Re: [tor-bugs] #25381 [Core Tor/Tor]: Add crypto_rand_double_sign() in C and Rust

[Tor Bug Tracker & Wiki]

#25381: Add crypto_rand_double_sign() in C and Rust
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, privcount, review-|  Actual Points:  1
  group-34   |
Parent ID:  #23061   | Points:  2
 Reviewer:  isis |Sponsor:
 |  SponsorQ
-+-

Comment (by teor):

 Isis also tells me to make rand a hard dependency.

 I need to:
 * commit Cargo.lock and Cargo.toml
 * cargo vendor the dependency to tor-rust-dependencies (we should have a
 script for this, maybe it's in the instructions)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.3-alpha
 Severity:  Minor| Resolution:
 Keywords:  tor-unittests review-group-35|  Actual Points:
  031-backport 032-backport  |
Parent ID:   | Points:  .5
 Reviewer:   |Sponsor:
 |  Sponsor8-can
-+-

Comment (by teor):

 I don't think we taught the script to ignore snark.

 Also, I bet there are a few more sign inversion errors hiding in our
 codebase.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25451 [- Select a component]: Tor window size leaks information

[Tor Bug Tracker & Wiki]

#25451: Tor window size leaks information
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Tor's default browser size is too small and resizing can leak information,
 because resizing to a common internal window size is difficult. The window
 size quantizing that tor browser does/used to do (I can't get it to work
 in this latest version, 7.0.7) was never very good anyway, and typically
 resulting in fairly unique fingerprints as per EFF panopticlick.

 A workaround is to somehow get the internal window size (the size of the
 content window, sans toolbars and etc), and make it a common monitor
 resolution by resizing the window to that size + the size of the toolbars,
 for example I have been using:
 {{{
 until xdotool search --name "About Tor - Tor Browser" windowsize 1920 1183
 ; do
   sleep 0.5;
 done
 }}}

 on tor browser startup which gives me an internal window size of
 1920x1080, which panopticlick says has only 2.44 bits of identifying
 information (1/5 browsers share this value, supposedly).

 However, this is fragile, and minuscule changes to font rendering settings
 that change font sizes by so much as a pixel can completely throw this off
 and result in an extremely unique browser fingerprint.

 I can think of a few ways this might be solved, some of which may work in
 combination with each other:

 * Have a setting in Tor Browser for a fixed content window size, which
 will resize the whole window to fit
 * Have some kind of prompt for the user to choose between common browser
 content window sizes (is there information anywhere on which sizes are the
 most common?)
 * Default to the largest common browser window size, and on resize snap
 the window size to other common browser content window resolutions

 Most of these involve knowing ahead of time which browser content window
 sizes are common however, which I couldn't find online.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.3-alpha
 Severity:  Minor| Resolution:
 Keywords:  tor-unittests review-group-35|  Actual Points:
  031-backport 032-backport  |
Parent ID:   | Points:  .5
 Reviewer:   |Sponsor:
 |  Sponsor8-can
-+-

Comment (by isis):

 Replying to [comment:3 isis]:
 > I've fixed up my commit so that it now ''subtracts'' 500 seconds instead
 of adding, and now [https://travis-
 ci.org/isislovecruft/tor/builds/350608392 it passes].

 Okay, this was a lie, `make check-changes` failed because [https://travis-
 ci.org/isislovecruft/tor/builds/350608392 it didn't like me insulting my
 patch], apparently. (I wrote `Fixes bug 25450 (shoddily); bugfix on
 0.3.1.3-alpha.`)

 It [https://travis-ci.org/isislovecruft/tor/builds/350612284 passes now].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.3-alpha
 Severity:  Minor| Resolution:
 Keywords:  tor-unittests review-group-35|  Actual Points:
  031-backport 032-backport  |
Parent ID:   | Points:  .5
 Reviewer:   |Sponsor:
 |  Sponsor8-can
-+-

Comment (by isis):

 Replying to [comment:2 teor]:
 > Looks trivial, and correct.
 >
 > If we still want the 0.3.1 and 0.3.2 unit tests to work reliably, we
 should backport this fix.

 Actually wait, it's incorrect. The test fails more now. (See the TravisCI
 results [https://travis-ci.org/isislovecruft/tor/jobs/350596375#L3083
 here].)

 This was because this test was testing that the IP was created, and its
 expiration time was set to a time greater than or equal to `now +
 INTRO_POINT_LIFETIME_MIN_SECONDS + 5` (original code):

 {{{
 /* Time to expire MUST also be in that range. We add 5 seconds because
  * there could be a gap between setting now and the time taken in
  * service_intro_point_new. On ARM, it can be surprisingly slow... */
 tt_u64_op(ip->time_to_expire, OP_GE,
   now + INTRO_POINT_LIFETIME_MIN_SECONDS + 5);
 }}}

 However, this appears to be a typo, since, according to the comment above
 it, adding five seconds was done because the IP creation can be slow on
 some systems.  But the five seconds is added to the ''minimum'' time we're
 comparing against, and so it actually functions to make this test ''more''
 likely to fail on slower systems.  (It should either subtract five
 seconds, or instead add it to `ip->time_to_expire`.)

 I've fixed up my commit so that it now ''subtracts'' 500 seconds instead
 of adding, and now [https://travis-
 ci.org/isislovecruft/tor/builds/350608392 it passes].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.3-alpha
 Severity:  Minor| Resolution:
 Keywords:  tor-unittests review-group-35|  Actual Points:
  031-backport 032-backport  |
Parent ID:   | Points:  .5
 Reviewer:   |Sponsor:
 |  Sponsor8-can
-+-
Changes (by teor):

 * keywords:  tor-unittests review-group-35 => tor-unittests review-group-35
 031-backport 032-backport
 * status:  needs_review => merge_ready


Comment:

 Looks trivial, and correct.

 If we still want the 0.3.1 and 0.3.2 unit tests to work reliably, we
 should backport this fix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
---+---
 Reporter:  isis   |  Owner:  isis
 Type:  defect | Status:  needs_review
 Priority:  Very High  |  Milestone:  Tor:
   |  0.3.3.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.3.1.3-alpha
 Severity:  Minor  | Resolution:
 Keywords:  tor-unittests review-group-35  |  Actual Points:
Parent ID: | Points:  .5
 Reviewer: |Sponsor:  Sponsor8-can
---+---
Changes (by isis):

 * keywords:  tor-unittests => tor-unittests review-group-35
 * status:  assigned => needs_review


Comment:

 The easy version of the fix is in my `bug25450`
 [https://gitweb.torproject.org/user/isis/tor.git/log/?h=bug25450 branch].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25450 [Core Tor/Tor]: Intermittent test failures for hs_service/service_intro_point

[Tor Bug Tracker & Wiki]

#25450: Intermittent test failures for hs_service/service_intro_point
--+
 Reporter:  isis  |  Owner:  isis
 Type:  defect| Status:  assigned
 Priority:  Very High |  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.3-alpha
 Severity:  Minor |   Keywords:  tor-unittests
Actual Points:|  Parent ID:
   Points:  .5|   Reviewer:
  Sponsor:  Sponsor8-can  |
--+
 weasel and teor both noted this. I've also experienced this test failing
 about 1 out of 30 or so times on my development laptop.

 {{{
 10:32   weasel+ | 10:28:33 hs_service/service_intro_point:
 [forking]
 10:32   weasel+ | 10:28:33   FAIL
 ../src/test/test_hs_service.c:420: assert(ip->time_to_expire OP_GE now +
 INTRO_POINT_LIFETIME_MIN_SECONDS + 5): 1520483305 vs 1520483309
 10:32   weasel+ | 10:28:33   [service_intro_point FAILED]
 10:32   weasel+ | https://jenkins.torproject.org/job/tor-
 debian-0.3.2-nightly-binaries/ARCHITECTURE=i386,SUITE=buster/179/console
 10:32   weasel+ | maybe I'm imagining or misattributing
 things, but hasn't this test ALWAYS been buggy?
 10:33teor4  | I remember it being an issue before.
 Probably one for asn or dgoulet
 }}}

 It's because there is a hardcoded `time_t` that uses the real system time
 and then later the test expects an HS intro point to have been established
 within 5 seconds of real clock time.

 I'm going to do the stupid fix of increasing it to 500 seconds. Possibly
 in the future there should be a more elaborate solution involving mocking
 the `time()` function by passing in a function pointer to its
 implementation into the functions being tested?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24732 [Core Tor/Tor]: Remove unused IPv6 DirPort code

[Tor Bug Tracker & Wiki]

#24732: Remove unused IPv6 DirPort code
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403   | Points:  1
 Reviewer:  teor |Sponsor:  SponsorV-can
-+
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Thanks! I've marked this as needing review.

 The first thing that someone will do is run:
 {{{
 make check
 make test-network-all
 }}}

 You can do them yourself if you like. Please let us know if either of them
 fails.

 You will need chutney for the second test:
 https://git.torproject.org/chutney

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24732 [Core Tor/Tor]: Remove unused IPv6 DirPort code

[Tor Bug Tracker & Wiki]

#24732: Remove unused IPv6 DirPort code
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403   | Points:  1
 Reviewer:  teor |Sponsor:  SponsorV-can
-+

Comment (by meryemz):

 I combined both modifications in :
 https://github.com/mary-em/torprojet-tor/compare/ticket-24732

 Please have a look at it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Applications/Tor Browser]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  reopened => closed
 * resolution:   => not a bug


Comment:

 Setting as `not a bug` again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25449 [Applications/Tor Browser]: Bump snowflake/go-webrtc for trac 21312

[Tor Bug Tracker & Wiki]

#25449: Bump snowflake/go-webrtc for trac 21312
--+--
 Reporter:  arlolra   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  snowflake |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arlolra):

 * Attachment "0001-Bump-snowflake-go-webrtc-for-trac-21312.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25449 [Applications/Tor Browser]: Bump snowflake/go-webrtc for trac 21312

[Tor Bug Tracker & Wiki]

#25449: Bump snowflake/go-webrtc for trac 21312
--+---
 Reporter:  arlolra   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  snowflake
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 Please see the attached.

 Incidentally, this should also fix,
 https://trac.torproject.org/projects/tor/ticket/24203#comment:11

 However, note that this now means there won't be a `snowflake.log`
 anymore, unless we provide a path to `-log` in the `torrc-defaults-
 appendix`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25448 [Metrics/Relay Search]: allow for URLs that specify list of fingerprints

[Tor Bug Tracker & Wiki]

#25448: allow for URLs that specify list of fingerprints
--+--
 Reporter:  cypherpunks   |  Owner:  metrics-team
 Type:  enhancement   | Status:  new
 Priority:  Low   |  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Minor |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 context:
 https://lists.torproject.org/pipermail/metrics-team/2018-March/000709.html

 url could look like:
 ..fp=fp1,fp2,..

 Also allow specifying the number of shown items per page.

 consider this a low prio request (nothing happens if you don't implement
 it)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25147 [Applications/Tor Browser]: Backport of fix shipped in Firefox 58.0.1?

[Tor Bug Tracker & Wiki]

#25147: Backport of fix shipped in Firefox 58.0.1?
--+--
 Reporter:  gk|  Owner:  pospeselr
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201803R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by pospeselr):

 mcs:
 - I did not go down the tree through the dependent bugs, will do that now.
 - The Browser.js (and some others) was not included since that file was
 missing in our source tree.  Didn't occur to me that they could have been
 moved or renamed, so I will go back and check this too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25447 [Core Tor/DirAuth]: remove TROVE-2018-002 affected versions from recommended version

[Tor Bug Tracker & Wiki]

#25447: remove TROVE-2018-002 affected versions from recommended version
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/DirAuth  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 arma did already remove affected versions, lets remove it on some more dir
 auths

 affected: 0.3.2.1-alpha - 0.3.2.9, 0.3.3.1-alpha

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Applications/Tor Browser]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+--
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by timur.davletshin):

 Replying to [comment:16 cypherpunks]:
 > Replying to [comment:14 cypherpunks]:
 > > Do we have an URL bar spoofing in action? (See attachment)
 > Doesn't look like it, even in the attachment as there's no lockpad icon,
 which means the url that you're seeing was manually modified (probably to
 suggest that he was trying to access https://psb4ukr.org at first).

 That is true, I modified URL bar address exactly for this purpose.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Applications/Tor Browser]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+--
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:14 cypherpunks]:
 > Do we have an URL bar spoofing in action? (See attachment)
 Doesn't look like it, even in the attachment as there's no lockpad icon,
 which means the url that you're seeing was manually modified (probably to
 suggest that he was trying to access https://psb4ukr.org at first).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15763 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Need whitelist entry for www.fark.com and total.fark.com

[Tor Bug Tracker & Wiki]

#15763: Need whitelist entry for www.fark.com and total.fark.com
-+-
 Reporter:  bit0mike |  Owner:  (none)
 Type:  defect   | Status:  reopened
 Priority:  Medium   |  Milestone:  HTTPS-E next Chrome
Component:  HTTPS Everywhere/EFF-|  release
  HTTPS Everywhere   |Version:
 Severity:  Blocker  | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by bit0mike):

 * status:  closed => reopened
 * resolution:  fixed =>
 * severity:   => Blocker


Comment:

 Digging this 3 year old ticket back up to report that enough ad networks
 are on board with SSL that we finally were able to cut everything over at
 long last.

 One new exception: we still have cases where we iframe external plaintext
 sites, so the containing page must obviously also be plaintext, and so
 we’ve created a new go.fark.net hostname dedicated to that.  That one is
 port 80 only, no 443 at all.

 Everything else under *.fark.com and *.fark.net EXCEPT for go.fark.net is
 now SSL, and sets an HSTS header to enforce it.  go.fark.net will never
 support SSL, so that needs to stay blacklisted.

 So that should, uh, drastically simplify or eliminate the
 https://github.com/EFForg/https-
 everywhere/blob/master/src/chrome/content/rules/Fark.xml ruleset, yes?
 White

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Applications/Tor Browser]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+--
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Dbryrtfbcbhgf):

 When using there onion http://psb4uklopi7ocb5l.onion I do not get the the
 FSB redirect.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Applications/Tor Browser]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+--
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  not a bug =>
 * component:  Core Tor/Tor => Applications/Tor Browser


Comment:

 Do we have an URL bar spoofing in action? (See attachment)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by dcf):

 A guess: the web server has some kind of automated anti-abuse system, and
 when it decides that it doesn't want to serve a client, it serves a 302
 redirect instead of, say, a 403 Forbidden. The choice of FSB as a
 destination could be a kind of joke?

 It cannot be a Great Firewall–like TCP injection, because the connection
 is HTTPS (even with HSTS and HPKP). It has to be the remote server sending
 the redirect.

 comment:6 suggests the server is hacked—that's plausible if, say, there
 are 10 servers behind a load balancer and one of them is hacked. But that
 wouldn't explain why, in comment:7, non-Tor connections do not get the
 redirect. It seems more likely to me that it's some kind of attack
 detection, or something like that, on the server, and that Tor exits are
 more likely to be on the wrong side of the classification.

 Here is what the redirect response looks like (it's HTTP/2, so the header
 does not literally look like that, but it has the same meaning):
 {{{
 HTTP/2 302
 server: nginx
 date: Wed, 07 Mar 2018 19:38:45 GMT
 content-type: text/html
 location: http://fsb.ru//
 strict-transport-security: max-age=31536000; includeSubdomains; preload
 public-key-pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
 x-frame-options: SAMEORIGIN
 x-xss-protection: 1; mode=block

 
 302 Found
 
 302 Found
 nginx
 
 
 }}}

 I got this with `torsocks -i curl -D header https://psb4ukr.org | tee
 body`. As in comment:2, I had to try maybe about 10 times before getting
 the redirect rather than the actual web page.

 Interestingly, when I use wget rather than curl, I get the redirect every
 time. With `torsocks -i wget -S https://psb4ukr.org`:
 {{{
 Resolving psb4ukr.org (psb4ukr.org)... 158.69.100.131
 Connecting to psb4ukr.org (psb4ukr.org)|158.69.100.131|:443... connected.
 HTTP request sent, awaiting response...
   HTTP/1.1 302 Moved Temporarily
   Server: nginx
   Date: Wed, 07 Mar 2018 19:43:19 GMT
   Content-Type: text/html
   Transfer-Encoding: chunked
   Connection: keep-alive
   Location: http://fsb.ru//
   Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
   Public-Key-Pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
   X-Frame-Options: SAMEORIGIN
   X-XSS-Protection: 1; mode=block
 Location: http://fsb.ru// [following]
 }}}

 For comparison, here is what a non-redirected header looks like (notice
 the `server` is different):
 {{{
 HTTP/2 200
 date: Wed, 07 Mar 2018 19:34:56 GMT
 content-type: text/html; charset=UTF-8
 vary: Accept-Encoding
 vary: Accept-Encoding
 age: 16805
 server: NATO HPWS/3.0
 cache-control: piblic; max-age=900
 x-cache: HIT
 strict-transport-security: max-age=31536000; includeSubdomains; preload
 public-key-pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
 x-frame-options: SAMEORIGIN
 x-xss-protection: 1; mode=block

 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25446 [Metrics/Website]: Add a legend to the comment section of per-graph CSV files

[Tor Bug Tracker & Wiki]

#25446: Add a legend to the comment section of per-graph CSV files
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 Based on a discussion in #25387:
 > For the legend descriptions we should open a new ticket as part of the
 sponsor13 work?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25387 [Metrics/Website]: Add comment section to CSV file headers

[Tor Bug Tracker & Wiki]

#25387: Add comment section to CSV file headers
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:2 iwakeh]:
 > Replying to [comment:1 karsten]:
 > > I did not yet include parameters or a legend. That will require more
 effort and might not be done this week. If the current changes look okay,
 I'll merge and deploy permanently. We could still keep this ticket open to
 do more.
 >
 > I understand that legend is some more work, but parameter would be
 simply adding 'HttpServletRequest::getQueryString()' to the Url:
 `request.getRequestURI() + "?" + request.getQueryString()`.
 > The complete URL including parameters is important for reproducing the
 csv files.

 Changed!

 > With added parameters this patch is merge ready and this ticket would be
 finished.

 Great! Merged and deployed the changed branch.

 > For the legend descriptions we should open a new ticket as part of the
 sponsor13 work?

 Yes, I'll do that. Closing this ticket. Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25147 [Applications/Tor Browser]: Backport of fix shipped in Firefox 58.0.1?

[Tor Bug Tracker & Wiki]

#25147: Backport of fix shipped in Firefox 58.0.1?
--+--
 Reporter:  gk|  Owner:  pospeselr
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201803R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:6 mcs]:
 > Replying to [comment:5 gk]:
 > > Thanks, looks good to me.
 >
 > Kathy and I also reviewed the backported patch and we think it is okay.
 We do have a couple of questions:
 > * Did we look at the "depends on" bug list from
 https://bugzilla.mozilla.org/show_bug.cgi?id=1432966? Maybe that explains
 some of the differences between the mozilla-central patch and the release
 one; for example, I just checked and the fix for
 https://bugzilla.mozilla.org/show_bug.cgi?id=1433414 is present.

 Yes, I did that during the review and I think basically all the
 differences between the m-c and the m-r patch can be explained that way.

 > * The changes to `devtools/client/responsive.html/components/Browser.js`
 are missing. Do we need them? I guess the equivalent file in ESR52 is
 browser.js (with a lowercase-B).

 Good question and nice catch! I have not checked the source but it does
 not seem to be unreasonable.

 > > I wonder whether we have some means to find out if there are instances
 of this problem that are solely on the ESR 52 branch which Mozilla did not
 deem worth enough to write a defense-in-depth for. But anyway, that should
 give us at least the protections available on -release.
 >
 > I think the only method is to look at all occurrences of `innerHTML =`,
 and that is a painful exercise. Kathy and I started that task and found
 some things that are in ESR52 but not in mozilla-central. Unfortunately,
 we had to give up after only getting part way through the huge list of
 files that need to be examined (we stopped somewhere in the d's, just
 after 'devtools'). For the record, here are the files we did find that
 contain `innerHTML =` statements that look like they should be patched:
 >  browser/base/content/newtab/sites.js
 >  browser/components/customizableui/CustomizeMode.jsm
 >  browser/components/syncedtabs/SyncedTabsDeckView.js

 I could ask one of the Moz engineers whether there is a better way. IIRC
 there is somewhere a doc where the listed all the things they checked wrt
 ESR 52.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Replying to [comment:11 timur.davletshin]:
 > But there is one thing I still don't get — why do we get this redirect
 only in Tor?
 Maybe you hit a Russian exit node?

 In any case, to guarantee end-to-end authentication to make sure you're
 talking to the right server => use their onion service.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by timur.davletshin):

 Replying to [comment:9 cypherpunks]:
 > By the way you can use the following other methods to access it without
 redirect in the Tor Browser:
 >
 > 1) Go to `https://via.hypothes.is/https://psb4ukr.org`
 >
 > 2) a) Go to Wayback machine
 `https://web.archive.org/save/https://psb4ukr.org`
 >
 > 2) b) Go to Wayback machine onion
 `http://web.archivecaslytosk.onion/save/https://psb4ukr.org`
 >
 > 3) a) Go to archive.fo
 `https://archive.fo/?run=1=https://psb4ukr.org`
 >
 > 3) b) Go to archive.fo onion
 `http://archivecaslytosk.onion/?run=1=https://psb4ukr.org`
 >
 > 4) Use web proxies like `https://hidester.net/proxy` or
 `https://www.proxysite.com` or `https://hide.me/en/proxy` or
 `https://www.youtubeunblocks.com`
 >
 > 5) Search for psb4ukr.org in `https://searx.me` and click on the Proxy
 link in the search results

 Thanks for your recommendation.

 But there is one thing I still don't get — why do we get this redirect
 only in Tor?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 They even have an onion service of their own
 `http://psb4uklopi7ocb5l.onion` ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 By the way you can use the following other methods to access it without
 redirect in the Tor Browser:

 1) Go to `https://via.hypothes.is/https://psb4ukr.org`

 2) a) Go to Wayback machine
 `https://web.archive.org/save/https://psb4ukr.org`

 2) b) Go to Wayback machine onion
 `http://web.archivecaslytosk.onion/save/https://psb4ukr.org`

 3) a) Go to archive.fo `https://archive.fo/?run=1=https://psb4ukr.org`

 3) b) Go to archive.fo onion
 `http://archivecaslytosk.onion/?run=1=https://psb4ukr.org`

 4) Use web proxies like `https://hidester.net/proxy` or
 `https://www.proxysite.com` or `https://hide.me/en/proxy` or
 `https://www.youtubeunblocks.com`

 5) Search for psb4ukr.org in `https://searx.me` and click on the Proxy
 link in the search results

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by timur.davletshin):

 * status:  new => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:6 timur.davletshin]:
 > Replying to [comment:5 Dbryrtfbcbhgf]:
 > > Replying to [comment:4 timur.davletshin]:
 > > > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > > > Replying to [comment:2 timur.davletshin]:
 > > > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > > > Odd, even when I use the sites IP 158.69.100.131 I will still
 get the error if I keep creating a new circuit to that website.
 > > > > >
 > > > > > It does work for me 9 out of 10. But when I get redirected to
 FSB I start developing paranoia.
 > > > > I live outside of Russia and I'm still getting the message so I
 don't think you should be paranoid, lets see what the Tor Devs say.
 > > >
 > > > Do you get FSB redirect too?
 > > Yes I do, It does not happen immediately bug after I create many
 Circuits and the only way to solve it is to restart tor browser as you
 said above.
 >
 > Thanks a lot! So most likely it's not Tor's problem. Looks like FSB just
 hacked site they hate so much.
 Sure, When I visit the website using my Non-Tor connection I do not get
 the FSB redirect.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:5 Dbryrtfbcbhgf]:
 > Replying to [comment:4 timur.davletshin]:
 > > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > > Replying to [comment:2 timur.davletshin]:
 > > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > > Odd, even when I use the sites IP 158.69.100.131 I will still
 get the error if I keep creating a new circuit to that website.
 > > > >
 > > > > It does work for me 9 out of 10. But when I get redirected to FSB
 I start developing paranoia.
 > > > I live outside of Russia and I'm still getting the message so I
 don't think you should be paranoid, lets see what the Tor Devs say.
 > >
 > > Do you get FSB redirect too?
 > Yes I do, It does not happen immediately bug after I create many
 Circuits and the only way to solve it is to restart tor browser as you
 said above.

 Thanks a lot! So most likely it's not Tor's problem. Looks like FSB just
 hacked site they hate so much.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:4 timur.davletshin]:
 > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > Replying to [comment:2 timur.davletshin]:
 > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > Odd, even when I use the sites IP 158.69.100.131 I will still get
 the error if I keep creating a new circuit to that website.
 > > >
 > > > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 > > I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.
 >
 > Do you get FSB redirect too?
 Yes I do, It does not happen immediately bug after I create many Circuits
 and the only way to solve it is to restart tor browser as you said above.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:3 Dbryrtfbcbhgf]:
 > Replying to [comment:2 timur.davletshin]:
 > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > Odd, even when I use the sites IP 158.69.100.131 I will still get
 the error if I keep creating a new circuit to that website.
 > >
 > > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 > I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.

 Do you get FSB redirect too?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:2 timur.davletshin]:
 > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > Odd, even when I use the sites IP 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.
 >
 > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:1 Dbryrtfbcbhgf]:
 > Odd, even when I use the sites IP 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.

 It does work for me 9 out of 10. But when I get redirected to FSB I start
 developing paranoia.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Odd, even when I use the sites ip 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by timur.davletshin):

 * Attachment "Untitled1.png" added.

 Site redirects to FSB

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

[Tor Bug Tracker & Wiki]

#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Quite disturbing thing just happened to me.

 System: Debian 9, x64, latest updates applied, Tor Browser 7.5 official
 distribution, checksum check passed.

 Description: I open one of the sites which is blocked in Russia and
 suddenly I got redirected to FSB site (Federal Security Services of the
 Russian Federation). I tried to change Tor Circuit — result is the same.
 But... If I restart Tor Browser I worked as expected — blocked site
 opened. I tried several times and roughly speaking only one of 10 is not
 working as expected — redirecting me to FSB.

 Site: https://psb4ukr.org

 I'd love to help though I don't know how to debug Tor.

 Screenshot is attached

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25196 [Metrics/Statistics]: Cut off recent dates from several CSV files

[Tor Bug Tracker & Wiki]

#25196: Cut off recent dates from several CSV files
+-
 Reporter:  karsten |  Owner:  karsten
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  iwakeh  |Sponsor:
+-
Changes (by karsten):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks for reviewing! I changed the `ORDER BY 1, 2, 3` parts in
 `tordir.sql`, squashed, and rebased to master. Let's tackle the dates in
 that new ticket. And okay, let's not cut off anything from webstats for
 now and see how that goes. Closing. Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25444 [Metrics/Library]: Add jaxb dependency explicitly for java 9

[Tor Bug Tracker & Wiki]

#25444: Add jaxb dependency explicitly for java 9
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:  #25443
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 jaxb dependency needs to be added explicitly when using java 9

 The implementation of jaxb is not part of standard java9 se anymore (it is
 part of java ee).

 This can be fixed by adding the 'jaxb-core' jar, which is available as
 part of debian package 'libjaxb-java'.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25147 [Applications/Tor Browser]: Backport of fix shipped in Firefox 58.0.1?

[Tor Bug Tracker & Wiki]

#25147: Backport of fix shipped in Firefox 58.0.1?
--+--
 Reporter:  gk|  Owner:  pospeselr
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201803R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mcs):

 Replying to [comment:5 gk]:
 > Thanks, looks good to me.

 Kathy and I also reviewed the backported patch and we think it is okay. We
 do have a couple of questions:
 * Did we look at the "depends on" bug list from
 https://bugzilla.mozilla.org/show_bug.cgi?id=1432966? Maybe that explains
 some of the differences between the mozilla-central patch and the release
 one; for example, I just checked and the fix for
 https://bugzilla.mozilla.org/show_bug.cgi?id=1433414 is present.
 * The changes to `devtools/client/responsive.html/components/Browser.js`
 are missing. Do we need them? I guess the equivalent file in ESR52 is
 browser.js (with a lowercase-B).

 > I wonder whether we have some means to find out if there are instances
 of this problem that are solely on the ESR 52 branch which Mozilla did not
 deem worth enough to write a defense-in-depth for. But anyway, that should
 give us at least the protections available on -release.

 I think the only method is to look at all occurrences of `innerHTML =`,
 and that is a painful exercise. Kathy and I started that task and found
 some things that are in ESR52 but not in mozilla-central. Unfortunately,
 we had to give up after only getting part way through the huge list of
 files that need to be examined (we stopped somewhere in the d's, just
 after 'devtools'). For the record, here are the files we did find that
 contain `innerHTML =` statements that look like they should be patched:
  browser/base/content/newtab/sites.js
  browser/components/customizableui/CustomizeMode.jsm
  browser/components/syncedtabs/SyncedTabsDeckView.js

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201803R,  |  Actual Points:
  boklm201803|
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:45 gk]:
 > Replying to [comment:44 boklm]:
 > > Replying to [comment:43 cypherpunks]:
 > > > bump mingw-w64 ;)
 > >
 > > Building firefox with `master` from mingw-w64 fails with:
 > > {{{
 > > i686-w64-mingw32-widl:
 /var/tmp/build/mingw-w64-b633824ecafd/mingw-w64-tools/widl/src/typetree.h:274:
 type_alias_get_aliasee: Assertion `type_is_alias(type)' failed.
 > > Aborted
 > > Makefile:109: recipe for target 'typelib_done' failed
 > > }}}
 It can be something recent and close to binutils 2.30 release date, not
 necessary `master`.
 > Yeah, we should not do that right now,
 What about Nightlies?
 > at least not until we found the issue why the crash is happening
 Do you mean https://sourceware.org/git/gitweb.cgi?p=binutils-
 gdb.git;a=commit;h=9d9c67b06c1bf4c4550e3de0eb575c2bfbe96df9 ?
 > (fwiw I notified Jacek about it, see the stylo bug on Mozilla's bug
 tracker as a patch from him is causing that breakage).
 Where?
 > I think picking the latest stable that works
 2.29.1 ?
 > and filing an upstream bug (making sure it is still unfixed) seems like
 a good idea to me.
 Hrm...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25443 [Metrics]: Prepare for java 9

[Tor Bug Tracker & Wiki]

#25443: Prepare for java 9
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 This serves as parent ticket for java 9 related topics.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24810 [Internal Services/Service - jenkins]: Building new web framework on jenkins - styleguide.tpo

[Tor Bug Tracker & Wiki]

#24810: Building new web framework on jenkins - styleguide.tpo
-+-
 Reporter:  hiro |  Owner:  weasel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - jenkins  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hiro):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25241 [Metrics/Onionoo]: effective_family sometimes contains the relay's own fingerprint

[Tor Bug Tracker & Wiki]

#25241: effective_family sometimes contains the relay's own fingerprint
-+--
 Reporter:  irl  |  Owner:  karsten
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  iwakeh   |Sponsor:
-+--

Comment (by iwakeh):

 Open steps:

 * decide for adding 'self' always to the effective family, because clients
 (like RS) interpret it like that (and had to work around the inconsistent
 situation so far) or against it because it would add too much to current
 documents
 * explicitly state whether the relay belongs to its effective family or
 not in the protocol (if not it should also explicitly be added that the
 'self' doesn't show up in the other two family types either)
 * make & merge the appropriate changes (everywhere)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24810 [Internal Services/Service - jenkins]: Building new web framework on jenkins - styleguide.tpo

[Tor Bug Tracker & Wiki]

#24810: Building new web framework on jenkins - styleguide.tpo
-+-
 Reporter:  hiro |  Owner:  weasel
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - jenkins  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hiro):

 * Attachment "lektor_styleguide.2.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24810 [Internal Services/Service - jenkins]: Building new web framework on jenkins - styleguide.tpo (was: Building new web framework on jenkins)

[Tor Bug Tracker & Wiki]

#24810: Building new web framework on jenkins - styleguide.tpo
-+-
 Reporter:  hiro |  Owner:  weasel
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - jenkins  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by hiro):

 Hi I have the git repositories to build the styleguide now. New patch
 attached.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25241 [Metrics/Onionoo]: effective_family sometimes contains the relay's own fingerprint

[Tor Bug Tracker & Wiki]

#25241: effective_family sometimes contains the relay's own fingerprint
-+--
 Reporter:  irl  |  Owner:  karsten
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  iwakeh   |Sponsor:
-+--

Comment (by irl):

 Currently Relay Search removes the relay. This means it has to iterate
 over 2000 (worst case) lists to remove fingerprints for the search view as
 effective family count is shown in the results table. When I added the
 code to filter the fingerprints, I added a comment to say this was
 temporary and should be removed after this ticket was resolved.

 
https://gitweb.torproject.org/atlas.git/commit/?id=409e410b5c10666c202cd56b2ff42db0c0a8f766

 The important thing to achieve in this ticket is consistency. My comment
 was not very clear, it's a different change that should be made in Relay
 Search depending on which way we choose to go making it consistent.

 If we always add the relay to its family:

 * Stop filtering the relay's own fingerprint
 * Stop adding 1 to the effective family count

 If we always remove the relay from its family:

 * Stop filtering the relay's own fingerprint
 * Continue to add 1 to the effective family count

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21222 [Webpages/Website]: Main ticket for website redesign project

[Tor Bug Tracker & Wiki]

#21222: Main ticket for website redesign project
--+--
 Reporter:  isabela   |  Owner:  isabela
 Type:  project   | Status:  assigned
 Priority:  Very High |  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team,  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by isabela:

Old description:

> = Website redesign main ticket introduction =
>
> This is a huge project the UX team is leading and it has a lot of steps
> involved on it. Our goal is for this project to be the base of something
> that can scale while we continue to iterate on it.
>
> = What problems are we trying to fix? =
> This project aims to fix many problems that goes beyond just a redesign
> thing, even though we are calling it 'website redesign'.
>
> Yes, Tor Project website is not the best thing in the world and is a big
> problem that must be fixed. And this is a problem that we can't ignore
> anymore, is hurting many initiatives we have at Tor Project.
>
> Our community is growing and this growth is part of the 'website
> problem'. A lot of information have been added to torproject.org over the
> years leading to what we have now. Is a good problem to have, but right
> now we must reorganize this information to better set ourselves to
> continue grow.
>
> Here is a list of some problems easily recognizable with the current
> site:
>
>  * Not localized
>  * Too much information at the front page
>  * Still hard to find information
>  * Hard to add new information (ends up contributing to the mess) and we
> need to add more information because we are growing :) we have a lot to
> share
>  * inconsistency with the design
>
> And we could go on but the point of this doc is not to have a full
> description of all the problems we have but just an introduction to set
> the stage for explaining what we are thinking for a solution and the
> steps of its implementation.
>
> = How we solve it? =
> Our solution right now is to create new portals to better organize
> information and also at the same time keep torproject.org simple and easy
> for first comers to find their way around into what Tor is and how to
> get/use it.
>
> So we will be building:
>
>  * torproject.org - with 'new user' as our main audience for this portal
> [of course with easy way to navigate to the other portals:
>  * dev.torproject.org - short explanation: "all things related to the
> development of free software projects of Tor Project"
>  * community.torproject.org - short explanation: "a umbrella of things
> that are power by our community, or a portal to 'help people help Tor'.
>  * support.torproject.org - user support website
>
> Are we loosing press? FAQs? Donate page? The Blog? No :) the list above
> are the main entrance to all these things and more.
>
> I invite you to read more about each of this portal and other work
> related to this initiative in the children tickets (and their children
> tickets) associated with this project. Is a big project and the
> information written here is a summary of the summary ;)
>
> = Why now? =
> Right now we are with fund and a team to carry this work. And we need to
> do this to enable many other great work at Tor to have infrastructure to
> support their project. We believe that these portals will help a lot of
> groups inside of Tor Project to better provide information about their
> work and therefore receive help to do so.
>

> =  The short version of the process we will follow for each portal  =
>
>  process for each site will be:
>
> 0. content architecture - map current content related to the portal and
> organize it
>
> 1. whiteboard draw organization of the content into pages
>
> 2. wireframe these pages
>
> 3. create design for these pages [these include design reviews till we
> are happy with what we have]
>
> 4. start organizing content for the pages (with the design already done
> we will be working with that)
>
> 5. update high definition mockups with real content
>
> 6. guerrilla user testing #1
>
> 7. start coding the pages
>
> 8. once content is finished we upload them on transifex for translation
> to start
>
> 9. Once coding is done we can start QA by language (as translations gets
> complete)
>
> 10.[we could do another user test here too before launch if we want - or
> we can run one after lunch and continue iteration]
>
> = What we will use to build it? =
> Right now we are testing Lektor for the framework to use:
> https://trac.torproject.org/projects/tor/ticket/24275
>
> We are also working on a project that will help us build the themes for
> these portals but also anyone else who would like to follow our style
> guidelines for their site.
>
> We 

Re: [tor-bugs] #25387 [Metrics/Website]: Add comment section to CSV file headers

[Tor Bug Tracker & Wiki]

#25387: Add comment section to CSV file headers
-+
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by iwakeh):

 * status:  needs_review => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25387 [Metrics/Website]: Add comment section to CSV file headers

[Tor Bug Tracker & Wiki]

#25387: Add comment section to CSV file headers
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by iwakeh):

 Replying to [comment:1 karsten]:
 > I started an implementation in [https://gitweb.torproject.org/karsten
 /metrics-web.git/log/?h=task-25387 my task-25387 branch]. It's also
 temporarily deployed right now, but not merged to master yet.
 >
 > In contrast to the suggestions above, I added the header in Java, not in
 R. I think that's going to be more flexible if we make the header more
 complex.

 Using Java for all this is surely the better solution here.

 >
 > I did not yet include parameters or a legend. That will require more
 effort and might not be done this week. If the current changes look okay,
 I'll merge and deploy permanently. We could still keep this ticket open to
 do more.

 I understand that legend is some more work, but parameter would be simply
 adding 'HttpServletRequest::getQueryString()' to the Url:
 `request.getRequestURI() + "?" + request.getQueryString()`.
 The complete URL including parameters is important for reproducing the csv
 files.

 With added parameters this patch is merge ready and this ticket would be
 finished.
 For the legend descriptions we should open a new ticket as part of the
 sponsor13 work?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25442 [Metrics/Statistics]: Use java8 datetime classes throughout o.tp.metrics.stats

[Tor Bug Tracker & Wiki]

#25442: Use java8 datetime classes throughout o.tp.metrics.stats
+--
 Reporter:  iwakeh  |  Owner:  metrics-team
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  |   Keywords:  metrics-2018
Actual Points:  |  Parent ID:  #23752
   Points:  |   Reviewer:
  Sponsor:  |
+--
 All submodules are affected.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201803R,  |  Actual Points:
  boklm201803|
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-rbm, TorBrowserTeam201803, boklm201803 => tbb-rbm,
 TorBrowserTeam201803R, boklm201803
 * status:  needs_revision => needs_review


Comment:

 In branch `bug_16472_v7` we are using binutils 2.29:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_16472_v7=0897db8e3662ec5d606e6faf27d470915feea975

 The Windows i686 and x86_64 builds from this branch are working for me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25196 [Metrics/Statistics]: Cut off recent dates from several CSV files

[Tor Bug Tracker & Wiki]

#25196: Cut off recent dates from several CSV files
+-
 Reporter:  karsten |  Owner:  karsten
 Type:  defect  | Status:  merge_ready
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  iwakeh  |Sponsor:
+-
Changes (by iwakeh):

 * status:  needs_review => merge_ready


Comment:

 According to the attached statistics all the proposed cut-off day changes
 make sense.  The code implements the necessary changes.
 As tordir.sql is touched anyway, could the `ORDER BY 1, 2, 3 ...` lines be
 changed using the column names, too?

 The date computations in java should start using LocalDate and friends,
 I'll add that to a different/new ticket.

 A cut-off for webstats seems to be unnecessary. These can be computed as
 soon as a log for a date is available (cf. reasoning in comment:10), b/c
 no more information for a date with a published log will be added in
 future logs.

 All in all, merge ready.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25196 [Metrics/Statistics]: Cut off recent dates from several CSV files

[Tor Bug Tracker & Wiki]

#25196: Cut off recent dates from several CSV files
+--
 Reporter:  karsten |  Owner:  karsten
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  iwakeh  |Sponsor:
+--

Comment (by iwakeh):

 Regarding webstats our [https://metrics.torproject.org/web-server-
 logs.html#n-discarding-non-matching-lines spec] states in section 4.1:

 In addition, log lines are treated differently according to the date
 they contain:

 During an import process the sanitizer takes all log line dates into
 account and determines the reference interval as stretching from the
 oldest date to the youngest date encountered. Depending on the reference
 interval log lines are not yet processed, if their date is on the edges of
 the reference interval, i.e., the date is not at least a day younger than
 the older endpoint or the date is only LIMIT days older than the younger
 endpoint, where LIMIT is initially set to two, but this might change if
 necessary.
 If the younger endpoint of the reference interval coincides with the
 current system date, the day before is used as the new younger reference
 interval endpoint, which ensures that the sanitizer won't publish logs
 prematurely, i.e., before there is a chance that they are complete. Thus,
 processing of log lines carrying such date is postponed.
 All log lines with dates for which the sanitizer already published a
 log file are discarded in order to avoid altering published logs.

 This means that logs are published (earliest) two days before today; two
 days before current system day.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25408 [Applications/Tor Browser]: latin-1 supplement characters in filename results in zero-sized downloaded files

[Tor Bug Tracker & Wiki]

#25408: latin-1 supplement characters in filename results in zero-sized 
downloaded
files
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Could you find out which Tor Browser version first introduces the bug for
 you (including the alpha releases)? We have older versions in our archive:
 https://archive.torproject.org/tor-package-archive/torbrowser/.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21003 [Core Tor/Tor]: extend_info_describe should list IPv6 address (if present)

[Tor Bug Tracker & Wiki]

#21003: extend_info_describe should list IPv6 address (if present)
-+--
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy intro ipv6 logging  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+--

Comment (by teor):

 Replying to [comment:10 valentecaio]:
 > Do you think it would be better to be able to show both addresses?
 >
 > By now, the buffer used has space for this output format:
 > {{{
 > "$~xxx at
 > [::::::255.255.255.255]"
 > }}}

 This legacy format prints the last 4 bytes of the IPv6 address like an
 IPv4 address, it is never used in Tor.

 > But I think the functions only return strings in one of the following
 formats (please confirm this if you can):
 > {{{
 > "$~xxx at
 :::::"
 > or
 > "$~xxx at
 255.255.255.255"
 > }}}

 An IPv6 address has 128 bits, yours is 32 bits short.
 We are tripping to always print IPv6 addresses between brackets.

 > We could add a separator and show both addresses, something like
 (increasing the buffer size by 2):
 > {{{
 > "$~xxx at
 > [::::: | 255.255.255.255]"
 > }}}

 The IPv6 address should be last, and in brackets.
 The IPv4 address should not be in brackets.
 I suggest using "or", to match "at".

 > And we could let the caller decide what address it want as output (only
 IPv4, only IPv6 or both), letting "only IPv4" as default.

 We should always print all the addresses that are present.

 > What do you think about this?

 Let's make it happen

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25437 [Applications/Tor Browser]: Tor browser coonecting stops while it's connecting please help!

[Tor Bug Tracker & Wiki]

#25437: Tor browser coonecting stops while it's connecting please help!
--+
 Reporter:  amirmax   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by gk):

 * status:  needs_information => closed
 * resolution:   => worksforme


Comment:

 Glad things are working again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201803,   |  Actual Points:
  boklm201803|
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:44 boklm]:
 > Replying to [comment:43 cypherpunks]:
 > > bump mingw-w64 ;)
 >
 > Building firefox with `master` from mingw-w64 fails with:
 > {{{
 > i686-w64-mingw32-widl:
 /var/tmp/build/mingw-w64-b633824ecafd/mingw-w64-tools/widl/src/typetree.h:274:
 type_alias_get_aliasee: Assertion `type_is_alias(type)' failed.
 > Aborted
 > Makefile:109: recipe for target 'typelib_done' failed
 > }}}

 Yeah, we should not do that right now, at least not until we found the
 issue why the crash is happening (fwiw I notified Jacek about it, see the
 stylo bug on Mozilla's bug tracker as a patch from him is causing that
 breakage). I think picking the latest stable that works and filing an
 upstream bug (making sure it is still unfixed) seems like a good idea to
 me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24732 [Core Tor/Tor]: Remove unused IPv6 DirPort code

[Tor Bug Tracker & Wiki]

#24732: Remove unused IPv6 DirPort code
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403   | Points:  1
 Reviewer:  teor |Sponsor:  SponsorV-can
-+
Changes (by teor):

 * status:  new => needs_revision


Comment:

 Someone needs to combine both commits in this ticket, and check that they
 work together.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24732 [Core Tor/Tor]: Remove unused IPv6 DirPort code

[Tor Bug Tracker & Wiki]

#24732: Remove unused IPv6 DirPort code
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403   | Points:  1
 Reviewer:  teor |Sponsor:  SponsorV-can
-+

Comment (by meryemz):

 Yes I did, I don't think there will be any conflicts since the function I
 removed is not related to those you removed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25241 [Metrics/Onionoo]: effective_family sometimes contains the relay's own fingerprint

[Tor Bug Tracker & Wiki]

#25241: effective_family sometimes contains the relay's own fingerprint
-+--
 Reporter:  irl  |  Owner:  karsten
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  iwakeh   |Sponsor:
-+--

Comment (by karsten):

 Replying to [comment:11 irl]:
 > If we do include a relay in its own effective family, Relay Search will
 need to be updated to not perform that step as it currently does.

 Not sure I understand. The spec seems vague right now, so how about Relay
 Search just either adds or removes a relay's own fingerprint to ensure
 it's contained or not contained, whichever state it is that Relay Search
 expects? That is, what prevents us from updating Relay Search now and
 making the Onionoo change at a later time?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16372 [Core Tor/Tor]: tor uses getaddrinfo even if DisableNetwork is set

[Tor Bug Tracker & Wiki]

#16372: tor uses getaddrinfo even if DisableNetwork is set
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  merge_ready
 Priority:  Low   |  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-relay documentation easy  |  Actual Points:
Parent ID:  #16366| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  needs_revision => merge_ready
 * version:  Tor: unspecified =>
 * milestone:  Tor: 0.3.3.x-final => Tor: 0.3.4.x-final


Comment:

 Thanks, we'll squash and merge both patches attached to this ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15019 [Core Tor/Tor]: Most FooStatistics entries in the man page don't mention ExtraInfo descriptors

[Tor Bug Tracker & Wiki]

#15019: Most FooStatistics entries in the man page don't mention ExtraInfo
descriptors
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, doc, easy, review-|  Actual Points:
  group-32   |
Parent ID:   | Points:  .2
 Reviewer:  teor |Sponsor:
-+-
Changes (by teor):

 * status:  needs_revision => merge_ready


Comment:

 Looks good to me, let's merge it in 0.3.4, 0.3.3 if you'd like.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25112 [Applications/Tor Browser]: Tor Browser 7.5 is not working on Windows Vista 64bit

[Tor Bug Tracker & Wiki]

#25112: Tor Browser 7.5 is not working on Windows Vista 64bit
-+-
 Reporter:  gk   |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff60-esr-will-have,  |  Actual Points:
  TorBrowserTeam201803R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Looks good to me and testing the resulting binaries on Windows 8 still
 works as expected.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25383 [Metrics/Website]: Deprecate stats.html and stats/*.csv files

[Tor Bug Tracker & Wiki]

#25383: Deprecate stats.html and stats/*.csv files
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Thanks for the input! I'm still not sure what's the best thing to do here.
 But we're not going to decide anything before the Tor meeting in Rome. And
 when we change something, that will be after discussing it more here
 first.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25437 [Applications/Tor Browser]: Tor browser coonecting stops while it's connecting please help!

[Tor Bug Tracker & Wiki]

#25437: Tor browser coonecting stops while it's connecting please help!
--+---
 Reporter:  amirmax   |  Owner:  (none)
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by amirmax):

 Thanks for your response actually I followed the instruction here at
 :https://www.torproject.org/docs/bridges#UsingBridges  and the issue
 solved.I appreciate for your response.

 Cheers~

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16372 [Core Tor/Tor]: tor uses getaddrinfo even if DisableNetwork is set

[Tor Bug Tracker & Wiki]

#16372: tor uses getaddrinfo even if DisableNetwork is set
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  needs_revision
 Priority:  Low   |  Milestone:  Tor:
  |  0.3.3.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  unspecified
 Severity:  Normal| Resolution:
 Keywords:  tor-relay documentation easy  |  Actual Points:
Parent ID:  #16366| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by aruna1234):

 * Attachment "0002-DisabledNetwork-corrected-to-DisableNetwork.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15019 [Core Tor/Tor]: Most FooStatistics entries in the man page don't mention ExtraInfo descriptors

[Tor Bug Tracker & Wiki]

#15019: Most FooStatistics entries in the man page don't mention ExtraInfo
descriptors
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, doc, easy, review-|  Actual Points:
  group-32   |
Parent ID:   | Points:  .2
 Reviewer:  teor |Sponsor:
-+-
Changes (by aruna1234):

 * Attachment "0005-Revised-patch-with-78-characters-per-line.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201803,   |  Actual Points:
  boklm201803|
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:43 cypherpunks]:
 > bump mingw-w64 ;)

 Building firefox with `master` from mingw-w64 fails with:
 {{{
 i686-w64-mingw32-widl:
 /var/tmp/build/mingw-w64-b633824ecafd/mingw-w64-tools/widl/src/typetree.h:274:
 type_alias_get_aliasee: Assertion `type_is_alias(type)' failed.
 Aborted
 Makefile:109: recipe for target 'typelib_done' failed
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24309 [Applications/Tor Browser]: Activity 4.1: Improve how circuits are displayed to the user

[Tor Bug Tracker & Wiki]

#24309: Activity 4.1: Improve how circuits are displayed to the user
---+--
 Reporter:  isabela|  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201803  |  Actual Points:
Parent ID: | Points:
 Reviewer:  antonela   |Sponsor:
---+--

Comment (by cypherpunks):

 Modest and incomplete prototype for the idea in comment:23 :

 [[Image(https://i.stack.imgur.com/m6jOf.png)]]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25000 [Applications/Tor Browser]: TorBrowser's modifications to NoScript's mandatory whitelist break some webextensions when permissions are cascaded

[Tor Bug Tracker & Wiki]

#25000: TorBrowser's modifications to NoScript's mandatory whitelist break some
webextensions when permissions are cascaded
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201802R, tbb-  |  Actual Points:
  backported |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201802R, tbb-backport => TorBrowserTeam201802R,
 tbb-backported


Comment:

 With commit 7d97e9c21177836dd731b0249e7b091e7e99d2a9 on `maint-7.5` in
 `tor-browser-build` we'll include this bug fix in 7.5.1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25356 [Applications/Tor Browser]: Upgrade obfs4proxy to v0.0.7 in Tor Browser

[Tor Bug Tracker & Wiki]

#25356: Upgrade obfs4proxy to v0.0.7 in Tor Browser
--+--
 Reporter:  mig5  |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  tbb-backport =>


Comment:

 We'll include it in 7.5.1 with commit
 3eb067f6ba61e4a1069f5816c0821b26b627dfc8 on `tor-browser-build`s
 `maint-7.5`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25124 [Core Tor/Stem]: Stem v3 Onion Service support

[Tor Bug Tracker & Wiki]

#25124: Stem v3 Onion Service support
---+---
 Reporter:  Dbryrtfbcbhgf  |  Owner:  atagar
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by teor):

 Replying to [comment:11 maqp]:
 > …
 > >The key blinding protects the onion address from HSDirs
 >
 > Thanks. I'll have to look into the offline keys in more detail. For now,
 does Stem handle blinding by default if I pass the `ED25519-V3: KeyBlob`
 master private key to `create_ephemeral_hidden_service`, meaning I can't
 accidentally make address visible to HSDir?

 Tor does the blinding, and Stem can't turn it off.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25089 [Applications/Tor Launcher]: Tor bundle: Special characters not escaped in proxy password

[Tor Bug Tracker & Wiki]

#25089: Tor bundle: Special characters not escaped in proxy password
-+-
 Reporter:  ro0ter   |  Owner:  brade
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Launcher|Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  TorBrowserTeam201802R, tbb-  |  Actual Points:
  backported |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201802R, tbb-backport => TorBrowserTeam201802R,
 tbb-backported


Comment:

 That's commit fa8590a497b492f6da62bbf7009735a17e17ec21 on `maint-0.2.14.4`
 and will be available in 7.5.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25124 [Core Tor/Stem]: Stem v3 Onion Service support

[Tor Bug Tracker & Wiki]

#25124: Stem v3 Onion Service support
---+---
 Reporter:  Dbryrtfbcbhgf  |  Owner:  atagar
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by maqp):

 > We haven't decided yet. When we do, we'll open a ticket and update this
 ticket.

 I just learned this might be discussed in the Rome meeting. If the
 conclusion is "it's all the same", I hope you make it possible to update
 descriptor based on downloaded one (i.e. not forcing use of state file).
 It matters in TFC as possibly amnesic Networker is unable to deliver
 descriptor back to Source (persistent key storage) at the end of session.

 >The key blinding protects the onion address from HSDirs

 Thanks. I'll have to look into the offline keys in more detail. For now,
 does Stem handle blinding by default if I pass the `ED25519-V3: KeyBlob`
 master private key to `create_ephemeral_hidden_service`, meaning I can't
 accidentally make address visible to HSDir?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24159 [Applications/Tor Browser]: The Torbutton version check does not deal properly with platform specific checks

[Tor Bug Tracker & Wiki]

#24159: The Torbutton version check does not deal properly with platform 
specific
checks
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  tbb-torbutton,   |  Actual Points:
  TorBrowserTeam201801R, tbb-backported  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-torbutton, TorBrowserTeam201801R, tbb-backport => tbb-
 torbutton, TorBrowserTeam201801R, tbb-backported


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24159 [Applications/Tor Browser]: The Torbutton version check does not deal properly with platform specific checks

[Tor Bug Tracker & Wiki]

#24159: The Torbutton version check does not deal properly with platform 
specific
checks
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  tbb-torbutton,   |  Actual Points:
  TorBrowserTeam201801R, tbb-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:7 gk]:
 > Looks good to me. Merged to `master` with commit
 f8604998e58fdece9c191661121ada6a3b911499 and marking for this ticket for a
 possible backport.

 This is commit f8604998e58fdece9c191661121ada6a3b911499 on `maint-1.9.8`
 as well and will be available in 7.5.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25016 [Applications/Tor Browser]: Remove 2017 in-browser donation banner

[Tor Bug Tracker & Wiki]

#25016: Remove 2017 in-browser donation banner
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201801R, tbb-  |  Actual Points:
  backported |
Parent ID:  #23482   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201801R => TorBrowserTeam201801R, tbb-backported


Comment:

 Replying to [comment:3 gk]:
 > Thanks, looks good to me. No need for a patch for `maint-1.9.7` as we
 are using 1.9.8.X for the 7.5 series (there is no `maint-1.9.8` branch
 yet). Thus, I just merged your changes to `master` (commit
 f96a293d146d3dc54f8ecfaa1d3dfc669bf4198d).

 That's on `maint-1.9.8` now, too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25000 [Applications/Tor Browser]: TorBrowser's modifications to NoScript's mandatory whitelist break some webextensions when permissions are cascaded

[Tor Bug Tracker & Wiki]

#25000: TorBrowser's modifications to NoScript's mandatory whitelist break some
webextensions when permissions are cascaded
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201802R, tbb-backport  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201802R => TorBrowserTeam201802R, tbb-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22614 [Applications/Tor Browser]: Make e10s/non-e10s Tor Browsers indistinguishable

[Tor Bug Tracker & Wiki]

#22614: Make e10s/non-e10s Tor Browsers indistinguishable
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff52-esr, tbb-fingerprinting,|  Actual Points:
  TorBrowserTeam201802R, tbb-no-uplift, ff60 |
  -esr-will-have, tbb-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:
 ff52-esr, tbb-fingerprinting, TorBrowserTeam201802R, tbb-no-uplift,
 ff60-esr-obsolete
 =>
 ff52-esr, tbb-fingerprinting, TorBrowserTeam201802R, tbb-no-uplift,
 ff60-esr-will-have, tbb-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25422 [Applications/rbm]: Give more details in "Cannot checkout" errors

[Tor Bug Tracker & Wiki]

#25422: Give more details in "Cannot checkout" errors
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/rbm |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, boklm201803,|  Actual Points:
  TorBrowserTeam201803R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 This is commit 2d967ad67088cacbab8e91686bf3d8b7c2aae50c on `maint-7.5`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25435 [Applications/rbm]: keyring/binutils.gpg modified by `make alpha`

[Tor Bug Tracker & Wiki]

#25435: keyring/binutils.gpg modified by `make alpha`
-+-
 Reporter:  dcf  |  Owner:  boklm
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/rbm |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, boklm201803,|  Actual Points:
  TorBrowserTeam201803R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 This is commit 10b6ffd8b1168797a24934ae28944faf60d327c9 on `maint-7.5`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21003 [Core Tor/Tor]: extend_info_describe should list IPv6 address (if present)

[Tor Bug Tracker & Wiki]

#21003: extend_info_describe should list IPv6 address (if present)
-+--
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy intro ipv6 logging  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+--

Comment (by valentecaio):

 Do you think it would be better to be able to show both addresses?

 By now, the buffer used has space for this output format:
 {{{
 "$~xxx at
 [::::::255.255.255.255]"
 }}}

 But I think the functions only return strings in one of the following
 formats (please confirm this if you know):
 {{{
 "$~xxx at
 :::::"
 or
 "$~xxx at
 255.255.255.255"
 }}}

 We could add a separator and show both addresses, something like
 (increasing the buffer size by 2):
 {{{
 "$~xxx at
 [::::: | 255.255.255.255]"
 }}}

 And we could let the caller decide what address it want as output (only
 IPv4, only IPv6 or both), letting "only IPv4" as default.

 What do you think about this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25147 [Applications/Tor Browser]: Backport of fix shipped in Firefox 58.0.1?

[Tor Bug Tracker & Wiki]

#25147: Backport of fix shipped in Firefox 58.0.1?
--+--
 Reporter:  gk|  Owner:  pospeselr
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201803R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Thanks, looks good to me. I wonder whether we have some means to find out
 if there are instances of this problem that are solely on the ESR 52
 branch which Mozilla did not deem worth enough to write a defense-in-depth
 for. But anyway, that should give us at least the protections available on
 -release.

 (And lucky me pointing to the patch on the release branch, the thing that
 landed oridinally on `mozilla-central` is slightly different and not
 complete, which is easily to overlook).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16472 [Applications/Tor Browser]: Upgrade Binutils to 2.25+ for Tor Browser builds

[Tor Bug Tracker & Wiki]

#16472: Upgrade Binutils to 2.25+ for Tor Browser builds
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201803,   |  Actual Points:
  boklm201803|
Parent ID:  #12968   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:40 gk]:
 > I made test builds with your patch but both the 32bit and the 64bit
 bundles are crashing for me right on start. In the debugger I see tons of
 messages like
 > {{{
 > warning: 0f64:0944 @ 01846240 - LdrpSnapThunk - WARNING: Hint index
 0x119 for pr
 > ocedure "NtEnumerateKey" in DLL "ntdll.dll" is invalid
 >
 > warning: 0f64:0944 @ 01846256 - LdrpSnapThunk - WARNING: Hint index
 0x3bb for pr
 > ocedure "RtlIntegerToUnicodeString" in DLL "ntdll.dll" is invalid
 >
 > warning: 0f64:0944 @ 01846287 - LdrpSnapThunk - WARNING: Hint index
 0x26e for pr
 > ocedure "RtlAppendUnicodeStringToString" in DLL "ntdll.dll" is invalid
 >
 > warning: 0f64:0944 @ 01846303 - LdrpSnapThunk - WARNING: Hint index
 0x4a7 for pr
 > ocedure "RtlStringFromGUID" in DLL "ntdll.dll" is invalid
 > }}}.
 bump mingw-w64 ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25342 [Internal Services/Tor Sysadmin Team]: Please sync recent Apache web server logs from torproject.org hosts to colchicifolium

[Tor Bug Tracker & Wiki]

#25342: Please sync recent Apache web server logs from torproject.org hosts to
colchicifolium
-+
 Reporter:  karsten  |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by karsten):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 We talked more about this on IRC yesterday. Everything's set up now.
 Thanks! Closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24840 [Core Tor/Tor]: Hidden service xxx exceeded launch limit with 10 intro points in the last 35 seconds. Intro circuit launches are limited to 10 per 300 seconds

[Tor Bug Tracker & Wiki]

#24840: Hidden service xxx exceeded launch limit with 10 intro points in the 
last
35 seconds. Intro circuit launches are limited to 10 per 300 seconds
--+
 Reporter:  sx5486510 |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.2.6-alpha
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 These messages should disappear when your guard upgrades to a recent
 version of Tor:
 https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-
 dos-prevention-03210-03110-02915

 If they don't, then your client is adding too much load to the network,
 and you need to stop making so many connections.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24732 [Core Tor/Tor]: Remove unused IPv6 DirPort code

[Tor Bug Tracker & Wiki]

#24732: Remove unused IPv6 DirPort code
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403   | Points:  1
 Reviewer:  teor |Sponsor:  SponsorV-can
-+
Changes (by teor):

 * reviewer:   => teor


Comment:

 Since the original code is mine, I guess I should review this.

 But I wonder if you looked at commit 36ba50c820 of my bug23975_tree branch
 on https://github.com/teor2345/tor.git ?
 Because it removes a lot of the other functions, so there may be
 conflicts,

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24840 [Core Tor/Tor]: Hidden service xxx exceeded launch limit with 10 intro points in the last 35 seconds. Intro circuit launches are limited to 10 per 300 seconds

[Tor Bug Tracker & Wiki]

#24840: Hidden service xxx exceeded launch limit with 10 intro points in the 
last
35 seconds. Intro circuit launches are limited to 10 per 300 seconds
--+
 Reporter:  sx5486510 |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.2.6-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by sx5486510):

 What is the cause of this problem?Replying to [comment:4 teor]:
 > These feature and bugfix tickets have no patches. The earliest they will
 get done is 0.3.4.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24840 [Core Tor/Tor]: Hidden service xxx exceeded launch limit with 10 intro points in the last 35 seconds. Intro circuit launches are limited to 10 per 300 seconds

[Tor Bug Tracker & Wiki]

#24840: Hidden service xxx exceeded launch limit with 10 intro points in the 
last
35 seconds. Intro circuit launches are limited to 10 per 300 seconds
--+
 Reporter:  sx5486510 |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.2.6-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by sx5486510):

 Is there a solution?Replying to [comment:4 teor]:
 > These feature and bugfix tickets have no patches. The earliest they will
 get done is 0.3.4.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21003 [Core Tor/Tor]: extend_info_describe should list IPv6 address (if present)

[Tor Bug Tracker & Wiki]

#21003: extend_info_describe should list IPv6 address (if present)
-+--
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy intro ipv6 logging  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+--

Comment (by teor):

 Ok, then they should all be modified so they can use IPv6.
 In particular, each of the first 3 functions takes a struct with an IPv4
 and IPv6 address, and so it should report both, if they are present.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24805 [Core Tor/Fallback Scripts]: Update fallback whitelist and blacklist

[Tor Bug Tracker & Wiki]

#24805: Update fallback whitelist and blacklist
---+---
 Reporter:  teor   |  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.4.x-final
Component:  Core Tor/Fallback Scripts  |Version:
 Severity:  Normal | Resolution:
 Keywords:  fallback   |  Actual Points:
Parent ID:  #24786 | Points:  2
 Reviewer: |Sponsor:
---+---

Comment (by teor):

 Removal for 328E54981C6DDD7D89B89E418724A4A7881E3192 , see #25436

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25436 [Core Tor/Fallback Scripts]: Remove from fallback.whitelist, add to fallback.blacklist 328E54981C6DDD7D89B89E418724A4A7881E3192

[Tor Bug Tracker & Wiki]

#25436: Remove from fallback.whitelist, add to fallback.blacklist
328E54981C6DDD7D89B89E418724A4A7881E3192
---+---
 Reporter:  sjcjonker  |  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.4.x-final
Component:  Core Tor/Fallback Scripts  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #24805 | Points:
 Reviewer: |Sponsor:
---+---

Comment (by teor):

 We'll remove it when we next update the list. We usually update the list
 every 6-12 months.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25436 [Core Tor/Fallback Scripts]: Remove from fallback.whitelist, add to fallback.blacklist 328E54981C6DDD7D89B89E418724A4A7881E3192

[Tor Bug Tracker & Wiki]

#25436: Remove from fallback.whitelist, add to fallback.blacklist
328E54981C6DDD7D89B89E418724A4A7881E3192
---+---
 Reporter:  sjcjonker  |  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.4.x-final
Component:  Core Tor/Fallback Scripts  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #24805 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by teor):

 * version:  Tor: unspecified =>
 * parent:   => #24805
 * milestone:   => Tor: 0.3.4.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25196 [Metrics/Statistics]: Cut off recent dates from several CSV files (was: Cut off recent dates from hidserv.csv)

[Tor Bug Tracker & Wiki]

#25196: Cut off recent dates from several CSV files
+--
 Reporter:  karsten |  Owner:  karsten
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  iwakeh  |Sponsor:
+--
Changes (by karsten):

 * status:  needs_revision => needs_review


Comment:

 I set up a local metrics-web instance and modified it to run once per hour
 and not cut off any dates at all. I'm
 [https://trac.torproject.org/projects/tor/attachment/ticket/25196/cut-off-
 recent-dates-2018-03-06.pdf attaching a PDF file] showing how statistics
 for given dates (colors) change (y axis) over the UTC day of March 6 (x
 axis). If a colored line changes much over the day, we cannot reasonable
 include it yet and need to cut off that date. There's a trade-off of
 holding back a statistic that is still changing too much vs. delaying a
 statistic more than necessary and not being able to act on the data.

 Here's what I think we should do for all current statistics files:
  - `servers.csv`: We currently cut off 2 days (today = 2018-03-06 and the
 day before = 2018-03-05), but it would be sufficient to cut off just 1 day
 (today). The reason is that this file is based on consensuses and
 referenced server descriptors, all of which are typically available at the
 end of a day.
  - `ipv6servers.csv`: Same as `servers.csv`, except that we don't cut off
 anything yet, though I think we should, following the same rationale as
 above.
  - `advbwdist.csv`: Same as `servers.csv`, except that we already cut off
 just 1 day, so there's no need to change anything here.
  - `bandwidth.csv`: This file is based on statistics reported in extra-
 info descriptors, and those might take more time to come in. We're also
 not doing any estimates on the numbers we go so far, but we're simply
 adding up what we have. So, if 5% of statistics are still missing, those
 missing statistics will still change the end result by 5%. I suggest to
 wait 3 days. We currently cut off 4, but I think 3 should be sufficient.
 The better (long-term) solution would be to compensate missing data by
 extrapolating what we have, but we're not there yet.
  - `connbidirect2.csv`: Same as for `bandwidth.csv`, except that we're
 providing averages where missing descriptors don't affect the result as
 much. Cutting of 2 days will be fine (today and yesterday).
  - `clients.csv` and `userstats-combined.csv`: Same as for
 `connbidirect2.csv`, except that we're being smarter about estimating
 numbers from given reports. Cutting of 2 days will be enough (today and
 yesterday).
  - `hidserv.csv`: Same as `clients.csv` et al., except we're being quite
 smart about extrapolating reported statistics, so that we might even cut
 off just 1 day. But let's do 2 days as before to be on the safe side.
  - `torperf-1.1.csv`: OnionPerf only provides completed days, so it
 depends on when we get those files and whether we get all of them at once.
 I'm less certain here, but I think we're doing okay by cutting off 2 days.
  - `webstats.csv`: I don't have good data, because webstats.tp.o was down
 for a couple days now. This might also change after switching to
 CollecTor's webstats module. I'd say we don't touch this now and revisit
 it after switching to CollecTor.

 Please review [https://gitweb.torproject.org/karsten/metrics-
 web.git/commit/?h=task-25196=450d9f1edd880a7d6d46014af6bcc0e211630af7
 commit 450d9f1 in my updated task-25196 branch]. If possible, I'd like to
 make changes tomorrow (Thursday).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25196 [Metrics/Statistics]: Cut off recent dates from hidserv.csv

[Tor Bug Tracker & Wiki]

#25196: Cut off recent dates from hidserv.csv
+
 Reporter:  karsten |  Owner:  karsten
 Type:  defect  | Status:  needs_revision
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  iwakeh  |Sponsor:
+
Changes (by karsten):

 * Attachment "cut-off-recent-dates-2018-03-06.pdf" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs