Re: [tor-bugs] #31522 [Circumvention/Snowflake]: Update broker/bridge to torproject.net domains in source code

[Tor Bug Tracker & Wiki]

#31522: Update broker/bridge to torproject.net domains in source code
-+--
 Reporter:  dcf  |  Owner:  (none)
 Type:  task | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by dcf):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31522 [Circumvention/Snowflake]: Update broker/bridge to torproject.net domains in source code

[Tor Bug Tracker & Wiki]

#31522: Update broker/bridge to torproject.net domains in source code
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by dcf):

 * Attachment "0001-bamsoftware.com-freehaven.net-torproject.net.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31522 [Circumvention/Snowflake]: Update broker/bridge to torproject.net domains in source code

[Tor Bug Tracker & Wiki]

#31522: Update broker/bridge to torproject.net domains in source code
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Tag [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tag/?h=webext-0.0.10 webext-0.0.10] is still
 using bamsoftware.com domains in proxy-go/, and freehaven.net domains
 (from #31250) in proxy/. Is it desired at this point to make them use the
 torproject.net domains from comment:13:ticket:31232 instead?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31449 [Applications/Tor Browser]: Signing tools for 32bit Linux are 64bit now

[Tor Bug Tracker & Wiki]

#31449: Signing tools for 32bit Linux are 64bit now
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201908,   |  Actual Points:
  tbb-9.0-must-alpha |
Parent ID:  #30321   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  new => needs_information


Comment:

 After looking at this issue, it seems that:
 - `signmar` is the same as `mar` with some additional features. So if we
 need a 32 bit `mar`, we could probably use `signmar`.
 - we can use this patch to build `mbsdiff` for linux32:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/tree/projects/firefox/mbsdiff.patch?h=bug_31449_v3

 However it seems that the only place where `mbsdiff` is used is for
 generating incremental mar files, which we usually do on a 64bit machine,
 so I'm not sure we need a 32bit `mbsdiff`. It seems also that our signing
 script is only using `signmar` and not `mar`. Is there an other reason
 that I'm forgetting for wanting 32bit versions of `mbsdiff` and `mar`?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31521 [Metrics/Analysis]: Investigate 10-second delay in TTFB

[Tor Bug Tracker & Wiki]

#31521: Investigate 10-second delay in TTFB
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Analysis  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 ticket:21394#comment:91

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31200 [Circumvention/Snowflake]: Hand out proxy-go snowflakes more frequently than webextension snowflakes

[Tor Bug Tracker & Wiki]

#31200: Hand out proxy-go snowflakes more frequently than webextension 
snowflakes
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #25681   | Points:
 Reviewer:   |Sponsor:  Sponsor28
-+---

Comment (by dcf):

 I deployed webext-0.0.10 to snowflake.torproject.org at 2019-08-26
 15:07:00 UTC.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31385 [Circumvention/Snowflake]: Snowflake client fails after bootstrap

[Tor Bug Tracker & Wiki]

#31385: Snowflake client fails after bootstrap
-+
 Reporter:  cypherpunks  |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by dcf):

 I deployed webext-0.0.10 to snowflake.torproject.org at 2019-08-26
 15:07:00 UTC.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20212 [Core Tor/Tor]: Tor can be forced to open too many circuits by embedding .onion resources

[Tor Bug Tracker & Wiki]

#20212: Tor can be forced to open too many circuits by embedding .onion 
resources
-+-
 Reporter:  gacar|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  guard-discovery, |  Actual Points:
  TorBrowserTeam201803, 034-roadmap-proposed,|
  security, tor-hs   |
Parent ID:  #29995   | Points:  6
 Reviewer:   |Sponsor:
 |  Sponsor27-must
-+-
Changes (by asn):

 * cc: dgoulet (added)
 * points:   => 6
 * sponsor:   => Sponsor27-must
 * parent:   => #29995
 * milestone:  Tor: unspecified => Tor: 0.4.2.x-final


Comment:

 Reviving this ticket and marking it as s27-must.  Marking for 6 points
 since we need to figure out how to do this. Marking #29995 as its parent,
 but it could also go under #2 just as easily.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31521 [Metrics/Analysis]: Investigate 10-second delay in TTFB

[Tor Bug Tracker & Wiki]

#31521: Investigate 10-second delay in TTFB
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Analysis  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by karsten):

 Note the steep incline shortly after the 10-second mark:

 [[Image(onionperf-ten-second-delay-2019-08-26.png, 700px)]]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31521 [Metrics/Analysis]: Investigate 10-second delay in TTFB

[Tor Bug Tracker & Wiki]

#31521: Investigate 10-second delay in TTFB
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Analysis  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by karsten):

 * Attachment "onionperf-ten-second-delay-2019-08-26.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31521 [Metrics/Analysis]: Investigate 10-second delay in TTFB

[Tor Bug Tracker & Wiki]

#31521: Investigate 10-second delay in TTFB
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Analysis  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 While looking into OnionPerf data I noticed a 10-second delay in time to
 first byte. I'll attach an ECDF shortly.

 I started hunting down this issue and found that many of these cases
 (though not all of them) had their stream detached from a circuit and re-
 attached to another circuit following a 10-second timeout of some sort.
 The following example shows relevant controller events:

 {{{
 2019-05-05 09:55:00 1557046500.54 650 STREAM 45043 NEW 0 137.50.19.2:80
 SOURCE_ADDR=127.0.0.1:36454 PURPOSE=USER
 2019-05-05 09:55:00 1557046500.54 650 STREAM 45043 SENTCONNECT 29430
 137.50.19.2:80
 2019-05-05 09:55:00 1557046500.69 650 STREAM_BW 45043 13 2
 2019-05-05T08:55:00.682587
  ^^ <- 10 second delay here
 2019-05-05 09:55:10 1557046510.69 650 STREAM 45043 DETACHED 29430
 137.50.19.2:80 REASON=TIMEOUT
 2019-05-05 09:55:10 1557046510.69 650 STREAM 45043 SENTCONNECT 29411
 137.50.19.2:80
 2019-05-05 09:55:11 1557046511.12 650 STREAM 45043 REMAP 29411
 137.50.19.2:80 SOURCE=EXIT
 2019-05-05 09:55:11 1557046511.12 650 STREAM 45043 SUCCEEDED 29411
 137.50.19.2:80
 2019-05-05 09:55:11 1557046511.68 650 STREAM_BW 45043 55 10
 2019-05-05T08:55:11.682353
 2019-05-05 09:55:12 1557046512.68 650 STREAM_BW 45043 0 637971
 2019-05-05T08:55:12.681636
 2019-05-05 09:55:13 1557046513.21 650 STREAM_BW 45043 0 410673
 2019-05-05T08:55:13.211188
 2019-05-05 09:55:13 1557046513.21 650 STREAM 45043 CLOSED 29411
 137.50.19.2:80 REASON=DONE
 }}}

 1% of measurements seems a lot to me, and I could imagine that these cases
 are particularly annoying to users. Maybe this timeout could be shorter or
 made more dynamic like other timeouts.

 If the timeout cannot be changed, it would be nice to tell the user that
 their stream has just been attached to another circuit and that that's why
 they had to wait for the past 10 seconds.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31519 [Core Tor/Tor]: git-push-all.sh: shellcheck warnings

[Tor Bug Tracker & Wiki]

#31519: git-push-all.sh: shellcheck warnings
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31286 [Applications/Tor Browser]: Include bridge configuration into about:preferences

[Tor Bug Tracker & Wiki]

#31286: Include bridge configuration into about:preferences
+--
 Reporter:  gk  |  Owner:  pospeselr
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201908, ff68-esr  |  Actual Points:
Parent ID:  #10760  | Points:
 Reviewer:  |Sponsor:
|  Sponsor44-can
+--
Changes (by antonela):

 * Attachment "1-warning-about:preferences#network.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31286 [Applications/Tor Browser]: Include bridge configuration into about:preferences

[Tor Bug Tracker & Wiki]

#31286: Include bridge configuration into about:preferences
+--
 Reporter:  gk  |  Owner:  pospeselr
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201908, ff68-esr  |  Actual Points:
Parent ID:  #10760  | Points:
 Reviewer:  |Sponsor:
|  Sponsor44-can
+--
Changes (by antonela):

 * Attachment "2-warning-fullpage.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31286 [Applications/Tor Browser]: Include bridge configuration into about:preferences

[Tor Bug Tracker & Wiki]

#31286: Include bridge configuration into about:preferences
+--
 Reporter:  gk  |  Owner:  pospeselr
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  TorBrowserTeam201908, ff68-esr  |  Actual Points:
Parent ID:  #10760  | Points:
 Reviewer:  |Sponsor:
|  Sponsor44-can
+--

Comment (by antonela):

 Good work pospeselr! Thanks for sharing the progress!

 Let's talk about some different user flows we are going to have on this
 release, where the Tor Launcher and Tor network settings in
 `about:preferences` will co-exist:

 1/
 * open Tor Browser
 * Tor launcher prompt, user press [connect]
 * bootstrapping OK
 * Tor Browser loads `about:tor`

 2/
 * open Tor Browser
 * Tor launcher prompt, user press [config], adds bridges
 * Bootstrapping OK
 * Tor Browser loads `about:tor`

 3/
 * open Tor Browser
 * Tor launcher prompt, user press [connect] and/or try [config]
 * bootstrapping FAILS
 * Tor Launcher warning message. User [config] bridges in Tor Launcher

 4/
 * open Tor Browser
 * tor launcher prompt, user press [connect] and/or try [config]
 * bootstrapping FAILS
 * tor browser loads in about:preferences#network with a warning/notice
 message
 * Tor Browser restarts


 5/
 * open Tor Browser
 * tor launcher prompt, user press [connect] and/or try [config]
 * bootstrapping FAILS
 * tor browser loads in a warning screen
 * Tor Browser restarts


 I think that 3/ is the flow we should keep for this release. Am I right?
 What do you think folks? Do we all agree on this?


 == To-do / Questions

 - Should remove Tor Network Settings item from the Tor button menu and
 rely on the [≡] menu > Preferences? If yes, I'll file that child ticket.

 - We need an onboarding card for explaining this change. Do we want to do
 it during this release? If yes, I'll file that child ticket.

 - We need a "view/copy Tor Log to clipboard" feature also in
 `about:preferences`. pospeselr suggested having a popup in a XUL sub-
 dialog with user-selectable text and a 'copy to clipboard'. Do we need a
 child ticket for it as well?


 == Future Work (S30)

 In the future, we aim to have a user experience where Tor Browser
 prescinds of the Tor Launcher UI, and the launching experience is closer
 to regular browsers: the user clicks to the icon and the browser loads
 connected to Tor. If the bootstrapping fail, then Tor Browser shows a
 warning screen. This warning screen will give us room to run our diverse
 ideas for improving the Tor Browser on learning bridges, like MOAT, magic
 link, or anything new and fancy.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31369 [Core Tor/Stem]: HSv3 descriptor support in stem

[Tor Bug Tracker & Wiki]

#31369: HSv3 descriptor support in stem
-+---
 Reporter:  asn  |  Owner:  atagar
 Type:  defect   | Status:  reopened
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Stem|Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs onionbalance scaling  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+---

Comment (by asn):

 Hello atagar,

 I took a look at the code and this looks like a great start!

 We do need more stuff to make this work with onionbalance tho. In
 particular:

 a) We need to '''parse''' deeper into the descriptor so that we get into
 the final layer and extract the intro points
 a1) On the way there we need to verify various types of crypto
 certificates.
 a2) Furthermore, we need to implement the key blinding logic of HSv3 to be
 able to verify some of those certificates.

 b) We will need to be able to '''generate''' valid and useful HSv3
 certificates down to the bottom layer. This involves being able to
 generate keys and certificates in a way that can be verified by Tor.

 From the above, everything except from (a) contains crypto stuff. I will
 be
 working on the crypto parts of (b), (c), and (d), but there is a learning
 curve
 involved here with learning how stem handles ed25519 certs
 (stem/certificate.py) and how it handles ed25519 sig verification. I have
 already started implementing the ed25519 cert parsing that v3 introduces,
 but I still need to see how the actual crypto is done.

 Damian, would you be interested in moving forward with (a) if I give you a
 full
 unencrypted descriptor to play with, while I'm doing the crypto parts
 above?

 I'd also appreciate any hints about how to handle ed25519 certs and
 ed25519 sig
 verification in stem.

 Thanks! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31442 [Core Tor/Tor]: Raise rustc minimum version

[Tor Bug Tracker & Wiki]

#31442: Raise rustc minimum version
-+
 Reporter:  Sebastian|  Owner:  Sebastian
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:
 Keywords:  042-should, no-backport  |  Actual Points:
Parent ID:  #31238   | Points:
 Reviewer:  nickm|Sponsor:  Sponsor31-can
-+
Changes (by nickm):

 * status:  needs_review => merge_ready


Comment:

 This LGTM; let's try it out.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31520 [Applications/Tor Browser]: Remove monthly giving banner from Tor Browser

[Tor Bug Tracker & Wiki]

#31520: Remove monthly giving banner from Tor Browser
--+--
 Reporter:  pili  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 We should remove the monthly giving banner from Tor Browser with the next
 release: 8.5.5 (ESR 60.9) happening around 2019.09.03.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21003 [Core Tor/Tor]: extend_info_describe should list IPv6 address (if present)

[Tor Bug Tracker & Wiki]

#21003: extend_info_describe should list IPv6 address (if present)
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy, intro, ipv6, logging, fast-|  Actual Points:  0.3
  fix, no-backport, asn-merge nickm-merge|
Parent ID:  #31088   | Points:  0.5
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-can
-+-
Changes (by dgoulet):

 * keywords:  easy, intro, ipv6, logging, fast-fix, no-backport =>
 easy, intro, ipv6, logging, fast-fix, no-backport, asn-merge nickm-
 merge
 * status:  needs_review => merge_ready
 * sponsor:   => Sponsor27-can


Comment:

 Looks good!

 One of my worry was that we were removing one side of the `LongName`
 format from the control spec with this:

 {{{
 -   buf[1+HEX_DIGEST_LEN] = is_named ? '=' : '~';
 +   buf[1+HEX_DIGEST_LEN] = '~';
 }}}

 where `LongName` from the control spec is:

 {{{
 LongName   = Fingerprint [ ( "=" / "~" ) Nickname ]
 }}}

 I went over the control subsystem and we appear to be OK there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
---+---
 Reporter:  nickm  |  Owner:  teor
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.2.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.4.1.1-alpha
 Severity:  Normal | Resolution:  fixed
 Keywords:  git-scripts nickm-merge asn-merge  |  Actual Points:  0.1
Parent ID: | Points:  0.1
 Reviewer:  dgoulet|Sponsor:
---+---
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31519 [Core Tor/Tor]: git-push-all.sh: shellcheck warnings

[Tor Bug Tracker & Wiki]

#31519: git-push-all.sh: shellcheck warnings
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  asn-merge |  Actual Points:  0
Parent ID:| Points:
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by dgoulet):

 * status:  needs_review => merge_ready
 * reviewer:   => dgoulet
 * keywords:   => asn-merge


Comment:

 Looks legit!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31519 [Core Tor/Tor]: git-push-all.sh: shellcheck warnings

[Tor Bug Tracker & Wiki]

#31519: git-push-all.sh: shellcheck warnings
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31519 [Core Tor/Tor]: git-push-all.sh: shellcheck warnings

[Tor Bug Tracker & Wiki]

#31519: git-push-all.sh: shellcheck warnings
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * actualpoints:   => 0


Comment:

 See branch `bug31519` with PR at
 https://github.com/torproject/tor/pull/1263

 I chose to disable some of the warnings rather than "fix" them, since the
 correct "fix" would require significant refactoring in the script.  (It's
 safe to disable the warnings, since we know that our branch names do not
 have spaces in them.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30466 [Core Tor/Tor]: hs: Do not allow more than one control cell on a circuit

[Tor Bug Tracker & Wiki]

#30466: hs: Do not allow more than one control cell on a circuit
+--
 Reporter:  dgoulet |  Owner:  neel
 Type:  defect  | Status:
|  needs_information
 Priority:  Medium  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-dos, tor-hs, tor-relay  |  Actual Points:
Parent ID:  | Points:  0.1
 Reviewer:  dgoulet |Sponsor:  Sponsor27-can
+--
Changes (by dgoulet):

 * status:  needs_review => needs_information


Comment:

 This approach is sensible and code seems accurate. But we should put this
 one on hold for now.

 The reason is that there might be some cells, for instance
 `ESTABLISH_INTRO`, that we will want to be able to send multiple times
 during the lifetime of the circuit. (Relevant to #30924).

 These control cells could be useful for DoS mitigation systems in order to
 be able to tell different HS entity on how to behave coming from the
 service.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31519 [Core Tor/Tor]: git-push-all.sh: shellcheck warnings

[Tor Bug Tracker & Wiki]

#31519: git-push-all.sh: shellcheck warnings
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 We've got a bunch of shellcheck warnings here since I merged #29879.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

[Tor Bug Tracker & Wiki]

#31512: Fingerprinting of Tor Browser
--+--
 Reporter:  thelamper |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by tom):

 https://tor.triop.se/ identifies the version of Tor Browser used (and
 sometimes OS). It doesn't identify users uniquely. If anything, it
 confirms that we're doing a pretty good job that someone smart poked at
 this and this was the best they could do.

 brax.me/geo/ is a bit harder to read - the code isn't as clean/well
 documented. But I'm not given much confidence by it with comments like
 "it's impossible to detect incognito mode". It does some WebGL
 fingerprinting, and AudioContext, but aside from those I don't see
 anything particurally inventive or concerning.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
---+---
 Reporter:  nickm  |  Owner:  teor
 Type:  defect | Status:
   |  merge_ready
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.2.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.4.1.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  git-scripts nickm-merge asn-merge  |  Actual Points:  0.1
Parent ID: | Points:  0.1
 Reviewer:  dgoulet|Sponsor:
---+---
Changes (by dgoulet):

 * keywords:  git-scripts => git-scripts nickm-merge asn-merge
 * status:  needs_review => merge_ready


Comment:

 lgtm;

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31490 [Core Tor/Tor]: hs-v3: Turns out the hs_ident circuit_type is not used

[Tor Bug Tracker & Wiki]

#31490: hs-v3: Turns out the hs_ident circuit_type is not used
--+
 Reporter:  dgoulet   |  Owner:  neel
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor:
  |  0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-hs asn-merge nickm-merge  |  Actual Points:
Parent ID:| Points:
 Reviewer:  dgoulet   |Sponsor:  Sponsor27-can
--+
Changes (by dgoulet):

 * status:  needs_review => merge_ready
 * keywords:  tor-hs => tor-hs asn-merge nickm-merge


Comment:

 ack.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #27284

[Tor Bug Tracker & Wiki]

Batch modification to #27284 by dgoulet:
reviewer to nickm

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #31476, #31452, #31451

[Tor Bug Tracker & Wiki]

Batch modification to #31476, #31452, #31451 by dgoulet:
reviewer to catalyst

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31498 [Core Tor/Tor]: clarify that tor's license is free software / open source

[Tor Bug Tracker & Wiki]

#31498: clarify that tor's license is free software / open source
--+
 Reporter:  arma  |  Owner:  (none)
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 Replying to [comment:1 arma]:
 > Ok, I made an actual git branch {{{ticket31498}}} for those who prefer
 merging git branches. :)

 Not sure you pushed it :S ...

 {{{
 fatal: ambiguous argument 'arma/ticket31498': unknown revision or path not
 in the working tree.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #31492, #23818

[Tor Bug Tracker & Wiki]

Batch modification to #31492, #23818 by dgoulet:
reviewer to asn

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #31490, #30466

[Tor Bug Tracker & Wiki]

Batch modification to #31490, #30466 by dgoulet:
reviewer to dgoulet

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30935 [Core Tor/Tor]: Move variable definition code out of confparse.c, and refactor

[Tor Bug Tracker & Wiki]

#30935: Move variable definition code out of confparse.c, and refactor
-+
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  dgoulet-merge asn-merge  |  Actual Points:  0.5
Parent ID:  #29211   | Points:  1
 Reviewer:  teor |Sponsor:  Sponsor31-can
-+
Changes (by dgoulet):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31476 [Core Tor/Tor]: Practracker: document new features

[Tor Bug Tracker & Wiki]

#31476: Practracker: document new features
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  practracker, tech-debt,  |  Actual Points:  .1
  refactoring, easy, 041-deferred-20190530,  |
  network-team-roadmap-july, dgoulet-merge   |
Parent ID:  #29746   | Points:  .2
 Reviewer:   |Sponsor:
 |  Sponsor31-must
-+-
Changes (by nickm):

 * status:  needs_revision => needs_review


Comment:

 Whoops; I had a fix for that but apparently I had forgotten to force-push
 it to github.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31200 [Circumvention/Snowflake]: Hand out proxy-go snowflakes more frequently than webextension snowflakes

[Tor Bug Tracker & Wiki]

#31200: Hand out proxy-go snowflakes more frequently than webextension 
snowflakes
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #25681   | Points:
 Reviewer:   |Sponsor:  Sponsor28
-+---
Changes (by cohosh):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Deployed in `webext-0.0.10`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31518 [Core Tor]: HAProxy implementation in TCPProxy option.

[Tor Bug Tracker & Wiki]

#31518: HAProxy implementation in TCPProxy option.
-+--
 Reporter:  haxxpop  |  Owner:  haxxpop
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Core Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by haxxpop):

 * status:  assigned => needs_review


Comment:

 https://github.com/torproject/tor/pull/1248/files

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31518 [Core Tor]: HAProxy implementation in TCPProxy option.

[Tor Bug Tracker & Wiki]

#31518: HAProxy implementation in TCPProxy option.
-+--
 Reporter:  haxxpop  |  Owner:  haxxpop
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Core Tor |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 Since SOCKS5 takes 2 round trips, SOCKS4 doesn't support IPv6 and the
 proxy has to support DNS resolving in HTTP CONNECT, I would like to
 implement the proxy protocol of HAProxy to support IPv6 and the proxy
 doesn't have to resolve domain names by itself.

 According to the mail thread, https://lists.torproject.org/pipermail/tor-
 dev/2019-August/013968.html, people suggested to create a new torrc option
 called TCPProxy and have a protocol as a parameter.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31385 [Circumvention/Snowflake]: Snowflake client fails after bootstrap

[Tor Bug Tracker & Wiki]

#31385: Snowflake client fails after bootstrap
-+
 Reporter:  cypherpunks  |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by cohosh):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged in `16a1b69823` and updated the Firefox add-on. I'll update the
 Chrome web store as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30924 [Core Tor/Tor]: hs-v3: Implement proposal 305 - ESTABLISH_INTRO Cell DoS Defense Extension

[Tor Bug Tracker & Wiki]

#30924: hs-v3: Implement proposal 305 -  ESTABLISH_INTRO Cell DoS Defense 
Extension
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-spec, prop305, network-  |  Actual Points:
  team-roadmap-august, nickm-merge   |
Parent ID:  #2   | Points:  7
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by dgoulet):

 * status:  needs_review => merge_ready
 * keywords:  tor-hs, tor-spec, prop305, network-team-roadmap-august => tor-
 hs, tor-spec, prop305, network-team-roadmap-august, nickm-merge


Comment:

 Looking good! Travis is already giving us green, should be done soon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30924 [Core Tor/Tor]: hs-v3: Implement proposal 305 - ESTABLISH_INTRO Cell DoS Defense Extension

[Tor Bug Tracker & Wiki]

#30924: hs-v3: Implement proposal 305 -  ESTABLISH_INTRO Cell DoS Defense 
Extension
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-spec, prop305, network-  |  Actual Points:
  team-roadmap-august|
Parent ID:  #2   | Points:  7
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by asn):

 * status:  needs_revision => needs_review


Comment:

 Thanks teor. That worked for me:
 https://github.com/torproject/tor/pull/1262

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28716 [Applications/Tor Browser]: Create a mingw-w64-clang project

[Tor Bug Tracker & Wiki]

#28716: Create a mingw-w64-clang project
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, tbb-9.0-must-nightly,   |  Actual Points:
  TorBrowserTeam201908R, GeorgKoppen201908   |
Parent ID:  #28238   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 I actually forgot to add the patch for
 https://bugzilla.mozilla.org/show_bug.cgi?id=1536308 which is solved in
 `bug_28716_v12` (https://gitweb.torproject.org/user/gk/tor-browser-
 build.git/log/?h=bug_28716_v12) and is the only change in this new branch.
 Please use that one for review instead.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30935 [Core Tor/Tor]: Move variable definition code out of confparse.c, and refactor

[Tor Bug Tracker & Wiki]

#30935: Move variable definition code out of confparse.c, and refactor
-+
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  dgoulet-merge asn-merge  |  Actual Points:  0.5
Parent ID:  #29211   | Points:  1
 Reviewer:  teor |Sponsor:  Sponsor31-can
-+

Comment (by nickm):

 I believe I did.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31517 [Applications/Tor Browser]: Simplify macOS related bits in Firefox project

[Tor Bug Tracker & Wiki]

#31517: Simplify macOS related bits in Firefox project
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-rbm
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 #30323 included already simplifications made in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1513798 but not all of them
 due to breakage. We should follow-up on that and bring our compile
 instructions closer to what Mozilla is deploying.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31516 [Core Tor/Tor]: config refactor: every function table entry should be unit tested

[Tor Bug Tracker & Wiki]

#31516: config refactor: every function table entry should be unit tested
--+-
 Reporter:  teor  |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  network-team-roadmap-august
Actual Points:|  Parent ID:  #29211
   Points:|   Reviewer:
  Sponsor:|
--+-
 We've added a lot of function tables, but some of their entries are all
 NULL, everywhere in the code.

 So even if it looks like we have 100% coverage, we're not testing these
 code paths.

 Ideally, we should have non-trivial functions, which do the thing that the
 function table entry is mean to do.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30935 [Core Tor/Tor]: Move variable definition code out of confparse.c, and refactor

[Tor Bug Tracker & Wiki]

#30935: Move variable definition code out of confparse.c, and refactor
-+
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  dgoulet-merge asn-merge  |  Actual Points:  0.5
Parent ID:  #29211   | Points:  1
 Reviewer:  teor |Sponsor:  Sponsor31-can
-+

Comment (by teor):

 Replying to [comment:11 nickm]:
 > Replying to [comment:10 teor]:
 > > That's fine, but let's try to avoid this process issue in future.
 >
 > Agreed; we need to not get so far ahead, and we need reviews to stay in
 step with coding.  FWIW, I have stopped working on new code for #29211
 while we catch up, so I hope that #31241 will be and #31242 will be the
 last queued-up branches.

 Did you mean #31240 and #31241?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31505 [Applications/Tor Browser]: Remove "Show update history" button and contained history.

[Tor Bug Tracker & Wiki]

#31505: Remove "Show update history" button and contained history.
---+--
 Reporter:  cyperpunks |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-disk-leak, tbb-update  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 Replying to [comment:2 Thorin]:
 > gk: I think OP means `[application] update history`, not `[web] download
 history`

 Indeed. And I meant the same. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31505 [Applications/Tor Browser]: Remove "Show update history" button and contained history.

[Tor Bug Tracker & Wiki]

#31505: Remove "Show update history" button and contained history.
---+--
 Reporter:  cyperpunks |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-disk-leak, tbb-update  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by Thorin):

 gk: I think OP means `[application] update history`, not `[web] download
 history`

 Windows:
 - in FF68+, update files and logs are kept in an randomly named folder.
 The uuid is stored in the pref name on migration, first profile
 - e.g `app.update.migrated.updateDir2.6F193CCC56814779` - `true`
 - e.g files are located in
 `...\ProgramData\Mozilla\updates\6F193CCC56814779`
 - the file updates.xml contains the information shown in `Options >
 General >Show Update History`
 - It seems to limit itself to the last ten entries: maybe you can change
 that in the code to zero

 Mac, Linux: no idea, sorry

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31240 [Core Tor/Tor]: Make confparse able to handle multiple config_format_t objects at once

[Tor Bug Tracker & Wiki]

#31240: Make confparse able to handle multiple config_format_t objects at once
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-august  |  Actual Points:  3
Parent ID:  #29211   | Points:  3
 Reviewer:  teor |Sponsor:  Sponsor31-can
-+-
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 There are some missing tests, and a bunch of missing comments.

 I also have a few questions about the design,

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31380 [Applications/Tor Browser]: /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by ./TorBrowser/Tor/PluggableTransports/snowflake-client)

[Tor Bug Tracker & Wiki]

#31380: /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not 
found
(required by ./TorBrowser/Tor/PluggableTransports/snowflake-client)
--+---
 Reporter:  xhdix |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  snowflake, tbb-rbm|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by xhdix):

 Replying to [comment:7 gk]:

 > Can you check whether 9.0a1 is still working for you (and 9.0a2 the
 first version that breaks)? You find both at:
 https://archive.torproject.org/tor-package-archive/torbrowser/


 Yes, version 9.0a1 works for me.

 $ ./tora1/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client -h
 Usage of ./tora1/Browser/TorBrowser/Tor/PluggableTransports/snowflake-
 client:
   -front string
 front domain
   -ice string
 comma-separated list of ICE servers
   -log string
 name of log file
   -logToStateDir
 resolve the log file relative to tor's pt state dir
   -max int
 capacity for number of multiplexed WebRTC peers (default 1)
   -url string
 URL of signaling broker

 $ ./tora2/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client -h
 ./tora2/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client:
 /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not
 found (required by ./tora2/Browser/TorBrowser/Tor/PluggableTransports
 /snowflake-client)

 $ ./tora4/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client -h
 ./tora4/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client:
 /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not
 found (required by ./tora4/Browser/TorBrowser/Tor/PluggableTransports
 /snowflake-client)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

[Tor Bug Tracker & Wiki]

#31512: Fingerprinting of Tor Browser
--+--
 Reporter:  thelamper |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by boklm):

 * keywords:  fingerprinting, fingerprint, user-agent switcher =>
 * version:  Tor: unspecified =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

[Tor Bug Tracker & Wiki]

#31512: Fingerprinting of Tor Browser
-+-
 Reporter:  thelamper|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:  Tor:
 |  unspecified
 Severity:  Major| Resolution:  invalid
 Keywords:  fingerprinting, fingerprint, user-   |  Actual Points:
  agent switcher |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Maybe, better to remove keywords also.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31404 [Applications/Tor Browser]: Unsolvable reCAPTCHAs

[Tor Bug Tracker & Wiki]

#31404: Unsolvable reCAPTCHAs
--+---
 Reporter:  antonela  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by anadahz):

 Replying to [comment:8 gk]:
 > Okay, thanks. I guess a next step would be to look at the debug output
 from requests involved in successful CAPTCHA solving vs. those where the
 solution should be right but Google does not like it, though. I think
 looking at the headers in the web console might be helpful, additionally
 checking at the network level (maybe circuits expired etc.) could be
 useful.

 Great thanks, let me know if you need anything specific from my side to
 move this forward.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

[Tor Bug Tracker & Wiki]

#31512: Fingerprinting of Tor Browser
-+-
 Reporter:  thelamper|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:  Tor:
 |  unspecified
 Severity:  Major| Resolution:  invalid
 Keywords:  fingerprinting, fingerprint, user-   |  Actual Points:
  agent switcher |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 The user-agent string is the same for all Tor Browser users, so it is not
 a fingerprinting vector, and installing a user-agent switcher will not
 improve things here (and actually make things worse when you are the only
 one doing it).

 Regarding randomization of the user-agent, you can read the section
 "Strategies for Defense: Randomization versus Uniformity" in the Tor
 Browser design documentation:
 https://2019.www.torproject.org/projects/torbrowser/design/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29480 [Circumvention/BridgeDB]: Expose bridge pool assignments again

[Tor Bug Tracker & Wiki]

#29480: Expose bridge pool assignments again
+---
 Reporter:  irl |  Owner:  phw
 Type:  defect  | Status:  needs_information
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---

Comment (by karsten):

 I just created #31515 for the sysadmin side of this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31515 [Internal Services/Tor Sysadmin Team]: Update colchicifolium's SSH config to accept polyanthum's bridge pool assignments

[Tor Bug Tracker & Wiki]

#31515: Update colchicifolium's SSH config to accept polyanthum's bridge pool
assignments
-+-
 Reporter:  karsten  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Hi! phw and I are trying to rsync bridge pool assignment files from
 polyanthum to colchicifolium. This worked a couple years back, but then we
 disabled it. We want to re-enable it now.

 Quoting phw from a discussion on #29480 with what he tried so far:

 > I [https://gitweb.torproject.org/project/bridges/bridgedb-
 admin.git/commit/?id=fc7881b70826147356fcabd9d191dbcefb42 just
 updated] our script sync-to-colchicifolium to make this happen. You should
 see assignments.log files in this directory in less than two hours. Please
 let me know if that's not the case, or if anything else went wrong.
 >
 > I just noticed an error message in the logs:
 {{{
 1566241638:descriptors:<36>Aug 19 19:07:18 collector-ssh-wrap[23644]: The
 SSH_ORIGINAL_COMMAND ('rsync --server -logDtpre.iLsfxC .
 /srv/collector.torproject.org/collector/in/bridge-pool-
 assignments/polyanthum/') is not on the whitelist
 }}}
 > This seems like an issue on colchicifolium's side. Do we need an update
 in its SSH configuration?

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31513 [Internal Services/Tor Sysadmin Team]: remove job-metrics and job-browser aliases

[Tor Bug Tracker & Wiki]

#31513: remove job-metrics and job-browser aliases
-+
 Reporter:  arma |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by arma):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 It is done.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31514 [Applications/Tor Browser]: Clean up profile directory during New Identity

[Tor Bug Tracker & Wiki]

#31514: Clean up profile directory during New Identity
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-disk-leak, tbb-
 Severity:  Normal   |  newnym
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 At CCCamp 2019 a cypherpunk approached me proposing that we try to clean
 up the profile directory as well as good as we can during New Identity.

 I think I like the general idea of doing a more aggressive cleaning (from
 time to time) in the profile directory in particular if users are
 requesting a New Identity. I am not sure yet, though, whether we want to
 have this mechanism during New Identity as this one is usually more
 concerned with stuff that is risk exposing previous browsing sessions to
 *web content*. Which is clearly not the case for worries about the profile
 directory which are concerned with a local attacker.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31513 [Internal Services/Tor Sysadmin Team]: remove job-metrics and job-browser aliases

[Tor Bug Tracker & Wiki]

#31513: remove job-metrics and job-browser aliases
-+-
 Reporter:  arma |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 I just got the ok from the people on the job-metrics and job-browser
 aliases that they are no longer in use and we can retire them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19332 [Metrics/CollecTor]: Add a BridgeDB module

[Tor Bug Tracker & Wiki]

#19332: Add a BridgeDB module
-+-
 Reporter:  mrphs|  Owner:
 |  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/CollecTor|Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-roadmap-2019-q2, ex- |  Actual Points:
  sponsor-19 |
Parent ID:   | Points:  8
 Reviewer:   |Sponsor:
 |  Sponsor30-must
-+-

Comment (by karsten):

 Replying to [comment:11 phw]:
 > Replying to [comment:10 karsten]:
 > > #9316 has been resolved recently which unblocks this ticket, AIUI.
 > [[br]]
 > Yes. How would you like me to expose the metrics file on BridgeDB's
 host? Should it be available over HTTPS? Or do you want me to rsync it to
 another host?

 Is there anything sensitive in the file that would have to be sanitized on
 the CollecTor host? If so, we should rsync it over ssh to colchicifolium.
 But if not, the preferred way would be to expose it on the BridgeDB host,
 so that others can fetch it, too.

 Here's another question, similar to the one about Snowflake stats: Would
 it be possible to expose more than just the latest BridgeDB statistics?
 Something like 7 or 14 days, or if it's not much data, everything until it
 gets too big?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

[Tor Bug Tracker & Wiki]

#31512: Fingerprinting of Tor Browser
-+-
 Reporter:  thelamper|  Owner:  tbb-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Component:  Applications/Tor
 |  Browser
  Version:  Tor: unspecified |   Severity:  Major
 Keywords:  fingerprinting,  |  Actual Points:
  fingerprint, user-agent switcher   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
 The official advice from the Tor Project is not alter any settings in the
 Tor Browser, like installing browser extensions, because this will make
 the individual browser less unique and more vulnerable to fingerprinting.
 But, as long as javascript is enabled, the individual Tor Browser seems to
 have a more or less unique fingerprint. Most people are probably aware of
 the panopticlick and amiunique fingerprinting tests, but there are also
 these two sites: (brax.me/geo/) and (tor.triop.se/) which assigns a unique
 identifying number to a user's tor browser that remains more or less
 constant, until javascript is disabled.

 My question-proposal is this. Since the Tor Browser (with javascript
 enabled) is not wholly resistant to fingerprinting, why not install a
 user-agent switcher or some other browser extension that can spoof details
 about the browser? Sure it will make the individual Tor Browser behave
 differently but is that such a bad thing when it can already be identified
 and potentially tracked across website visits?

 I have tested one user-agent switcher (gitlab.com/ntninja/user-agent-
 switcher) and it provides only partial protection - despite setting it to
 random mode, changing every minute, the same fingerprint codes appear from
 time to time
 Can anyone suggest a better user-agent switcher than this one?

 I don't know if this sub-topic has been addressed elsewhere in the forums,
 so you are welcome to link it to a pre-existing ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25528 [Core Tor/Tor]: When ClientTransportPlugin is missing, tor connects directly to bridge addresses, even if they have a transport name

[Tor Bug Tracker & Wiki]

#25528: When ClientTransportPlugin is missing, tor connects directly to bridge
addresses, even if they have a transport name
-+-
 Reporter:  dcf  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  pt, bootstrap, bridge-client,|  Actual Points:
  bridge-bypass, 034-roadmap-proposed,   |
  041-proposed, ex-sponsor-19, ex-sponsor19  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor30-can
-+-

Comment (by arma):

 This issue remains a pretty big usability gotcha -- I periodically run
 into users who have tried to configure obfs4 bridges and their Tor is
 trying to reach the obfs4 bridge like it's a vanilla bridge because they
 left out the extra magic line.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28325 [Applications/Tor Browser]: Use go 1.11 module versioning support

[Tor Bug Tracker & Wiki]

#28325: Use go 1.11 module versioning support
--+--
 Reporter:  boklm |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by boklm):

 I am still not sure how we should support fetching of sources for go
 modules in our build. In order to not block progress on using pion, if it
 has too many dependencies to manually create one project for each
 dependency, I think an other option is to run `go mod vendor` to fetch all
 dependencies, create a tarball of the `vendor` directory it created, then
 put the tarball online somewhere and use it as a dependency for the pion
 build.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31064 [Applications/Tor Browser]: Why is letterboxing enabled when viewing PDFs and with view-source:?

[Tor Bug Tracker & Wiki]

#31064: Why is letterboxing enabled when viewing PDFs and with view-source:?
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: tjr (removed)
 * cc: tom (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31404 [Applications/Tor Browser]: Unsolvable reCAPTCHAs

[Tor Bug Tracker & Wiki]

#31404: Unsolvable reCAPTCHAs
--+---
 Reporter:  antonela  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:7 anadahz]:
 > Replying to [comment:6 gk]:
 > > Are you experiencing this problem on Google search or on some third-
 party site that is embedding reCAPTCHA?
 >
 > I can reproduce this problem in other websites that are embedding
 reCAPTCHA such as Google search.

 Okay, thanks. I guess a next step would be to look at the debug output
 from requests involved in successful CAPTCHA solving vs. those where the
 solution should be right but Google does not like it, though. I think
 looking at the headers in the web console might be helpful, additionally
 checking at the network level (maybe circuits expired etc.) could be
 useful.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31504 [Applications/Tor Browser]: Disable

[Tor Bug Tracker & Wiki]

#31504: Disable
--+---
 Reporter:  cyperpunks|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 He means `en-US,en` is not `en,en-US`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31505 [Applications/Tor Browser]: Remove "Show update history" button and contained history.

[Tor Bug Tracker & Wiki]

#31505: Remove "Show update history" button and contained history.
---+--
 Reporter:  cyperpunks |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-disk-leak, tbb-update  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * keywords:   => tbb-disk-leak, tbb-update
 * cc: mcs, brade (added)
 * severity:  Critical => Normal
 * priority:  Very High => Medium


Comment:

 I don't think we should remove the download history if we are not in
 private browsing mode. But mabye we should if we are?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31504 [Applications/Tor Browser]: Disable

[Tor Bug Tracker & Wiki]

#31504: Disable
--+---
 Reporter:  cyperpunks|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information


Comment:

 What exactly is the bug here? That using the checkbox is giving you a
 different english `intl.accept_languages` value than using the "Choose
 your preferred language for displaying pages"?
 But it should be generally allowed to set say "es-ES" in case this is
 needed as long as the headers looks the same to someone not spoofing the
 locale? Or should there be no option at all to try to change the locale of
 the website if needed?

 (I'll fix up the title once it's clear what the bug report is)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31404 [Applications/Tor Browser]: Unsolvable reCAPTCHAs

[Tor Bug Tracker & Wiki]

#31404: Unsolvable reCAPTCHAs
--+---
 Reporter:  antonela  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by anadahz):

 Replying to [comment:6 gk]:
 > Are you experiencing this problem on Google search or on some third-
 party site that is embedding reCAPTCHA?

 I can reproduce this problem in other websites that are embedding
 reCAPTCHA such as Google search.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31380 [Applications/Tor Browser]: /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by ./TorBrowser/Tor/PluggableTransports/snowflake-client)

[Tor Bug Tracker & Wiki]

#31380: /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not 
found
(required by ./TorBrowser/Tor/PluggableTransports/snowflake-client)
--+---
 Reporter:  xhdix |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  snowflake, tbb-rbm|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:6 xhdix]:
 > I installed it with `debian-9.8.0-amd64-netinst.iso`.
 >
 >
 > {{{
 > $ cat /etc/debian_version
 > 9.9
 > $ uname -a
 > Linux oonimk 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u4 (2019-07-19)
 x86_64 GNU/Linux
 > $ dpkg -s libstdc++6 | grep ^Version
 > Version: 6.3.0-18+deb9u1
 > $ Desktop/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client -h
 > Desktop/Browser/TorBrowser/Tor/PluggableTransports/snowflake-client:
 /usr/lib/x86_64-linux-gnu/libstdc++.so.6: version `CXXABI_1.3.11' not
 found (required by Desktop/Browser/TorBrowser/Tor/PluggableTransports
 /snowflake-client)
 > }}}

 Can you check whether 9.0a1 is still working for you (and 9.0a2 the first
 version that breaks)? You find both at: https://archive.torproject.org
 /tor-package-archive/torbrowser/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31500 [Applications/Tor Browser]: Malicious website not handled well

[Tor Bug Tracker & Wiki]

#31500: Malicious website not handled well
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-usability


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31501 [Applications/Tor Browser]: NoScript doesnt remember site settings

[Tor Bug Tracker & Wiki]

#31501: NoScript doesnt remember site settings
--+---
 Reporter:  protoruser|  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Very Low  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by boklm):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 It is indeed a feature that noscript does not remember per-site settings.
 This can be changed with the preference
 `extensions.torbutton.noscript_persist`, which was added with #27175.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31499 [Applications/Tor Browser]: Update libevent to 2.1.11-stable

[Tor Bug Tracker & Wiki]

#31499: Update libevent to 2.1.11-stable
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-rbm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31404 [Applications/Tor Browser]: Unsolvable reCAPTCHAs

[Tor Bug Tracker & Wiki]

#31404: Unsolvable reCAPTCHAs
--+---
 Reporter:  antonela  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Are you experiencing this problem on Google search or on some third-party
 site that is embedding reCAPTCHA?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31485 [Applications/Tor Browser]: EasyCoin

[Tor Bug Tracker & Wiki]

#31485: EasyCoin
--+--
 Reporter:  Frank2011 |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-usability-website


Comment:

 I have no way of reproducing this bug, but maybe someone else has. Leaving
 this on our radar for now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29461 [Metrics/CollecTor]: Add a Snowflake module

[Tor Bug Tracker & Wiki]

#29461: Add a Snowflake module
-+-
 Reporter:  irl  |  Owner:
 |  metrics-team
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Metrics/CollecTor|Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-roadmap-august, anti-|  Actual Points:
  censorship-roadmap-september   |
Parent ID:   | Points:  8
 Reviewer:  irl  |Sponsor:
 |  Sponsor28
-+-

Comment (by karsten):

 Replying to [comment:24 cohosh]:
 > Replying to [comment:22 cohosh]:
 > > Replying to [comment:19 karsten]:
 > > > cohosh, are you still planning to revise the spec and code to
 include such a `snowflake-stats $version` line?
 > >
 > > Yes, I just got back from vacation and I'm going to implement it this
 afternoon.
 >
 > Opened #31493 and implemented
 [https://github.com/cohosh/snowflake/compare/bug31493 here]. How does that
 look to you?

 Well, that would work, though I think that introducing a separate line for
 descriptor type and version might be clearer:

 {{{
 snowflake-stats 1.0
 snowflake-stats-end 2019-08-07 19:52:11 (86400 s)
 snowflake-ips VN=5,NL=26,AU=30,GT=2,NO=5,EG=3,NI=1,AT=22,[...]
 snowflake-ips-total 937
 snowflake-idle-count 660976
 client-denied-count 0
 client-snowflake-match-count 864
 }}}

 If this looks okay to you and if you make this change, do you think you
 could somehow edit the existing stats file on the snowflake broker, maybe
 using some `sed`/`awk` magic?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31247 [Metrics/Onionoo]: inconsistent response data (not all fields provided) on details document requests

[Tor Bug Tracker & Wiki]

#31247: inconsistent response data (not all fields provided) on details document
requests
-+--
 Reporter:  nusenu   |  Owner:  metrics-team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:  worksforme
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  new => closed
 * resolution:   => worksforme


Comment:

 Closing, but happy to re-open if the stars align again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31506 [Applications/Tor Browser]: Write up comprehensive advice to "Tor unexpectedly exited", and link to it from inside Tor Browser

[Tor Bug Tracker & Wiki]

#31506: Write up comprehensive advice to "Tor unexpectedly exited", and link to 
it
from inside Tor Browser
--+--
 Reporter:  arma  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  docshackathon |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * keywords:   => docshackathon
 * cc: ggus (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs