Re: [tor-bugs] #31057 [Archived/Obfsproxy]: Port pyptlib/obfsproxy to Python 3

[Tor Bug Tracker & Wiki]

#31057: Port pyptlib/obfsproxy to Python 3
+-
 Reporter:  jefferyto   |  Owner:  asn
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Archived/Obfsproxy  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-

Comment (by phw):

 Thanks for reaching out, jefferyto!

 Obfsproxy has been superseded by obfs4proxy. You can find the canonical
 repository here: https://gitlab.com/yawning/obfs4

 We recommend and ship obfs4proxy because unlike obfsproxy it is actively
 maintained and it implements obfs4, our latest obfuscation protocol, which
 still works in China. Obfs4proxy also implements all obfuscation protocols
 that obfsproxy supports.

 That said, is there a reason you prefer obfsproxy over obfs4proxy?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16682 [Core Tor/Tor]: Deploy TCP Fast Open at exits (and maybe inter-node?)

[Tor Bug Tracker & Wiki]

#16682: Deploy TCP Fast Open at exits (and maybe inter-node?)
-+-
 Reporter:  mikeperry|  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  performance tor-relay exit needs-|  Actual Points:
  analysis term-project  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Hello, for the  inter-relay question.
 Please read code inside:


 {{{
 +++ src/core/or/channelpadding.c
 @@ -617,7 +617,10 @@ channelpadding_get_channel_idle_timeout(
 }}}


 TL;DR

 {{{
 Canonical relay-to-relay channels  only last for 45..75min or consensus
 +/- 25%
 }}}


 I tested this and found out, that on extending through a relay, to a given
 node can have high cbt on first because TLS handshaking inter relay. Next
 CircuitBuildTime will be better, because multiplexing above existing
 orcon. But later used, the same behavior repeats!

 So, the relay could benefit from reestablishing the connections. giving
 better latency for circuits. This have no privacy impacts.  Why don't just
 enable TFO in alpha branch for this TLS channels?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21501 [Core Tor/Tor]: implement TFO aka TCP FAST OPEN to save RTT

[Tor Bug Tracker & Wiki]

#21501: implement TFO aka TCP FAST OPEN to save RTT
+--
 Reporter:  acceleraTor |  Owner:  (none)
 Type:  enhancement | Status:  reopened
 Priority:  Low |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Minor   | Resolution:
 Keywords:  tor-client tor-relay tcp-fast-open  |  Actual Points:
Parent ID:  #16682  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  duplicate =>


Comment:

 implementation in inter-relay and client=>guard connection seems to be
 without any possible privacy impacts yet. why don't just enable TFO(TCP
 Fast Open) in alpha testing branch for this TLS only connections?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31036 [Core Tor/Tor]: Logfile grow upto 2GB tor fails and refuse to start

[Tor Bug Tracker & Wiki]

#31036: Logfile grow upto 2GB tor fails and refuse to start
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Seems the startup fails, while not able to appending to logfile because
 some magic size limits. (looks like INT_MAX bytes here? 2 GByte)
 Also possible solution for startup fail should be the non default setting
 i found:

 {{{
 # TruncateLogFile TruncateLogFile 0|1
 # If 1, Tor will overwrite logs at startup and in response to a HUP
 signal,
 # instead of appending to them. (Default: 0)
 }}}
 But this will not help for running tor trying for writing above the
 filelimits.


 Replying to [comment:1 nickm]:
 >   Does deleting the log file help?
 Yes, of course Sorry. rm the log file helped.
 Replying to [comment:1 nickm]:
 > What version of tor?
 Tor 0.4.0.5
 Replying to [comment:1 nickm]:
 > What kind of messages?
 repeated messages:
 Jun 26 07:01:30.000 [warn] {BUG} tor_bug_occurred_(): Bug:
 buffers_tls.c:73: buf_read_from_tls: Non-fatal assertion !(buf->datalen >=
 INT
 #_MAX - at_most) failed. (on Tor 0.4.0.5 )



 Replying to [comment:2 nickm]:
 > Oh, also: what operating system are you using?
 excuse me for not mentioning in reports this details. win10 - mingw-64

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30901 [Core Tor/Tor]: Add control port trace logging to tor

[Tor Bug Tracker & Wiki]

#30901: Add control port trace logging to tor
---+
 Reporter:  teor   |  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-ci-fail-sometimes  |  Actual Points:
Parent ID:  #29437 | Points:  1
 Reviewer: |Sponsor:  Sponsor31-can
---+

Comment (by catalyst):

 Replying to [comment:3 catalyst]:
 > Replying to [comment:2 teor]:
 > > Hi catalyst,
 > >
 > > I'd like to make progress on this ticket today or tomorrow:
 > >
 > > Replying to [comment:1 nickm]:
 > > > For outgoing responses and events, I'd like catalyst's POV: they are
 actively refactoring that code right now, and probably have a better idea
 of how to hook it than I do.
 > >
 > > Here's one way we could move forward:
 > >
 > > I write a patch, and then you refactor it so that it fits in the new
 control code.
 > >
 > > Let me know if you'd like me to do it another way.
 > If you're OK with hooking `control_write_reply()` and missing the set of
 control protocol writers that don't yet funnel through there, that might
 be best. I think after #30889 is merged, the remaining control protocol
 writers that don't go through that are the async control events,
 `GETINFO`, and `GETCONF`. (I'd have to check again to be more sure.)
 Looking at my notes, it seems to be `GETCONF` (not `GETINFO`, sorry for
 misremembering), `MAPADDRESS`, and the async control events that use
 `connection_add_buf()` directly. I guess you could wrap specifically the
 `connection_add_buf()` that are related to the control protocol.

 The control reply refactor work that I'm working on is #30984. I think we
 can minimize conflicts in that code if you stick to wrapping the callers
 of `connection_add_buf()` that talk to the control protocol. Or we can
 talk more about coordinating more invasive changes if you think that's
 better.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-

Comment (by teor):

 Replying to [comment:6 cypherpunks]:
 > A shared "cypherpunks" account is the best option

 We need to choose just one of the other options, they are mutually
 exclusive,

 We can also choose to have a cyperpunks account, or not.
 Regardless of the other option we choose.

 Unfortunately, people have used the cypherpunks account to spam Trac at
 high rates.
 And we don't have the staff or volunteers to deal with all that spam.
 So we may choose not to have a cypherpunks account.

 If you know of any other options that have worked for open source
 projects, please suggest them on this ticket.
 (Most open source projects I know have registration by invitation or by
 contacting a support address.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29093 [Core Tor/Fallback Scripts]: Announce the new fallback list, and tell downstream maintainers that it has changed

[Tor Bug Tracker & Wiki]

#29093: Announce the new fallback list, and tell downstream maintainers that it 
has
changed
---+--
 Reporter:  teor   |  Owner:  teor
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Core Tor/Fallback Scripts  |Version:
 Severity:  Normal | Resolution:
 Keywords:  fallback   |  Actual Points:
Parent ID:  #28793 | Points:  0.1
 Reviewer: |Sponsor:
---+--
Changes (by teor):

 * owner:  (none) => teor
 * status:  new => assigned
 * points:   => 0.1


Comment:

 I'll do this one, because getting all the details right is hard.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-

Comment (by cypherpunks):

 A shared "cypherpunks" account is the best option

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30901 [Core Tor/Tor]: Add control port trace logging to tor

[Tor Bug Tracker & Wiki]

#30901: Add control port trace logging to tor
---+
 Reporter:  teor   |  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-ci-fail-sometimes  |  Actual Points:
Parent ID:  #29437 | Points:  1
 Reviewer: |Sponsor:  Sponsor31-can
---+

Comment (by catalyst):

 Replying to [comment:2 teor]:
 > Hi catalyst,
 >
 > I'd like to make progress on this ticket today or tomorrow:
 >
 > Replying to [comment:1 nickm]:
 > > For outgoing responses and events, I'd like catalyst's POV: they are
 actively refactoring that code right now, and probably have a better idea
 of how to hook it than I do.
 >
 > Here's one way we could move forward:
 >
 > I write a patch, and then you refactor it so that it fits in the new
 control code.
 >
 > Let me know if you'd like me to do it another way.
 If you're OK with hooking `control_write_reply()` and missing the set of
 control protocol writers that don't yet funnel through there, that might
 be best. I think after #30889 is merged, the remaining control protocol
 writers that don't go through that are the async control events,
 `GETINFO`, and `GETCONF`. (I'd have to check again to be more sure.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-

Comment (by catalyst):

 Replying to [comment:4 teor]:
 > I think we're missing an option:
 >
 > 4) A shared "cypherpunks" account with a public password
 >
 > Pros
 >
 > * anybody can report problems/features and there are less barriers for
 contribution
 > * a larger contributor anonymity set: contributions from the same person
 aren't identified with a single name or handle
 >
 > Cons
 >
 > * spam
 > * deleting or disabling the shared account removes access for everyone
 using it, not just the spammer
 I think this is useful to consider. In my experience it's mostly a
 negative. I think anonymity without accountability is inappropriate in the
 particular context of our ticketing system.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-

Comment (by teor):

 I think we're missing an option:

 4) A shared "cypherpunks" account with a public password

 Pros

 * anybody can report problems/features and there are less barriers for
 contribution
 * a larger contributor anonymity set: contributions from the same person
 aren't identified with a single name or handle

 Cons

 * spam
 * deleting or disabling the shared account removes access for everyone
 using it, not just the spammer

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31056 [Core Tor/Tor]: Hidden service sometimes unable to create circuit

[Tor Bug Tracker & Wiki]

#31056: Hidden service sometimes unable to create circuit
--+--
 Reporter:  dylanholand   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.5.8
 Severity:  Normal| Resolution:
 Keywords:  tor-hs|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * keywords:   => tor-hs
 * cc: asn, dgoulet (added)


Comment:

 Is it a v2 or v3 onion service?
 You censored the address from your logs, and the onion service parts of
 your config, so I can't tell.

 I've also cc'd our onion services developers, who might be able to help
 more.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31057 [Archived/Obfsproxy]: Port pyptlib/obfsproxy to Python 3

[Tor Bug Tracker & Wiki]

#31057: Port pyptlib/obfsproxy to Python 3
+-
 Reporter:  jefferyto   |  Owner:  asn
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Archived/Obfsproxy  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-
Changes (by teor):

 * cc: phw, cohosh, ahf (added)


Comment:

 We've archived the "Obfsproxy" component in Trac, which usually means that
 we're not maintaining it any more.

 But I've cc'd our anti-censorship team, who might have a more detailed
 answer.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28795 [Core Tor/Tor]: Generate a new fallback list in 2019 and backport it to all supported Tor versions

[Tor Bug Tracker & Wiki]

#28795: Generate a new fallback list in 2019 and backport it to all supported 
Tor
versions
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 029-backport,  |  implemented
  035-backport, 040-backport, 041-backport,  |  Actual Points:  1.5
  041-should |
Parent ID:  #28793   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by teor):

 Replying to [comment:17 nickm]:
 > (I did the full merge because this is one that historically we have
 given an automatic backport, on the theory that it is a good idea to keep
 all the branches together, and there are unlikely to be bugs here.)

 Thanks!

 I've documented this process on the wiki on our backports page:
 
https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/Backports#ImmediateBackports

 Some things worth noting:
 * backports happen after CI passes
 * GeoIP files, fallbacks, and authorities get backported immediately, feel
 free to add more things to the list

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31057 [Archived/Obfsproxy]: Port pyptlib/obfsproxy to Python 3

[Tor Bug Tracker & Wiki]

#31057: Port pyptlib/obfsproxy to Python 3
-+
 Reporter:  jefferyto|  Owner:  asn
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Component:  Archived/Obfsproxy
  Version:   |   Severity:  Normal
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
 Hello,

 I'm the maintainer of the obfsproxy package in OpenWrt (and also one of
 its Python maintainers).

 As you are probably aware, Python 2 will reach end-of-life by the end of
 this year (https://pythonclock.org/).

 I'm not exactly sure what is the current status of obfsproxy (whether it
 has been replaced by obfs4proxy or just dormant), but I think it would be
 good to keep it alive as an option.

 Would it be possible to port it (and pyptlib) to Python 3? If I manage to
 find time to work on some patches, would there be interest in merging
 them?

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31056 [Core Tor/Tor]: Hidden service sometimes unable to create circuit

[Tor Bug Tracker & Wiki]

#31056: Hidden service sometimes unable to create circuit
--+--
 Reporter:  dylanholand   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Component:  Core Tor/Tor
  Version:  Tor: 0.3.5.8  |   Severity:  Normal
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 I have a dedicated server with a few onoin-services on it. One of the
 services has some traffic to it and this service can't be reached a few
 times every day, lasting 5-15 minutes.

 While it's not available, the other onions is working just fine, it's just
 this particular .onion (which is the important one).

 The service is not of the kind that would get ddos'ed or similar, however,
 it can have some heavy peaks in traffic, which at some degree correlate
 with the unavailability. However, no server process is under heavy stress
 and other services, including other hidden services, is functioning
 normally)

 {{{
 #!div style="font-size: 80%"
 Server specs:
   {{{
 OS: CentOS/RHEL 7
 TOR: 0.3.5.8-1.el7

 torrc config:

 RunAsDaemon 1
 DataDirectory /var/lib/tor
 TransPort 9040
 TransListenAddress 127.0.0.1
 DNSPort 127.0.0.1:54
   }}}
 }}}


 {{{
 #!div style="font-size: 80%"
 A few lines from journalctl output, "xxx" is the onion that can't be
 reached:
   {{{
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Couldn't relaunch rendezvous circuit to '[scrubbed]'.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Couldn't relaunch rendezvous circuit to '[scrubbed]'.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
 [scrubbed] for service xxx.
 Tor[19172]: Giving up launching first hop of circuit to rendezvous point
   }}}
 }}}

 I have not found a similar issue in other tickets and it's very important
 that I can provide 100% uptime for this .onion.

 Many thanks for your time reading this, highly appreciated.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31055 [Applications/Tor Browser]: Retire Linus' default bridges

[Tor Bug Tracker & Wiki]

#31055: Retire Linus' default bridges
--+--
 Reporter:  phw   |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-bridges   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by phw):

 * status:  new => needs_review


Comment:

 The patch is in my [https://github.com/NullHypothesis/tor-browser-
 build/commit/e26e91bef8bd8d04d79bdd69f087efd808bc925d fix/31055 branch].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31055 [Applications/Tor Browser]: Retire Linus' default bridges

[Tor Bug Tracker & Wiki]

#31055: Retire Linus' default bridges
--+-
 Reporter:  phw   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-bridges
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Linus mentioned to me that he intends to shut down his default bridges to
 reduce the maintenance burden and to eliminate the risk of seeing both
 entry and exit traffic.

 The affected bridges are:
 * 109.105.109.163:38980
 * 109.105.109.163:47779
 * 109.105.109.165:10527
 * 109.105.109.147:13764

 I'll push a patch that removes these four bridges in a second.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31042 [Applications/Tor Browser]: Update Tor Android Service With Latest Orbot Changes

[Tor Bug Tracker & Wiki]

#31042: Update Tor Android Service With Latest Orbot Changes
--+--
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201906  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_review => new


Comment:

 I think marking the respective bugs for review if done is fine, keeping
 this as a meta-bug which just gets closed if everything is done.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
---+---
 Reporter:  pili   |  Owner:  tbb-team
 Type:  task   | Status:
   |  needs_revision
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * keywords:  ux-team, TorBrowserTeam201907R => ux-team,
   TorBrowserTeam201907
 * status:  needs_review => needs_revision


Comment:

 Replying to [comment:15 acat]:
 > Thanks. Addressed comments here:
 https://github.com/acatarineu/torbutton/commit/30577+1

 Looks good. I think one final tweak we want to do is not counting down if
 the user just clicks the link. We only count down if they click the "x" or
 do a restart.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31050 [Applications/Tor Browser]: vertaling van webpagina's (zoals mogelijk is in chrome)

[Tor Bug Tracker & Wiki]

#31050: vertaling van webpagina's (zoals mogelijk is in chrome)
--+--
 Reporter:  Starsister 56 |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * owner:  (none) => tbb-team
 * component:  - Select a component => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28795 [Core Tor/Tor]: Generate a new fallback list in 2019 and backport it to all supported Tor versions

[Tor Bug Tracker & Wiki]

#28795: Generate a new fallback list in 2019 and backport it to all supported 
Tor
versions
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 029-backport,  |  implemented
  035-backport, 040-backport, 041-backport,  |  Actual Points:  1.5
  041-should |
Parent ID:  #28793   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 (I did the full merge because this is one that historically we have given
 an automatic backport, on the theory that it is a good idea to keep all
 the branches together, and there are unlikely to be bugs here.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28795 [Core Tor/Tor]: Generate a new fallback list in 2019 and backport it to all supported Tor versions

[Tor Bug Tracker & Wiki]

#28795: Generate a new fallback list in 2019 and backport it to all supported 
Tor
versions
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 029-backport,  |  implemented
  035-backport, 040-backport, 041-backport,  |  Actual Points:  1.5
  041-should |
Parent ID:  #28793   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 Merged to 0.2.9 and forward.  Hooray!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-

Comment (by gaba):

 From irc on how riseup manage the anti-spam in their gitlab instance.

 - limiting domains that can signup to ones we know (whitelist), limiting
 projects/group creation to a low number unless requested to increase, and
 then searching on the internet for links to our gitlab instance in order
 to find spam

 on spam:
 'snippets' are the most common way (eg. https://0xacab.org/snippets/776) .
 Even with monthly cleanup, we have been put into RBL lists for email
 delivery blacklisting because of the spam on gitlab. Spam goes in so many
 different possible ways, its mostly impossible to control, unless you
 dedicate a HUGE amount of time to it. Its extremely easy to miss spammers.
 If they don't have access to snippits, they make comments, or user pages,
 etc

 The only thing that works is to close/limit registration (which is what
 gitlab.com does) or turn on google captcha/akismet

 about the amount of labor on fighting spam:
 You will spend at minimum 6 hours a week dealing with spam, with an open
 gitlab. It is not simple as just click a delete button, since you have to
 copy and paste the names as conformation

 Not only will you spend a huge amount of time dealing with the spam, but
 you will also get the domain blacklisted :(
 A huge amount of our spam came from gmail accounts even

 We played 'whack a mole' for a while by blocking domains that were
 spamming but we ended up going crazy, and so we only whitelist domains
 now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30949 [Core Tor/Tor]: Add the source= line to the dir list spec

[Tor Bug Tracker & Wiki]

#30949: Add the source= line to the dir list spec
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 041-should, tor-spec,  |  implemented
  nickm-merge, asn-merge |  Actual Points:  0.1
Parent ID:  #28793   | Points:  0.1
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => implemented


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30949 [Core Tor/Tor]: Add the source= line to the dir list spec

[Tor Bug Tracker & Wiki]

#30949: Add the source= line to the dir list spec
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 041-should, tor-spec,  |  Actual Points:  0.1
  nickm-merge, asn-merge |
Parent ID:  #28793   | Points:  0.1
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by nickm):

 merged to torspec

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30716 [Circumvention/Obfs4]: Improve the obfs4 obfuscation protocol

[Tor Bug Tracker & Wiki]

#30716: Improve the obfs4 obfuscation protocol
+--
 Reporter:  phw |  Owner:  phw
 Type:  task| Status:  assigned
 Priority:  High|  Milestone:
Component:  Circumvention/Obfs4 |Version:
 Severity:  Normal  | Resolution:
 Keywords:  sponsor28, anti-censorship-roadmap  |  Actual Points:
Parent ID:  | Points:  20
 Reviewer:  |Sponsor:
|  Sponsor28-must
+--
Changes (by robgjansen):

 * cc: robgjansen (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28119 [Applications/Tor Browser]: Provide Tor Browser for Android for arm64-v8a devices

[Tor Bug Tracker & Wiki]

#28119: Provide Tor Browser for Android for arm64-v8a devices
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, tbb-mobile, user-feedback,  |  Actual Points:
  blog, GeorgKoppen201906,   |
  TorBrowserTeam201907R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:15 boklm]:
 > I also seems the branch `bug_28119_v6` was pushed by mistake to the main
 tor-browser-build repository (not in the master branch, but in a
 `bug_28119_v6` branch).

 Yeah :( That's #31007.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28119 [Applications/Tor Browser]: Provide Tor Browser for Android for arm64-v8a devices

[Tor Bug Tracker & Wiki]

#28119: Provide Tor Browser for Android for arm64-v8a devices
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, tbb-mobile, user-feedback,  |  Actual Points:
  blog, GeorgKoppen201906,   |
  TorBrowserTeam201907R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 I also seems the branch `bug_28119_v6` was pushed by mistake to the main
 tor-browser-build repository (not in the master branch, but in a
 `bug_28119_v6` branch).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28119 [Applications/Tor Browser]: Provide Tor Browser for Android for arm64-v8a devices

[Tor Bug Tracker & Wiki]

#28119: Provide Tor Browser for Android for arm64-v8a devices
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, tbb-mobile, user-feedback,  |  Actual Points:
  blog, GeorgKoppen201906,   |
  TorBrowserTeam201907R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 This looks good to me. I merged it to master with commit
 99f739a2b2bde7e81d9f6a974efbdd2eca1b7947.

 I opened #31054 to enable it in the nightly builds.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31054 [Applications/Quality Assurance and Testing]: Add android aarch64 nightly builds

[Tor Bug Tracker & Wiki]

#31054: Add android aarch64 nightly builds
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance   |Version:
  and Testing|   Keywords:
 Severity:  Normal   |  TorBrowserTeam201907
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 With #28119 we added support for android-aarch64 builds. We should enable
 those builds in the nightly builds.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
+--
 Reporter:  pili|  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  High|  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by acat):

 * status:  needs_revision => needs_review
 * keywords:  ux-team, TorBrowserTeam201907 => ux-team,
   TorBrowserTeam201907R


Comment:

 Thanks. Addressed comments here:
 https://github.com/acatarineu/torbutton/commit/30577+1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31042 [Applications/Tor Browser]: Update Tor Android Service With Latest Orbot Changes

[Tor Bug Tracker & Wiki]

#31042: Update Tor Android Service With Latest Orbot Changes
--+--
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201906  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by sisbell):

 * status:  new => needs_review


Comment:

 I have two items ready for review now. Or we can wait until I have all
 updates in.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31053 [Internal Services/Services Admin Team]: styleguide.tpo missing from infrastructure page?

[Tor Bug Tracker & Wiki]

#31053: styleguide.tpo missing from infrastructure page?
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services   |Version:
  Admin Team |
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 https://trac.torproject.org/projects/tor/wiki/org/operations/Infrastructure
 has a list of our user-facing websites and our internal websites.

 But styleguide.torproject.org is missing from it. We should figure out who
 owns it, and add it to the list.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30615 [Core Tor/Tor]: Factor random_uniform_01 into nondeterministic and deterministic parts, and automatically test the deterministic part

[Tor Bug Tracker & Wiki]

#30615: Factor random_uniform_01 into nondeterministic and deterministic parts, 
and
automatically test the deterministic part
-+-
 Reporter:  riastradh|  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Low  |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.1.1-alpha
 Severity:  Minor| Resolution:
 Keywords:  tor-test, 041-deferred-20190530  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  asn  |Sponsor:
-+-
Changes (by asn):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30683 [Applications/Tor Browser]: Properties in dom/locales/$lang/chrome/ allow detecting user locale

[Tor Bug Tracker & Wiki]

#30683: Properties in dom/locales/$lang/chrome/ allow detecting user locale
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting-locale,   |  Actual Points:
  TorBrowserTeam201907   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by acat):

 > Have you checked whether the patch is a good upstreaming idea as-is? I
 wonder in particular if the en-US strings will always be available in, say
 fr, builds that don't come with fr lang packs.

 That's a very nice point, I missed this one. Indeed, Firefox localized
 builds do not have these, I only tested with language packs... Good that
 you realized before https://phabricator.services.mozilla.com/D35815
 landed, since it was accepted.

 I'm not sure what's the best way to make this upstreamable. I think it's
 not realistic to try to make the localized messages not accessible to web
 content, so I think making available these en-US locales in localized
 builds is the only way. I will take a look and try to see how difficult it
 is to do this, and update
 https://bugzilla.mozilla.org/show_bug.cgi?id=1561322. The approach is the
 same, so whatever is accepted in that bug should also apply here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Service - trac]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
--+-
 Reporter:  gaba  |  Owner:  qbi
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ticket-system-migration   |  Actual Points:
Parent ID:  #30857| Points:
 Reviewer:|Sponsor:
--+-
Changes (by gaba):

 * owner:  (none) => qbi
 * component:  - Select a component => Internal Services/Service - trac


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31052 [Internal Services/Services Admin Team]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
---+-
 Reporter:  gaba   |  Owner:  qbi
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Services Admin Team  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ticket-system-migration|  Actual Points:
Parent ID:  #30857 | Points:
 Reviewer: |Sponsor:
---+-
Changes (by gaba):

 * component:  Internal Services/Service - trac => Internal
 Services/Services Admin Team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31052 [- Select a component]: Guest accounts in the ticketing system

[Tor Bug Tracker & Wiki]

#31052: Guest accounts in the ticketing system
--+
 Reporter:  gaba  |  Owner:  (none)
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:  ticket-system-
  |  migration
Actual Points:|  Parent ID:  #30857
   Points:|   Reviewer:
  Sponsor:|
--+
 Related to the possible migration from trac into gitlab we have been
 talking about guest accounts. There was a conversation in irc about having
 them or not. We need to come to an agreement on what to do about it.

 Options in gitlab:

 1) Having 'guest accounts' like -guest

 Pros:
 - anybody can report problems/features and there are less barriers for
 contribution

 Cons:
 - spam

 2) Opening registration

 Pros:
 - anybody can report problems/features and there are less barriers for
 contribution

 Cons:
 - spam

 3) Having accounts by 'invitation only'.

 Pros:
 - no spam

 Cons:
 - one more barrier to contribute to Tor

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29697 [Internal Services]: archive.tpo is soon running out of space

[Tor Bug Tracker & Wiki]

#29697: archive.tpo is soon running out of space
---+--
 Reporter:  boklm  |  Owner:  weasel
 Type:  defect | Status:  assigned
 Priority:  High   |  Milestone:
Component:  Internal Services  |Version:
 Severity:  Major  | Resolution:
 Keywords:  budget_needed  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by anarcat):

 * owner:  boklm => weasel


Comment:

 rsync is complete, and the machine survived a reboot: it returned
 automatically (thanks to mandos), probably because the raid array had
 sync'd. so all seems good, but i think some bits might still be missing,
 because the backups of staticforme and arlgirdense are twice as big as
 archive-01. this could be just because of incrementals, however.

 weasel was saying we might be missing some scripts from the archive team,
 but I am not sure what those are. i need to email the archive team but
 will delegate the followup of this to weasel for now...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30549 [Applications/Tor Browser]: Add script to remove expired sub-keys from a keyring file

[Tor Bug Tracker & Wiki]

#30549: Add script to remove expired sub-keys from a keyring file
+--
 Reporter:  boklm   |  Owner:  tbb-team
 Type:  task| Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  TorBrowserTeam201907R, tbb-rbm  |  Actual Points:
Parent ID:  #30548  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, let's see how this works out if we actually want/need to use it.
 I've merged the patch to `master`
 (419b0bef89047450a88292ea34bb8ef1e746bbea).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31041 [Applications/Tor Browser]: Tor Browser doesnt delete cookies after closing browser if not in Private Browsing Mode (PBM)

[Tor Bug Tracker & Wiki]

#31041: Tor Browser doesnt delete cookies after closing browser if not in 
Private
Browsing Mode (PBM)
-+-
 Reporter:  justforlgs   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-regression   |  Actual Points:
  TorBrowserTeam201907R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. Merged to `master` (commit
 a13b6c870afa18ac1c7747aa928f89b5706a9f44) and cherry-picked to `maint-2.1`
 (commit 4cec079c058d5756a47f9d661b7aea7a95d31076).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28672 [Circumvention/Snowflake]: Android reproducible build of Snowflake

[Tor Bug Tracker & Wiki]

#28672: Android reproducible build of Snowflake
-+-
 Reporter:  dcf  |  Owner:  (none)
 Type:  project  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  GeorgKoppen201904, ex-sponsor-19,  |
  TorBrowserTeam201907   |
Parent ID:  #30318   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor28-can
-+-

Comment (by gk):

 Replying to [comment:25 boklm]:
 > Replying to [comment:24 gk]:
 > > 3) What's the reason for moving the `gclient config` part outside of
 the `if [ ! -d "src"]` one, in particular as this affects non-Android
 platforms as well. And what does it mean? That it is
 > > not run for Linux and macOS anymore?
 >
 > If the `gclient config` is behind the `if [ ! -d "src"]`, then changes
 to gclient config are not taken into account unless we remove the `src`
 directory. So moving it outside allows us to update this config without
 removing the `src` directory.
 >
 > It seems we should have a patch moving that part outside of the `if [ !
 -d "src"]` on the stable branch too, otherwise building master will update
 the gclient config, and then building stable will keep using the master
 version of the gclient config.

 Okay, sounds reasonable. Yes, we should keep that in mind once we need
 this on stable (which we currently don't do).

 > The `target_os` line means fetching dependencies specific for those
 platforms. It seems we don't need specific dependencies for the Linux and
 macOS builds as we had no `target_os` defined before.
 >
 > With this change we will fetch Android dependencies (and Windows ones,
 but we can remove it for now), and will include it in the webrtc tarball
 used for every platforms. This means we include some dependencies not
 needed in the Linux and macOS builds, but this avoids generating one
 tarball for each platform.

 Yes, that seemed to be perfectly reasonable. Just the Windows part is not
 needed yet (maybe not even ever given the build issues), thus let's remove
 it for now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28672 [Circumvention/Snowflake]: Android reproducible build of Snowflake

[Tor Bug Tracker & Wiki]

#28672: Android reproducible build of Snowflake
-+-
 Reporter:  dcf  |  Owner:  (none)
 Type:  project  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  GeorgKoppen201904, ex-sponsor-19,  |
  TorBrowserTeam201907   |
Parent ID:  #30318   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor28-can
-+-

Comment (by boklm):

 Replying to [comment:24 gk]:
 > 3) What's the reason for moving the `gclient config` part outside of the
 `if [ ! -d "src"]` one, in particular as this affects non-Android
 platforms as well. And what does it mean? That it is
 > not run for Linux and macOS anymore?

 If the `gclient config` is behind the `if [ ! -d "src"]`, then changes to
 gclient config are not taken into account unless we remove the `src`
 directory. So moving it outside allows us to update this config without
 removing the `src` directory.

 It seems we should have a patch moving that part outside of the `if [ ! -d
 "src"]` on the stable branch too, otherwise building master will update
 the gclient config, and then building stable will keep using the master
 version of the gclient config.

 The `target_os` line means fetching dependencies specific for those
 platforms. It seems we don't need specific dependencies for the Linux and
 macOS builds as we had no `target_os` defined before.

 With this change we will fetch Android dependencies (and Windows ones, but
 we can remove it for now), and will include it in the webrtc tarball used
 for every platforms. This means we include some dependencies not needed in
 the Linux and macOS builds, but this avoids generating one tarball for
 each platform.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30549 [Applications/Tor Browser]: Add script to remove expired sub-keys from a keyring file

[Tor Bug Tracker & Wiki]

#30549: Add script to remove expired sub-keys from a keyring file
+--
 Reporter:  boklm   |  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201907R, tbb-rbm  |  Actual Points:
Parent ID:  #30548  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by boklm):

 * keywords:  TorBrowserTeam201907, tbb-rbm => TorBrowserTeam201907R, tbb-
   rbm
 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:10 gk]:
 > Replying to [comment:9 boklm]:
 > > Replying to [comment:8 gk]:
 > > > Could you update `drop-expired-sub-keys` with the process you
 envision in commit:5? That way someone later without all the background we
 have knows what to do with the script(s).
 > >
 > > In branch `bug_30549_v4` I added a README file explaining the process:
 > > https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_30549_v4=059bb1f569084ac1c6e9d17cd3959c33afeb37d7
 >
 > Thanks, this looks better: One final thing (I hope :) ):
 > {{{
 > - if a key is not needed anymore, remove it with `gpg --delete-keys`.
 > }}}
 > s/i/I/, but more generally I am not sure I understand the need for the
 `gpg` invocation here. If we find a key in /keyring which we don't need
 anymore then we just remove the file, no? Or did you have in mind cases
 where a bunch of keys were in the same file? I suspect we could need some
 clarification here.

 Yes, I was thinking of the case of a keyring file containing multiple
 keys, including an expired one that is not needed anymore. I clarified
 this in `bug_30549_v5`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_30549_v5=419b0bef89047450a88292ea34bb8ef1e746bbea

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31051 [Internal Services/Tor Sysadmin Team]: bungei running out of space

[Tor Bug Tracker & Wiki]

#31051: bungei running out of space
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 we got this warning from nagios this weekend:

 {{{
 DISK WARNING - free space: /srv/backups/bacula 1886723 MB (9% inode=99%)
 }}}

 indeed, the main storage is full:

 {{{
 Sys. de fichiersTaille Utilisé Dispo Uti% Monté sur
 /dev/mapper/vg_bulk-backups--bacula20T 18T  1,6T  93%
 /srv/backups/bacula
 }}}

 There's plenty of free space on the VG, however:

 {{{
   VG  #PV #LV #SN Attr   VSize  VFree
   vg_bulk   1   2   0 wz--n- 72,60t 51,60t
 }}}

 So this could quickly be resolved by just resizing that partition. But
 it's interesting to note that the vast majority of storage in use comes
 from the static content. I suspect there's a lot of duplication around
 those and we could save space in backups by being a little smarter about
 this:

 {{{
 ncdu 1.13 ~ Use the arrow keys to navigate, press ? for help
 --- /srv/backups/bacula
 
---
 4,3 TiB [ 25,0% ##] /arlgirdense.torproject.org
 4,3 TiB [ 24,5% # ] /staticiforme.torproject.org
 2,1 TiB [ 11,9%   ] /archive-01.torproject.org
 1,1 TiB [  6,2% ##] /perdulce.torproject.org
   871,0 GiB [  4,9% # ] /colchicifolium.torproject.org
   806,1 GiB [  4,5% # ] /Catalog
   554,4 GiB [  3,1% # ] /corsicum.torproject.org
   375,1 GiB [  2,1%   ] /gillii.torproject.org
   237,5 GiB [  1,3%   ] /eugeni.torproject.org
   209,0 GiB [  1,2%   ] /hetzner-nbg1-01.torproject.org
 }}}

 Above is the top-ten in disk usage. It's interesting to note that
 archive01 is only half of its partners. We should also note that
 arlgirdense is likely going to go away eventually, because archive-01 will
 replace it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start

[Tor Bug Tracker & Wiki]

#31031: Tor Browser trying to read /etc/machine-id on start
--+--
 Reporter:  rain-undefined|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by rain-undefined):

 Update: this may be related to an earlier ticket
 https://trac.torproject.org/projects/tor/ticket/20884 .

 For me the Tor Browser does not crash, and works happily even though it is
 denied `/etc/machine-id`. It does become unable to communicate with other
 applications using I-Bus (an example being my input method), which I think
 is expected after reading yawning's comment under that ticket.

 And if I include `` (which will permit
 the browser to read `/etc/machine-id`) and `` in the
 profile, TB will start to work with I-Bus applications again.

 ---
 Also, thanks gk & sysrqb for working on this (although i cannot understand
 much yet)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30683 [Applications/Tor Browser]: Properties in dom/locales/$lang/chrome/ allow detecting user locale

[Tor Bug Tracker & Wiki]

#30683: Properties in dom/locales/$lang/chrome/ allow detecting user locale
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting-locale,   |  Actual Points:
  TorBrowserTeam201907   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: mcs, brade (added)
 * status:  needs_review => needs_revision
 * keywords:  tbb-fingerprinting-locale, TorBrowserTeam201907R => tbb-
 fingerprinting-locale, TorBrowserTeam201907


Comment:

 I think this looks mostly good to me. Could you adapt
 `// When we spoof English, use en-US default strings in HTML forms.` a bit
 as the code that follows is not only about forms anymore?

 Have you checked whether the patch is a good upstreaming idea as-is? I
 wonder in particular if the `en-US` strings will always be available in,
 say `fr`, builds that don't come with `fr` lang packs.

 mcs, brade could you have a second look?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31030 [Core Tor/Tor]: Coverity: Several warnings from test code

[Tor Bug Tracker & Wiki]

#31030: Coverity: Several warnings from test code
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:  .1
Parent ID:| Points:
 Reviewer:  teor  |Sponsor:
--+
Changes (by asn):

 * reviewer:   => teor


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31027 [Core Tor/Tor]: Coverity: circpadding: dead code in circpad_machine_remove_token

[Tor Bug Tracker & Wiki]

#31027: Coverity: circpadding: dead code in  circpad_machine_remove_token
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:
Parent ID:| Points:
 Reviewer:  mikeperry |Sponsor:
--+
Changes (by asn):

 * reviewer:   => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31024 [Core Tor/Tor]: Coverity: circpadding: always check circpad_machine_current_state()

[Tor Bug Tracker & Wiki]

#31024: Coverity: circpadding: always check circpad_machine_current_state()
-+
 Reporter:  nickm|  Owner:  (none)
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  041-should coverity  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  mikeperry|Sponsor:
-+
Changes (by asn):

 * reviewer:   => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31026 [Core Tor/Tor]: Coverity doesn't understand that begin_cell_parse() won't return address==NULL when is_begindir is false

[Tor Bug Tracker & Wiki]

#31026: Coverity doesn't understand that begin_cell_parse() won't return
address==NULL when is_begindir is false
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:  .1
Parent ID:| Points:
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => dgoulet


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31025 [Core Tor/Tor]: Coverity is confused by switch statement in siphash24 implementation

[Tor Bug Tracker & Wiki]

#31025: Coverity is confused by switch statement in siphash24 implementation
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:  .1
Parent ID:| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * reviewer:   => asn


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31009 [Core Tor/Tor]: Tor lets transports advertise private IP addresses in descriptor

[Tor Bug Tracker & Wiki]

#31009: Tor lets transports advertise private IP addresses in descriptor
-+-
 Reporter:  phw  |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-pt, tor-bridge, 029-backport,|  Actual Points:
  035-backport, 040-backport, 041-backport   |
Parent ID:   | Points:  0.5
 Reviewer:  ahf  |Sponsor:
 |  Sponsor28-can
-+-
Changes (by asn):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30987 [Core Tor/Tor]: [PATCH] Add support for seccomp on powerpc64

[Tor Bug Tracker & Wiki]

#30987: [PATCH] Add support for seccomp on powerpc64
+
 Reporter:  shawnanastasio  |  Owner:  (none)
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor|Version:  Tor: unspecified
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  nickm   |Sponsor:
+
Changes (by asn):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28930 [Core Tor/Tor]: consider reordering PT/proxy phases

[Tor Bug Tracker & Wiki]

#28930: consider reordering PT/proxy phases
-+-
 Reporter:  catalyst |  Owner:  ahf
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  pt, proxy, 040-deferred-20190220,|  Actual Points:  8.5
  ex-sponsor-19, network-team-   |
  roadmap-2019-Q1Q2, ex-28018-child, bootstrap,  |
  ex-sponsor19   |
Parent ID:   | Points:  3
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by asn):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28795 [Core Tor/Tor]: Generate a new fallback list in 2019 and backport it to all supported Tor versions

[Tor Bug Tracker & Wiki]

#28795: Generate a new fallback list in 2019 and backport it to all supported 
Tor
versions
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  fallback, 029-backport,  |  Actual Points:  1.5
  035-backport, 040-backport, 041-backport,  |
  041-should |
Parent ID:  #28793   | Points:  1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by asn):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31041 [Applications/Tor Browser]: Tor Browser doesnt delete cookies after closing browser if not in Private Browsing Mode (PBM)

[Tor Bug Tracker & Wiki]

#31041: Tor Browser doesnt delete cookies after closing browser if not in 
Private
Browsing Mode (PBM)
-+-
 Reporter:  justforlgs   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-regression   |  Actual Points:
  TorBrowserTeam201907R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by acat):

 * keywords:  tbb-regression => tbb-regression TorBrowserTeam201907R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31041 [Applications/Tor Browser]: Tor Browser doesnt delete cookies after closing browser if not in Private Browsing Mode (PBM)

[Tor Bug Tracker & Wiki]

#31041: Tor Browser doesnt delete cookies after closing browser if not in 
Private
Browsing Mode (PBM)
--+--
 Reporter:  justforlgs|  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-regression|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by acat):

 * status:  needs_information => needs_review


Comment:

 Yes, I think we can remove that from the pref syncing. I also took a look
 at `browser.download.manager.retention` and I don't see any browser code
 using that preference, so I think we can also remove that one.

 Patch: https://github.com/acatarineu/torbutton/commit/31041

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25568 [Core Tor/Tor]: hs: Lookup failure cache when introducing to an intro point

[Tor Bug Tracker & Wiki]

#25568: hs: Lookup failure cache when introducing to an intro point
-+-
 Reporter:  dgoulet  |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  security, tor-hs,|  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 I have a new PR on a different branch here:
 https://github.com/torproject/tor/pull/1161

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31050 [- Select a component]: vertaling van webpagina's (zoals mogelijk is in chrome)

[Tor Bug Tracker & Wiki]

#31050: vertaling van webpagina's (zoals mogelijk is in chrome)
---+--
 Reporter:  Starsister 56  |  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Component:  - Select a component
  Version: |   Severity:  Major
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
 Hallo,
 omdat vele webpagina's in het engels zijn vertaal ik in chromebrowser de
 webpagina van engels naar nederlands.
 Ik heb de faq's gelezen maar deze vraag niet tegengekomen.
 Is het mogelijk om met Tor ook die vertaling te doen?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #22176, #30321, #10760, #25021, ...

[Tor Bug Tracker & Wiki]

Batch modification to #22176, #30321, #10760, #25021, #28238, #28716, #29013, 
#30585, #29614, #30320, #30322, #30323, #30376, #30468, #30490, #30701, #30734 
by gk:


Comment:
Moving my tickets to July.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #30429, #27503, #28119, #30585, ...

[Tor Bug Tracker & Wiki]

Batch modification to #30429, #27503, #28119, #30585, #30683, #18101, #26861, 
#27045, #27265, #28822, #29187, #30573, #31010 by gk:


Comment:
No reviews in June 2019 anymore, moving them.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30549 [Applications/Tor Browser]: Add script to remove expired sub-keys from a keyring file

[Tor Bug Tracker & Wiki]

#30549: Add script to remove expired sub-keys from a keyring file
---+---
 Reporter:  boklm  |  Owner:  tbb-team
 Type:  task   | Status:
   |  needs_revision
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201907, tbb-rbm  |  Actual Points:
Parent ID:  #30548 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * status:  needs_review => needs_revision
 * keywords:  TorBrowserTeam201906R, tbb-rbm => TorBrowserTeam201907, tbb-
   rbm


Comment:

 Replying to [comment:9 boklm]:
 > Replying to [comment:8 gk]:
 > > Could you update `drop-expired-sub-keys` with the process you envision
 in commit:5? That way someone later without all the background we have
 knows what to do with the script(s).
 >
 > In branch `bug_30549_v4` I added a README file explaining the process:
 > https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_30549_v4=059bb1f569084ac1c6e9d17cd3959c33afeb37d7

 Thanks, this looks better: One final thing (I hope :) ):
 {{{
 - if a key is not needed anymore, remove it with `gpg --delete-keys`.
 }}}
 s/i/I/, but more generally I am not sure I understand the need for the
 `gpg` invocation here. If we find a key in /keyring which we don't need
 anymore then we just remove the file, no? Or did you have in mind cases
 where a bunch of keys were in the same file? I suspect we could need some
 clarification here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
---+---
 Reporter:  pili   |  Owner:  tbb-team
 Type:  task   | Status:
   |  needs_revision
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * keywords:  ux-team, TorBrowserTeam201907R => ux-team,
   TorBrowserTeam201907
 * status:  needs_review => needs_revision


Comment:

 Some comments:

 I am a bit wary using `extensions.torbutton.donation_banner_countdown` as
 we had this one already in our last year-end-campaign and some users might
 still have this pref set to `0` in their profile. I guess we can use
 `extensions.torbutton.donation_banner_countdown3` instead?

 Nit: `// Show the Sign Up for Tor News banner a finite number of times.`
 no Tor News here but the donation banner.

 Re the language strings: The usual flow is defining the necessary ones for
 `en-US` and commit that and then the translations get done/added once they
 are ready. Thus, creating proper entries in `aboutTor.dtd` seems to be the
 way forward. I guess that could mean two entries for the two sentences,
 like `aboutTor.donationBanner3.line1` and
 `aboutTor.donationBanner3.line2`, given that we only want to make the
 second one a link?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31041 [Applications/Tor Browser]: Tor Browser doesnt delete cookies after closing browser if not in Private Browsing Mode (PBM) (was: Tor Browser doesnt delete cookies after closing br

[Tor Bug Tracker & Wiki]

#31041: Tor Browser doesnt delete cookies after closing browser if not in 
Private
Browsing Mode (PBM)
--+---
 Reporter:  justforlgs|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-regression|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information
 * cc: acat (added)
 * keywords:  cookie, settings => tbb-regression


Comment:

 You mean 8.5.1 is the last version that worked for you? I am asking as
 8.5.2 and 8.5.3 were emergency releases fixing serious security
 vulnerabilities and shipped with an updated NoScript version. I would not
 expect your bug out of those changes.

 However, I'd expect that's due to the fix for #30565. Alex, I guess we
 could just omit setting `network.cookie.lifetimePolicy` in case the user
 leaves PBM? That pref value is not critical for "remember history"-mode.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30199 [Applications/Tor Browser]: tor-android-service: Review 2019/04/16

[Tor Bug Tracker & Wiki]

#30199: tor-android-service: Review 2019/04/16
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201906   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 I wasn't able to follow the exact commits in the descriptions (I can't
 seem to locate the hashes) but I have a general idea of what some of them
 are addressing:




 Replying to [ticket:30199 sysrqb]:
 > Overall, nicely done. This review is on master
 (`6a9314aff4418a4edac33ff39fae266b097cf000`):
 >
 > the initial import (`36f9873ff075253f4c1c9e394c91031fd4ba9d4a`), do you
 know the git hash of the orbot commit you used?

  The original branch point was from commit:
 8ad7668013a7291b98cf8689cd99961db69f8ed3

 >
 > `1d635a925ca1728542067ee7bf34ff532d623a3f` - The renaming is Tor Browser
 specific, so we should probably carry this as a patch in tor-browser-
 build, instead of hard coding "Tor Browser" within a general purpose "Tor
 service" library, right?

   I did update the resources to be the latest ones in Orbot. We will need
 to provide a patch to add 'Tor Browser' text now.

 >
 > `45244c49fbe382e97655b8f8d8f482e54f95ed07` - I wonder if we should carry
 a patch for this too. If tor-android-services+TOPL is intended as a
 general Android Tor library, then we probably shouldn't make it Tor
 Browser specific.
 >
 > `f3b3df4e66630a68c9987d52d93580549a0acaf4` - this package doesn't exist
 yet, but it will exist in a few weeks, so leaving it is probably okay.
 >
 > `1a2121e2a7ee8a6c0f3b5edd150b38eaae8bef304` - hasCookieAuthentication()
 and runAsDaemon() seem out of place in this commit
 I was not able to locate the 3 commits above to review

 >
 > `784919d8eb19083cf761b3e7314c49d8befc00cd` - custom tor, the binaries
 should be compiled as dependencies by tor-browser-build and injected into
 the build,  TorService.TOR_VERSION should be patched at build time
 I'll open an issue for this. I think a good approach would be to place the
 version in a property file rather than using static fields. Orbot handles
 things a little differently now as well and pulls a binary artifact that
 contains the correct version in the meta-data.

 >
 > `6a9314aff4418a4edac33ff39fae266b097cf000` - In the future, we should
 take the bridges used on desktop (currently specified in Firefox's pref
 format and injected at build time by tor-browser-build), and pre-process
 them for inclusion on Android, too.

 I did see sysrqb added this in commit
 d9b049c8cee225b4e7bb6f0191093f543d0f9f65

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28672 [Circumvention/Snowflake]: Android reproducible build of Snowflake

[Tor Bug Tracker & Wiki]

#28672: Android reproducible build of Snowflake
-+-
 Reporter:  dcf  |  Owner:  (none)
 Type:  project  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  GeorgKoppen201904, ex-sponsor-19,  |
  TorBrowserTeam201907   |
Parent ID:  #30318   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor28-can
-+-
Changes (by gk):

 * keywords:
 tbb-mobile, tbb-rbm, GeorgKoppen201904, ex-sponsor-19,
 TorBrowserTeam201906R
 =>
 tbb-mobile, tbb-rbm, GeorgKoppen201904, ex-sponsor-19,
 TorBrowserTeam201907
 * status:  needs_review => needs_revision


Comment:

 Thanks! It seems I got reproducible builds now, nice! Here come some
 review notes:

 93b7f904ec931c56adf9f84b50756cf2f7776f38 -- okay
 524f9d9b6cfc6418e237fcd6c5264bb301a2411f -- okay
 093ab72ddc37be1f4932213c4a78ff1e55348500 -- not okay;
 1) So, we need a particular OpenSSL version or is the one in Stretch just
 too old? Could you add a
 comment here explaining what happens (and ideally pointing to the
 problematic
 code)?
 2) `+  target_os = ["win", "android"]` -- we don't target Windows
 right now and should leave that target out
 3) What's the reason for moving the `gclient config` part outside of the
 `if [ ! -d "src"]` one, in particular as this affects non-Android
 platforms as well. And what does it mean? That it is
 not run for Linux and macOS anymore?
 4) We could change the `GN_ARGS`-adding parts to
 {{{
 [% IF c("var/linux") -%]
   GN_ARGS+=
 [% ELSIF c("var/osx") -%]
   GN_ARGS+=
 [% ELSIF c("var/android") -%]
   GN_ARGS+=
 [% END -%]
 }}}
 commit 082b4fd8759ef9e88317940d77d091291d0363df -- not okay; Just copying
 the .aar over does not mean it gets included into the final result. I
 think we'd need to update the `android-dependencies.patch` file for that
 as well. However, I am not exactly sure about the way forward here as the
 .aar approach seems to be in line with
 https://github.com/guardianproject/AndroidPluggableTransports but that's
 not how we currently utilize PTs on mobile which is having a binary like
 we do on desktop. I'll bring this as a topic for the meeting discussion up
 today.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31042 [Applications/Tor Browser]: Update Tor Android Service With Latest Orbot Changes

[Tor Bug Tracker & Wiki]

#31042: Update Tor Android Service With Latest Orbot Changes
--+--
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201906  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sisbell):

 Changes in 0628 branch of tor android service
 * 31047 - Resource Updates
 * 31043 - VPN Module (includes fix for loading, this had been broken since
 we don't use it in Tor Browser)

 The changes for 31043 also would affect Orbot so those fixes are in PR:
 https://github.com/guardianproject/orbot/pull/240

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31049 [Applications/Orbot]: Orbot Using Tor Android Service

[Tor Bug Tracker & Wiki]

#31049: Orbot Using Tor Android Service
+--
 Reporter:  sisbell |  Owner:  n8fr8
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Orbot  |Version:
 Severity:  Normal  |   Keywords:  TorBrowserTeam201907
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+--
 I'd like to get some discussion of whether we want to have Orbot start
 using Tor Android Service/TOPL. It's stable now so worth a look.


 I have a pull request with some refactoring that would help with eventual
 integration if we go that route.
 https://github.com/guardianproject/orbot/pull/240

 I'm tracking issues with #31042 to align the code with the latest changes
 so we don't get out of sync.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31048 [Applications/Tor Browser]: Display SOCKS and HTTP port proxy value in UI

[Tor Bug Tracker & Wiki]

#31048: Display SOCKS and HTTP port proxy value in UI
--+--
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201906  |  Actual Points:
Parent ID:  #31042| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sisbell):

 It looks like we need to get info from the tor control connection
 (net/listeners/httptunnel) and then broadcast this back to the UI.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30915 [Applications/Tor Browser]: make sure new banner is localized

[Tor Bug Tracker & Wiki]

#30915: make sure new banner is localized
---+--
 Reporter:  emmapeel   |  Owner:  emmapeel
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201906  |  Actual Points:
Parent ID:  #30577 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 We used `aboutTor.dtd` we seems reasonable to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31048 [Applications/Tor Browser]: Display SOCKS and HTTP port proxy value in UI

[Tor Bug Tracker & Wiki]

#31048: Display SOCKS and HTTP port proxy value in UI
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 This requires broadcasting of these values from the service so the Orbot
 UI can pick them up. Tor Browser would ignore this broadcast.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31047 [Applications/Tor Browser]: Resources Should Exactly Match Orbot

[Tor Bug Tracker & Wiki]

#31047: Resources Should Exactly Match Orbot
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 We made some change to the resources for tor browser. We should only
 modify these with patches. Revert all these changes and use the latest
 from Orbot.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31046 [Applications/Tor Browser]: Remove Obsolete Annotations

[Tor Bug Tracker & Wiki]

#31046: Remove Obsolete Annotations
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 There are a number of obsolete annotations in tor service. We can remove
 these.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31045 [Applications/Tor Browser]: Use external JSocksAndroid dependency

[Tor Bug Tracker & Wiki]

#31045: Use external JSocksAndroid dependency
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 JSocks can be pulled as a binary now so we can remove jsocks from build.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
+--
 Reporter:  pili|  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  High|  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by acat):

 * Attachment "desktop_on.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
+--
 Reporter:  pili|  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  High|  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by acat):

 * Attachment "375px.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
+--
 Reporter:  pili|  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  High|  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by acat):

 * Attachment "320px.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
+--
 Reporter:  pili|  Owner:  tbb-team
 Type:  task| Status:  needs_review
 Priority:  High|  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam201907R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by acat):

 * status:  needs_information => needs_review
 * keywords:  ux-team, TorBrowserTeam201906 => ux-team,
   TorBrowserTeam201907R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31044 [Applications/Tor Browser]: Update Tor Binaries

[Tor Bug Tracker & Wiki]

#31044: Update Tor Binaries
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 Orbot is now on 4.x versions of Tor. We should upgrade tor android service
 as well. There was some discussion about building this as part of tor
 browser build.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30577 [Applications/Tor Browser]: Add Fundraising Banner with next TBB security update

[Tor Bug Tracker & Wiki]

#30577: Add Fundraising Banner with next TBB security update
---+---
 Reporter:  pili   |  Owner:  tbb-team
 Type:  task   | Status:
   |  needs_information
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201906  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by acat):

 Patch for review: https://github.com/acatarineu/torbutton/commit/30577

 Note: did not find the translations, I am assuming they are not ready yet.
 Will update the patch once they are.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31043 [Applications/Tor Browser]: Separate VPN Classes into their own module

[Tor Bug Tracker & Wiki]

#31043: Separate VPN Classes into their own module
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:  #31042
   Points:|   Reviewer:
  Sponsor:|
--+
 The VPN and TorService code isn't correctly layered. It has some
 interdependence.

 By breaking out the code, it should be easier to maintain. Its also easier
 to strip out the VPN for Tor Browser, while maintaining it for Orbot.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31042 [Applications/Tor Browser]: Update Tor Android Service With Latest Orbot Changes

[Tor Bug Tracker & Wiki]

#31042: Update Tor Android Service With Latest Orbot Changes
--+
 Reporter:  sisbell   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
  |  TorBrowserTeam201906
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 There have been a number of recent changes to orbot over the last six
 months so we should merge over the latest changes to tor android service.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30323 [Applications/Tor Browser]: Adapt macOS toolchain for Firefox 68 ESR

[Tor Bug Tracker & Wiki]

#30323: Adapt macOS toolchain for Firefox 68 ESR
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, ff68-esr,   |  Actual Points:
  TorBrowserTeam201906, GeorgKoppen201906|
Parent ID:  #30320   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 https://bugzilla.mozilla.org/show_bug.cgi?id=1513798 is relevant here as
 it contains a number of simplifications and changes we probably want to
 follow.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31041 [Applications/Tor Browser]: Tor Browser doesnt delete cookies after closing browser

[Tor Bug Tracker & Wiki]

#31041: Tor Browser doesnt delete cookies after closing browser
--+--
 Reporter:  justforlgs|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Component:  Applications/Tor Browser
  Version:|   Severity:  Normal
 Keywords:  cookie, settings  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 I enabled "Remember history" in options. But i cant select "Delete cookies
 when closing Tor browser". It reverts back to "until they expire". It was
 working perfectly before 8.5.2.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30849 [Applications/Tor Browser]: Backport fixes for bug 1552627 and 1549833

[Tor Bug Tracker & Wiki]

#30849: Backport fixes for bug 1552627 and 1549833
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201907R,   |  Actual Points:
  GeorgKoppen201906  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201906, GeorgKoppen201906 =>
 TorBrowserTeam201907R, GeorgKoppen201906
 * status:  new => needs_review


Comment:

 After revisiting I think we should just go with the two pref flips for now
 and pick up the other part of the fix once we move to esr68.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18101 [Applications/Tor Browser]: IP leak from Windows/macOS UI dialog with URI

[Tor Bug Tracker & Wiki]

#18101: IP leak from Windows/macOS UI dialog with URI
-+-
 Reporter:  uileak   |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-disk-leak, tbb-proxy-bypass, |  Actual Points:
  TorBrowserTeam201906R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:88 mcs]:
 > Replying to [comment:84 gk]:
 > > Okay, let's get this on our radar again to squash this bug finally.
 `bug_18101` (https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_18101) in my `tor-browser` repo has the patch
 ideas Arthur and a cypherpunk/ericlaw came up with for (re)-review.
 > >
 > > mcs/brade: could you take the macOS part?
 >
 > It is unclear how to produce an IP address leak on macOS 10.9 or newer.
 As teor mentioned in comment:9, Apple seems to have removed features years
 ago that allowed URLs to be entered in the file open and file save panels.
 At least, Kathy and I do not know how to do so.

 If we are sure those features got removed in 10.9 (and later) and/or you
 don't see any leaks in Wireshark on 10.9 (and later), then let's declare
 victory and just omit the patch Arthur wrote?

 > Looking at the patch, it is also unclear what effect the `[NSOpenPanel
 setCanDownloadUbiquitousContents:NO]` call has (the documentation does
 makes it sound like setting it to `NO` is a good idea).
 >
 > In any case, that API requires macOS 10.10 or newer (as documented here
 
https://developer.apple.com/documentation/appkit/nsopenpanel/1533418-candownloadubiquitouscontents?language=objc).
 To make sure, we tested a patched Tor Browser on a macOS 10.9.5 system,
 and indeed an exception was thrown which prevents the file open dialog
 from opening:
 >  ... firefox[...] -[NSOpenPanel setCanDownloadUbiquitousContents:]:
 unrecognized selector sent to instance 0x10bbc5270
 >  ... firefox[...] Mozilla has caught an Obj-C exception
 [NSInvalidArgumentException: -[NSOpenPanel
 setCanDownloadUbiquitousContents:]: unrecognized selector sent to instance
 0x10bbc5270]
 >
 > We would need to add a runtime check to make sure that API is available.
 If we do use `setCanDownloadUbiquitousContents`, we may also want to add a
 similar call inside `nsFilePicker::GetLocalFolder()` (also in
 `widget/cocoa/nsFilePicker.mm`).

 Fair enough. But let's actually double-check whether we still need to do
 that patching (Arthur at least seemed under the impression there would be
 work we needed to do given that `setCanDownloadUbiquitousContents` was not
 set to `NO`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31010 [Applications/Tor Browser]: Rebase Tor Browser mobile/ patches for Firefox ESR 68

[Tor Bug Tracker & Wiki]

#31010: Rebase Tor Browser mobile/ patches for Firefox ESR 68
---+--
 Reporter:  sysrqb |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201906R, tbb-mobile  |  Actual Points:
Parent ID:  #30429 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 I've not checked the rebased commits yet but while looking at #28672 I
 realized we still have the `tor-browser-build` patch for #29575, which I
 think we should move into `tor-browser`. Could you move `android-
 dependencies.patch` over to that repo and integrate it into your rebased
 patches?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31035 [Applications/Tor Browser]: Tor leaking info?

[Tor Bug Tracker & Wiki]

#31035: Tor leaking info?
--+---
 Reporter:  TorUser777|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information


Comment:

 Hm. Is this behavior reproducible? E.g. with different search terms? Could
 you add a screenshot explaining what "was now written in the bottom of my
 Tor Browser window, below the Matrix item I had clicked on" means?

 In theory both instances should not influence each other although the risk
 is high that one puts an item of one into the other leaking sensitive
 information.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31037 [Applications/Tor Browser]: Add 'Quit' action button in Tor Browser for Android persistent notification.

[Tor Bug Tracker & Wiki]

#31037: Add 'Quit' action button in Tor Browser for Android persistent
notification.
--+--
 Reporter:  clash |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-mobile


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31033 [Applications/Tor Browser]: TorBrowser window won't appear on the screen

[Tor Bug Tracker & Wiki]

#31033: TorBrowser window won't appear on the screen
--+---
 Reporter:  mrasoulib |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * keywords:  TorBrowser window won't show up =>
 * status:  new => needs_information
 * version:  sbws: unspecified =>
 * severity:  Critical => Normal
 * priority:  High => Medium


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31033 [Applications/Tor Browser]: TorBrowser window won't appear on the screen

[Tor Bug Tracker & Wiki]

#31033: TorBrowser window won't appear on the screen
-+-
 Reporter:  mrasoulib|  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:  sbws:
 |  unspecified
 Severity:  Critical | Resolution:
 Keywords:  TorBrowser window won't show up  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Do you run any antivirus/firewall software that could interfere here? If
 so, which one? Please try with the latest stable/alpha version (which is
 8.5.3 and 9.0a3 respectively) even though that might not change much in
 your case. Where do you have put your Tor Browser? On Desktop?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31031 [Applications/Tor Browser]: Tor Browser trying to read /etc/machine-id on start

[Tor Bug Tracker & Wiki]

#31031: Tor Browser trying to read /etc/machine-id on start
--+--
 Reporter:  rain-undefined|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: sysrqb (added)


Comment:

 sysrqb pointed to:
 {{{
 if (allowPulse) {
 // PulseAudio also needs access to read the $XAUTHORITY file (see
 // bug 1384986 comment #1), but that's already allowed for hybrid
 // GPU drivers (see above).
 policy->AddPath(rdonly, "/var/lib/dbus/machine-id");
   }
 }}}
 However, a bit above that we have:
 {{{
   bool allowPulse = false;
   bool allowAlsa = false;
   if (level < 4) {
 #ifdef MOZ_PULSEAUDIO
 allowPulse = true;
 #endif
 }}}
 If you look at the sandbox level in `about:config`
 `security.sandbox.content.level` gives you `4`. And even
 `GetEffectiveContentSandboxLevel()` (which determines `level`) seems to
 give `4` back:
 {{{
 #ifdef XP_LINUX
   // Level 4 and up will break direct access to audio.
   if (level > 3 && !Preferences::GetBool("media.cubeb.sandbox")) {
 level = 3;
   }
 #endif

   return level;
 }}}
 given that `media.cubeb.sandbox` is `true`.

 So, it seems that content at least is not the culprit here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load

[Tor Bug Tracker & Wiki]

#15516: Consider rate-limiting INTRODUCE2 cells when under load
-+-
 Reporter:  special  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  SponsorU-deferred, tor-dos, tor-hs,  |  Actual Points:
  network-team-roadmap-2019-Q1Q2 |
Parent ID:  #2   | Points:  10
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-can
-+-

Comment (by asn):

 Thanks for the updates David! Only a single nit remains on the GH (and
 maybe also open the tokenbucket ticket so that we don't forget?).

 As a further thing: I lost track of the experimental results of this
 ticket when I went to AllHands. I now don't rememember exactly how this
 ticket affects (a) the health of the network and (b) the availability of
 the service. Any chance you could update us on these two thigns in the
 tor-dev mailing list? I think it would be great to have this documented so
 that we know what exactly we are doing by merging this patch.

 Marking as needs_revision for these last bits of action.

 Thanks! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load

[Tor Bug Tracker & Wiki]

#15516: Consider rate-limiting INTRODUCE2 cells when under load
-+-
 Reporter:  special  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  SponsorU-deferred, tor-dos, tor-hs,  |  Actual Points:
  network-team-roadmap-2019-Q1Q2 |
Parent ID:  #2   | Points:  10
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-can
-+-
Changes (by asn):

 * status:  needs_review => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30918 [Applications/Tor Browser]: Urgent: Update to 60.7.1 ESR

[Tor Bug Tracker & Wiki]

#30918: Urgent: Update to 60.7.1 ESR
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201906  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  new => closed
 * keywords:   => TorBrowserTeam201906
 * resolution:   => fixed


Comment:

 We are actually done here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31027 [Core Tor/Tor]: Coverity: circpadding: dead code in circpad_machine_remove_token

[Tor Bug Tracker & Wiki]

#31027: Coverity: circpadding: dead code in  circpad_machine_remove_token
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by asn):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31024 [Core Tor/Tor]: Coverity: circpadding: always check circpad_machine_current_state()

[Tor Bug Tracker & Wiki]

#31024: Coverity: circpadding: always check circpad_machine_current_state()
-+
 Reporter:  nickm|  Owner:  (none)
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  041-should coverity  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by asn):

 * status:  new => needs_review


Comment:

 Please check the last commit of
 https://github.com/torproject/tor/pull/1160 which fixes both #31027 and
 #31024.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31027 [Core Tor/Tor]: Coverity: circpadding: dead code in circpad_machine_remove_token

[Tor Bug Tracker & Wiki]

#31027: Coverity: circpadding: dead code in  circpad_machine_remove_token
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  coverity  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by asn):

 Please check the first commit of
 ​https://github.com/torproject/tor/pull/1160 which fixes both #31027 and
 #31024.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs