Re: [tor-bugs] #25339 [Applications/Tor Browser]: Install python 3.6 for building HTTPS-Everywhere

[Tor Bug Tracker & Wiki]

#25339: Install python 3.6 for building HTTPS-Everywhere
-+-
 Reporter:  boklm|  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201802,   |  Actual Points:
  boklm201802|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 I think we don't want to go back to some Ubuntu version for any of our
 build projects. https://bugzilla.mozilla.org/show_bug.cgi?id=1388447
 indicates that Mozilla won't switch to require Python 3.x before Firefox
 61. So, we don't need to adapt our Python version used for the Firefox
 build.
 I guess using `buster` for just building HTTPSE might be the least time-
 consuming change? If so, then we should do it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25356 [Applications/Tor Browser]: Upgrade obfs4proxy to v0.0.7 in Tor Browser

[Tor Bug Tracker & Wiki]

#25356: Upgrade obfs4proxy to v0.0.7 in Tor Browser
--+---
 Reporter:  mig5  |  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information


Comment:

 mig5: Do you need that right away in the next Tor Browser stable or would
 testing the new obfs4proxy version in the next alpha first be enough for
 you?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25343 [Applications/Tor Browser]: disable F11 as fullscreen

[Tor Bug Tracker & Wiki]

#25343: disable F11 as fullscreen
--+--
 Reporter:  catperson |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 I don't think we want to guard against cats walking on the keyboard. We
 could think about automatically rounding the windows size to a multiple of
 200x100. It might be a solution for this bug as well and not just for the
 "resizing-by-accident"-scenario. We think about that over in #14429.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25340 [Applications/Tor Browser]: "Restart the Tor Browser to apply updates" notification disappears with New Identity, maybe it shouldn't?

[Tor Bug Tracker & Wiki]

#25340: "Restart the Tor Browser to apply updates" notification disappears with 
New
Identity, maybe it shouldn't?
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-newnym|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: mcs, brade (added)
 * keywords:   => tbb-newnym


Comment:

 Yes, I think you are right. New Identity should not clear the "update is
 available"-hint.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25305 [Applications/Tor Browser]: Tor Browser refuses to start / XDG_CONFIG_DIRS environment variable segfaults Tor Browser

[Tor Bug Tracker & Wiki]

#25305: Tor Browser refuses to start / XDG_CONFIG_DIRS environment variable
segfaults Tor Browser
--+--
 Reporter:  adrelanos |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-crash |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-crash


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm, boklm201802  |  Actual Points:
Parent ID:  #12968| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 boklm, could you test with selfrando d070755 again?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25356 [Applications/Tor Browser]: Upgrade obfs4proxy to v0.0.7 in Tor Browser

[Tor Bug Tracker & Wiki]

#25356: Upgrade obfs4proxy to v0.0.7 in Tor Browser
--+--
 Reporter:  mig5  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * version:  Tor: unspecified =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25356 [Applications/Tor Browser]: Upgrade obfs4proxy to v0.0.7 in Tor Browser

[Tor Bug Tracker & Wiki]

#25356: Upgrade obfs4proxy to v0.0.7 in Tor Browser
--+--
 Reporter:  mig5  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 The bundled version of obfs4proxy in Tor Browser is super old on macOS
 (and probably other platforms) - v0.0.5, from April 2015.

 It predates the meek_lite feature which was introduced in v0.0.6 in 2016,
 and the latest version is v0.0.7.

 OnionShare depends on Tor Browser for macOS and Windows (we fetch the tor
 and obfs4proxy binaries from your package and re-bundle them into
 OnionShare so that the user can use 'bundled' Tor mode, instead of having
 to have Tor installed globally or Tor Browser running in the background).

 But the old version means that our meek_lite PT support doesn't work on
 those platforms, only on Linux (where the user is assumed to have
 installed Tor globally as a dependency to the package).

 Thanks

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #2536, #3794, #4676, #5683, ...

[Tor Bug Tracker & Wiki]

Batch modification to #2536, #3794, #4676, #5683, #7553, #7875, #12169, #12377, 
#13081, #17799, #22907, #24989, #13621 by teor:
milestone to Tor: 0.3.4.x-final

Comment:
Move all needs_review tickets without a release to 0.3.4

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #24367, #24608, #24765, #24795

[Tor Bug Tracker & Wiki]

Batch modification to #24367, #24608, #24765, #24795 by teor:
milestone to Tor: 0.3.3.x-final

Comment:
These bugfix tickets have no patches. The earliest they will get done is 0.3.3.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #17193, #24127, #24763, #24300, ...

[Tor Bug Tracker & Wiki]

Batch modification to #17193, #24127, #24763, #24300, #24840, #25136, #24043 by 
teor:
milestone to Tor: 0.3.4.x-final

Comment:
These feature and bugfix tickets have no patches. The earliest they will get 
done is 0.3.4.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22798 [Core Tor/Tor]: Windows relay is several times slower than Linux relay

[Tor Bug Tracker & Wiki]

#22798: Windows relay is several times slower than Linux relay
-+-
 Reporter:  Vort |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.9.11
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, performance, windows, |  Actual Points:
  032-backport 031-backport 029-backport |
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  needs_review => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25279 [Core Tor/Tor]: Stem test-full fails on master branch

[Tor Bug Tracker & Wiki]

#25279: Stem test-full fails on master branch
--+
 Reporter:  ffmancera |  Owner:  (none)
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  stem, test|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by atagar):

 * status:  new => needs_information


Comment:

 Hi ffmancera, that's odd. The unit tests aren't failing in that way for
 me, though I did find some python3 compatibility issues that are now
 fixed.

 Please get a fresh clone of Stem and run its tests directly...

 https://stem.torproject.org/faq.html#how-do-i-run-the-tests

 If they run into any issues then please include the full test output (the
 above doesn't have much to go on). Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21206, #21208, #22921, #22422, ...

[Tor Bug Tracker & Wiki]

Batch modification to #21206, #21208, #22921, #22422, #22653, #22489 by teor:
milestone to Tor: 0.3.4.x-final

Comment:
These feature and bugfix tickets have no patches. The earliest they will get 
done is 0.3.4.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24577 [Core Tor/Tor]: Systemctl tor.service invalid - Tor does not restart on systemctl start tor command

[Tor Bug Tracker & Wiki]

#24577: Systemctl tor.service invalid - Tor does not restart on systemctl start 
tor
command
---+---
 Reporter:  d3m0nkingx |  Owner:  (none)
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.9
 Severity:  Normal | Resolution:  worksforme
 Keywords:  systemctl systemd tor.service  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by teor):

 * status:  new => closed
 * priority:  High => Medium
 * resolution:   => worksforme
 * severity:  Major => Normal


Comment:

 This works for me on Debian.

 If you have an unusual setup, try using commands like:
 {{{
 systemctl status tor@*
 systemctl reload tor@*
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25355 [Core Tor/Tor]: Add option to set the facility of the syslog log backend dynamically

[Tor Bug Tracker & Wiki]

#25355: Add option to set the facility of the syslog log backend dynamically
--+
 Reporter:  ahf   |  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by ahf):

 * status:  new => needs_review


Comment:

 Patch in https://gitlab.com/ahf/tor/merge_requests/23

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25355 [Core Tor/Tor]: Add option to set the facility of the syslog log backend dynamically

[Tor Bug Tracker & Wiki]

#25355: Add option to set the facility of the syslog log backend dynamically
--+
 Reporter:  ahf   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Currently it's only possible to change our default syslog facility value
 if you compile Tor yourself and pass an option to the configure script. It
 should be possible to set this value, globally for all syslog loggers, in
 torrc.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25354 [Internal Services/Tor Sysadmin Team]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
-+-
 Reporter:  pege |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Major| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 Replying to [comment:2 pege]:
 > Something seems to be of with the DNS records too. Only
 www.torproject.org can be resolved, torproject.org can't.
 > …

 This is a deliberate, temporary change:
 {{{
 21:48 +nsa: or: [auto-dns/master] 9dec896 2018-02-25 10:48:11 Peter
 Palfrader : remove address records for
 "torproject.org" for now
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25354 [Internal Services/Tor Sysadmin Team]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
-+-
 Reporter:  pege |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Major| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pege):

 * component:  Webpages/Website => Internal Services/Tor Sysadmin Team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25354 [Internal Services/Tor Sysadmin Team]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
-+-
 Reporter:  pege |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Major| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pege):

 Sorry. changing the component was an accident.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25354 [Webpages/Website]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
--+-
 Reporter:  pege  |  Owner:  tpa
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by pege):

 * component:  Internal Services/Tor Sysadmin Team => Webpages/Website


Comment:

 Something seems to be of with the DNS records too. Only www.torproject.org
 can be resolved, torproject.org can't.

 {{{
 $ dig torproject.org @8.8.8.8

 ; <<>> DiG 9.10.3-P4-Debian <<>> torproject.org @8.8.8.8
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45845
 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

 ;; OPT PSEUDOSECTION:
 ; EDNS: version: 0, flags:; udp: 512
 ;; QUESTION SECTION:
 ;torproject.org.IN  A

 ;; AUTHORITY SECTION:
 torproject.org. 1539IN  SOA nevii.torproject.org.
 hostmaster.torproject.org. 2018022538 10800 3600 1814400 3601

 ;; Query time: 16 msec
 ;; SERVER: 8.8.8.8#53(8.8.8.8)
 ;; WHEN: Mon Feb 26 01:27:42 CET 2018
 ;; MSG SIZE  rcvd: 96

 $ dig www.torproject.org @8.8.8.8

 ; <<>> DiG 9.10.3-P4-Debian <<>> www.torproject.org @8.8.8.8
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21531
 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

 ;; OPT PSEUDOSECTION:
 ; EDNS: version: 0, flags:; udp: 512
 ;; QUESTION SECTION:
 ;www.torproject.org.IN  A

 ;; ANSWER SECTION:
 www.torproject.org. 149 IN  A   154.35.175.245

 ;; Query time: 126 msec
 ;; SERVER: 8.8.8.8#53(8.8.8.8)
 ;; WHEN: Mon Feb 26 01:28:00 CET 2018
 ;; MSG SIZE  rcvd: 63
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25353 [Core Tor/Tor]: Configure fails with some OpenSSL 1.1.0

[Tor Bug Tracker & Wiki]

#25353: Configure fails with some OpenSSL 1.1.0
--+
 Reporter:  laomaiweng|  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  openssl, tor-ssl  |  Actual Points:
Parent ID:  #19429| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * keywords:  openssl, 1.1.0, tlsv1_1_method, deprecated => openssl, tor-ssl
 * severity:  Minor => Normal
 * milestone:  Tor: unspecified => Tor: 0.3.4.x-final


Comment:

 What version of Tor are you trying to build?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25354 [Internal Services/Tor Sysadmin Team]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
-+-
 Reporter:  pege |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Major| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * owner:  (none) => tpa
 * component:  Webpages/Website => Internal Services/Tor Sysadmin Team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25354 [Webpages/Website]: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)

[Tor Bug Tracker & Wiki]

#25354: torproject.org using insecure ciphers/protocols (SSLv3, 3DES and RC4)
--+
 Reporter:  pege  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Major |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 I just tried to update Tor Browser in Whonix on Qubes OS and got this
 error: "curl_status_message: [35] - [SSL connect error. The SSL
 handshaking failed.]".

 I looked at it a bit closer and it looks like https://www.torproject.org
 is currently using insecure ciphers.


 {{{
 openssl s_client -connect www.torproject.org:443
 …
 Server public key is 4096 bit
 Secure Renegotiation IS supported
 Compression: NONE
 Expansion: NONE
 SSL-Session:
 Protocol  : TLSv1
 Cipher: RC4-MD5
 Session-ID:
 DD04CBDA08AEFB17B0DCF3696B4D09DE761F150E4886E33AB5334B4F1EBD7575
 Session-ID-ctx:
 Master-Key:
 
99B55DE1DB5319DC11D12C19C4DD1B3A1534331E4FB4E7C14A3C93628E068D970A0F493ED0EB878FA4E183F8F6656A4E
 Key-Arg   : None
 PSK identity: None
 PSK identity hint: None
 SRP username: None
 Start Time: 1519601291
 Timeout   : 300 (sec)
 Verify return code: 0 (ok)
 }}}

 Firefox Nightly tells me the cipher in use is:
 {{{
 TLS_RSA_WITH_3DES_EDE_CBC_SHA
 }}}

 And https://www.ssllabs.com/ssltest/analyze.html?d=www.torproject.org
 tells me:

 protocols:

 {{{
 Protocols
 TLS 1.3 No
 TLS 1.2 No
 TLS 1.1 No
 TLS 1.0 Yes
 SSL 3   INSECUREYes
 }}}

 ciphers:

 {{{
 TLS_RSA_WITH_RC4_128_MD5 (0x4)   INSECURE   128
 TLS_RSA_WITH_RC4_128_SHA (0x5)   INSECURE   128
 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)   WEAK  112
 TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK  256
 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK  128
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25353 [Core Tor/Tor]: Configure fails with some OpenSSL 1.1.0

[Tor Bug Tracker & Wiki]

#25353: Configure fails with some OpenSSL 1.1.0
-+-
 Reporter:  laomaiweng   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Minor| Resolution:
 Keywords:  openssl, 1.1.0, tlsv1_1_method,  |  Actual Points:
  deprecated |
Parent ID:  #19429   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by laomaiweng):

 * parent:   => #19429


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25353 [Core Tor/Tor]: Configure fails with some OpenSSL 1.1.0

[Tor Bug Tracker & Wiki]

#25353: Configure fails with some OpenSSL 1.1.0
-+-
 Reporter:   |  Owner:  (none)
  laomaiweng |
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core |Version:
  Tor/Tor|   Keywords:  openssl, 1.1.0, tlsv1_1_method,
 Severity:  Minor|  deprecated
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 On my machine with OpenSSL 1.1.0, Tor's `configure` script fails to detect
 OpenSSL and gives me the following error:

 {{{
 configure: Now, we'll look for OpenSSL >= 1.0.1
 checking for openssl directory... configure: WARNING: Could not find a
 linkable openssl.  If you have it installed somewhere unusual, you can
 specify an explicit path using --with-openssl-dir
 configure: error: Missing libraries; unable to proceed.
 }}}

 This seems to be due to the fact that `configure` checks for OpenSSL >=
 1.0.1 with `TLSv1_1_method()`, which is deprecated in favor of
 `TLS_method()` in OpenSSL 1.1.0.
 On my configuration of OpenSSL 1.1.0, deprecated functions are not
 available by default (not without first enabling the `OPENSSL_API_COMPAT`
 compatibility #define), hence the failure.

 I'd gladly provide a patch, but I'm not sure how this would best be fixed:
 explicitly check for `TLS_method()` in case the check for
 `TLSv1_1_method()` fails? Replace this test with a test on
 `OPENSSL_VERSION_NUMBER`? Find some other function introduced in 1.0.1 and
 neither removed nor deprecated in 1.1.0?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23439 [Applications/Tor Browser]: Exempt .onion domains from mixed content warnings

[Tor Bug Tracker & Wiki]

#23439: Exempt .onion domains from mixed content warnings
-+-
 Reporter:  gk   |  Owner:  gk
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  GeorgKoppen201802,   |  Actual Points:
  TorBrowserTeam201802R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  GeorgKoppen201802, TorBrowserTeam201802 => GeorgKoppen201802,
 TorBrowserTeam201802R
 * cc: arthuredelstein (added)
 * status:  assigned => needs_review


Comment:

 `bug_23439_v2` (https://gitweb.torproject.org/user/gk/tor-
 browser.git/log/?h=bug_23439_v2) is up for review. It contains the code
 (f10bad83876aee09c716086db659ab2bbe9652af) and a test for it
 (a7d9d4cf255368eef139b1dbde7d16933bfcaa30). We might need to add other
 tests for the uplift, I'll ask the Mozilla folks about it. For us I think
 it's enough to have this one test for mixed content blocking exemption.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25347 [Core Tor/Tor]: Tor stops building circuits, and doesn't start when it has enough directory information

[Tor Bug Tracker & Wiki]

#25347: Tor stops building circuits, and doesn't start when it has enough 
directory
information
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.0.6
 Severity:  Normal   | Resolution:
 Keywords:  031-backport, 032-backport,  |  Actual Points:
  033-must, tor-guard, tor-client, tbb-  |
  usability-website, tbb-needs   |
Parent ID:  #21969   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by s7r):

 All 3 guards in the primary set were running Tor versions that do not have
 the DoS patch, so this can be eliminated.

 In regards to the 1/3 primary guard being overworked, I can't prove wrong,
 but:
 - usually this is warned in the client log "your guard X is failing a
 larger amount of circuits than usual. success counts are x/y - this could
 indicate an attack but also mean that the Tor network is overloaded ..." -
 there were no such messages in the client log;

 - why does it not heal by itself even in ~7 hours? Shouldn't it either
 move to another guard or do something, rather than keep running in an
 useless state?

 Some more interesting stuff:
 - checked all 3 guards in the primary set and they were behaving normally,
 running in consensus with good bandwidth values;

 - after starting with a new fresh state file (like starting from scratch),
 Tor selected new primary guards and connected just fine. So I turned it
 off, manually edited the state file and put back at `confirmed_idx=0` the
 same previous guard that was hanging before (with the old state file).
 Started it again, and it was working like nothing happened. Could it be a
 coincidence that for 7 hours that particular guard was overworked and
 failing circuits, and after 5 minutes when I edit the new state file it
 comes back to normal operation? Possible, non-zero chance for this to be
 true, but I wouldn't bet on it.

 teor said on irc that we might be doing something with the state file or
 the mds of the primary guards. I tend to think in the same direction.
 Right now I am trying to reproduce it so I can provide two state files:
 the good working state file and the not working one, with the same primary
 guards maybe they will help us determine what is going in.

 I think this is the same bug reported by cypherpunks on the parent ticket
 and by alec, so it might be the last annoying guard bug.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24767 [Core Tor/Tor]: All relays are constantly connecting to down relays and failing over and over

[Tor Bug Tracker & Wiki]

#24767: All relays are constantly connecting to down relays and failing over and
over
-+-
 Reporter:  arma |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, tor-dos, performance, |  Actual Points:
  review-group-32, 033-must  |
Parent ID:   | Points:
 Reviewer:  asn  |Sponsor:
-+-

Comment (by asn):

 Fixes LGTM.

 The commit at `33628d8` has various mistypes, so please address those too
 :)
 Also don't forget to merge my unittest please.

 Other than that, LGTM.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25306 [Core Tor/Tor]: tor_assertion_failed_(): Bug: ../src/or/hs_service.c:1985: rotate_all_descriptors: Assertion service->desc_current failed; aborting.

[Tor Bug Tracker & Wiki]

#25306: tor_assertion_failed_(): Bug: ../src/or/hs_service.c:1985:
rotate_all_descriptors: Assertion service->desc_current failed; aborting.
+--
 Reporter:  cypherpunks |  Owner:  dgoulet
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.3.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.3.3.2-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs crash 033-must 032-backport  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by teor):

 * status:  needs_information => new


Comment:

 As a first step, let's do what nickm suggested, and make the asserts non-
 fatal, and add extra logging.

 We might miss a few asserts that way, but at least we won't crash people's
 services.
 (Remember, some people rely on their services to log in to their machines
 and so it's hard for them to retrieve crash logs.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25306 [Core Tor/Tor]: tor_assertion_failed_(): Bug: ../src/or/hs_service.c:1985: rotate_all_descriptors: Assertion service->desc_current failed; aborting.

[Tor Bug Tracker & Wiki]

#25306: tor_assertion_failed_(): Bug: ../src/or/hs_service.c:1985:
rotate_all_descriptors: Assertion service->desc_current failed; aborting.
+--
 Reporter:  cypherpunks |  Owner:  dgoulet
 Type:  defect  | Status:
|  needs_information
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.3.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.3.3.2-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs crash 033-must 032-backport  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by asn):

 * status:  accepted => needs_information


Comment:

 I think we should figure out the precise bug here before removing asserts
 or anything that could shadow this bug. I think some log lines would
 really help out here, so perhaps we can wait till someone (or us) hit this
 bug and posts some more info here?

 I'll put it in `needs_info` for now. Feel free to adjust if you disagree.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25347 [Core Tor/Tor]: Tor stops building circuits, and doesn't start when it has enough directory information

[Tor Bug Tracker & Wiki]

#25347: Tor stops building circuits, and doesn't start when it has enough 
directory
information
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.0.6
 Severity:  Normal   | Resolution:
 Keywords:  031-backport, 032-backport,  |  Actual Points:
  033-must, tor-guard, tor-client, tbb-  |
  usability-website, tbb-needs   |
Parent ID:  #21969   | Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by asn):

 Thanks for the logs. Looking at `info_25347.zip​`, I see that after
 bootstrapping to 90% we failed about 80 circuits with:
 {{{
 circuit_mark_for_close_(): Circuit 0 (id: 8) marked for close at
 command.c:589 (orig reason: 517, new reason: 0)
 }}}

 IIUC, this means that the client received a DESTROY cell (from the guard?)
 with reason `END_CIRC_REASON_RESOURCELIMIT`. `RESOURCELIMIT` is an
 interesting reason to receive because it's the one that the DoS subsystem
 uses, but can also be caused by other kind of failures.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25352 [Applications/Tor Browser]: Consider upgrading Mixed Content for static content (by fliping security.mixed_content.upgrade_display_content)

[Tor Bug Tracker & Wiki]

#25352: Consider upgrading Mixed Content for static content (by fliping
security.mixed_content.upgrade_display_content)
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff60-esr
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Already available in the next ESR FF60
 https://bugzilla.mozilla.org/show_bug.cgi?id=1435733

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23046 [Metrics/Library]: Add sub-interface LogDescriptor.LogLine (and the extension to WebServerAccessLogLine)

[Tor Bug Tracker & Wiki]

#23046: Add sub-interface LogDescriptor.LogLine (and the extension to
WebServerAccessLogLine)
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  accepted
 Priority:  Medium   |  Milestone:  metrics-lib 2.2.0
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-2018 |  Actual Points:
Parent ID:   | Points:
 Reviewer:  karsten  |Sponsor:
-+---
Changes (by iwakeh):

 * status:  reopened => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23046 [Metrics/Library]: Add sub-interface LogDescriptor.LogLine (and the extension to WebServerAccessLogLine)

[Tor Bug Tracker & Wiki]

#23046: Add sub-interface LogDescriptor.LogLine (and the extension to
WebServerAccessLogLine)
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  reopened
 Priority:  Medium   |  Milestone:  metrics-lib 2.2.0
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-2018 |  Actual Points:
Parent ID:   | Points:
 Reviewer:  karsten  |Sponsor:
-+---
Changes (by iwakeh):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 This needs a revision: webstats log files can be large and thus, method

 {{{
 public List logLines() throws DescriptorParseException;
 }}}

 of the current LogDescriptor interface should be replaced by

 {{{
 public Stream logLines() throws DescriptorParseException;
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25351 [Internal Services/Tor Sysadmin Team]: https://www.torproject.org not work

[Tor Bug Tracker & Wiki]

#25351: https://www.torproject.org not work
-+-
 Reporter:  cypherpunks  |  Owner:  tpa
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * priority:  High => Medium
 * component:  - Select a component => Internal Services/Tor Sysadmin Team
 * status:  new => closed
 * resolution:   => invalid
 * owner:  (none) => tpa


Comment:

 We are working on it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25351 [- Select a component]: https://www.torproject.org not work

[Tor Bug Tracker & Wiki]

#25351: https://www.torproject.org not work
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 http://expyuzz4wqqyqhjn.onion/ working.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25137 [Obfuscation/Censorship analysis]: Tor blocked in UAE

[Tor Bug Tracker & Wiki]

#25137: Tor blocked in UAE
-+
 Reporter:  mwolfe   |  Owner:  dcf
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  censorship block ae  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by mwolfe):

 Looks like that was it. Snowflake is working now. I guess Snowflake has
 limited redundancy, so when you restart the bridge, I'm cut off until the
 bridge is fully operational.

 Fortunately, when Snowflake was down, Meek was up.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25351 [- Select a component]: https://www.torproject.org not work

[Tor Bug Tracker & Wiki]

#25351: https://www.torproject.org not work
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Test to see if you can access there onion site
 http://expyuzz4wqqyqhjn.onion/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25351 [- Select a component]: https://www.torproject.org not work

[Tor Bug Tracker & Wiki]

#25351: https://www.torproject.org not work
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Likely a duplicate of
 #https://trac.torproject.org/projects/tor/ticket/25349#comment:1vccvcvc

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs