUserInfo class
  - bool is inited and registered with the mozilla::Preferences system in
 static method nsUserInfo::InitializeStatics which is called from the
 nsAppStartup::Init method on firefox boot
 - refactored the various nsUserInfo objects such that the old platform
 specific Get$PROPERTY methods are now named Get$PROPERTYImpl
  - Single implementation of nsIUserInfo interface methods added to new
 nsUserInfo.cpp file
  - Each Get$PROPERTY method checks against newly added sHideUserInfo
 static bool before either returning an empty string, or calling the
 Get$PROPERTYImpl method
  - Now calling the new Get$PROPERTYImp methods where appropriate (in the
 UNIX implementation of GetEmailAddress for instance)
 - refactor to OSX nsUserInfo implementation
  - changed GetPrimaryEmailAddress to be static function in
 nsUserInfoMac.mm, rather than a 'secret' class method (since it is not
 dependent on any object specific data or private/protected methods)
  - removed the OSX specific nsUserInfoMac.h header which included the
 'secret' GetPrimaryEmailAddress method

 Caveats:

 - haven't verified this change works (or even builds) on Windows or OSX
  - seems like something is borked with my Linux install regarding
 virtualization, so I'm going to wipe and re-install fresh
  - will resend an updated patch if I get to that this weekend and find any
 build or runtime errors on these platforms
 - an automated test also needs to be added verifying this parameter works
 as intended, if I have time this weekend will try to get that going too

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22636 [Core Tor/Tor]: Add Travis configs so GitHub forks get CI coverage

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22636: Add Travis configs so GitHub forks get CI coverage
-+-
 Reporter:  catalyst |  Owner:
 |  patrickod
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  continuous-integration ci testing|  Actual Points:  .5
  best-practice unit-testing new-developers  |
  travis review-group-21 |
Parent ID:   | Points:  .5
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Putting this in needs_revision, but please feel free to put it back into
 needs_review if there are no problems above.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17639 [Core Tor/Tor]: provide an option to display the expiry date of a given ed25519 signing key

2017-07-24 Thread Tor Bug Tracker & Wiki 
#17639: provide an option to display the expiry date of a given ed25519 signing 
key
+--
 Reporter:  cypherpunks |  Owner:  isis
 Type:  enhancement | Status:
|  needs_revision
 Priority:  High|  Milestone:  Tor:
|  0.3.2.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.2.7.2-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-ed25519-proto, review-group-21  |  Actual Points:
Parent ID:  | Points:  1
 Reviewer:  nickm   |Sponsor:
+--
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 This looks comparatively solid to me!  A few things to consider as
 possibilities, though maybe they're not needed:

  - Maybe this should printf() something to stdout, instead of using the
 log facility, and run at --quiet by default?
  - Maybe the output format should be machine-readable?
  - Maybe it should dump information about the installed authority auth key
 as well
  - I wonder what it should do about hidden service keys?
  - Technically speaking, keys don't expire: certificates do. The user
 needs to replace both of them, not just one.
  - The buffer in log_ed_key_expiration() can probably just be stack-
 allocated.
  - Documentation on the new option should go into the manpage

 Please fix whatever from above you agree with. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22636 [Core Tor/Tor]: Add Travis configs so GitHub forks get CI coverage

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22636: Add Travis configs so GitHub forks get CI coverage
-+-
 Reporter:  catalyst |  Owner:
 |  patrickod
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  continuous-integration ci testing|  Actual Points:  .5
  best-practice unit-testing new-developers  |
  travis review-group-21 |
Parent ID:   | Points:  .5
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 Hi!  I have some questions:
   - If we merge this, will it start spamming the #tor-bots IRC?
   - Do we want to consider adding --enable-fragile-hardening?
   - Should we install the optional dependencies (zstd, lzma2, scrypt, ...)
   - In the homebrew stanza, should all of those lines have "brew outdated
 openssl" or only the openssl one?
   - Should we skip rust installation if we won't be building with rust, in
 order to save time?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * keywords:
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707
 =>
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707R
 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:7 gk]:
 > We are not using `rbm` for the alphas yet. Thus, we'd need a `Gitian`
 patch. Yes, giving what amounts to a compiler change some testing in our
 nightly/alpha builds first sounds like a good idea.

 > Moreover, it seems we get 7c90d5921bd2cb678eec09d05b10ce6fd13463bc as
 well with this mingw-w64 bump which allows us to get rid of one of our
 tor-browser patches I think. We should test that, too, while we are at it.

 Thanks for pointing that out. Here's a gitian patch and the corresponding
 tor-browser.git patch:
 https://github.com/arthuredelstein/tor-browser-bundle/commit/22563
 https://github.com/arthuredelstein/tor-browser/commit/22563

 But if we transition to rbm first, we can also use these two patches
 instead:
 https://github.com/arthuredelstein/tor-browser-build/commit/22563
 https://github.com/arthuredelstein/tor-browser/commit/22563

 Note I have had some trouble building the gitian build, but I will try
 again today. I'm pretty confident it will work as the rbm build worked for
 me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22862 [Core Tor/Tor]: tor-spec doesn't say how clients authenticate authorities or fallback directories

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22862: tor-spec doesn't say how clients authenticate authorities or fallback
directories
-+
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:  fixed
 Keywords:  review-group-21  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => closed
 * reviewer:  nickm =>
 * resolution:   => fixed


Comment:

 I tweaked your wording a little in
 6c19e603c825cdbf4a6dc33196c792bf47c19bba; thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #17639, #22636, #22862

2017-07-24 Thread Tor Bug Tracker & Wiki 
Batch modification to #17639, #22636, #22862 by nickm:
reviewer to nickm

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22883 [Core Tor/Tor]: Bridge unavailable during differential consensus update

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22883: Bridge unavailable during differential consensus update
-+-
 Reporter:  torvlnt33r   |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.4-alpha
 Severity:  Normal   | Resolution:
 Keywords:  regression, cpu, usage, review-  |  Actual Points:  1
  group-21   |
Parent ID:   | Points:  1
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by ahf):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22883 [Core Tor/Tor]: Bridge unavailable during differential consensus update

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22883: Bridge unavailable during differential consensus update
-+-
 Reporter:  torvlnt33r   |  Owner:  nickm
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.4-alpha
 Severity:  Normal   | Resolution:
 Keywords:  regression, cpu, usage, review-  |  Actual Points:  1
  group-21   |
Parent ID:   | Points:  1
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by ahf):

 * owner:  ahf => nickm
 * reviewer:  dgoulet => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22883 [Core Tor/Tor]: Bridge unavailable during differential consensus update

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22883: Bridge unavailable during differential consensus update
-+-
 Reporter:  torvlnt33r   |  Owner:  ahf
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.4-alpha
 Severity:  Normal   | Resolution:
 Keywords:  regression, cpu, usage, review-  |  Actual Points:  1
  group-21   |
Parent ID:   | Points:  1
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by ahf):

 * owner:  nickm => ahf
 * status:  needs_review => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22923 [Internal Services/Tor Sysadmin Team]: Create a Virtual Machine for Tor Browser Crash Dumps

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22923: Create a Virtual Machine for Tor Browser Crash Dumps
-+-
 Reporter:  tom  |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by tom):

 > weasel> do we have a role account for this already?  if not, what should
 be its name and who should be in the group that can access it?

 tbb-crashes

 me, geko, arthur, mcs, brade

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21656 [Applications/Tor Browser]: Add "low cost" hardening build flags to OS X

2017-07-24 Thread Tor Bug Tracker & Wiki 
#21656: Add "low cost" hardening build flags to OS X
--+---
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by arthuredelstein):

 * parent:  #21448 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21656 [Applications/Tor Browser]: Add "low cost" hardening build flags to OS X

2017-07-24 Thread Tor Bug Tracker & Wiki 
#21656: Add "low cost" hardening build flags to OS X
--+---
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:  tbb-security  |  Actual Points:
Parent ID:  #21448| Points:
 Reviewer:|Sponsor:
--+---
Changes (by arthuredelstein):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Duplicate of #23025

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21448 [Applications/Tor Browser]: Identify what build flags we should be using for security, and use them

2017-07-24 Thread Tor Bug Tracker & Wiki 
#21448: Identify what build flags we should be using for security, and use them
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arthuredelstein):

 After a lot of experimentation, I opened #23024 and #23025 to add some
 extra hardening flags for Windows and Mac respectively. In the meantime I
 also found several promising flags didn't work after all:

 Windows (mingw cross-compile):
  * `-z,relro,-z,now` fails (is there an equivalent flag for Windows
 binaries?)
  * `Werror=format` throws errors (around uses of `%lld`)
  * `-fstack-protector-strong`
 [https://sourceforge.net/p/mingw-w64/discussion/723798/thread/de524c41/
 didn't build]; in #23024 I propose trying `-fstack-protector-all` instead.

 macOS (clang-based cross compile):
  * `-z,relro,-z,now` fails (is there an equivalent flag for Mac binaries?)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23025 [Applications/Tor Browser]: Flags to increase hardening on macOS

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23025: Flags to increase hardening on macOS
--+-
 Reporter:  arthuredelstein   |  Owner:  arthuredelstein
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201707R |  Actual Points:
Parent ID:  #21448| Points:
 Reviewer:|Sponsor:
--+-
Changes (by arthuredelstein):

 * status:  new => needs_review
 * keywords:  TorBrowserTeam201707 => TorBrowserTeam201707R


Comment:

 Here's a patch for review. We can add these after the transition to rbm.

 https://github.com/arthuredelstein/tor-browser-build/commit/23025

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23025 [Applications/Tor Browser]: Flags to increase hardening on macOS

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23025: Flags to increase hardening on macOS
--+
 Reporter:  arthuredelstein   |  Owner:  arthuredelstein
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201707
Actual Points:|  Parent ID:  #21448
   Points:|   Reviewer:
  Sponsor:|
--+
 We can add the following flags to our Mac build for some extra protection:

 {{{
 -fstack-protector-strong
 -D_FORTIFY_SOURCE=2
 -Werror=format
 -Werror=format-security
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23024 [Applications/Tor Browser]: Flags to increase hardening on Windows

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23024: Flags to increase hardening on Windows
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201707R |  Actual Points:
Parent ID:  #21448| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arthuredelstein):

 * keywords:  TorBrowserTeam20170724R => TorBrowserTeam201707R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23024 [Applications/Tor Browser]: Flags to increase hardening on Windows

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23024: Flags to increase hardening on Windows
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam20170724R   |  Actual Points:
Parent ID:  #21448| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arthuredelstein):

 * keywords:   => TorBrowserTeam20170724R
 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23024 [Applications/Tor Browser]: Flags to increase hardening on Windows

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23024: Flags to increase hardening on Windows
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #21448| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arthuredelstein):

 Here's my patch for review. I would suggest we adding it after we have
 transitioned to rbm builds:
 https://github.com/arthuredelstein/tor-browser/commit/23024

 I tried building TBB with `-fstack-protector-strong` on mingw-w64 but so
 far ran into
 [https://sourceforge.net/p/mingw-w64/discussion/723798/thread/de524c41/#e4f9
 errors]. However, a Windows Tor Browser built with this patch (using
 `-fstack-protector-all`) doesn't seem subjectively slower to me, so I
 would suggest trying this on the alpha, at least until we have a solution
 for `-fstack-protector-strong` on mingw-w64.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23024 [Applications/Tor Browser]: Flags to increase hardening on Windows

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23024: Flags to increase hardening on Windows
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #21448
   Points:|   Reviewer:
  Sponsor:|
--+--
 We can add `-fstack-protector-all` and `-D_FORTIFY_SOURCE=2` to our
 Windows build for some extra protection.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22997 [Internal Services/Tor Sysadmin Team]: update Alison's GPG key in db.torproject.org

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22997: update Alison's GPG key in db.torproject.org
-+-
 Reporter:  alison   |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hellais):

 * owner:   => tpa
 * component:  - Select a component => Internal Services/Tor Sysadmin Team


Comment:

 Adding correct trac component.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22923 [Internal Services/Tor Sysadmin Team]: Create a Virtual Machine for Tor Browser Crash Dumps

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22923: Create a Virtual Machine for Tor Browser Crash Dumps
-+-
 Reporter:  tom  |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by tom):

 Replying to [comment:8 weasel]:
 > Tom, is this VM still something you want, even if we won't run insane
 things as root?

 Yes =)  From irc:

 >  https://packages.debian.org/stretch/nodejs <- 4.8.2 - I believe this
 version should include npm with it


 So let's try:

 > sudo apt-get install -y nodejs
 > sudo apt-get install -y build-essential
 > sudo npm --global install grunt

 And hopefully those will succeed?

 If they do I will hopefully be able to do the rest for a regular user
 account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23023 [Core Tor/Tor]: test: some prop224 unit tests fail only sometimes

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23023: test: some prop224 unit tests fail only sometimes
+--
 Reporter:  dgoulet |  Owner:  dgoulet
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-tests, prop224, tor-hs  |  Actual Points:
Parent ID:  | Points:  0.1
 Reviewer:  |Sponsor:  SponsorR-can
+--
Changes (by dgoulet):

 * status:  new => needs_review


Comment:

 See branch `bug23023_032_01`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23023 [Core Tor/Tor]: test: some prop224 unit tests fail only sometimes

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23023: test: some prop224 unit tests fail only sometimes
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-tests, prop224, tor-hs
Actual Points:|  Parent ID:
   Points:  0.1   |   Reviewer:
  Sponsor:  SponsorR-can  |
--+
 Diagnostic from nickm.

 {{{
 11:44 <+nickm> dgoulet, asn: There are two bugs in test_hs_service.c that
 make it fail sometimes
 11:44 <+nickm> on line 541
 11:45 <+nickm> bug 1: you're setting one byte of the public key to 0x42.
 But that byte might already be 0x42!
 11:45 <+nickm> Instead use xor
 11:45 <+nickm> bug 2: You are changing the key of an item that's already
 inserted in the hashtable.
 11:45 <+nickm> That can fail when you go to  insert the item with the
 changed key
 11:46 <+nickm> because with probability 1/N_BUCKETS, the item with the
 changed key will go into the same bucket as it went into the first time...
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22979 [Core Tor/Tor]: prop224: Add an introduction point onion key in the descriptor

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22979: prop224: Add an introduction point onion key in the descriptor
---+---
 Reporter:  dgoulet|  Owner:  dgoulet
 Type:  enhancement| Status:  merge_ready
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-hs, prop224, tor-spec  |  Actual Points:
Parent ID:  #21888 | Points:  0.1
 Reviewer:  asn|Sponsor:  SponsorR-must
---+---

Comment (by dgoulet):

 Fixup commit on both spec and code. Basically, code one changes to `T1N`
 and the spec one mentions "Exactly once per ip".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22951 [Core Tor/Tor]: NETINFO cells are mandatory, but tor-spec says "may"

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22951: NETINFO cells are mandatory, but tor-spec says "may"
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  needs_revision
 Priority:  Medium |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-spec easy doc  |  Actual Points:
Parent ID:  #18856 | Points:
 Reviewer: |Sponsor:
---+

Comment (by nickm):

 Should this be needs_review?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22940 [Core Tor/Tor]: prop224: HS revision counter should persist after service reboot

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22940: prop224: HS revision counter should persist after service reboot
+
 Reporter:  asn |  Owner:
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tor-hs prop224  |  Actual Points:
Parent ID:  #20657  | Points:  1
 Reviewer:  dgoulet |Sponsor:  SponsorR-can
+

Comment (by nickm):

 AFAICT, the order-preserving backport wouldn't require any change in the
 HSDirs, since the hsdirs only require that the numbers be monotonically
 increasing 64-bit integers, and that's what you get from OPI, I believe.
 But I agree it sure isn't necessary for 0.3.2.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23022 [Webpages/Blog]: Increase leading image margin-bottom

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23022: Increase leading image margin-bottom
---+--
 Reporter:  steph  |  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+--
 Add 1.5em to the margin-bottom of the blog post leading image.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22940 [Core Tor/Tor]: prop224: HS revision counter should persist after service reboot

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22940: prop224: HS revision counter should persist after service reboot
+
 Reporter:  asn |  Owner:
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tor-hs prop224  |  Actual Points:
Parent ID:  #20657  | Points:  1
 Reviewer:  dgoulet |Sponsor:  SponsorR-can
+
Changes (by dgoulet):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 I fixed the above and merged the commits in #20657! woot

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22735 [Core Tor/Tor]: prop224: HS desc overlap period func uses absolute times instead of slots

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22735: prop224: HS desc overlap period func uses absolute times instead of 
slots
-+-
 Reporter:  asn  |  Owner:  asn
 Type:  task | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  prop224 tor-hs spec-conformance  |  Actual Points:
Parent ID:  #20657   | Points:  1
 Reviewer:  dgoulet  |Sponsor:  SponsorR-
 |  can
-+-
Changes (by dgoulet):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 lgtm! I've cherry-picked all the commits and merge them in #20657 branch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22923 [Internal Services/Tor Sysadmin Team]: Create a Virtual Machine for Tor Browser Crash Dumps

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22923: Create a Virtual Machine for Tor Browser Crash Dumps
-+-
 Reporter:  tom  |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 Tom, is this VM still something you want, even if we won't run insane
 things as root?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by weasel):

 * status:  new => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 I have no valid trust-path to the key that signed this request.  Maybe
 somebody else can sponsor it (ideally with a key from the keyring).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22940 [Core Tor/Tor]: prop224: HS revision counter should persist after service reboot

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22940: prop224: HS revision counter should persist after service reboot
+
 Reporter:  asn |  Owner:
 Type:  defect  | Status:  needs_revision
 Priority:  Medium  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs prop224  |  Actual Points:
Parent ID:  #20657  | Points:  1
 Reviewer:  dgoulet |Sponsor:  SponsorR-can
+
Changes (by dgoulet):

 * status:  needs_review => needs_revision
 * reviewer:   => dgoulet


Comment:

 * Small fix for:
 {{{
 +  log_info(LD_GENERAL, "Found rev counter for %s: %u",
 +   b64_key_str, (unsigned) rev_counter);
 }}}
  and
 {{{
 +  log_info(LD_GENERAL, "[!] Adding rev counter %d for %s!",
 +   (int) rev_counter, blinded_pubkey_b64);
 }}}

  I would go for using `PRIu64` instead of casting this and "possibly"
 reaching an overflow. I know unlikely but...

 The rest looks good! Solid code!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by darkk):

 * cc: leon@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 ack

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22067 [Applications/Tor Browser]: NoScript Click-to-Play bypass with embedded videos and audios

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22067: NoScript Click-to-Play bypass with embedded videos and audios
-+-
 Reporter:  samantharis  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security, noscript,  |  Actual Points:
  TorBrowserTeam201707R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-security, noscript => tbb-security, noscript,
 TorBrowserTeam201707R
 * status:  needs_information => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Old description:

> {{{
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Please create an LDAP account for Leonid an OONI developer. He needs this
> to be able to push updates to the ooni website (so he should also be
> given access to the staticiforme user "ooni") and all other static
> hosting related sites.
>
> Name: Leonid Evdokimov
> Address: l...@darkk.net.ru
> PGP Fingerprint: 6691 DE6B 4CCD C1C1 76A0  0D4A E1F2 A980 7F50 FAB2
> Username: darkk
>
> Thanks!
> ~ Arturo
> -BEGIN PGP SIGNATURE-
> Comment: PGP
>
> iHUEAREKAB0WIQRn7zlmUJmG6WrO6E5dZ80YcCKH9AUCWXX4fAAKCRBdZ80YcCKH
> 9NSNAP9zuk2M+UiGyM8H7VnzR24HT0VRAATf0nTlIMr32tD+qAEAvWzeEhz9mMbe
> Ijp8EJ/Je2m4kYLqe/R1Ng6e6IrZOh4=
> =ma1B
> -END PGP SIGNATURE-
> }}}

New description:

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Please create an LDAP account for Leonid an OONI developer. He needs this
 to be able to push updates to the ooni website (so he should also be given
 access to the staticiforme user "ooni") and all other static hosting
 related sites.

 Name: Leonid Evdokimov
 Address: l...@darkk.net.ru
 PGP Fingerprint: 6691 DE6B 4CCD C1C1 76A0  0D4A E1F2 A980 7F50 FAB2
 Username: darkk

 Thanks!
 ~ Arturo
 -BEGIN PGP SIGNATURE-
 Comment: PGP

 iF4EAREKAAYFAll1+rAACgkQXWfNGHAih/SpogD8CxTrVQr/89TUYfEFsdCpKtWU
 XogXSJm6bU0l/4IqVEoA+gMe5+jbfEe+UfuZv44O6s/+CQE6YrshMjDFBuIrk+u8
 =k7EJ
 -END PGP SIGNATURE-
 }}}

--

Comment (by hellais):

 Updated signature as the previous one seems to not be valid.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23016 [Applications/Tor Browser]: "Print to File" does not create the expected file in non-English locales

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23016: "Print to File" does not create the expected file in non-English locales
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-7.0-issues, tbb-   |  Actual Points:
  regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  AffectsTails, tbb-7.0, tbb-regression => AffectsTails,
 tbb-7.0-issues, tbb-regression


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23016 [Applications/Tor Browser]: "Print to File" does not create the expected file in non-English locales

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23016: "Print to File" does not create the expected file in non-English locales
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-7.0, tbb-  |  Actual Points:
  regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  AffectsTails => AffectsTails, tbb-7.0, tbb-regression


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Description changed by hellais:

Old description:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Please create an LDAP account for Leonid an OONI developer. He needs this
> to be able to push updates to the ooni website (so he should also be
> given access to the staticiforme user "ooni") and all other static
> hosting related sites.
>
> Name: Leonid Evdokimov
> Address: l...@darkk.net.ru
> PGP Fingerprint: 6691 DE6B 4CCD C1C1 76A0  0D4A E1F2 A980 7F50 FAB2
> Username: darkk
>
> Thanks!
> ~ Arturo
> -BEGIN PGP SIGNATURE-
> Comment: PGP
>
> iHUEAREKAB0WIQRn7zlmUJmG6WrO6E5dZ80YcCKH9AUCWXX4fAAKCRBdZ80YcCKH
> 9NSNAP9zuk2M+UiGyM8H7VnzR24HT0VRAATf0nTlIMr32tD+qAEAvWzeEhz9mMbe
> Ijp8EJ/Je2m4kYLqe/R1Ng6e6IrZOh4=
> =ma1B
> -END PGP SIGNATURE-

New description:

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Please create an LDAP account for Leonid an OONI developer. He needs this
 to be able to push updates to the ooni website (so he should also be given
 access to the staticiforme user "ooni") and all other static hosting
 related sites.

 Name: Leonid Evdokimov
 Address: l...@darkk.net.ru
 PGP Fingerprint: 6691 DE6B 4CCD C1C1 76A0  0D4A E1F2 A980 7F50 FAB2
 Username: darkk

 Thanks!
 ~ Arturo
 -BEGIN PGP SIGNATURE-
 Comment: PGP

 iHUEAREKAB0WIQRn7zlmUJmG6WrO6E5dZ80YcCKH9AUCWXX4fAAKCRBdZ80YcCKH
 9NSNAP9zuk2M+UiGyM8H7VnzR24HT0VRAATf0nTlIMr32tD+qAEAvWzeEhz9mMbe
 Ijp8EJ/Je2m4kYLqe/R1Ng6e6IrZOh4=
 =ma1B
 -END PGP SIGNATURE-
 }}}

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23021 [Internal Services/Tor Sysadmin Team]: Create LDAP account for Leonid Evdokimov

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23021: Create LDAP account for Leonid Evdokimov
-+-
 Reporter:  hellais  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Please create an LDAP account for Leonid an OONI developer. He needs this
 to be able to push updates to the ooni website (so he should also be given
 access to the staticiforme user "ooni") and all other static hosting
 related sites.

 Name: Leonid Evdokimov
 Address: l...@darkk.net.ru
 PGP Fingerprint: 6691 DE6B 4CCD C1C1 76A0  0D4A E1F2 A980 7F50 FAB2
 Username: darkk

 Thanks!
 ~ Arturo
 -BEGIN PGP SIGNATURE-
 Comment: PGP

 iHUEAREKAB0WIQRn7zlmUJmG6WrO6E5dZ80YcCKH9AUCWXX4fAAKCRBdZ80YcCKH
 9NSNAP9zuk2M+UiGyM8H7VnzR24HT0VRAATf0nTlIMr32tD+qAEAvWzeEhz9mMbe
 Ijp8EJ/Je2m4kYLqe/R1Ng6e6IrZOh4=
 =ma1B
 -END PGP SIGNATURE-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23018 [- Select a component]: sdfdsfasdf

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23018: sdfdsfasdf
--+-
 Reporter:  manishhacks6  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by cypherpunks):

 manishhacks6, As the policy on HackerOne says, only Tor (the network
 daemon) and Tor Browser are currently covered. Trac is **not** covered! If
 we broaden the scope of you bug bounty program we'll announce that
 publicly.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22827 [Core Tor/Tor]: Formalise CollecTor spec for sanitised bridge descriptors and put in torspec

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22827: Formalise CollecTor spec for sanitised bridge descriptors and put in
torspec
-+-
 Reporter:  isis |  Owner:  karsten
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-spec, tor-docs, tor-bridges  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by karsten):

 Obviously, I didn't mean 12 hours but 48 hours! Please find
 [https://gitweb.torproject.org/karsten/metrics-web.git/log/?h=task-22827
 my task-22827 metrics-web branch] with an updated XML file. I also
 attached the
 [https://trac.torproject.org/projects/tor/attachment/ticket/22827/san-
 bridge-spec.html HTML output] to this ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23012 [Applications/Tor Browser]: ebay password issues

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23012: ebay password issues
--+---
 Reporter:  hoosierbros   |  Owner:
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information
 * component:  - Select a component => Applications/Tor Browser


Comment:

 Could you give us some more information? Are you using Tor Browser? If so
 which version? How can we reproduce your problem? Which operating system
 are you using?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23020 [Applications/Tor Browser]: "Prevent this page from creating additional dialogs" doesn't work

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23020: "Prevent this page from creating additional dialogs" doesn't work
--+--
 Reporter:  teor  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #22478
   Points:|   Reviewer:
  Sponsor:|
--+--
 When I go to a google doc in high security mode (see #22478), it creates
 multiple dialogs. There is an option in the dialogs to "Prevent this page
 from creating additional dialogs".

 When I check it and click ok, it doesn't work: the page keeps creating
 dialogs.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23019 [Core Tor/Tor]: prop224: Validate received onion addresses on the client side

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23019: prop224: Validate received onion addresses on the client side
--+
 Reporter:  asn   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  prop224, tor-hs
Actual Points:|  Parent ID:  #17242
   Points:|   Reviewer:
  Sponsor:|
--+
 This is a ticket to remind ourselves that we on the client-side we need to
 validate onion addresses using the validation routines introduced in
 #22006.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

2017-07-24 Thread Tor Bug Tracker & Wiki 
#21321: .onion HTTP is shown as non-secure in Tor Browser
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Blocker  | Resolution:
 Keywords:  ff52-esr, tbb-7.0-issues, tbb-   |  Actual Points:
  usability, ux-team, TorBrowserTeam201707R, |
  GeorgKoppen201707  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: arthuredelstein (added)
 * status:  new => needs_review
 * keywords:
 ff52-esr, tbb-7.0-issues, tbb-usability, ux-team,
 TorBrowserTeam201707, GeorgKoppen201707
 =>
 ff52-esr, tbb-7.0-issues, tbb-usability, ux-team,
 TorBrowserTeam201707R, GeorgKoppen201707


Comment:

 Please review: https://oniongit.eu/gk/tor-browser/merge_requests/1. I have
 not looked at a mixed content context. The tests in
 `browser_hasInsecureLoginForms.js` should get adapted once we have those
 bits figured out. But I'd say that should happen in a different bug titled
 "Don't block .onion sites in a mixed content setup" or something like
 that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22940 [Core Tor/Tor]: prop224: HS revision counter should persist after service reboot

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22940: prop224: HS revision counter should persist after service reboot
+
 Reporter:  asn |  Owner:
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs prop224  |  Actual Points:
Parent ID:  #20657  | Points:  1
 Reviewer:  |Sponsor:  SponsorR-can
+

Comment (by asn):

 (FWIW, Nick's idea on comment:4 was not implemented, since apart from
 being pretty cutting edge, it also requires us to backport order-
 preserving encryption patches to 030 so that HSDirs can understand the
 encrypted counters. Let's re-consider this if we ever find the state-
 saving solution to be bad.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22735 [Core Tor/Tor]: prop224: HS desc overlap period func uses absolute times instead of slots

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22735: prop224: HS desc overlap period func uses absolute times instead of 
slots
-+-
 Reporter:  asn  |  Owner:  asn
 Type:  task | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop224 tor-hs spec-conformance  |  Actual Points:
Parent ID:  #20657   | Points:  1
 Reviewer:  dgoulet  |Sponsor:  SponsorR-
 |  can
-+-
Changes (by asn):

 * status:  needs_revision => needs_review


Comment:

 Pushed branch with revisions in `bug22735_v2`. No gitlab MR yet, since
 it's simple enough. Let me know if you want one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19479 [Applications/Tor Browser]: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48

2017-07-24 Thread Tor Bug Tracker & Wiki 
#19479: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48
--+--
 Reporter:  arthuredelstein   |  Owner:  rah
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff59-esr, tbb-fingerprinting  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by rah):

 * owner:  tbb-team => rah
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22940 [Core Tor/Tor]: prop224: HS revision counter should persist after service reboot

2017-07-24 Thread Tor Bug Tracker & Wiki 
#22940: prop224: HS revision counter should persist after service reboot
+
 Reporter:  asn |  Owner:
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs prop224  |  Actual Points:
Parent ID:  #20657  | Points:  1
 Reviewer:  |Sponsor:  SponsorR-can
+

Comment (by asn):

 Please find even better code at `bug22940_v2`.

 It fixes a bad bug on the previous branch, fixes a broken unittest, and
 introduces unittests for the rev counter state file business.

 Let me know if you need anything else here!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23018 [- Select a component]: sdfdsfasdf

2017-07-24 Thread Tor Bug Tracker & Wiki 
#23018: sdfdsfasdf
--+-
 Reporter:  manishhacks6  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => invalid


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs