Re: [tor-bugs] #23631 [Applications/Tor Browser]: Improve sudo need

2019-04-01 Thread Tor Bug Tracker & Wiki
#23631: Improve sudo need
--+--
 Reporter:  tom   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * priority:  Low => Medium


Comment:

 It seems F-Droid does not like the `sudo` requirement either, see:
 https://gitlab.com/fdroid/fdroiddata/merge_requests/4676.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27539 [Applications/Tor Browser]: Create plan for releasing on F-Droid

2019-04-01 Thread Tor Bug Tracker & Wiki
#27539: Create plan for releasing on F-Droid
-+-
 Reporter:  sysrqb   |  Owner:  sysrqb
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, TorBrowserTeam201903,|  Actual Points:
  tbb-8.5-must-alpha |
Parent ID:  #26318   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-

Comment (by gk):

 Replying to [comment:27 sysrqb]:
 > And now there is a merge request, too:
 https://gitlab.com/fdroid/fdroiddata/merge_requests/4676

 Looking over the comments I thought I could at least elaborate on the
 `sudo` requirement and do so here in the ticket as it does not only affect
 the "official" F-Droid setup but would affect any else, too (e.g. our
 own). The short story is: we have that requirement right now as we don't
 have fixes for #23631. boklm has written a bit about that issue in
 comment:2:ticket:23631 and I have still some hope in rootless containers
 but that's about it at the moment.

 The slightly longer answer is: the error is coming from `rbm`
 {{{
 if (project_config($project, "remote_exec", $options)) {
 my $cmd = project_config($project, "remote_start", {
 %$options,
 remote_srcdir => $srcdir,
 });
 if ($cmd) {
 my ($stdout, $stderr, $success, $exit_code)
 = run_script($project, $cmd, \&capture_exec);
 if (!$success) {
 $error = "Error starting remote:\n$stdout\n$stderr";
 goto EXIT;
 }
 }}}
 and if you look at `rbm.conf` in `tor-browser-build` you see the `runc`
 section with the `remote_start`, `remote_exec` etc. scripts which in part
 require `sudo` to make the container ready for being used for building (no
 network access, etc.).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23790 [Core Tor/Tor]: rend_service_prune_list_impl_() doesn't copy over desc_is_dirty when copying intro points

2019-04-01 Thread Tor Bug Tracker & Wiki
#23790: rend_service_prune_list_impl_() doesn't copy over desc_is_dirty when
copying intro points
-+-
 Reporter:  jl   |  Owner:  dgoulet
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.2.9.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.7
 Severity:  Normal   | Resolution:
 Keywords:  029-backport, 031-unreached- |  Actual Points:  0.1
  backport   |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  Sponsor27-can
-+-
Changes (by teor):

 * points:   => 0.1
 * sponsor:   => Sponsor27-can
 * actualpoints:   => 0.1


Comment:

 I reviewed the 0.2.9 pull request:
 https://github.com/torproject/tor/pull/772

 The new copy_service_on_prunning() function is the same as the 0.3.2
 commit, but the call site is different:
 
https://gitweb.torproject.org/user/dgoulet/tor.git/commit/?id=9592797cf3291fceb7715164e519e02a744c2a25

 Once we get another review, I can backport this change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27609 [Applications/Tor Browser]: TBA: Evaluate Tor Onion Proxy Library

2019-04-01 Thread Tor Bug Tracker & Wiki
#27609: TBA: Evaluate Tor Onion Proxy Library
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, TBA-a3,  |  Actual Points:
  TorBrowserTeam201903, tbb-8.5-must-alpha   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-

Comment (by cypherpunks):

 https://developer.android.com/topic/performance/reduce-apk-size#extract-
 false

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29121 [Core Tor/Tor]: tor man page doesn't mention isolating between socksports

2019-04-01 Thread Tor Bug Tracker & Wiki
#29121: tor man page doesn't mention isolating between socksports
--+
 Reporter:  arma  |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  doc   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * keywords:   => doc
 * milestone:  Tor: unspecified => Tor: 0.4.1.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28634 [Core Tor/Tor]: Design a useful padding machine that we can enable

2019-04-01 Thread Tor Bug Tracker & Wiki
#28634: Design a useful padding machine that we can enable
-+-
 Reporter:  asn  |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  wtf-pad, tor-relay, tor-cell,|  Actual Points:
  padding, 041-proposed  |
Parent ID:  #28632   | Points:  8
 Reviewer:  mikeperry|Sponsor:
 |  Sponsor2
-+-
Changes (by teor):

 * reviewer:   => mikeperry


Comment:

 Mike is the only possible reviewer for this draft.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29926 [Core Tor/Tor]: shellcheck: asciidoc-helper.sh issues

2019-04-01 Thread Tor Bug Tracker & Wiki
#29926: shellcheck: asciidoc-helper.sh issues
--+
 Reporter:  rl1987|  Owner:  rl1987
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * milestone:   => Tor: 0.4.1.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #28634, #29357, #29527, #23790, ...

2019-04-01 Thread Tor Bug Tracker & Wiki
Batch modification to #28634, #29357, #29527, #23790, #29121, #29612, #29640, 
#29702, #29926 by teor:
reviewer to 

Comment:
Remove Mike as reviewer, because he's overloaded.
We'll work out what to do with these tickets in the weekly meeting.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #28223, #29034, #29500

2019-04-01 Thread Tor Bug Tracker & Wiki
Batch modification to #28223, #29034, #29500 by teor:


Action: reassign

Comment:
Un-assigning 040-must bugs from Mike, because he's overloaded.
We'll work out what to do with these tickets at the meeting.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29967 [Core Tor/Tor]: CID 1444262: Null-pointer dereference in non-fatal assertion failure path

2019-04-01 Thread Tor Bug Tracker & Wiki
#29967: CID 1444262: Null-pointer dereference in non-fatal assertion failure 
path
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:  fixed
 Keywords:  regression, crash, asn-merge,|  Actual Points:  0
  coverity   |
Parent ID:   | Points:  0
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by teor):

 * status:  merge_ready => closed
 * keywords:  regression, crash, asn-merge => regression, crash, asn-merge,
 coverity
 * version:   => Tor: unspecified
 * resolution:   => fixed
 * points:   => 0


Comment:

 #29939 and #29967 merged to master after the merge-forward of #29703
 (which only changed 0.2.9).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
-+
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:  fixed
 Keywords:  asn-merge, coverity  |  Actual Points:  0
Parent ID:   | Points:  0
 Reviewer:  ahf  |Sponsor:
-+
Changes (by teor):

 * status:  merge_ready => closed
 * keywords:  asn-merge => asn-merge, coverity
 * version:   => Tor: unspecified
 * resolution:   => fixed


Comment:

 #29939 and #29967 merged to master after the merge-forward of #29703
 (which only changed 0.2.9).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29703 [Core Tor/Tor]: Backport test-network.sh fixes to 0.2.9

2019-04-01 Thread Tor Bug Tracker & Wiki
#29703: Backport test-network.sh fixes to 0.2.9
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.2.9.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.9.1-alpha
 Severity:  Normal   | Resolution:  fixed
 Keywords:  merge-after-0403-alpha, teor-merge,  |  Actual Points:  0.4
  CI, PTs 029-backport network-team- |
  roadmap-2019-Q1Q2  |
Parent ID:  #29280   | Points:  0.5
 Reviewer:  nickm|Sponsor:
-+-
Changes (by teor):

 * status:  merge_ready => closed
 * resolution:   => fixed
 * actualpoints:  0.3 => 0.4


Comment:

 Merged to maint-0.2.9, and merged forward (but the changes are already in
 0.3.4 and later).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+

Comment (by teor):

 Replying to [ticket:29939 nickm]:
 > I say this is not a backport candidate, since it only affects the tests.

 I agree: the impact of this change is that we get slightly more accurate
 test failure info if test setup fails.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+
Changes (by teor):

 * status:  assigned => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+
Changes (by teor):

 * status:  merge_ready => assigned
 * owner:  (none) => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29277 [Obfuscation/Pluggable transport]: Look into getting default Tor bridges scanned by external reachability tests

2019-04-01 Thread Tor Bug Tracker & Wiki
#29277: Look into getting default Tor bridges scanned by external reachability
tests
-+---
 Reporter:  cohosh   |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor19
-+---
Changes (by phw):

 * cc: phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29279 [Obfuscation/Obfsproxy]: Reach out to NGOs to test obfs4 reachability

2019-04-01 Thread Tor Bug Tracker & Wiki
#29279: Reach out to NGOs to test obfs4 reachability
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  task | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Obfsproxy|Version:
 Severity:  Normal   | Resolution:
 Keywords:  NGO, community, network-team-|  Actual Points:
  roadmap-2019-Q1Q2  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor19
-+-
Changes (by phw):

 * cc: phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25140 [Core Tor/Tor]: Parse only .torrc files in torrc.d directory

2019-04-01 Thread Tor Bug Tracker & Wiki
#25140: Parse only .torrc files in torrc.d directory
-+-
 Reporter:  iry  |  Owner:
 |  Jigsaw52
 Type:  task | Status:
 |  needs_revision
 Priority:  High |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.3.1-alpha
 Severity:  Major| Resolution:
 Keywords:  034-triage-20180328, |  Actual Points:
  035-removed-20180711   |
Parent ID:   | Points:
 Reviewer:  ahf  |Sponsor:
-+-

Comment (by teor):

 I found an Apple-specific test variant, which I think is probably a BSD-
 specific variant.
 See my comment on the pull request for details.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29979 [Core Tor/Tor]: Don't recommend expect() in CodingStandardsRust, because it panics

2019-04-01 Thread Tor Bug Tracker & Wiki
#29979: Don't recommend expect() in CodingStandardsRust, because it panics
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy, doc |  Actual Points:
Parent ID:| Points:
 Reviewer:  teor  |Sponsor:
--+
Changes (by teor):

 * reviewer:   => teor


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29979 [Core Tor/Tor]: Don't recommend expect() in CodingStandardsRust, because it panics

2019-04-01 Thread Tor Bug Tracker & Wiki
#29979: Don't recommend expect() in CodingStandardsRust, because it panics
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy, doc |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => needs_revision


Comment:

 I have reviewed the pull request and suggested changes

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29979 [Core Tor/Tor]: Don't recommend expect() in CodingStandardsRust, because it panics

2019-04-01 Thread Tor Bug Tracker & Wiki
#29979: Don't recommend expect() in CodingStandardsRust, because it panics
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  easy, doc
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 See the pull request from a GitHub contributor:
 https://github.com/torproject/tor/pull/883/files

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28223 [Core Tor/Tor]: Unparseable microdescriptor on public relay

2019-04-01 Thread Tor Bug Tracker & Wiki
#28223: Unparseable microdescriptor on public relay
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  040-must, 040-roadmap-proposed,  |  Actual Points:
  regression?, 035-can, postfreeze-ok,   |
  040-deferred-20190220  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by madage):

 Attached my cached-microdescriptors file where the bug happened. Yesterday
 the cache must have been rotated as I am not seeing the warnings anymore.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28223 [Core Tor/Tor]: Unparseable microdescriptor on public relay

2019-04-01 Thread Tor Bug Tracker & Wiki
#28223: Unparseable microdescriptor on public relay
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  040-must, 040-roadmap-proposed,  |  Actual Points:
  regression?, 035-can, postfreeze-ok,   |
  040-deferred-20190220  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by madage):

 * Attachment "cached-microdescs.new.xz" added.

 cached-microdescriptors file with nul bytes filled relay info

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28223 [Core Tor/Tor]: Unparseable microdescriptor on public relay

2019-04-01 Thread Tor Bug Tracker & Wiki
#28223: Unparseable microdescriptor on public relay
-+-
 Reporter:  teor |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  040-must, 040-roadmap-proposed,  |  Actual Points:
  regression?, 035-can, postfreeze-ok,   |
  040-deferred-20190220  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * owner:  (none) => mikeperry
 * status:  new => assigned


Comment:

 Assigning to Mike to add some logging, because everyone else has been
 assigned more than two 040-must tickets.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28223 [Core Tor/Tor]: Unparseable microdescriptor on public relay

2019-04-01 Thread Tor Bug Tracker & Wiki
#28223: Unparseable microdescriptor on public relay
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  040-must, 040-roadmap-proposed,  |  Actual Points:
  regression?, 035-can, postfreeze-ok,   |
  040-deferred-20190220  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:
 040-roadmap-proposed, regression?, 035-can, postfreeze-ok,
 040-deferred-20190220
 =>
 040-must, 040-roadmap-proposed, regression?, 035-can, postfreeze-ok,
 040-deferred-20190220
 * milestone:  Tor: unspecified => Tor: 0.4.0.x-final


Comment:

 A user on IRC reported this bug in 0.4.0.3-alpha.

 We should re-triage this ticket in 0.4.0.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29978 [- Select a component]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29978: My connection continues to timeout
--+--
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Milestone:
Component:  - Select a component  |Version:  Tor: unspecified
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by 71PlymouthGTX):

 * Attachment ",n.png" added.

 error screenshot #2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29978 [- Select a component]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29978: My connection continues to timeout
--+--
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Milestone:
Component:  - Select a component  |Version:  Tor: unspecified
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by 71PlymouthGTX):

 * Attachment ",mb.png" added.

 error screenshot

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29978 [- Select a component]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29978: My connection continues to timeout
--+--
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Component:  - Select a component
  Version:  Tor: unspecified  |   Severity:  Major
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 I have attempted, continuously to access webpages that tell me "the
 connection has timed out." I have made multiple edits to solve this issue
 from online sources however it continues to exist tor browser seems to be
 the only common denominator in the issue, so I am sending a screenshot of
 what occurs when I search the URL in the search bar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29977 [Webpages]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29977: My connection continues to timeout
--+
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Milestone:
Component:  Webpages  |Version:  Tor:
  |  unspecified
 Severity:  Major | Resolution:
 Keywords:  The Connection has Timed Out  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by 71PlymouthGTX):

 * Attachment ",n.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29977 [Webpages]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29977: My connection continues to timeout
--+
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Milestone:
Component:  Webpages  |Version:  Tor:
  |  unspecified
 Severity:  Major | Resolution:
 Keywords:  The Connection has Timed Out  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by 71PlymouthGTX):

 * Attachment ",mb.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29977 [Webpages]: My connection continues to timeout

2019-04-01 Thread Tor Bug Tracker & Wiki
#29977: My connection continues to timeout
--+--
 Reporter:  71PlymouthGTX |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Immediate |  Component:  Webpages
  Version:  Tor: unspecified  |   Severity:  Major
 Keywords:  The Connection has Timed Out  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 I have attempted, continuously to access webpages that tell me "the
 connection has timed out." I have made multiple edits to solve this issue
 from online sources however it continues to exist tor browser seems to be
 the only common denominator in the issue, so I am sending a screenshot of
 what occurs when I search the URL in the search bar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29975 [Internal Services/Tor Sysadmin Team]: Please create email alias/forwarding and LDAP for acat

2019-04-01 Thread Tor Bug Tracker & Wiki
#29975: Please create email alias/forwarding and LDAP for acat
-+-
 Reporter:  ewyatt   |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 (Erin, if you could actually publish your signature somewhere, that would
 be even better. But there's no reason for that step to block setting up
 the ldap account.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29975 [Internal Services/Tor Sysadmin Team]: Please create email alias/forwarding and LDAP for acat

2019-04-01 Thread Tor Bug Tracker & Wiki
#29975: Please create email alias/forwarding and LDAP for acat
-+-
 Reporter:  ewyatt   |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arma):

 Yes please!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29297 [Obfuscation/Obfsproxy]: Write reachability tests to verify if obfs4 is working or not

2019-04-01 Thread Tor Bug Tracker & Wiki
#29297: Write reachability tests to verify if obfs4 is working or not
-+-
 Reporter:  chelseakomlo |  Owner:  cohosh
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Obfsproxy|Version:
 Severity:  Normal   | Resolution:
 Keywords:  obfs4, network-team- |  implemented
  roadmap-2019-Q1Q2  |  Actual Points:
Parent ID:  #29279   | Points:  2
 Reviewer:  dcf, ahf |Sponsor:
 |  Sponsor19
-+-
Changes (by phw):

 * cc: phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29681 [Internal Services/Tor Sysadmin Team]: replace munin with prometheus and grafana

2019-04-01 Thread Tor Bug Tracker & Wiki
#29681: replace munin with prometheus and grafana
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 more plugins that we might want to setup in Prometheus, after the audit
 performed during the removal of Munin:

  * '''spamassassin''': ham/spam/total counts, looks for `spamd:
 ((processing|checking) message|identified spam|clean message)` in
 mail.log, could be replaced with [https://github.com/google/mtail ​mtail]
  * '''postgres-wal-traffic_''': should be covered by the postgres_exporter
 mentioned above, otherwise hook `psql -p "$port" --no-align --command
 'SELECT * FROM pg_current_xlog_insert_location()' --tuples-only --quiet |
 tr -d /,` into the node_exporter
  * '''ksm stats''': extra memory statistics, might not be very important
  * '''haproxy''': https://github.com/prometheus/haproxy_exporter
  * '''per VM disk usage''': see  #29816
  * '''vsftpd''': custom mtail plugin, no known exporter or dashboard

 See the full review in #29682 for details.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29682 [Internal Services/Tor Sysadmin Team]: remove traces munin-node everywhere

2019-04-01 Thread Tor Bug Tracker & Wiki
#29682: remove traces munin-node everywhere
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29681   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 fun facts found while ripping that stuff out:

  1. there is a DSA-specific munin package, with the following plugins:

  * `spamassassin`: ham/spam/total counts, looks for `spamd:
((processing|checking) message|identified spam|clean message)`
in `mail.log`, could be replaced with
[https://github.com/google/mtail mtail]
  * `postgres-wal-traffic_`: output of `psql -p "$port" --no-align
 --command 'SELECT * FROM pg_current_xlog_insert_location()'  --tuples-only
 --quiet | tr -d /`, probably covered by the
 [https://github.com/wrouesnel/postgres_exporter postgres exporter]
  * `ksm_scans`: output of `/sys/kernel/mm/ksm/full_scans`, see
[https://www.kernel.org/doc/html/latest/admin-guide/mm/ksm.html KSM
 docs]
  * `ksm`: same, but with `pages_shared`, `_unshared`, `_volatile`,
 `_sharing`, possibly covered by the node exporter, but hardly seems
 critical in any case
  * `vsftpd`: logtail of `/var/log/ftp/vsftpd.log` looking for
 upload/download/login/delete/connexions, would require a custom mtail
 plugin as well
  * `bind`: logtail of `/var/log/daemon.log`, looking for queries
etc, easy replacement with the
[https://github.com/digitalocean/bind_exporter/ Prometheus
 exporter]
  * `apache_servers`: apache server-status, equivalent of the
apache exporter, already deployed

  2. there's a packet counting script in `ferm` which seem to count per-IP
 packet stats from iptables:
 {{{
 $munin_ips = split(regsubst($v4ips, '([^,]+)', 'ip_\1', 'G'), ',')
 munin::check { $munin_ips:
 script => "ip_";
 }
 if $v6ips {
 $munin6_ips = split(regsubst($v6ips, '([^,]+)', 'ip_\1', 'G'),
 ',')
 munin::check { $munin6_ips: script => 'ip_', }
 }
 }}}
 i have just removed those, without a replacement.

  3. hiding in the haproxy puppet module is another munin plugin. there is
 also a [https://github.com/prometheus/haproxy_exporter prometheus exporter
 for haproxy] which we can eventually deploy to replace this. in the
 meantime, it was deleted

  4. the VM image installer (`modules/roles/files/virt/tor-install-VM`) has
 noises about setting up VM-specific plugins: `echo '  for i in
 `/usr/local/sbin/vm_du_ suggest`; do ln -vsf /usr/local/sbin/vm_du_
 /etc/munin/plugins/vm_du_$i; done'`. that file does not seem to be
 deployed through Puppet, and consists of a script checking the disk space
 of all VMs. It looks something like this on `kvm4` right now:

 {{{
 #!/bin/bash
 # -*- sh -*-

 MUNIN_LIBDIR=${MUNIN_LIBDIR:-/usr/share/munin}
 . $MUNIN_LIBDIR/plugins/plugin.sh

 BASE=/srv/vmstore

 VM=${0##*vm_du_}
 #VM=${VM//_/.}

 case $1 in
 autoconf)
 if [[ -d "$BASE" ]]; then
 echo yes
 exit 0
 else
 echo "no ($BASE not found)"
 exit 0
 fi
 ;;
 suggest)
 if [[ -d "$BASE" ]]; then
 find "$BASE" -mindepth 1 -maxdepth 1 -type d -a ! -name
 lost+found -printf '%f\n' # | tr . _
 fi
 exit 0
 ;;
 config)
 echo "graph_title disk usage VM $VM"
 echo 'graph_args --base 1024 --lower-limit 0'
 echo 'graph_vlabel bytes'
 echo 'graph_category disk'
 echo 'graph_total Total'

 find "$BASE/$VM" -mindepth 1 -maxdepth 1 -type f |
 while read fn; do
 label="${fn##*/}"
 label=${label//./_}
 name=${label//-/_}
 echo "$name.label $label"
 echo "$name.cdef $name,1024,*"
 done
 exit 0
 ;;
 esac

 find "$BASE/$VM" -mindepth 1 -maxdepth 1 -type f -printf '%f %k\n' |
 while read fn du; do
   fn=${fn//[.-]/_}
   echo "$fn.value $du"
 done
 }}}

 that is covered by #29816.

  5. the munin-common package doesn't remove its own user/group by default
 so I did that by hand. there's a possibility that some files are leftover
 in /var or /etc, but I am ready to assume the consequence of a possible
 UID reuse there to remove an extra account from all servers

  6. normally, the package removal process should have removed all of
 /etc/munin/plugins,

Re: [tor-bugs] #29734 [Obfuscation/Snowflake]: Broker should receive country stats information from Proxy and Client

2019-04-01 Thread Tor Bug Tracker & Wiki
#29734: Broker should receive country stats information from Proxy and Client
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Snowflake|Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake, geoip, stats  |  Actual Points:  2
Parent ID:  #29207   | Points:  1
 Reviewer:  ahf  |Sponsor:  Sponsor19
-+-

Comment (by cohosh):

 Replying to [comment:18 dcf]:
 > I have many comments, but overall my impression is good and I think you
 can move ahead with this.
 >
 > My big-picture question is: what do we plan to do with this data? If
 it's to detect blocking events by comparing the broker's statistics
 against the bridge's, I think we should at least sketch out those analysis
 scripts, in order to see whether the client geoip data we will be
 collecting is suited to the requirements. My main point is that we
 shouldn't collect data just because it may be useful; instead we should
 design safe data collection around some question we want to answer. As it
 stands, the branch will collect more precise client data than Tor Metrics
 does (Tor Metrics doesn't publish raw numbers but applies some fuzzing and
 binning). Having /debug display precise counts is a danger in the
 following scenario: an observer wants to determine whether a particular
 client is accessing the Snowflake broker. Whenever the observer sees a
 suspected connection, it checks the /debug output to see whether the count
 has incremented.
 >
 > Perhaps we could do a test deployment for a few days, to get an idea of
 what the data looks like. In fact, I think it's a good idea to try that,
 before merging. If there's a research question that we think this data
 could help us answer, we could ask the
 [https://research.torproject.org/safetyboard.html Safety Board] to
 evaluate it.
 >
 Thanks for this, I agree we should think about it some more.

 Whatever we decide, we should eventually not be displaying this data in
 /debug in the end, but rather logging it and using that log file to
 display metrics somewhere else. I also think that we should not be
 revealing '''more''' information about clients than the bridge is.

 I'm also willing to believe that collecting client country stats at the
 broker, even though it would tell us more information about censorship
 events, may not be *that* useful to us at the moment and is undesirable
 due to privacy concerns. We could always take a deeper dive into our
 investigations if we notice a drop in clients from a specific region at
 the bridge to figure out exactly what is going on.

 On the other hand, perhaps we want to collect country stats of the
 snowflake proxies? This is discussed to some extent in #21315. Do we have
 privacy concerns about proxies that are similar to those concerning
 clients?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29976 [Core Tor/Tor]: rework bootstrap reporting to use pubsub

2019-04-01 Thread Tor Bug Tracker & Wiki
#29976: rework bootstrap reporting to use pubsub
--+--
 Reporter:  catalyst  |  Owner:  catalyst
 Type:  task  | Status:  assigned
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  bootstrap |  Actual Points:
Parent ID:  #27104| Points:
 Reviewer:|Sponsor:  Sponsor19
--+--

Comment (by catalyst):

 WIP branch at https://github.com/tlyu/tor/tree/bootpubsub

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29976 [Core Tor/Tor]: rework bootstrap reporting to use pubsub

2019-04-01 Thread Tor Bug Tracker & Wiki
#29976: rework bootstrap reporting to use pubsub
--+--
 Reporter:  catalyst  |  Owner:  catalyst
 Type:  task  | Status:  assigned
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  bootstrap
Actual Points:|  Parent ID:  #27104
   Points:|   Reviewer:
  Sponsor:  Sponsor19 |
--+--


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29906 [Applications/Tor Browser]: Tor for Android stops working immediately on app start

2019-04-01 Thread Tor Bug Tracker & Wiki
#29906: Tor for Android stops working immediately on app start
-+-
 Reporter:  torlove  |  Owner:  sysrqb
 Type:  defect   | Status:
 |  accepted
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must-alpha   |
Parent ID:  #28329   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-mobile, tbb-crash => tbb-mobile, tbb-crash,
 TorBrowserTeam201904, tbb-8.5-must-alpha
 * cc: tbb-team (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29975 [Internal Services/Tor Sysadmin Team]: Please create email alias/forwarding and LDAP for acat

2019-04-01 Thread Tor Bug Tracker & Wiki
#29975: Please create email alias/forwarding and LDAP for acat
-+-
 Reporter:  ewyatt   |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512


 Please create LDAP and email forwarding for our new browser dev:

 Display Name: Alex Catarineu
 Forwarding email address: a...@mailbox.org
 Desired UID: acat
 PGP: 3F5B D76C 2C9B D09B F4A8  0AB0 75DC D26C 3A21 2E9A

 I verified his key by video chat and signed it today. The key is here (if
 not everywhere else by now):
 http://pgp.rediris.es:11371/pks/lookup?op=get&search=0x75DCD26C3A212E9A

 Thank you!
 -BEGIN PGP SIGNATURE-
 Comment: GPGTools - https://gpgtools.org

 iQIzBAEBCgAdFiEENecqn2ZVRfkstmYkugyUAPgPkc4FAlyiYzgACgkQugyUAPgP
 kc7duQ/+JJoXEoCEqDAqwZerepiS+Iw+rYcXhL+G0M0L/ViRycnOaE4XMOff1KmB
 fKgbFi3z7iwWwa5bDjvxgailyBodHHXaWGA62yG1mvH5CZ3rsmIWsQydH1zGvSro
 ux4FrjZzOW4aOyDoF2RKFft3MFfHJ9SwVgMITW9ae2Zd+GU6G+u8rG84RKRjy2tL
 hiX6kZUnC5V0ri+PNDnIwVcnv0LlkDvQCxq1w6jxOrsPwIaVjl2AGc+sGSXfwI1r
 hW2OqzmCh7ItXbtkBr+Rytnq/PzEssZJligkqB5xXP6uMgO+MVcaex6wvXHRzrl+
 YBtO1YPeiXfp0GAwn/8OlavjY827buQkpo7+e4xRMYwpJVM85Xj81fe9fbVicFTw
 lzd6naELy824HJ0Vwpet5mUw8fBp0OjVEDStREZdUX+duWLN35zRtdSv2V34wSsP
 irAcjEeaV28qL/5+uInY/aIF6EscQGTN2lajff1PGOjxzgCFVQrrPt0/vY0z40cl
 hJC9ph2RB/QEyv+Mc+o1NfrkKt8UiHPAslNBqKCqYLDHwij00A4M7jPxPM1FrrWp
 EDUqzCcNRsV/6oHBHuGkJPG1QV7LGcE26eGuBXMgJUchOtZr0EDgYXPuSCCCg9ly
 13iyz+31NS7r2omsmdTlREm9jtx1WAWpmYZbbf11D5ilrsICQzE=
 =SuAj
 -END PGP SIGNATURE-

 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904, GeorgKoppen201904,   |
  tbb-8.5|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => needs_information
 * keywords:
 tbb-proxy-bypass, TorBrowserTeam201904R, GeorgKoppen201904, tbb-8.5
 -must-alpha
 => tbb-proxy-bypass, TorBrowserTeam201904, GeorgKoppen201904, tbb-8.5


Comment:

 Replying to [comment:11 tom]:
 > Replying to [comment:9 gk]:
 > >However, I am still not convinced that this is the whole picture. In
 particular, I feel those changes *do not* explain how the registry-based
 bypass is working, given that the pref is only checked at one place and
 `areEnterpriseOnlyPoliciesAllowed()` results in `false` for the stable
 series, yet the bug report was made against 8.0.x.
 >
 > I also can't explain this, and agree.  But the patch looks good to me.

 Thanks. Pushed to `tor-browser-60.6.1esr-8.5-1` (commit
 e95c515352094f6c3d943a3313628c370feb18f2 and
 6e730d5184f8d74860488f8fa998bd1e0023281f) to get the changes in our next
 nightly build. Setting to `needs_information` to figure out a way to repro
 the original bug report. I'll try to ask the reporter for steps to
 reproduce and whether they can still reproduce the problem with the fixes
 (whcih we have so far) committed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29973 [Applications/Tor Browser]: Remove remaining stopOpenSecuritySettingsObserver() pieces

2019-04-01 Thread Tor Bug Tracker & Wiki
#29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ux-team, GeorgKoppen201904,  |  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must-alpha   |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks. Merged to `master` (commit
 409f01d42ffb9efc85c9245f9baa6ea1831003c2).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29768 [Applications/Tor Browser]: Introduce new features to users in Tor Browser

2019-04-01 Thread Tor Bug Tracker & Wiki
#29768: Introduce new features to users in Tor Browser
-+-
 Reporter:  antonela |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201903, tbb-8.5-must-  |  Actual Points:
  alpha  |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dunqan):

 Replying to [comment:22 mcs]:

 > Dunqan — can you provide colors and corner radius for the `Updated` and
 `New` meta-labels? If you provide CSS we would use it ;)

 Sure thing! CSS attributes as follows:


 {{{
 background: #F1F1F3;
 border-radius: 4px;
 Min-height: 25px;
 font-size: 10px;
 font-weight: 600;
 text-transform: uppercase;

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29973 [Applications/Tor Browser]: Remove remaining stopOpenSecuritySettingsObserver() pieces

2019-04-01 Thread Tor Bug Tracker & Wiki
#29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, GeorgKoppen201904,  |  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must-alpha   |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * status:  needs_review => merge_ready
 * keywords:  ux-team, GeorgKoppen201904, TorBrowserTeam201904R, tbb-8.5
 -must-alpha => ux-team, GeorgKoppen201904, TorBrowserTeam201904,
 tbb-8.5-must-alpha


Comment:

 Looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29768 [Applications/Tor Browser]: Introduce new features to users in Tor Browser

2019-04-01 Thread Tor Bug Tracker & Wiki
#29768: Introduce new features to users in Tor Browser
-+-
 Reporter:  antonela |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201903, tbb-8.5-must-  |  Actual Points:
  alpha  |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Replying to [comment:21 gk]:
 > If mcs/brade are fine with it then this looks good to me, thanks!

 Yes, we will work on implementing it.

 Dunqan — can you provide colors and corner radius for the `Updated` and
 `New` meta-labels? If you provide CSS we would use it ;)

 Antonela — what do we need to do to finalize the English text? We should
 do that soon so there is time for translation.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29906 [Applications/Tor Browser]: Tor for Android stops working immediately on app start

2019-04-01 Thread Tor Bug Tracker & Wiki
#29906: Tor for Android stops working immediately on app start
--+--
 Reporter:  torlove   |  Owner:  sysrqb
 Type:  defect| Status:  accepted
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile, tbb-crash |  Actual Points:
Parent ID:  #28329| Points:
 Reviewer:|Sponsor:
--+--
Changes (by sysrqb):

 * owner:  tbb-team => sysrqb
 * status:  needs_information => accepted


Comment:

 Accepting, resolution pending new branch for #28329

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29906 [Applications/Tor Browser]: Tor for Android stops working immediately on app start

2019-04-01 Thread Tor Bug Tracker & Wiki
#29906: Tor for Android stops working immediately on app start
--+---
 Reporter:  torlove   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile, tbb-crash |  Actual Points:
Parent ID:  #28329| Points:
 Reviewer:|Sponsor:
--+---

Comment (by sysrqb):

 Replying to [comment:18 gk]:
 > Replying to [comment:17 torlove]:
 > > Hi gk, none of the 4 listed above broke. All worked fines but the last
 one is sometimes refered to as Always-On Notifications, instead of Tor
 Browser, by the operating system.
 >
 > Yeah, that's a known issue, thanks for getting back to us. Thus, it
 seems 8.5a9 is the first broken release for you and the patch for #28329
 the likely culprit.

 Confirmed. This is the result of using an
 
[https://developer.android.com/reference/android/view/View.html#setClipToOutline(boolean)
 object method] added in a more recent API-level than KitKat (18). I'll
 correct this in the next branch I push for review on #28329. I'll also
 confirm there aren't other similar errors that will trigger after we
 correct this one.

 {{{
 E/GeckoCrashHandler( 2205): >>> REPORTING UNCAUGHT EXCEPTION FROM THREAD 1
 ("main")
 E/GeckoCrashHandler( 2205): java.lang.NoSuchMethodError:
 android.widget.Button.setClipToOutline
 E/GeckoCrashHandler( 2205): at
 
org.mozilla.gecko.torbootstrap.TorBootstrapPanel.onCreateView(TorBootstrapPanel.java:113)
 E/GeckoCrashHandler( 2205): at
 android.support.v4.app.Fragment.performCreateView(Fragment.java:1974)
 E/GeckoCrashHandler( 2205): at
 
android.support.v4.app.FragmentManagerImpl.moveToState(FragmentManager.java:1067)
 E/GeckoCrashHandler( 2205): at
 
android.support.v4.app.FragmentManagerImpl.moveToState(FragmentManager.java:1252)
 E/GeckoCrashHandler( 2205): at
 android.support.v4.app.BackStackRecord.run(BackStackRecord.java:742)
 E/GeckoCrashHandler( 2205): at
 
android.support.v4.app.FragmentManagerImpl.execPendingActions(FragmentManager.java:1617)
 E/GeckoCrashHandler( 2205): at
 
android.support.v4.app.FragmentManagerImpl.executePendingTransactions(FragmentManager.java:570)
 E/GeckoCrashHandler( 2205): at
 
android.support.v4.app.FragmentPagerAdapter.finishUpdate(FragmentPagerAdapter.java:141)
 E/GeckoCrashHandler( 2205): at
 android.support.v4.view.ViewPager.populate(ViewPager.java:1177)
 E/GeckoCrashHandler( 2205): at
 android.support.v4.view.ViewPager.populate(ViewPager.java:1025)
 E/GeckoCrashHandler( 2205): at
 android.support.v4.view.ViewPager.onMeasure(ViewPager.java:1545)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5125)
 E/GeckoCrashHandler( 2205): at
 android.widget.LinearLayout.measureChildBeforeLayout(LinearLayout.java:1404)
 E/GeckoCrashHandler( 2205): at
 android.widget.LinearLayout.measureHorizontal(LinearLayout.java:1052)
 E/GeckoCrashHandler( 2205): at
 android.widget.LinearLayout.onMeasure(LinearLayout.java:590)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5125)
 E/GeckoCrashHandler( 2205): at
 android.widget.FrameLayout.onMeasure(FrameLayout.java:310)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.measureChildHorizontal(RelativeLayout.java:719)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.onMeasure(RelativeLayout.java:455)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.measureChildHorizontal(RelativeLayout.java:719)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.onMeasure(RelativeLayout.java:455)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.measureChildHorizontal(RelativeLayout.java:719)
 E/GeckoCrashHandler( 2205): at
 android.widget.RelativeLayout.onMeasure(RelativeLayout.java:455)
 E/GeckoCrashHandler( 2205): at
 android.view.View.measure(View.java:16497)
 E/GeckoCrashHandler( 2205): at
 android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5125)
 E/GeckoCrashHandler( 2205): at
 android.widget.FrameLayout.onMeasure(FrameLayout.java:310)
 E/GeckoCrashHandler( 2205): at
 
android.support.v7.widget.ContentFrameLay

Re: [tor-bugs] #29223 [Core Tor/Tor]: List canonical abbreviations to use in Tor functions and identifiers

2019-04-01 Thread Tor Bug Tracker & Wiki
#29223: List canonical abbreviations to use in Tor functions and identifiers
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by gaba):

 * points:  0.5 => 1


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27137 [Applications/Quality Assurance and Testing]: tbb-testsuite: fix the navigation-timing, performance-observer, resource-timing, user-timing tests

2019-04-01 Thread Tor Bug Tracker & Wiki
#27137: tbb-testsuite: fix the navigation-timing, performance-observer, 
resource-
timing, user-timing tests
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  tbb-testsuite, boklm201903,  |  Actual Points:
  TorBrowserTeam201903   |
Parent ID:  #27105   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 The navigation-timing test is fixed by commit
 1c0e72c9b7eda965c7ef1fee28ebcbd07020a705.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904R, GeorgKoppen201904,  |
  tbb-8.5-must-alpha |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by tom):

 Replying to [comment:9 gk]:
 >However, I am still not convinced that this is the whole picture. In
 particular, I feel those changes *do not* explain how the registry-based
 bypass is working, given that the pref is only checked at one place and
 `areEnterpriseOnlyPoliciesAllowed()` results in `false` for the stable
 series, yet the bug report was made against 8.0.x.

 I also can't explain this, and agree.  But the patch looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29681 [Internal Services/Tor Sysadmin Team]: replace munin with prometheus and grafana

2019-04-01 Thread Tor Bug Tracker & Wiki
#29681: replace munin with prometheus and grafana
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 after approximately two weeks of scraping, we are nearing 11GiB of disk
 usage, which is below the estimates established in #29388 (20GiB), which
 is good.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29974 [Internal Services/Tor Sysadmin Team]: retire/replace moly

2019-04-01 Thread Tor Bug Tracker & Wiki
#29974: retire/replace moly
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 As part of #29817, we found out that `moly.torproject.org` has vastly
 surpassed its shelf life, having been installed in 2011. It's a big
 machine with multiple KVM guests, so we can't simply retire it and
 redistribute its guests elsewhere, at least not without filling up the
 rest of the infrastructure.

 So we probably need to find a replacement box for moly.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29462

2019-04-01 Thread Tor Bug Tracker & Wiki
Batch modification to #29462 by irl:


Action: resolve

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29648, #29649

2019-04-01 Thread Tor Bug Tracker & Wiki
Batch modification to #29648, #29649 by irl:


Action: resolve

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29967 [Core Tor/Tor]: CID 1444262: Null-pointer dereference in non-fatal assertion failure path

2019-04-01 Thread Tor Bug Tracker & Wiki
#29967: CID 1444262: Null-pointer dereference in non-fatal assertion failure 
path
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  merge_ready
 Priority:  Very High |  Milestone:  Tor:
  |  0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  regression, crash, asn-merge  |  Actual Points:  0
Parent ID:| Points:
 Reviewer:  ahf   |Sponsor:
--+
Changes (by nickm):

 * keywords:  regression, crash => regression, crash, asn-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+
Changes (by nickm):

 * keywords:   => asn-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29817 [Internal Services/Tor Sysadmin Team]: dead disk on moly

2019-04-01 Thread Tor Bug Tracker & Wiki
#29817: dead disk on moly
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 the disk ended up being replaced on wednesday by cymru's remote hands, but
 unfortunately the machine didn't come back up after reboot.

 we weren't able to access the BIOS with the IPMI interface, neither
 through ipmi-console which i installed on peninsulare and should provide a
 SOL (Serial Over LAN) interface, nor through IPMIview which weasel was
 able to run in an older jessie (or wheezy?) VM. it seems there is
 configuration missing in the BIOS to redirect it to the serial console and
 a similar configuration is therefore likely missing from GRUB and the
 kernel as well.

 in the end our precious remote hands were able to reboot the machine by
 simply hitting the keyboard. it seems the BIOS was configured to hang on
 boot if a new drive was inserted in the machine, another BIOS
 configuration which might be nice to disable, to say the least.

 lessons learned:

  1. BIOS configuration should be standardized to a certain set of
 parameters to avoid those problems in the future (boot without
 interruption, console redirection, etc)
  2. GRUB also needs a similar configuration
  3. we should test serial consoles before rebooting. in this case, the
 machine might have been able to have the drive swapped without a reboot if
 we were worried about the reboot
  4. this machine could possibly be retired as it is getting to its 8th
 year anniversary

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29652 [Metrics/Exit Scanner]: Evaluate the reusability of existing check.tpo application

2019-04-01 Thread Tor Bug Tracker & Wiki
#29652: Evaluate the reusability of existing check.tpo application
-+--
 Reporter:  irl  |  Owner:  irl
 Type:  task | Status:  accepted
 Priority:  Medium   |  Milestone:
Component:  Metrics/Exit Scanner |Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-roadmap-2019-q2  |  Actual Points:
Parent ID:  #29650   | Points:  1
 Reviewer:   |Sponsor:
-+--
Changes (by irl):

 * owner:  metrics-team => irl
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+
Changes (by ahf):

 * status:  needs_review => merge_ready


Comment:

 Looks good.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29967 [Core Tor/Tor]: CID 1444262: Null-pointer dereference in non-fatal assertion failure path

2019-04-01 Thread Tor Bug Tracker & Wiki
#29967: CID 1444262: Null-pointer dereference in non-fatal assertion failure 
path
---+
 Reporter:  nickm  |  Owner:  nickm
 Type:  defect | Status:  merge_ready
 Priority:  Very High  |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  regression, crash  |  Actual Points:  0
Parent ID: | Points:
 Reviewer:  ahf|Sponsor:
---+
Changes (by ahf):

 * status:  needs_review => merge_ready


Comment:

 Looks good. No changes file seems OK as this is a fix for something that
 landed recently.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29297 [Obfuscation/Obfsproxy]: Write reachability tests to verify if obfs4 is working or not

2019-04-01 Thread Tor Bug Tracker & Wiki
#29297: Write reachability tests to verify if obfs4 is working or not
-+-
 Reporter:  chelseakomlo |  Owner:  cohosh
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Obfsproxy|Version:
 Severity:  Normal   | Resolution:
 Keywords:  obfs4, network-team- |  implemented
  roadmap-2019-Q1Q2  |  Actual Points:
Parent ID:  #29279   | Points:  2
 Reviewer:  dcf, ahf |Sponsor:
 |  Sponsor19
-+-

Comment (by cohosh):

 Replying to [comment:14 dcf]:
 > Replying to [comment:9 cohosh]:
 > > And I've added a large (~100M) file download to check for throttling.
 >
 > Does this mean that there are multiple 100 MB pcaps being produced every
 day? That could be a lot of data to manage. Or are you not doing full
 packet capture for this part?

 I'm not planning on doing a full packet capture unless the overall results
 look suspicious, and then I will turn packet capture on to investigate
 more closely. Perhaps with a smaller file.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29241 [Core Tor/Tor]: NSS SSL_ExportKeyingMaterial failing

2019-04-01 Thread Tor Bug Tracker & Wiki
#29241: NSS SSL_ExportKeyingMaterial failing
-+-
 Reporter:  sysrqb   |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  regression, 035-backport?,   |  Actual Points:  1.5
  040-must, spec |
Parent ID:   | Points:  2
 Reviewer:  teor |Sponsor:
-+-
Changes (by asn):

 * reviewer:  catalyst => teor


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29967 [Core Tor/Tor]: CID 1444262: Null-pointer dereference in non-fatal assertion failure path

2019-04-01 Thread Tor Bug Tracker & Wiki
#29967: CID 1444262: Null-pointer dereference in non-fatal assertion failure 
path
---+
 Reporter:  nickm  |  Owner:  nickm
 Type:  defect | Status:  needs_review
 Priority:  Very High  |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  regression, crash  |  Actual Points:  0
Parent ID: | Points:
 Reviewer:  ahf|Sponsor:
---+
Changes (by asn):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29960 [Core Tor/Tor]: Actually check for errors in digest256_to_base64() and callers

2019-04-01 Thread Tor Bug Tracker & Wiki
#29960: Actually check for errors in digest256_to_base64() and callers
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.2.6-alpha
 Severity:  Normal| Resolution:
 Keywords:  technical-debt, fast-fix  |  Actual Points:  0.2
Parent ID:| Points:  0.2
 Reviewer:  nickm |Sponsor:  Sponsor31-can
--+
Changes (by asn):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29961 [Core Tor/Tor]: Update the Tor version for bandwidth-file-digest in torspec

2019-04-01 Thread Tor Bug Tracker & Wiki
#29961: Update the Tor version for bandwidth-file-digest in torspec
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.2-alpha
 Severity:  Normal   | Resolution:
 Keywords:  040-must, 040-backport, fast-fix,|  Actual Points:  0
  tor-spec   |
Parent ID:  #29959   | Points:  0
 Reviewer:  asn  |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => asn


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29959 [Core Tor/Tor]: Actually include the bandwidth file digest in the vote

2019-04-01 Thread Tor Bug Tracker & Wiki
#29959: Actually include the bandwidth file digest in the vote
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:
  |  needs_review
 Priority:  Medium|  Milestone:  Tor:
  |  0.4.0.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.4.0.2-alpha
 Severity:  Normal| Resolution:
 Keywords:  040-must, 040-backport, fast-fix  |  Actual Points:  0.2
Parent ID:  #29947| Points:  0.2
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => asn


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29939 [Core Tor/Tor]: test_routerkeys: Coverity says, always check mkdir return values.

2019-04-01 Thread Tor Bug Tracker & Wiki
#29939: test_routerkeys: Coverity says, always check mkdir return values.
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:  ahf   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29926 [Core Tor/Tor]: shellcheck: asciidoc-helper.sh issues

2019-04-01 Thread Tor Bug Tracker & Wiki
#29926: shellcheck: asciidoc-helper.sh issues
--+--
 Reporter:  rl1987|  Owner:  rl1987
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  mikeperry |Sponsor:
--+--
Changes (by asn):

 * reviewer:   => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29938 [Core Tor/Tor]: pubsub: coverity sees a null pointer deref in lint_message_consistency (CID 1444257)

2019-04-01 Thread Tor Bug Tracker & Wiki
#29938: pubsub: coverity sees a null pointer deref in lint_message_consistency 
(CID
1444257)
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0.1
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:  Sponsor31-can
--+
Changes (by asn):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29913 [Core Tor/Tor]: Stop assuming that /usr/bin/python3 exists

2019-04-01 Thread Tor Bug Tracker & Wiki
#29913: Stop assuming that /usr/bin/python3 exists
---+
 Reporter:  teor   |  Owner:  teor
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  fast-fix, python3  |  Actual Points:  0.2
Parent ID: | Points:  0.1
 Reviewer:  cohosh |Sponsor:
---+
Changes (by asn):

 * reviewer:   => cohosh


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29897 [Core Tor/Tor]: Refactor handle_get_next_bandwidth() to use connection_dir_buf_add()

2019-04-01 Thread Tor Bug Tracker & Wiki
#29897: Refactor handle_get_next_bandwidth() to use connection_dir_buf_add()
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  asn-merge, nickm-merge, consider-|  Actual Points:  0.1
  backport-after-authority-test, consider-   |
  backport-after-040-stable, tor-dirauth,|
  metrics-needs, tor-bwauth, |
  035-removed-20180711, 040-roadmap-proposed,|
  035-backport-maybe-in-21377, 040-backport- |
  maybe  |
Parent ID:  #21377   | Points:  0.1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by asn):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29241 [Core Tor/Tor]: NSS SSL_ExportKeyingMaterial failing

2019-04-01 Thread Tor Bug Tracker & Wiki
#29241: NSS SSL_ExportKeyingMaterial failing
-+-
 Reporter:  sysrqb   |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  regression, 035-backport?,   |  Actual Points:  1.5
  040-must, spec |
Parent ID:   | Points:  2
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29121 [Core Tor/Tor]: tor man page doesn't mention isolating between socksports

2019-04-01 Thread Tor Bug Tracker & Wiki
#29121: tor man page doesn't mention isolating between socksports
--+--
 Reporter:  arma  |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  mikeperry |Sponsor:
--+--
Changes (by asn):

 * reviewer:   => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28806 [Core Tor/Tor]: checkIncludes.py does not like code in src/ext/timeouts

2019-04-01 Thread Tor Bug Tracker & Wiki
#28806: checkIncludes.py does not like code in src/ext/timeouts
--+
 Reporter:  rl1987|  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:
 Reviewer:  cohosh|Sponsor:
--+
Changes (by asn):

 * reviewer:   => cohosh


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29868 [Applications/Tor Browser]: tor-browser-build fails in container-image-windows-i686 attempting to install package python-future

2019-04-01 Thread Tor Bug Tracker & Wiki
#29868: tor-browser-build fails in container-image-windows-i686 attempting to
install package python-future
+--
 Reporter:  pospeselr   |  Owner:  tbb-team
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  TorBrowserTeam201903R, tbb-rbm  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by boklm):

 It seems jessie-backports was not removed completely. It was just moved to
 http://archive.debian.org/debian/.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904R, GeorgKoppen201904,  |
  tbb-8.5-must-alpha |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-proxy-bypass, TorBrowserTeam201904R, tbb-8.5-must-alpha =>
 tbb-proxy-bypass, TorBrowserTeam201904R, GeorgKoppen201904, tbb-8.5
 -must-alpha


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904R, tbb-8.5-must-alpha  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_information => needs_review
 * keywords:  tbb-proxy-bypass, TorBrowserTeam201904, tbb-8.5-must-alpha =>
 tbb-proxy-bypass, TorBrowserTeam201904R, tbb-8.5-must-alpha


Comment:

 Replying to [comment:8 tom]:
 > No, the pref should be enough. I was suggesting revert the other one to
 carry one less customization.
 >
 > Policy support will be screwy though. As this issue illustrates, if you
 enable policy support, you will pick up a policy for Firefox, if it's
 present in certain locations, rather than a Tor Browser-specific policy.
 If we wanted to support policies we probably should require them to be TB-
 specific.

 Fair enough. I've pushed `bug_29916`
 (https://gitweb.torproject.org/user/gk/tor-browser.git/log/?h=bug_29916)
 to make the changes you suggested and have them up for review. However, I
 am still not convinced that this is the whole picture. In particular, I
 feel those changes *do not* explain how the registry-based bypass is
 working, given that the pref is only checked at one place and
 `areEnterpriseOnlyPoliciesAllowed()` results in `false` for the stable
 series, yet the bug report was made against 8.0.x.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29768 [Applications/Tor Browser]: Introduce new features to users in Tor Browser

2019-04-01 Thread Tor Bug Tracker & Wiki
#29768: Introduce new features to users in Tor Browser
-+-
 Reporter:  antonela |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201903, tbb-8.5-must-  |  Actual Points:
  alpha  |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 If mcs/brade are fine with it then this looks good to me, thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29835 [Metrics/Website]: Include Android as a Tor Browser platform

2019-04-01 Thread Tor Bug Tracker & Wiki
#29835: Include Android as a Tor Browser platform
-+--
 Reporter:  sysrqb   |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by gk):

 Replying to [comment:3 karsten]:
 > Here are requests matching the `tor-browser*.apk` pattern over the past
 six months:
 >
 > {{{
 > webstats=> SELECT resource_string, SUM(count) AS count
 > webstats-> FROM files NATURAL JOIN requests NATURAL JOIN resources
 > webstats-> WHERE resource_string LIKE '%tor-browser%.apk'
 > webstats-> AND log_date >= '2018-10-01'
 > webstats-> GROUP BY 1
 > webstats-> ORDER BY 2 DESC
 > webstats-> LIMIT 25;
 >   resource_string   |
 count
 >
 +
 >  /torbrowser/8.5a6/tor-browser-8.5a6-android-armv7-multi.apk|
 427580
 >  /torbrowser/8.5a8/tor-browser-8.5a8-android-armv7-multi.apk|
 321918
 >  /torbrowser/mobile/1.0a3/tor-browser-android-arm-1.0a3.apk |
 241827
 >  /torbrowser/8.5a7/tor-browser-8.5a7-android-armv7-multi.apk|
 215911
 >  /torbrowser/mobile/1.0a2/tor-browser-android-arm-1.0a2.apk |
 137609
 >  /dist/torbrowser/8.5a6/tor-browser-8.5a6-android-armv7-multi.apk   |
 107272
 >  /dist/torbrowser/8.5a8/tor-browser-8.5a8-android-armv7-multi.apk   |
 80339
 >  /torbrowser/mobile/1.0a1/tor-browser-android-arm-1.0a1.apk |
 69912
 >  /dist/torbrowser/mobile/1.0a3/tor-browser-android-arm-1.0a3.apk|
 65513
 >  /torbrowser/8.5a5/tor-browser-8.5a5-android-armv7.apk  |
 55549
 >  /dist/torbrowser/8.5a7/tor-browser-8.5a7-android-armv7-multi.apk   |
 52822
 >  /torbrowser/8.5a9/tor-browser-8.5a9-android-armv7-multi.apk|
 39996
 >  /dist/torbrowser/mobile/1.0a2/tor-browser-android-arm-1.0a2.apk|
 38649
 >  /torbrowser/8.5a10/tor-browser-8.5a10-android-armv7-multi.apk  |
 22130
 >  /dist/torbrowser/mobile/1.0a1/tor-browser-android-arm-1.0a1.apk|
 18698
 >  /dist/torbrowser/8.5a5/tor-browser-8.5a5-android-armv7.apk |
 14744
 >  /torbrowser/8.5a9/tor-browser-8.5a9-android-x86-multi.apk  |
 9744
 >  /dist/torbrowser/8.5a9/tor-browser-8.5a9-android-armv7-multi.apk   |
 9328
 >  /torbrowser/8.5a10/tor-browser-8.5a10-android-x86-multi.apk|
 3136
 >  /dist/torbrowser/8.5a10/tor-browser-8.5a10-android-armv7-multi.apk |
 3034
 >  /dist/torbrowser/8.5a6/tor-browser-8.5a6-android-armv7.apk |
 2736
 >  /dist/torbrowser/8.5a9/tor-browser-8.5a9-android-x86-multi.apk |
 2560
 >  /dist/torbrowser/mobile/8.0.6/tor-browser-android-arm-8.0.6.apk|
 955
 >  /dist/torbrowser/8.5a10/tor-browser-8.5a10-android-x86-multi.apk   |
 796
 >  /dist/torbrowser/mobile/8.0.5/tor-browser-android-arm-8.0.5.apk|
 425
 > (25 rows)
 > }}}
 >
 > Which of these would you want to have included in a graph?

 Not the 8.0.x ones as there was never a 8.0.x to begin with. That makes me
 wonder how many of those requests got actually a .apk back. Do we know
 that? For instance, we only keep the last two Tor Browser versions on
 `dist` for both the alpha and the stable series. It's not clear from your
 data above which of those requests to `dist` missed that "2 releases-
 window" and which not. Obviously, we only want to have the latter in our
 graph.

 > Assuming we're making a new graph for Tor on Android, what would you
 want to have included in that graph? More specifically:
 >
 >  - What's the difference between the 1.0, the 8.0, and the 8.5 series?
 Are these the major versions you'd like to distinguish?

 There was never a 8.0.x release and all releases so far were alpha
 releases. Thus, there is no major version to distinguish yet. We switched
 at some point to the 8.5 scheme as we a) wanted to do that anyway at some
 point as we plan to ship bundles for Android with Tor Browser 8.5 as well
 and b) when reaching the reproducible builds milestone the bundle
 resembled the 8.5 alpha enough that we thought we can now switch to the
 regular alpha naming scheme.

 >  - Do you care about the `armv7` and `x86` distinction? What about
 `-multi`?

 Yes, to the former. Android bundles were at some point in the past only
 `en-US` bundles. That changed with the advent of `-multi` which now
 contains all locales we support. I don't expect that to go away again.
 Thus, we don't need to differentiate between `-multi` and `en-US` for now
 at least.

 >  - Why do some resource strings start with `/torbrowser/`, others with
 `/dist/torbrowser/`, and even others with `/dist/torbrowser/mobile/`? Are
 these all basically

Re: [tor-bugs] #29973 [Applications/Tor Browser]: Remove remaining stopOpenSecuritySettingsObserver() pieces

2019-04-01 Thread Tor Bug Tracker & Wiki
#29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, GeorgKoppen201904,  |  Actual Points:
  TorBrowserTeam201904R, tbb-8.5-must-alpha  |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  ux-team, GeorgKoppen201904, TorBrowserTeam201904, tbb-8.5
 -must-alpha => ux-team, GeorgKoppen201904, TorBrowserTeam201904R,
 tbb-8.5-must-alpha
 * status:  new => needs_review


Comment:

 `bug_29973`
 
(https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_29973&id=409f01d42ffb9efc85c9245f9baa6ea1831003c2)
 in my public `torbutton` repo has the fixup up for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29768 [Applications/Tor Browser]: Introduce new features to users in Tor Browser

2019-04-01 Thread Tor Bug Tracker & Wiki
#29768: Introduce new features to users in Tor Browser
-+-
 Reporter:  antonela |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201903, tbb-8.5-must-  |  Actual Points:
  alpha  |
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by antonela):

 thanks dunqan!

 gk, do we have your approval?
 mcs, are those assets good for the implementation?

 Thanks all!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #29973 [Applications/Tor Browser]: Remove remaining stopOpenSecuritySettingsObserver() pieces

2019-04-01 Thread Tor Bug Tracker & Wiki
#29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  ux-team,
 Severity:  Normal   |  GeorgKoppen201904,
 |  TorBrowserTeam201904, tbb-8.5-must-
 |  alpha
Actual Points:   |  Parent ID:  #25658
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 `stopOpenSecuritySettingsObserver()` is not needed anymore with the
 changes in #25658. However, there are some pieces left of it that result
 in a browser console error. Noted on our blog:
 https://blog.torproject.org/comment/280343#comment-280343

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #28044, #28622, #29843, #26498, ...

2019-04-01 Thread Tor Bug Tracker & Wiki
Batch modification to #28044, #28622, #29843, #26498, #26861, #27045, #27265, 
#29080, #29187, #29307, #29312, #29313, #29319, #29574, #29575, #29627, #29903, 
#29943 by gk:


Comment:
Moving review tickets to April.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29950 [Applications/Tor Browser]: Error when using runc dev version

2019-04-01 Thread Tor Bug Tracker & Wiki
#29950: Error when using runc dev version
+--
 Reporter:  boklm   |  Owner:  tbb-team
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  TorBrowserTeam201903R, tbb-rbm  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good. Merged to `master` (commit
 32a4f009d706b9e651071b1b3d361891408eb3aa).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29950 [Applications/Tor Browser]: Error when using runc dev version

2019-04-01 Thread Tor Bug Tracker & Wiki
#29950: Error when using runc dev version
+--
 Reporter:  boklm   |  Owner:  tbb-team
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201903R, tbb-rbm  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by boklm):

 * status:  needs_information => needs_review


Comment:

 Replying to [comment:2 gk]:
 > Any reason we use a capturing group in the regex if we aren't actually
 using the captured item? Seems to me a non-capturing group would do it as
 well here?

 Yes, a non-capturing group would work. I changed that in branch
 `bug_29950_v2`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_29950_v2&id=32a4f009d706b9e651071b1b3d361891408eb3aa

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29835 [Metrics/Website]: Include Android as a Tor Browser platform

2019-04-01 Thread Tor Bug Tracker & Wiki
#29835: Include Android as a Tor Browser platform
-+--
 Reporter:  sysrqb   |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Here are requests matching the `tor-browser*.apk` pattern over the past
 six months:

 {{{
 webstats=> SELECT resource_string, SUM(count) AS count
 webstats-> FROM files NATURAL JOIN requests NATURAL JOIN resources
 webstats-> WHERE resource_string LIKE '%tor-browser%.apk'
 webstats-> AND log_date >= '2018-10-01'
 webstats-> GROUP BY 1
 webstats-> ORDER BY 2 DESC
 webstats-> LIMIT 25;
   resource_string   |
 count
 +
  /torbrowser/8.5a6/tor-browser-8.5a6-android-armv7-multi.apk|
 427580
  /torbrowser/8.5a8/tor-browser-8.5a8-android-armv7-multi.apk|
 321918
  /torbrowser/mobile/1.0a3/tor-browser-android-arm-1.0a3.apk |
 241827
  /torbrowser/8.5a7/tor-browser-8.5a7-android-armv7-multi.apk|
 215911
  /torbrowser/mobile/1.0a2/tor-browser-android-arm-1.0a2.apk |
 137609
  /dist/torbrowser/8.5a6/tor-browser-8.5a6-android-armv7-multi.apk   |
 107272
  /dist/torbrowser/8.5a8/tor-browser-8.5a8-android-armv7-multi.apk   |
 80339
  /torbrowser/mobile/1.0a1/tor-browser-android-arm-1.0a1.apk |
 69912
  /dist/torbrowser/mobile/1.0a3/tor-browser-android-arm-1.0a3.apk|
 65513
  /torbrowser/8.5a5/tor-browser-8.5a5-android-armv7.apk  |
 55549
  /dist/torbrowser/8.5a7/tor-browser-8.5a7-android-armv7-multi.apk   |
 52822
  /torbrowser/8.5a9/tor-browser-8.5a9-android-armv7-multi.apk|
 39996
  /dist/torbrowser/mobile/1.0a2/tor-browser-android-arm-1.0a2.apk|
 38649
  /torbrowser/8.5a10/tor-browser-8.5a10-android-armv7-multi.apk  |
 22130
  /dist/torbrowser/mobile/1.0a1/tor-browser-android-arm-1.0a1.apk|
 18698
  /dist/torbrowser/8.5a5/tor-browser-8.5a5-android-armv7.apk |
 14744
  /torbrowser/8.5a9/tor-browser-8.5a9-android-x86-multi.apk  |
 9744
  /dist/torbrowser/8.5a9/tor-browser-8.5a9-android-armv7-multi.apk   |
 9328
  /torbrowser/8.5a10/tor-browser-8.5a10-android-x86-multi.apk|
 3136
  /dist/torbrowser/8.5a10/tor-browser-8.5a10-android-armv7-multi.apk |
 3034
  /dist/torbrowser/8.5a6/tor-browser-8.5a6-android-armv7.apk |
 2736
  /dist/torbrowser/8.5a9/tor-browser-8.5a9-android-x86-multi.apk |
 2560
  /dist/torbrowser/mobile/8.0.6/tor-browser-android-arm-8.0.6.apk|
 955
  /dist/torbrowser/8.5a10/tor-browser-8.5a10-android-x86-multi.apk   |
 796
  /dist/torbrowser/mobile/8.0.5/tor-browser-android-arm-8.0.5.apk|
 425
 (25 rows)
 }}}

 Which of these would you want to have included in a graph?

 Assuming we're making a new graph for Tor on Android, what would you want
 to have included in that graph? More specifically:

  - What's the difference between the 1.0, the 8.0, and the 8.5 series? Are
 these the major versions you'd like to distinguish?
  - Do you care about the `armv7` and `x86` distinction? What about
 `-multi`?
  - Why do some resource strings start with `/torbrowser/`, others with
 `/dist/torbrowser/`, and even others with `/dist/torbrowser/mobile/`? Are
 these all basically the same?
  - I didn't look at response codes yet. Are there any redirects in place?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29957 [Applications/Tor Browser]: clicking on "click to play" media leaks URLs via NoScript on-disk preferences

2019-04-01 Thread Tor Bug Tracker & Wiki
#29957: clicking on "click to play" media leaks URLs via NoScript on-disk
preferences
---+---
 Reporter:  catalyst   |  Owner:  tbb-team
 Type:  defect | Status:  needs_information
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-disk-leak, tbb-newnym  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * keywords:  tbb-disk-leak, newnym => tbb-disk-leak, tbb-newnym
 * status:  new => needs_information


Comment:

 I tried to reproduce both issues but failed with a clean Tor Browser 8.0.8
 on Windows 7. So, I wonder what goes wrong on the user's computer. Maybe
 some extra tools installed are interfering?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must-alpha   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by tom):

 No, the pref should be enough. I was suggesting revert the other one to
 carry one less customization.

 Policy support will be screwy though. As this issue illustrates, if you
 enable policy support, you will pick up a policy for Firefox, if it's
 present in certain locations, rather than a Tor Browser-specific policy.
 If we wanted to support policies we probably should require them to be TB-
 specific.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29969 [Applications/Tor Browser]: Drag-and-drop search causes NoScript XSS warning

2019-04-01 Thread Tor Bug Tracker & Wiki
#29969: Drag-and-drop search causes NoScript XSS warning
+--
 Reporter:  cypherpunks |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  noscript, TorBrowserTeam201904  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * cc: ma1 (added)
 * keywords:   => noscript, TorBrowserTeam201904


Comment:

 That's a fallout from working around
 https://bugzilla.mozilla.org/show_bug.cgi?id=1532530 I guess (see: #29733
 for details). We'll pick the fix for that bug up with the next release and
 then Giorgio can remove the workaround causing this bug in NoScript. I'll
 leave this bug open for tracking our inclusion of that new NoScript
 version (which should fix this issue then).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29965 [Webpages/Website]: Broken "Learn more" link in Tor Browser Security Settings fails to open https://tb-manual.torproject.org/security-slider.html

2019-04-01 Thread Tor Bug Tracker & Wiki
#29965: Broken "Learn more" link in Tor Browser Security Settings fails to open
https://tb-manual.torproject.org/security-slider.html
--+--
 Reporter:  monmire   |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #29901| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  Tor Browser-Security-Settings issue =>
 * owner:  tbb-team => hiro
 * component:  Applications/Tor Browser => Webpages/Website
 * parent:   => #29901


Comment:

 Not a Tor Browser bug, moving to website component.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29931 [Webpages/Website]: The About US text on https://www.torproject.org/ seems to be way too large

2019-04-01 Thread Tor Bug Tracker & Wiki
#29931: The About US text on https://www.torproject.org/ seems to be way too 
large
--+
 Reporter:  gk|  Owner:  hiro
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #29901| Points:
 Reviewer:|Sponsor:
--+
Changes (by gk):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Looks better now, thanks.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29916 [Applications/Tor Browser]: Group Policies for Firefox can bypass Tor Browser's proxy settings

2019-04-01 Thread Tor Bug Tracker & Wiki
#29916: Group Policies for Firefox can bypass Tor Browser's proxy settings
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-proxy-bypass,|  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must-alpha   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-proxy-bypass, TorBrowserTeam201904 => tbb-proxy-bypass,
 TorBrowserTeam201904, tbb-8.5-must-alpha
 * status:  new => needs_information


Comment:

 Replying to [comment:6 tom]:
 > I did find another way to control this besides the policy file. I
 believe that we should revert #29445, set
 browser.policies.testing.disallowEnterprise to true, not support enteprise
 policies in any way shape or form, and test a release and alpha build to
 ensure the proxy can't be bypassed.

 Hm, so `browser.policies.testing.disallowEnterprise` set to `true` *alone*
 does not solve our problems here? Or is it just too risky relying just on
 that pref alone? Because *if* folks know what they are doing and want to
 have policy support why not allowing that feature? If the pref alone is
 not enough that sounds like a bug with the pref handling which should get
 fixed independently of this ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29825 [Applications/Tor Browser]: Intelligently insert the Security Level button to the user's taskbar rather than resetting to default on upgrade

2019-04-01 Thread Tor Bug Tracker & Wiki
#29825: Intelligently insert the Security Level button to the user's taskbar 
rather
than resetting to default on upgrade
-+-
 Reporter:  pospeselr|  Owner:
 |  pospeselr
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201903R, tbb-8.5   |  Actual Points:
  -must-alpha|
Parent ID:  #25658   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks! I cherry-picked the browser patch and applied it as a fixup to the
 patch for #25658 as reordering the taskbar is somewhat orthogonal to
 intelligently inserting the buttons. The commit is commit
 2825e7f974d50a6394b5a5196c2133c068d85286 on `tor-browser-60.6.1esr-8.5-1`.

 The Torbutton patch got applied to Torbutton's `master` branch (commit
 d7595079a561fb36220a83e1d60ba9e6bab289e5).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29950 [Applications/Tor Browser]: Error when using runc dev version

2019-04-01 Thread Tor Bug Tracker & Wiki
#29950: Error when using runc dev version
+--
 Reporter:  boklm   |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201903R, tbb-rbm  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * status:  needs_review => needs_information


Comment:

 Any reason we use a capturing group in the regex if we aren't actually
 using the captured item? Seems to me a non-capturing group would do it as
 well here?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs