Re: [tor-bugs] #9007 [Applications/Tor Check]: TorBulkExitList.py doesn't support all ports (patch included)

[Tor Bug Tracker & Wiki]

#9007: TorBulkExitList.py doesn't support all ports (patch included)
+--
 Reporter:  Zarel   |  Owner:  phobos
 Type:  defect  | Status:  reopened
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Check  |Version:
 Severity:  Blocker | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by flfreedivers):

 Florida Free Divers is the largest store in the United States that offer
 best quality scuba diving, spearfishing, water sports, and
 [https://flfreedivers.com/pages/spearfishing-gear spearfishing gear] in
 the market at budget-friendly prices.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32156 [Applications/Tor Browser]: NSS Internal PKCS#11 Module out of date in TOR 8.5.5 causing invalid certificate RSS failures

[Tor Bug Tracker & Wiki]

#32156: NSS Internal PKCS#11 Module out of date in TOR 8.5.5 causing invalid
certificate RSS failures
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  PKCS RSS  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arma):

 * owner:  (none) => tbb-team
 * version:  Tor: unspecified =>
 * component:  - Select a component => Applications/Tor Browser


Comment:

 Can you test the alpha Tor Browser and see if this issue remains there?

 Assuming it's fixed in the alpha tor browser (which is based on a newer
 firefox esr), my guess is that the tor browser devs will want to close
 this one as wontfix, since the alpha is going to become the new stable in
 the next week or so.

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30429 [Applications/Tor Browser]: Rebase Tor Browser patches for Firefox ESR 68

[Tor Bug Tracker & Wiki]

#30429: Rebase Tor Browser patches for Firefox ESR 68
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff68-esr, tbb-9.0-must-alpha,|  Actual Points:
  TorBrowserTeam201910R  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-

Comment (by pospeselr):

 dece7a15a8703596366c54f4420bd7286c66b10f looks good to me and from what I
 can tell through examination 988d41acfaca can most likely be entirely
 dropped (seeings how none of the code it touches exists anymore). I can do
 some testing on a build next week to make sure we don't have any edge
 cases, pretty sure I have a list of test cases from the original ticket in
 my notes somewhere.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31310 [Circumvention/Snowflake]: Refactor/remove proxy-pair state machine in webextension

[Tor Bug Tracker & Wiki]

#31310: Refactor/remove proxy-pair state machine in webextension
-+--
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:  Sponsor28
-+--

Comment (by cohosh):

 "refactor" is a strong word for what I did here. The broker poll loop
 leaves some things to be desired still. I talked with serna a bit on irc a
 week or so ago and they may attempt to make some changes to the broker
 poll loop for #25598.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31310 [Circumvention/Snowflake]: Refactor/remove proxy-pair state machine in webextension

[Tor Bug Tracker & Wiki]

#31310: Refactor/remove proxy-pair state machine in webextension
-+--
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:  Sponsor28
-+--
Changes (by cohosh):

 * status:  assigned => needs_review


Comment:

 These changes remove the "active" and "running" properties of the
 proxypairs: https://github.com/cohosh/snowflake/pull/12

 As discussed in #31100, we switch to using the existence of the proxy
 pairs themselves to mean they are active. I also removed the snowflake
 MODE state machine because it was unecessary and moved some comments
 around to make the code more readable.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32154 [Applications/Tor Launcher]: Tor Launcher's custom bridge field only allows one line of input

[Tor Bug Tracker & Wiki]

#32154: Tor Launcher's custom bridge field only allows one line of input
-+
 Reporter:  mcs  |  Owner:  brade
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Launcher|Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff68-esr, TorBrowserTeam201910R  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, I convinced myself to do a build2 to pick this fix up. Your patch
 looks good to me and works on my Linux box. Applied to `master` (commit
 d3c66f516b07271ea4bb5f2481d9e02ff912b0ce).

 To save some time and another round trip I took the liberty to change the
 patch slighty having `textarea` mentioned as an element for which a
 strings gets returned as well:
 {{{
 +// string (textarea, textbox, and menulist).
 }}}

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30842 [Applications/Tor Browser]: Unable to start Tor: java.io.IOException: Control port file not created on Android 4.1.2

[Tor Bug Tracker & Wiki]

#30842: Unable to start Tor: java.io.IOException: Control port file not created 
on
Android 4.1.2
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:
  |  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile, TorBrowserTeam201910  |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+

Comment (by sisbell):

 8.5.6 x86 version is working fine on emulator 4.1. So I'm not able to
 reproduce the issue that the user reported.

 From this investigation, I'm a little suspicious that our esr68 version
 may have problems starting on Android 16 on arm due to the libmozglue.so
 failing to load.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30842 [Applications/Tor Browser]: Unable to start Tor: java.io.IOException: Control port file not created on Android 4.1.2

[Tor Bug Tracker & Wiki]

#30842: Unable to start Tor: java.io.IOException: Control port file not created 
on
Android 4.1.2
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:
  |  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile, TorBrowserTeam201910  |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+

Comment (by sisbell):

 With version 8.5.6, when I hit the start tor button, the app becomes non-
 responsive. Then in the background I see the following crash, although the
 app itself does not crash. It looks to be some timeout but this could be
 due to the extremely slow nature of the arm emulator. I'll try with some
 x86 versions, since we have that now.

 {{{
 I/Choreographer( 4942): Skipped 60 frames!  The application may be doing
 too much work on its main thread.
 F/libc( 5295): Fatal signal 13 (SIGPIPE) at 0x14af (code=0),
 thread 5295 (tor)
 I/DEBUG   (  649): *** *** *** *** *** *** *** *** *** *** *** *** *** ***
 *** ***
 I/DEBUG   (  649): Build fingerprint:
 'generic/google_sdk/generic:4.1.2/MASTER/4875369:eng/test-keys'
 I/DEBUG   (  649): pid: 5293, tid: 5293, name: tor  >>>
 /data/data/org.torproject.android/files/tor <<<
 I/DEBUG   (  649): signal 13 (SIGPIPE), code -6 (?), fault addr 
 I/DEBUG   (  649): r0 ffe0  r1 beffd0dc  r2 00ac  r3 00ac
 I/DEBUG   (  649): r4 2a69f078  r5 b6f6c2a8  r6 2a6ad178  r7 0004
 I/DEBUG   (  649): r8 2a62ae30  r9 2a69b560  sl   fp beffd084
 I/DEBUG   (  649): ip 2a680d64  sp beffd060  lr 2a377560  pc b6f95948
 cpsr 8010
 I/DEBUG   (  649): d0    d1  
 I/DEBUG   (  649): d2    d3  
 I/DEBUG   (  649): d4    d5  41b94fef2000
 I/DEBUG   (  649): d6  017e5300  d7  4177e5300800
 I/DEBUG   (  649): d8    d9  
 I/DEBUG   (  649): d10   d11 
 I/DEBUG   (  649): d12   d13 
 I/DEBUG   (  649): d14   d15 
 I/DEBUG   (  649): scr 0010
 I/DEBUG   (  649):
 I/DEBUG   (  649): backtrace:
 I/DEBUG   (  649): #00  pc c948  /system/lib/libc.so (write+12)
 I/DEBUG   (  649): #01  pc 0037755c
 /data/data/org.torproject.android/files/tor (write_all_to_fd_minimal+120)
 I/DEBUG   (  649):
 I/DEBUG   (  649): stack:
 I/DEBUG   (  649):  beffd020  
 I/DEBUG   (  649):  beffd024  2a6ad178  [heap]
 I/DEBUG   (  649):  beffd028  001b
 I/DEBUG   (  649):  beffd02c  b6f9e453  /system/lib/libc.so
 (dlmalloc+5326)
 I/DEBUG   (  649):  beffd030  0122
 I/DEBUG   (  649):  beffd034  2a69f078  [heap]
 I/DEBUG   (  649):  beffd038  0090
 I/DEBUG   (  649):  beffd03c  beffd0f9  [stack]
 I/DEBUG   (  649):  beffd040  2a61847c
 /data/data/org.torproject.android/files/tor
 I/DEBUG   (  649):  beffd044  2a62ae30
 /data/data/org.torproject.android/files/tor
 I/DEBUG   (  649):  beffd048  2a69b560  [heap]
 I/DEBUG   (  649):  beffd04c  
 I/DEBUG   (  649):  beffd050  beffd084  [stack]
 I/DEBUG   (  649):  beffd054  2a6ad2b8  [heap]
 I/DEBUG   (  649):  beffd058  df0027ad
 I/DEBUG   (  649):  beffd05c  
 I/DEBUG   (  649): #00  beffd060  2a69f078  [heap]
 I/DEBUG   (  649):  beffd064  2a61847c
 /data/data/org.torproject.android/files/tor
 I/DEBUG   (  649): #01  beffd068  2a6ad178  [heap]
 I/DEBUG   (  649):  beffd06c  00ac
 I/DEBUG   (  649):  beffd070  beffd0dc  [stack]
 I/DEBUG   (  649):  beffd074  0001
 I/DEBUG   (  649):  beffd078  2a69b668  [heap]
 I/DEBUG   (  649):  beffd07c  
 I/DEBUG   (  649):  beffd080  beffd0a4  [stack]
 I/DEBUG   (  649):  beffd084  2a3737f0
 /data/data/org.torproject.android/files/tor
 I/DEBUG   (  649):  beffd088  beffd0f9  [stack]
 I/DEBUG   (  649):  beffd08c  00ac
 I/DEBUG   (  649):  beffd090  beffd0dc  [stack]
 I/DEBUG   (  649):  beffd094  2a6ad190  [heap]
 I/DEBUG   (  649):  beffd098  0005
 I/DEBUG   (  649):  beffd09c  2a69f078  [heap]
 I/DEBUG   (  649):  beffd0a0  befff8f4  [stack]
 I/DEBUG   (  649):  beffd0a4  2a373c4c
 /data/data/org.torproject.android/files/tor
 I/DEBUG   (  

[tor-bugs] #32156 [- Select a component]: NSS Internal PKCS#11 Module out of date in TOR 8.5.5 causing invalid certificate RSS failures

[Tor Bug Tracker & Wiki]

#32156: NSS Internal PKCS#11 Module out of date in TOR 8.5.5 causing invalid
certificate RSS failures
--+--
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Component:  - Select a component
  Version:  Tor: unspecified  |   Severity:  Normal
 Keywords:  PKCS RSS  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 TOR 8.5.5 is based on Mozilla Firefox 60.9.0esr (32-bit)
 The latest version of NON-TOR (64 bit windows) Firefox is Ver 69.0.3

 The PKCS#11 Module included with the TOR version of firefox is now out of
 date.
 The version of PKCS #11 used by the latest version of Firefox is 3.45
 The version reported by TOR is 3.36

 This newer version of PKCS #11 includes the many Cert issuers in it's list
 of trusted authorities that the current Tor version of Firefox DOES NOT.

 This leads to users experiencing security errors when trying to access
 properly configured sites with valid certs under TOR that work properly
 for them outside the TOR system:

 
 Your connection is not secure

 The owner of "sitename.com" has configured their website improperly. To
 protect your information from being stolen, Tor Browser has not connected
 to this website.
 ===

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26529 [Applications/Tor Browser]: TBA - Notify user about possible proxy-bypass before opening external app

[Tor Bug Tracker & Wiki]

#26529: TBA - Notify user about possible proxy-bypass before opening external 
app
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-torbutton, tbb-  |  Actual Points:
  proxy-bypass, TBA-a3, tbb-8.5, tbb-parity, |
  TorBrowserTeam201910R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-
Changes (by gk):

 * status:  new => needs_review
 * keywords:
 tbb-mobile, tbb-torbutton, tbb-proxy-bypass, TBA-a3, tbb-8.5, tbb-
 parity, TorBrowserTeam201904
 =>
 tbb-mobile, tbb-torbutton, tbb-proxy-bypass, TBA-a3, tbb-8.5, tbb-
 parity, TorBrowserTeam201910R


Comment:

 We have a patch for review over in #31144:
 https://gitweb.torproject.org/user/sysrqb/tor-
 browser.git/commit/?h=bug31144_01=91214ed8db2e5f2df22d6745ce4ce223c49fa756

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31144 [Applications/Tor Browser]: ESR68 Network Code Review

[Tor Bug Tracker & Wiki]

#31144: ESR68 Network Code Review
-+-
 Reporter:  pili |  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201910R, tbb-9.0   |  Actual Points:
  -must-alpha, tbb-proxy-bypass  |
Parent ID:   | Points:  10
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:24 sysrqb]:
 > Replying to [comment:23 sysrqb]:
 > > >> CustomTabsActivity.java - Several methods emit potentially external
 Intents
 > > > My only concern here is onLoadRequest() when the scheme isn't
 handled by the browser. That's the only place where the user wasn't
 prompted. I don't know how the customtabs UI should handle this situation.
 We can break this functionality for now, until we find how this should be
 done correctly.
 > >
 > > This is included in the patch for #26529, but in this case we don't
 prompt. #26529 seemed like the better commit, but I can move this into its
 own commit.
 >
 > I pushed `bug31144_05` with only this patch on top of `68.1.0esr-9.0-3`.

 Thanks. I cherry-picked that one on top of `tor-bŕowser-68.1.0esr-9.0-3`
 (commit d5123da897516717e62db98dccbcabd70162dcb3).

 The other commits look good to me and I picked them onto `tor-
 browser-68.1.0esr-9.0-3` (commit 947d477eb9289ebcdbbf48ee77609a6d7f395785,
 47e35494838222732b9eb9638fb40e7a9707b307,
 55b6cd7f3139dd0069ba2c69ec6d08da038594ad,
 dfdef56ec12ace37d08e2df516430427d0e08d7a, and
 db19bbcd9c34c933ad7fc84693ed8a5ad3bac3cf).

 What is missing here is the patch for #26529 which I'll take care in that
 bug. We are done here. \o/

 mikeperrry, sysrqb: please add your points.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31999 [Core Tor/Tor]: Default log file is handled inconsistently

[Tor Bug Tracker & Wiki]

#31999: Default log file is handled inconsistently
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #31241| Points:
 Reviewer:  teor  |Sponsor:  Sponsor31-can
--+

Comment (by nickm):

 Our command-line harness can tell what we accept and don't accept, but
 can't tell whether we actually obey the settings properly.  I think this
 is going to need a unit test.  Our existing test_options.c code is pretty
 wonky, but I'll try to come up with something reasonable.

 >It would also be nice to remove unused variables in this ticket:
 >
 >{{{
 >/* 29211 TODO: Remove this from the API. */
 >}}}

 I'd actually like to do this after the next branch I have in mind here,
 where I plan to make the "default_options" variable unused.  After that,
 I'm hoping I can use coccinelle to remove both variables entirely.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32155 [Internal Services/Service - lists]: Please create tor-moderators email list

[Tor Bug Tracker & Wiki]

#32155: Please create tor-moderators email list
---+-
 Reporter:  catalyst   |  Owner:  qbi
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 Please create the following private Mailman list:

 List name:
   tor-moderators
 Initial admin:
   catal...@torproject.org
 Description:
   Private discussion list for moderators of Tor forums (email, IRC, blog,
 etc.)

 This should be a closed, private list.

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31786 [Internal Services/Tor Sysadmin Team]: move dictyotum off moly

[Tor Bug Tracker & Wiki]

#31786: move dictyotum off moly
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #29974   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 3. undefined the host
  4. planned LV removal in 7 days
  5. removed from LDAP
  6. removed from (reverse) DNS
 (b.1.8.4.5.e.6.2.0.0.0.0.a.1.a.1.b.0.0.0.0.b.6.0.0.0.0.0.0.2.6.2.ip6.arpa
 and 27.72.229.38.in-addra.arpa AKA 38.229.72.27
 2620..06b0.000b.1a1a..26e5.481b)
  7. revoked in puppet
  8. removed from puppet code
  9. removed from tor-passwords/hosts
  10. removed from spreadsheet and wiki
  11. removed from nagios
  12. scheduled backup removals in 30 days
  13. nothing in LE, so N/A
  14. not a physical machine, so N/A

 That's it! We're done here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30518 [Applications/Tor Browser]: Android - Add missing command line options

[Tor Bug Tracker & Wiki]

#30518: Android - Add missing command line options
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201910R  |
Parent ID:   | Points:  0.25
 Reviewer:   |Sponsor:
-+-
Changes (by sysrqb):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Great, looks good, I think we're done here. Thanks! The tor-browser-build
 patch was reverted in #30460.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31591 [Applications/Tor Browser]: Feature review for ESR68

[Tor Bug Tracker & Wiki]

#31591: Feature review for ESR68
-+-
 Reporter:  pili |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-9.0-must-alpha,  |  Actual Points:
  TorBrowserTeam201910, GeorgKoppen201910|
Parent ID:   | Points:  3
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * parent:  #31144 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32097 [Applications/Tor Browser]: Fix conflicts in mobile onbarding while rebasing to esr68.2.0

[Tor Bug Tracker & Wiki]

#32097: Fix conflicts in mobile onbarding while rebasing to esr68.2.0
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:  fixed
 Keywords:  TorBrowserTeam201910R, tbb-9.0-must  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, makes sense. Thanks for the explanation. The commits on `tor-
 browser-68.2.0esr-9.0-1` and `tor-browser-68.2.0esr-9.5-1` are

 `2ba949f9ba65ba71c9805635a904a68488404186`
 `c7c1d14e1627aebb749dd5e0065e49c1436530d3`
 `d05b3c8d35ac51311a8454e3e26edacbc45e3ce4`
 `e3af40f4b3b7aecf53a2442ad3417055b87719a2`
 `ec8b0640ed1a383b093dd044f95fdf9934070046`
 `15c908b1c374b667acbf8711954b032b0bb4d8f8`
 `565394ff86237cc3177f69a0f8c69f8a40c58168`

 We are done here. If there is anything else to fix up then please open a
 new ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32097 [Applications/Tor Browser]: Fix conflicts in mobile onbarding while rebasing to esr68.2.0

[Tor Bug Tracker & Wiki]

#32097: Fix conflicts in mobile onbarding while rebasing to esr68.2.0
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201910R, tbb-9.0-must  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by sysrqb):

 * status:  needs_information => needs_review


Comment:

 I began with only resolving merge conflicts. That got me most of the way
 to creating a clean build. Then I noticed the new patches added new Sync
 "Sign Up" buttons on the onboarding panels and Activity Stream panel. I
 wrote fixup patches for deleting the button on the onboarding panels and I
 backed out the commit for the Activity Stream. Unfortunately, this
 resulted in a build failure due to undefined variables resulting from the
 backed out patch. At this point I decided I'd try backing out all the
 patches needed for successfully building 68.2.0. This is why I didn't
 backout all commits, like Bug 1586770. The patch for that bug didn't break
 any functionality or introduce conflicting code changes.

 I looked at the patch and we can keep it. I'll look through the other
 Fennec patches for 68.2.0, as well, and confirm we didn't miss anything.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32132 [Applications/Tor Browser]: Re-enable jemalloc for Windows users

[Tor Bug Tracker & Wiki]

#32132: Re-enable jemalloc for Windows users
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910, tbb-rbm |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks. Cherry-picked to `master` (commit
 f98c558493a6dc76915625a5c5eceefa020c0713).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32097 [Applications/Tor Browser]: Fix conflicts in mobile onbarding while rebasing to esr68.2.0

[Tor Bug Tracker & Wiki]

#32097: Fix conflicts in mobile onbarding while rebasing to esr68.2.0
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201910R, tbb-9.0-must  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => needs_information


Comment:

 Okay, I went ahead in the morning and committed the 7 backouts to get the
 build going but I am still trying to understand why those 7 patches got
 chosen given that there are a bunch of more bugs involved.

 For instance, the patch for
 https://bugzilla.mozilla.org/show_bug.cgi?id=1570880 got backed out, which
 seems right to me. However, the regression fix for that bug, tracked in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1586770 did not. So, we are
 now actually using code that was only meant to get used with a fix we
 backed out... Are we good with that?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32132 [Applications/Tor Browser]: Re-enable jemalloc for Windows users

[Tor Bug Tracker & Wiki]

#32132: Re-enable jemalloc for Windows users
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910, tbb-rbm |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by sysrqb):

 * status:  needs_review => merge_ready


Comment:

 Yep, seems good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28709 [Applications/Tor Browser]: Enable Fuzzyfox

[Tor Bug Tracker & Wiki]

#28709: Enable Fuzzyfox
-+-
 Reporter:  tom  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910  |
Parent ID:  #28707   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks. Cherry-picked onto `tor-browser-68.2.0esr-9.5-1` (commit
 81d2d351b4c93e139f13a6f21a9abadedc86ee6c). Let's see how it goes. :)
 (Thanks tjr for all the work here)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32154 [Applications/Tor Launcher]: Tor Launcher's custom bridge field only allows one line of input

[Tor Bug Tracker & Wiki]

#32154: Tor Launcher's custom bridge field only allows one line of input
-+-
 Reporter:  mcs  |  Owner:  brade
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Launcher|Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff68-esr, TorBrowserTeam201910R  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * keywords:  ff68-esr, TorBrowserTeam201910 => ff68-esr,
 TorBrowserTeam201910R
 * status:  new => needs_review


Comment:

 Here is a fix:
 https://gitweb.torproject.org/user/brade/tor-
 launcher.git/commit/?h=bug32154-01=954c1d290e68fd1b621a4fb6ab3ffce6059bab5f

 To answer a question that was asked on IRC: if someone already has more
 than one bridge line, the lines will be combined into one when the Tor
 Launcher setup wizard is opened and the user tries to save the
 configuration. That means saving the config will fail. The good news is
 that the new about:preferences Tor settings UI works correctly, and most
 users will not see the setup wizard unless bootstrapping fails (or if they
 press `Cancel` during bootstrapping).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21549 [Applications/Tor Browser]: Investigate wasm for linkability/fingerprintability/disk avoidance issues

[Tor Bug Tracker & Wiki]

#21549: Investigate wasm for linkability/fingerprintability/disk avoidance 
issues
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff68-esr, tbb-9.0,   |  Actual Points:
  TorBrowserTeam201910R  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:33 sysrqb]:
 > I have two branches - one for tor-browser (deleting the override) and
 the other for torbutton (adding as a pref controlled by the security
 slider).
 >
 > Both branches are named `bug21549_00`.
 >
 > https://github.com/sysrqb/torbutton/

 Looks good. Merged to `master` (Torbutton) as commit
 324e8fd7f73c7f97f8174713c6a112ec75669e56 and `tor-browser-68.2.0-9.5-1`
 (`tor-browser`) as commit 80134f6a3d2026ff95943e806cb424bf9eff2c2f.

 Nice review work!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28709 [Applications/Tor Browser]: Enable Fuzzyfox

[Tor Bug Tracker & Wiki]

#28709: Enable Fuzzyfox
-+-
 Reporter:  tom  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910  |
Parent ID:  #28707   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by sysrqb):

 * status:  needs_review => merge_ready


Comment:

 It looks simple and good.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31310 [Circumvention/Snowflake]: Refactor/remove proxy-pair state machine in webextension

[Tor Bug Tracker & Wiki]

#31310: Refactor/remove proxy-pair state machine in webextension
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:  Sponsor28
-+---
Changes (by cohosh):

 * status:  new => assigned
 * owner:  (none) => cohosh


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32131 [Circumvention/Snowflake]: `SetDeadline not implemented` errors in proxy-go output

[Tor Bug Tracker & Wiki]

#32131: `SetDeadline not implemented` errors in proxy-go output
-+--
 Reporter:  dcf  |  Owner:  (none)
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * status:  new => needs_review


Comment:

 Here's a patch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32131 [Circumvention/Snowflake]: `SetDeadline not implemented` errors in proxy-go output

[Tor Bug Tracker & Wiki]

#32131: `SetDeadline not implemented` errors in proxy-go output
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by cohosh):

 * Attachment "0001-Don-t-log-error-messages-from-SetDeadline.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24747 [Applications/Tor Browser]: add https://hooktube.com/

[Tor Bug Tracker & Wiki]

#24747: add https://hooktube.com/
--+--
 Reporter:  xqk94524  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 i won't recommend this. There are opensource and more secure and
 javascript free hidden service alternatives like
 [ The Tor Project]
 
http://axqzx4s6s54s32yentfqojs3x5i7faxza6xo3ehd4bzzsg2ii4fv2iid.onion/channel/UCglZ5lXxOpxFF281h6WBj3g

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27835 [Applications/Tor Browser]: Can't login to Protonmail when Tor Browser security level is max

[Tor Bug Tracker & Wiki]

#27835: Can't login to Protonmail when Tor Browser security level is max
--+---
 Reporter:  tpbt  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 This bug seems to be invalid since the TorButton *should* make websites
 that use excessive fingerprinting inoperable when on Max level.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32131 [Circumvention/Snowflake]: `SetDeadline not implemented` errors in proxy-go output

[Tor Bug Tracker & Wiki]

#32131: `SetDeadline not implemented` errors in proxy-go output
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by cohosh):

 I agree that we should not be printing out this many warnings.

 There are three ways to fix this:
 - undo these log messages from #31794 to not print out the returned error
 - change the SetDeadline (non)implementation to not return an error
 - implement SetDeadline for webRTCConn

 The last option is perhaps the "most correct" route but also isn't really
 necessary for us since the timeout of the websocket connection will cause
 the copyloop to end. I'm hesitant to add more code that isn't necessary to
 snowflake since there is also a potential for adding bugs.

 I guess I'd prefer just not logging the returned error.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15949 [Internal Services/Service - git]: Can we migrate internal SVN to a document store, wiki, or set of git repositories?

[Tor Bug Tracker & Wiki]

#15949: Can we migrate internal SVN to a document store, wiki, or set of git
repositories?
-+-
 Reporter:  nickm|  Owner:  tor-gitadm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #17202   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  needs_information => needs_review


Comment:

 i think the bottomline here is most people don't use this and arma is
 basically the only user. we are unsure about sue, but we ping'd her on it.
 we're waiting for a response, so let's wait another week for this.

 internal shutdown scheduled now for october 24th.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31147 [Core Tor/Tor]: Check tor_vasprintf for error return values.

[Tor Bug Tracker & Wiki]

#31147: Check tor_vasprintf for error return values.
--+
 Reporter:  paldium   |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.0.5
 Severity:  Normal| Resolution:
 Keywords:  042-can   |  Actual Points:
Parent ID:| Points:
 Reviewer:  ahf   |Sponsor:
--+
Changes (by ahf):

 * status:  needs_revision => needs_review
 * keywords:  035-backport 040-backport 041-backport 042-can => 042-can


Comment:

 I don't think this needs to be backported. I think the NULL dereference
 bugs would cause a crash at run-time if this had ever happened in the
 wild.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24747 [Applications/Tor Browser]: add https://hooktube.com/

[Tor Bug Tracker & Wiki]

#24747: add https://hooktube.com/
--+--
 Reporter:  xqk94524  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 HookTube has been crippled ever since YouTube API changed, and afaik it
 isn't opensource. Ticket should be closed as invalid at this point.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32123 [Core Tor/Tor]: Implement minimal --disable-relay-mode

[Tor Bug Tracker & Wiki]

#32123: Implement minimal --disable-relay-mode
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-design, network-team-roadmap-|  Actual Points:  1.5
  october|
Parent ID:  #31851   | Points:  1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 This looks pretty good; I've left some comments on the PR.

 One of the OSX builders timed out; I've restarted travis CI to see if it
 will be happier now.

 Travis is complaining that there is a merge conflict now that #32142 is
 in, but it looks easy enough to resolve.

 Right now, this will fail silently to start as a relay if the user says
 "ORPort 9000" when the relay module is disabled.  We should prioritize
 that as a next change, since it's a UI problem.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32124 [Core Tor/Tor]: Interpret --disable-module-dirauth=no correctly

[Tor Bug Tracker & Wiki]

#32124: Interpret --disable-module-dirauth=no correctly
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.4.1-alpha
 Severity:  Normal   | Resolution:  fixed
 Keywords:  042-backport, network-team-roadmap-  |  Actual Points:  0.2
  october, tor-build BugSmashFund|
Parent ID:  #32123   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by nickm):

 * keywords:  042-backport, network-team-roadmap-october, tor-build =>
 042-backport, network-team-roadmap-october, tor-build BugSmashFund


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32124 [Core Tor/Tor]: Interpret --disable-module-dirauth=no correctly

[Tor Bug Tracker & Wiki]

#32124: Interpret --disable-module-dirauth=no correctly
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.4.1-alpha
 Severity:  Normal   | Resolution:  fixed
 Keywords:  042-backport, network-team-roadmap-  |  Actual Points:  0.2
  october, tor-build |
Parent ID:  #32123   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed
 * milestone:  Tor: 0.4.3.x-final => Tor: 0.4.2.x-final


Comment:

 LGTM; merged to 0.4.2 and forward.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31147 [Core Tor/Tor]: Check tor_vasprintf for error return values.

[Tor Bug Tracker & Wiki]

#31147: Check tor_vasprintf for error return values.
-+-
 Reporter:  paldium  |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.5
 Severity:  Normal   | Resolution:
 Keywords:  035-backport 040-backport|  Actual Points:
  041-backport 042-can   |
Parent ID:   | Points:
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => needs_revision


Comment:

 This LGTM but the ticket says it is for backporting, and the branch is
 based against master.  Can I have a branch based on 035 if this is really
 for backport?

 Alternatively we could say that this is not for backport, and I'd be okay
 with that too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31810 [Core Tor]: Bug: ../src/lib/process/process_unix.c:265: process_unix_exec: Assertion line should be unreached failed; aborting.

[Tor Bug Tracker & Wiki]

#31810: Bug: ../src/lib/process/process_unix.c:265: process_unix_exec: Assertion
line should be unreached failed; aborting.
--+
 Reporter:  Parckwart |  Owner:  ahf
 Type:  defect| Status:  merge_ready
 Priority:  Very High |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor  |Version:  Tor: 0.4.1.5
 Severity:  Normal| Resolution:
 Keywords:  042-must, 041-regression  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => merge_ready


Comment:

 This LGTM. Merging to 0.4.2 and forward; marking for backport.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31497 [Circumvention/Snowflake]: Link Cupcake from snowflake.torproject.org

[Tor Bug Tracker & Wiki]

#31497: Link Cupcake from snowflake.torproject.org
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by dcf):

 Replying to [comment:2 arlolra]:
 > Note that the patch is missing the translation string in
 `proxy/static/_locales/en_US/messages.json` (alas, the redundancy there is
 unfortunate).

 Oops, I thought there was something like that but didn't find it when I
 looked. Added in
 https://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=link-
 cupcake=23d183ec07dc5b122bb1af0b031dd59f4d5168d5.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31091 [Core Tor/Tor]: Bug stracktrace when pluggable transport cannot bind to port

[Tor Bug Tracker & Wiki]

#31091: Bug stracktrace when pluggable transport cannot bind to port
--+
 Reporter:  s7r   |  Owner:  ahf
 Type:  defect| Status:  merge_ready
 Priority:  Very High |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  042-must  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => merge_ready
 * milestone:  Tor: 0.4.2.x-final => Tor: 0.4.1.x-final


Comment:

 LGTM. Merged to 0.4.2 and forward. Marked for backport.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31497 [Circumvention/Snowflake]: Link Cupcake from snowflake.torproject.org

[Tor Bug Tracker & Wiki]

#31497: Link Cupcake from snowflake.torproject.org
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by dcf):

 Replying to [comment:3 cypherpunks]:
 > Why would this be needed? Isn't it the case that Cupcake has a slower
 response rate from its maintainer (e.g. last time when bamsoftware.com was
 blacklisted and an update had to be done)?

 My reasoning: as a gesture of goodwill; because Cupcake's developer is a
 friend of the project; Cupcake already has a large and dedicated userbase;
 some people like the Cupcake UI better; according to my understanding,
 this is what we agreed to do at the last development meeting.

 I've emailed saint and asked him to comment on the idea. It's true that
 we've had some difficulty getting updates deployed, and that could be a
 disqualifier if it continues long-term, but possibly it is only a
 temporary thing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32145 [Internal Services/Tor Sysadmin Team]: please update my gpg key

[Tor Bug Tracker & Wiki]

#32145: please update my gpg key
-+-
 Reporter:  emmapeel |  Owner:  anarcat
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 done and pushed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32145 [Internal Services/Tor Sysadmin Team]: please update my gpg key

[Tor Bug Tracker & Wiki]

#32145: please update my gpg key
-+-
 Reporter:  emmapeel |  Owner:  anarcat
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * owner:  tpa => anarcat
 * status:  new => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32154 [Applications/Tor Launcher]: Tor Launcher's custom bridge field only allows one line of input

[Tor Bug Tracker & Wiki]

#32154: Tor Launcher's custom bridge field only allows one line of input
+---
 Reporter:  mcs |  Owner:  brade
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Launcher   |Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff68-esr, TorBrowserTeam201910  |  Actual Points:
Parent ID:  | Points:  0.5
 Reviewer:  |Sponsor:
+---

Comment (by gk):

 Not sure yet if it's too late. I am inclined to ship it in 9.0.1 instead
 of redoing our builds. Either way we could include it in 9.5a1 to give it
 more testing if you'd give me a patch today-ish. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21549 [Applications/Tor Browser]: Investigate wasm for linkability/fingerprintability/disk avoidance issues

[Tor Bug Tracker & Wiki]

#21549: Investigate wasm for linkability/fingerprintability/disk avoidance 
issues
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff68-esr, tbb-9.0,   |  Actual Points:
  TorBrowserTeam201910R  |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by sysrqb):

 * status:  new => needs_review
 * keywords:  ff68-esr, tbb-9.0, TorBrowserTeam201910 => ff68-esr, tbb-9.0,
 TorBrowserTeam201910R


Comment:

 I have two branches - one for tor-browser (deleting the override) and the
 other for torbutton (adding as a pref controlled by the security slider).

 Both branches are named `bug21549_00`.

 https://github.com/sysrqb/torbutton/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32142 [Metrics/Onionoo]: Release Onionoo 7.0-1.21.0

[Tor Bug Tracker & Wiki]

#32142: Release Onionoo 7.0-1.21.0
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gaba):

 Hey! Should we send announcements to the tor mailing list about onionoo,
 collector, metrics lib releases?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32154 [Applications/Tor Launcher]: Tor Launcher's custom bridge field only allows one line of input

[Tor Bug Tracker & Wiki]

#32154: Tor Launcher's custom bridge field only allows one line of input
-+-
 Reporter:  mcs  |  Owner:  brade
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Launcher   |   Keywords:  ff68-esr,
 Severity:  Normal   |  TorBrowserTeam201910
Actual Points:   |  Parent ID:
   Points:  0.5  |   Reviewer:
  Sponsor:   |
-+-
 In the ESR68-based Tor Browser, Tor Launcher's custom bridge input field
 only allows one line of input. Some detective work reveals that Mozilla
 was in the process of removing XUL `textbox` during the ESR68 cycle and
 now it has been completely removed (for Firefox 71):
 https://bugzilla.mozilla.org/show_bug.cgi?id=1513325

 They have switched everything to use `html:input` and `html:textarea` and
 we will need to do the same, eventually. Prior to ESR68, they removed
 support for multiline `textbox` elements, which is the cause of the custom
 bridge field breakage.

 We are working on a fix, although I guess it is too late for Tor Browser
 9.0? I wish we would have noticed this sooner.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32134 [Circumvention/BridgeDB]: Request new translation and update i18n instructions

[Tor Bug Tracker & Wiki]

#32134: Request new translation and update i18n instructions
+---
 Reporter:  phw |  Owner:  phw
 Type:  task| Status:  merge_ready
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  s30-o22a3   |  Actual Points:
Parent ID:  #31279  | Points:  0.2
 Reviewer:  cohosh  |Sponsor:  Sponsor30-can
+---
Changes (by cohosh):

 * status:  needs_review => merge_ready


Comment:

 Looks good!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32105 [Circumvention/BridgeDB]: brid...@torproject.org don't respond

[Tor Bug Tracker & Wiki]

#32105: brid...@torproject.org don't respond
+--
 Reporter:  mh828   |  Owner:  phw
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  cohosh  |Sponsor:  Sponsor30
+--

Comment (by cohosh):

 I left a comment on the commit but otherwise it looks good.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31497 [Circumvention/Snowflake]: Link Cupcake from snowflake.torproject.org

[Tor Bug Tracker & Wiki]

#31497: Link Cupcake from snowflake.torproject.org
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cohosh):

 Thanks for working on this. The background app thing is cool, but I'm
 wondering if those unfamiliar with webextensions will find the distinction
 confusing since the Snowflake extensions also run in the background, it's
 just that it will stop running when the user closes the browser.

 Perhaps we just don't mention that detail on the webpage and move forward
 on #31288 so Snowflake has it too?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32153 [Community/Tor Browser Manual]: ensure merged content gives correct location for onion icon

[Tor Bug Tracker & Wiki]

#32153: ensure merged content gives correct location for onion icon
+--
 Reporter:  bluemoon|  Owner:  ggus
 Type:  defect  | Status:  new
 Priority:  Medium  |  Component:  Community/Tor Browser Manual
  Version:  |   Severity:  Normal
 Keywords:  documentation,  |  Actual Points:
  tbb   |
Parent ID:  #29856  | Points:
 Reviewer:  |Sponsor:
+--
 Cross-referencing this ticket:

 https://dip.torproject.org/torproject/web/manual/issues/17

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32103 [Core Tor/Tor]: Subsystem "thread_cleanup" is never called

[Tor Bug Tracker & Wiki]

#32103: Subsystem "thread_cleanup" is never called
--+
 Reporter:  opara |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  042-should|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31941 [Metrics/Onionoo]: Old reverse DNS lookups are sometimes not cleared properly

[Tor Bug Tracker & Wiki]

#31941: Old reverse DNS lookups are sometimes not cleared properly
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by karsten):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks for the review! Merged, released, and deployed.

 No host name entry for relay t6kexit1 anymore:
 
https://metrics.torproject.org/rs.html#details/64186B8BCD83E31CEFCE3018334E8C7DBBD04963

 Closing!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()

[Tor Bug Tracker & Wiki]

#30920: Detect uint64 overflow in config_parse_units()
---+
 Reporter:  nickm  |  Owner:  (none)
 Type:  defect | Status:  needs_revision
 Priority:  Low|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Minor  | Resolution:
 Keywords:  easy overflow  |  Actual Points:  0.2
Parent ID: | Points:
 Reviewer:  teor   |Sponsor:
---+

Comment (by guigom):

 No problem! I can see the comments now :-)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31091 [Core Tor/Tor]: Bug stracktrace when pluggable transport cannot bind to port

[Tor Bug Tracker & Wiki]

#31091: Bug stracktrace when pluggable transport cannot bind to port
--+
 Reporter:  s7r   |  Owner:  ahf
 Type:  defect| Status:  needs_revision
 Priority:  Very High |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  042-must  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+

Comment (by ahf):

 1) These assertions and BUG() statements were added by me to figure out if
 these cases could ever trigger when we rewrote the process library for s8.
 I can't think of any easy way to test these without quite some refactoring
 of the transports.c file (which would be lovely to do though)

 2) I have made the new PR against 0.4.0.

 3) These cases are legitimate and can happen, so I don't think we should
 log anything particularly here. The important part being the exit handler
 is always called.

 I have created a new PR against maint-0.4.0 which can be seen here:
 https://github.com/torproject/tor/pull/1396

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31091 [Core Tor/Tor]: Bug stracktrace when pluggable transport cannot bind to port

[Tor Bug Tracker & Wiki]

#31091: Bug stracktrace when pluggable transport cannot bind to port
--+
 Reporter:  s7r   |  Owner:  ahf
 Type:  defect| Status:  needs_review
 Priority:  Very High |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  042-must  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by ahf):

 * status:  needs_revision => needs_review


Comment:

 Requesting review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31810 [Core Tor]: Bug: ../src/lib/process/process_unix.c:265: process_unix_exec: Assertion line should be unreached failed; aborting.

[Tor Bug Tracker & Wiki]

#31810: Bug: ../src/lib/process/process_unix.c:265: process_unix_exec: Assertion
line should be unreached failed; aborting.
--+
 Reporter:  Parckwart |  Owner:  ahf
 Type:  defect| Status:  needs_review
 Priority:  Very High |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor  |Version:  Tor: 0.4.1.5
 Severity:  Normal| Resolution:
 Keywords:  042-must, 041-regression  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by ahf):

 * status:  needs_revision => needs_review


Comment:

 CI looks happy. Let's get this reviewed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25957 [Core Tor/Tor]: Tor 0.3.3.5-rc died: Caught signal 11

[Tor Bug Tracker & Wiki]

#25957: Tor 0.3.3.5-rc died: Caught signal 11
+---
 Reporter:  Pine64ARMv8 |  Owner:  (none)
 Type:  defect  | Status:  needs_information
 Priority:  Medium  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:  Tor: 0.3.3.5-rc
 Severity:  Normal  | Resolution:
 Keywords:  crash, openssl  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---

Comment (by cypherpunks):

 Hi this is not my ticket, but i can give this info in my case where it
 just happened with latest stable again:

 {{{
 Oct 17 06:46:25.062 [notice] Tor 0.4.1.6 running on Windows 10 [or later]
 with Libevent 2.1.11-stable, OpenSSL 1.1.1, Zlib 1.2.11, Liblzma 5.2.4,
 and Libzstd 1.4.3.
 }}}
 ...
 {{{
 Oct 17 07:08:48.000 [info] {APP} connection_edge_process_relay_cell():
 1632: end cell (closed normally) for stream 6445. Removing stream.
 Oct 17 07:08:49.000 [info] {GENERAL} circuit_mark_for_close_(): Circuit
 2112127911 (id: 151) marked for close at circuituse.c:1524 (orig reason:
 9, new reason: 0)
 Oct 17 07:08:49.000 [info] {GENERAL} circuit_mark_for_close_(): Circuit
 2550036626 (id: 221) marked for close at circuituse.c:1524 (orig reason:
 9, new reason: 0)
 Oct 17 07:08:49.000 [info] {CIRC} circuit_free_(): Circuit 0 (id: 151) has
 been freed.
 Oct 17 07:08:49.000 [info] {CIRC} circuit_free_(): Circuit 0 (id: 221) has
 been freed.
 Oct 17 07:08:49.000 [info] {BTRACK} bto_status_rcvr(): ORCONN DELETE
 gid=135 status=3 reason=7
 Oct 17 07:09:24.000 [warn] {BUG} tor_bug_occurred_(): Bug:
 buffers_tls.c:73: buf_read_from_tls: Non-fatal assertion !(buf->datalen >=
 INT_MAX - at_most) failed. (Future instances of this warning will be
 silenced.) (on Tor 0.4.1.6 )
 Oct 17 07:09:24.000 [warn] {BUG} Bug: Non-fatal assertion !(buf->datalen
 >= INT_MAX - at_most) failed in buf_read_from_tls at buffers_tls.c:73.
 (Stack trace not available) (on Tor 0.4.1.6 )
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()

[Tor Bug Tracker & Wiki]

#30920: Detect uint64 overflow in config_parse_units()
---+
 Reporter:  nickm  |  Owner:  (none)
 Type:  defect | Status:  needs_revision
 Priority:  Low|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Minor  | Resolution:
 Keywords:  easy overflow  |  Actual Points:  0.2
Parent ID: | Points:
 Reviewer:  teor   |Sponsor:
---+

Comment (by nickm):

 Oh no!  It looks like I didn't hit the "submit review" button.  I'm sorry
 about that; can you see the comments now?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32137 [Core Tor/Tor]: Split feature/include.am out of core/include.am

[Tor Bug Tracker & Wiki]

#32137: Split feature/include.am out of core/include.am
--+--
 Reporter:  teor  |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-design|  Actual Points:
Parent ID:  #31851| Points:  0.5
 Reviewer:|Sponsor:  Sponsor31-can
--+--

Comment (by nickm):

 The original rationale was that since we do not yet have good (downward
 dependencies only) factoring for the layers higher than `src/lib`, we
 can't yet build them as separate libraries.  But you're right that this
 shouldn't stop us from having separate include files here.

 If we take this approach, we should probably ahve one include.am file per
 subdirectory, as we do for src/lib, and just base them on a different
 template.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13543 [Applications/Tor Browser]: HTML5 media support may lead to fingerprinting

[Tor Bug Tracker & Wiki]

#13543: HTML5 media support may lead to fingerprinting
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting,  |  Actual Points:
  TorBrowserTeam201910   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-fingerprinting, ff68-esr, TorBrowserTeam201910 => tbb-
 fingerprinting, TorBrowserTeam201910


Comment:

 The ff68-esr specific bits are gone.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18862 [Applications/Tor Browser]: Make sure the Presentation API is no risk for our users

[Tor Bug Tracker & Wiki]

#18862: Make sure the Presentation API is no risk for our users
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff78-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  ff68-esr => ff78-esr


Comment:

 We are still good here I think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21065 [Applications/Tor Browser]: Make it easier to switch between security levels in Tor Browser

[Tor Bug Tracker & Wiki]

#21065: Make it easier to switch between security levels in Tor Browser
-+-
 Reporter:  zhr  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-torbutton, tbb-security-slider,  |  Actual Points:
  tbb-usability  |
Parent ID:  #20843   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 We actually settled for a version in Tor Browser 8.5. There are no plans
 to do yet another iteration right now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31658 [Applications/Tor Browser]: The "Security Level" text is hard to read in dark mode

[Tor Bug Tracker & Wiki]

#31658: The "Security Level" text is hard to read in dark mode
-+-
 Reporter:  Dbryrtfbcbhgf|  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff68-esr, TorBrowserTeam201910,  |  Actual Points:
  tbb-security-slider|
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  ff68-esr, TorBrowserTeam201910 => ff68-esr,
 TorBrowserTeam201910, tbb-security-slider


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32149 [Applications/Tor Browser]: Grey bars on resized Tor Browser window

[Tor Bug Tracker & Wiki]

#32149: Grey bars on resized Tor Browser window
--+---
 Reporter:  Zarko_Gjurov  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by Thorin):

 There's a lot of inaccuracies in that article, but how letterboxing works
 is pretty much on point :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #32069, #32070, #32072, #32074, ...

[Tor Bug Tracker & Wiki]

Batch modification to #32069, #32070, #32072, #32074, #32075, #32077, #32078, 
#32079, #32080, #32081, #32082, #32083, #32084, #32085 by gk:


Comment:
Nothing related to ff68-esr transition.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31209 [Applications/Tor Browser]: View PDF in Tor browser is fuzzy

[Tor Bug Tracker & Wiki]

#31209: View PDF in Tor browser is fuzzy
--+---
 Reporter:  null  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  ff68-esr-will-have|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor44-can
--+---
Changes (by gk):

 * keywords:  ff68-esr => ff68-esr-will-have
 * status:  new => closed
 * resolution:   => fixed


Comment:

 We got this in esr68, closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28745 [Applications/Tor Browser]: THE Torbutton clean-up

[Tor Bug Tracker & Wiki]

#28745: THE Torbutton clean-up
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton, TorBrowserTeam201910  |  Actual Points:
Parent ID:  #30506   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  tbb-torbutton, TorBrowserTeam201910R => tbb-torbutton,
 TorBrowserTeam201910
 * status:  needs_review => needs_revision
 * parent:   => #30506


Comment:

 We'd want to have this rebased I think (sorry for the delay).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31120 [Applications/Tor Browser]: Enable AssertSystemPrincipalMustNotLoadRemoteDocuments

[Tor Bug Tracker & Wiki]

#31120: Enable AssertSystemPrincipalMustNotLoadRemoteDocuments
--+---
 Reporter:  tom   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff68-esr  |  Actual Points:
Parent ID:  #28707| Points:
 Reviewer:|Sponsor:  Sponsor44-can
--+---

Comment (by gk):

 Alpha material but might miss 9.5a1. The bug in question is:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1513445.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32152 [Webpages/Website]: https://support.torproject.org/mk/tbb/tbb-2/ is giving a 404

[Tor Bug Tracker & Wiki]

#32152: https://support.torproject.org/mk/tbb/tbb-2/ is giving a 404
--+-
 Reporter:  gk|  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal|   Keywords:  tbb-9.0
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 As mentioned in comment:4:ticket:31961:
 {{{
 After: "Your Guard node may not change." string, "Learn more" link goes on
 the dead link:
 ​https://support.torproject.org/mk/tbb/tbb-2/
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31961 [Applications/Tor Browser]: 'Learn more' links on security settings are not working

[Tor Bug Tracker & Wiki]

#31961: 'Learn more' links on security settings are not working
-+-
 Reporter:  Zarko_Gjurov |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-security-slider, |  Actual Points:
  TorBrowserTeam201910, tbb-9.0  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  assigned => closed
 * points:  0.5 =>
 * resolution:   => fixed


Comment:

 This bug got actually fixed by #31748. You bug 2 got fixed in #31286. Both
 are making it into the upcoming 9.0 and 9.5a1.

 I've filed a new ticket for your Bug 1: #32152.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32151 [Applications/Tor Browser]: Investigate RemoteSettings requests params and try to reduce info leaked about local state

[Tor Bug Tracker & Wiki]

#32151: Investigate RemoteSettings requests params and try to reduce info leaked
about local state
--+-
 Reporter:  acat  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-linkability
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 From https://trac.torproject.org/projects/tor/ticket/31740#comment:7:

 >One concern is that the different parameters (etag, timestamps...) might
 be leaking enough info about the user state that it allows linking
 together requests done over time as belonging to the same user. In
 principle, the request parameters depend on the values returned in
 previous responses, and these seem not to change very often. I did not do
 a deep analysis, but I feel like we would not lose too much by doing the
 same requests without parameters (as if there was no previous state in the
 browser). I don't see the responses being so big, nor the requests done so
 often.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30939 [Applications/Tor Browser]: Use Firefox's Enhanced Tracking Protection as a means for performance improvements

[Tor Bug Tracker & Wiki]

#30939: Use Firefox's Enhanced Tracking Protection as a means for performance
improvements
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-performance, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by acat):

 Note: we might want to reenable the `UrlClassifierSkipListService` that we
 disabled in #31740.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32149 [Applications/Tor Browser]: Grey bars on resized Tor Browser window

[Tor Bug Tracker & Wiki]

#32149: Grey bars on resized Tor Browser window
--+---
 Reporter:  Zarko_Gjurov  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * component:  Core Tor => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32149 [Core Tor]: Grey bars on resized Tor Browser window

[Tor Bug Tracker & Wiki]

#32149: Grey bars on resized Tor Browser window
--+---
 Reporter:  Zarko_Gjurov  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:
Component:  Core Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 It's a feature, called letterboxing, to defend against fingerprinting of
 your screen dimensions. It got even press coverage:
 https://www.zdnet.com/article/firefox-to-add-tor-browser-anti-
 fingerprinting-technique-called-letterboxing/.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28709 [Applications/Tor Browser]: Enable Fuzzyfox

[Tor Bug Tracker & Wiki]

#28709: Enable Fuzzyfox
-+-
 Reporter:  tom  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910  |
Parent ID:  #28707   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => needs_review
 * keywords:  TorBrowserTeam201911 => TorBrowserTeam201910R,
   GeorgKoppen201910
 * points:   => 0.1
 * actualpoints:   => 0.1


Comment:

 Replying to [comment:2 gk]:
 > That seems to be a pref flip away (`privacy.fuzzyfox.enabled`). We
 should pick that for 9.5a1.

 `bug_28709 (https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_28709=198d9ec1b5cb68649963e425ac7734bf69dff263)
 in my `tor-browser` repository has that change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32150 [Applications/Tor Browser]: nsHttpDigestAuth cnonce exposes rand() values

[Tor Bug Tracker & Wiki]

#32150: nsHttpDigestAuth cnonce exposes rand() values
--+
 Reporter:  acat  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-fingerprinting
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Similar concerns as #22919.

 `rand()` is used to calculate the `cnonce` in https://searchfox.org
 /mozilla-
 
esr68/rev/8a8a004bc8de67bab762f1dfcea7683ba81311ce/netwerk/protocol/http/nsHttpDigestAuth.cpp#300,
 which is sent to the server.

 Even though it's only leaking some bits per `rand()` call, it might still
 be possible to recover the seed (e.g. with something like
 https://github.com/Z3Prover/z3, or maybe easier, not sure). Depending on
 how often `srand` is called this might be equivalent to a session id (per
 content process?). Well, the usual problems that guessing the seed of a
 global PRNG has.

 I think we should investigate this, or just directly patch as I don't see
 many drawbacks of having secure random numbers here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32149 [Core Tor]: Grey bars on resized Tor Browser window

[Tor Bug Tracker & Wiki]

#32149: Grey bars on resized Tor Browser window
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Component:  Core Tor
  Version:|   Severity:  Major
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 In alpha 9.0.8 when user resizes the window of Tor Browser, then grey bars
 are around the window from inside, is that a new undocumented feature or
 is a bug?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32148 [Community/Translations]: "No Script" translations for MK locale are not updated.

[Tor Bug Tracker & Wiki]

#32148: "No Script" translations for MK locale are not updated.
--+
 Reporter:  Zarko_Gjurov  |  Owner:  emmapeel
 Type:  defect| Status:  new
 Priority:  Medium|  Component:  Community/Translations
  Version:|   Severity:  Normal
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
 As title says,
 "No Script" translations for MK locale are not updated in last Tor alpha
 version 9.0.8.
 Both "No Script" files marked as "Chrome" and "Firefox" on Transifex are
 100% translated and reviewed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31961 [Applications/Tor Browser]: 'Learn more' links on security settings are not working

[Tor Bug Tracker & Wiki]

#31961: 'Learn more' links on security settings are not working
-+-
 Reporter:  Zarko_Gjurov |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security-slider, |  Actual Points:
  TorBrowserTeam201910, tbb-9.0  |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by Zarko_Gjurov):

 The bug is still not fixed in alpha 9.0.8, beside this I've found two more
 bugs related to the "Learn more" links.

 New found bugs in Alpha 9.0.8:
 Bug 1:
 After: "Your Guard node may not change." string, "Learn more" link goes on
 the dead link:
 https://support.torproject.org/mk/tbb/tbb-2/

 Bug 2:
 In:
 about:preferences#tor
 Section: Advanced
 Link "Learn More" after string: "Configure how Tor Browser connects to the
 Internet." opens empty new "Private Browsing" tab.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32147 [Applications/Tor Browser]: Update Tor Browser release incantations with changes for 9.0

[Tor Bug Tracker & Wiki]

#32147: Update Tor Browser release incantations with changes for 9.0
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  TorBrowserTeam201910,
 Severity:  Normal   |  GeorgKoppen201910
Actual Points:   |  Parent ID:
   Points:  0.1  |   Reviewer:
  Sponsor:   |
-+-
 Tor Browser 9 brings a bunch of new changes like notarization support for
 macOS and no separate Torbutton code anymore. We should go over our
 release incantations and update them where needed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31989 [Applications/Tor Browser]: Backport backout of old mingw-gcc patch for 9.5a1

[Tor Bug Tracker & Wiki]

#31989: Backport backout of old mingw-gcc patch for 9.5a1
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:
  GeorgKoppen201910  |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201910, GeorgKoppen201910 =>
 TorBrowserTeam201910R, GeorgKoppen201910
 * status:  new => needs_review


Comment:

 `bug_31989` (https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_31989=e2e954a209e0f08c4c191b2f3562ffd03703b8f9)
 in my `tor-browser` repo has the backport up for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32146 [Metrics/CollecTor]: Release CollecTor 1.12.0

[Tor Bug Tracker & Wiki]

#32146: Release CollecTor 1.12.0
---+--
 Reporter:  karsten|  Owner:  karsten
 Type:  task   | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+--
 Let's release CollecTor 1.12.0 in order to get #19332 deployed. I already
 did this a couple minutes ago, this ticket documents this effort.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32146 [Metrics/CollecTor]: Release CollecTor 1.12.0

[Tor Bug Tracker & Wiki]

#32146: Release CollecTor 1.12.0
---+-
 Reporter:  karsten|  Owner:  karsten
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Changes (by karsten):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Release: https://dist.torproject.org/collector/1.12.0/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32132 [Applications/Tor Browser]: Re-enable jemalloc for Windows users

[Tor Bug Tracker & Wiki]

#32132: Re-enable jemalloc for Windows users
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201910R,   |  Actual Points:  0.1
  GeorgKoppen201910, tbb-rbm |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201910, GeorgKoppen201910, tbb-rbm =>
 TorBrowserTeam201910R, GeorgKoppen201910, tbb-rbm
 * status:  new => needs_review
 * actualpoints:   => 0.1


Comment:

 `bug_32132_v3` (https://gitweb.torproject.org/user/gk/tor-browser-
 build.git/commit/?h=bug_32132_v3=6eb2302e2de687d08ada1916f02ae8b15202e305)
 has a patch for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31684 [Core Tor/Tor]: Add control port GETINFO support for dumping the local consensus

[Tor Bug Tracker & Wiki]

#31684: Add control port GETINFO support for dumping the local consensus
-+-
 Reporter:  asn  |  Owner:  (none)
 Type:  task | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  control-port easy extra-review   |  Actual Points:
  nickm-merge dgoulet-merge  |
Parent ID:   | Points:  1
 Reviewer:  asn  |Sponsor:
-+-
Changes (by teor):

 * keywords:  control-port easy extra-review => control-port easy extra-
 review nickm-merge dgoulet-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31524 [Core Tor/Tor]: GETINFO bw-event-cache spike value(s) in it

[Tor Bug Tracker & Wiki]

#31524: GETINFO bw-event-cache  spike value(s) in it
--+--
 Reporter:  toralf|  Owner:  (none)
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.4.1.4-rc
 Severity:  Normal| Resolution:
 Keywords:  042-should|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * keywords:  042-should, security-low => 042-should
 * owner:  teor => (none)
 * milestone:  Tor: 0.4.2.x-final => Tor: unspecified


Comment:

 This doesn't look like a security issue, so I don't think we need to fix
 it in 0.4.2.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32123 [Core Tor/Tor]: Implement minimal --disable-relay-mode

[Tor Bug Tracker & Wiki]

#32123: Implement minimal --disable-relay-mode
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-design, network-team-roadmap-|  Actual Points:  1.5
  october|
Parent ID:  #31851   | Points:  1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by teor):

 * status:  assigned => needs_review
 * reviewer:   => nickm
 * actualpoints:   => 1.5


Comment:

 This was a bit more complicated than I expected: a few of our check
 scripts expect relay mode.

 Here's what this PR does:
 0. Depends on the fixes in #32124, to avoid conflicts
 1. Define --disable-module-relay, and make it imply --disable-module-
 dirauth
 2. Disables relay and dircache modes when --disable-module-relay is set
 3. Skips checks that don't work when --disable-module-relay is set
 4. Adds alternative outputs for disable module relay to the parseconf
 checks
   a. Adds extra parseconf checks for dirauth mode, with alternative
 outputs
 5. Adds a CI job for --disable-module-relay
 6. Updates doc/HACKING/Modules.md

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32145 [Internal Services/Tor Sysadmin Team]: please update my gpg key

[Tor Bug Tracker & Wiki]

#32145: please update my gpg key
-+-
 Reporter:  emmapeel |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512



 Please update my gpg key with fingerprint:

 B885 D8DC E017 3B42 A402  021F 364E 1DEA 2C4F 8835

 This is my key on the LDAP database, but I have renewed it's expiration
 date
 and also it has a new userid with my torproject email address.

 So, I sign this message with the same key as well.

 Thanks in advance!

 emmapeel

 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEEuIXY3OAXO0KkAgIfNk4d6ixPiDUFAl2pcxsACgkQNk4d6ixP
 iDVLmhAAtNVuCW4IATHfXODnQCDLrTbgbj490AcAWMohyGTbOB8VRgCyWh06fwNI
 f+2teVFM2826Q8FSsLXiXufYb8nAQhnbFqbR9QgXyEXZ9eG1TUvldSgzMO6hx199
 i2J7xKwIYMe7eGYgheJvML+MhPvmeD4H6hNJihG3+sUA0HOS8NzF8wy+SdqjqGwB
 0iH3NqBPZ0vhb0W8wqwzKrFb13Moceo11FoTFox8VBJBQ1SxENfJII2knIOvmrbU
 a5sd/Ru+Jv+vEf7ZUbwtrZotpCHJFjWTi6gCQ2YVFapXXlh0Jlo6G7z6wyjT2yvw
 TCFJCaHw98k9Itg8c55X4hLjIK7fECuYaJsiqwDTc4BISbL1nwv5Pzb0MGQFh4Ia
 FIoEfbHscHqhPjZ1M6Css19uOStQpIqnUKXQ3RvLQsRdrwmz+BtDiVb5sAiWn3AH
 p/Sxy1ZCKWCjYCYjNQNwPgaxRj7HhxuTnWRu/lUpEzhrFEhtvGX+vyuBL8tsB8Ns
 bHOT6daHkqcV1O88J3sdbxYblgi6ur7wmpWEqUZIgXRKM+ILzNP08yHDaOAE/4oi
 4+xpmnZXoXypzXXDVvKR2NflGpjGufoA4e4o6twp26/IMZpPKn1lYza8hkWaTAv9
 QXOF5VyEkrQL6mmso0tpyrdtO1ZH2cZ8MkAx7wFFm+Gi4entNbM=
 =22yn
 -END PGP SIGNATURE-

 }}}

 also, i attach the key just in case

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32145 [Internal Services/Tor Sysadmin Team]: please update my gpg key

[Tor Bug Tracker & Wiki]

#32145: please update my gpg key
-+-
 Reporter:  emmapeel |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by emmapeel):

 * Attachment "emma peel emmap...@torproject.org (0x364E1DEA2C4F8835)
 pub.asc" added.

 updated key

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32144 [Metrics/Library]: Release metrics-lib 2.8.0

[Tor Bug Tracker & Wiki]

#32144: Release metrics-lib 2.8.0
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by karsten):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Release: https://dist.torproject.org/metrics-lib/2.8.0/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32144 [Metrics/Library]: Release metrics-lib 2.8.0

[Tor Bug Tracker & Wiki]

#32144: Release metrics-lib 2.8.0
-+--
 Reporter:  karsten  |  Owner:  karsten
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 We need a new metrics-lib release that contains `BridgedbMetrics` added in
 #19332. I already put out this release, and this tickets documents this
 effort.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19332 [Metrics/CollecTor]: Add a BridgeDB module

[Tor Bug Tracker & Wiki]

#19332: Add a BridgeDB module
-+-
 Reporter:  mrphs|  Owner:  karsten
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/CollecTor|Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-roadmap-2019-q2, anti-   |  Actual Points:
  censorship-roadmap-september, s30-o21a1|
Parent ID:  #31274   | Points:  8
 Reviewer:  irl  |Sponsor:
 |  Sponsor30-must
-+-
Changes (by karsten):

 * status:  needs_review => merge_ready


Comment:

 Setting to merge_ready as per irl's statement during yesterday's meeting:
 ''"15:41:20  i think it's ok to merge it and i can review the test
 cases retroactively"''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32124 [Core Tor/Tor]: Interpret --disable-module-dirauth=no correctly

[Tor Bug Tracker & Wiki]

#32124: Interpret --disable-module-dirauth=no correctly
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.4.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  042-backport, network-team-roadmap-  |  Actual Points:  0.2
  october, tor-build |
Parent ID:  #32123   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by teor):

 * keywords:  network-team-roadmap-october, tor-build, no-backport? =>
 042-backport, network-team-roadmap-october, tor-build


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32124 [Core Tor/Tor]: Interpret --disable-module-dirauth=no correctly

[Tor Bug Tracker & Wiki]

#32124: Interpret --disable-module-dirauth=no correctly
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.4.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-october, tor-   |  Actual Points:  0.2
  build, no-backport?|
Parent ID:  #32123   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by teor):

 * status:  needs_revision => needs_review
 * actualpoints:   => 0.2


Comment:

 We also made a similar mistake with jemalloc, although that one looks like
 a typo.

 So I'm putting this back up for review, feel free to merge it straight
 after review.

 See my pull request:
 * 0.4.2: https://github.com/torproject/tor/pull/1427

 The master merge is clean, the test branch is at:
 * https://github.com/teor2345/tor/branches/all?query=bug32124

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32142 [Metrics/Onionoo]: Release Onionoo 7.0-1.21.0

[Tor Bug Tracker & Wiki]

#32142: Release Onionoo 7.0-1.21.0
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by karsten):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Release: https://dist.torproject.org/onionoo/7.0-1.21.0/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()

[Tor Bug Tracker & Wiki]

#30920: Detect uint64 overflow in config_parse_units()
---+
 Reporter:  nickm  |  Owner:  (none)
 Type:  defect | Status:  needs_revision
 Priority:  Low|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Minor  | Resolution:
 Keywords:  easy overflow  |  Actual Points:  0.2
Parent ID: | Points:
 Reviewer:  teor   |Sponsor:
---+

Comment (by guigom):

 Replying to [comment:27 nickm]:
 > (See the comments on the PR for more information)

 Hi Nick. I've looked in the PR and found no comments from you. Just
 checking that I'm not missing anything. Thank you in advance!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32138 [Applications/Tor Browser]: Clicking the 'new Identity' button in full screen causes the top and bottom of the browser to show white bars that do not go away

[Tor Bug Tracker & Wiki]

#32138: Clicking the 'new Identity' button in full screen causes the top and 
bottom
of the browser to show white bars that do not go away
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Thorin):

 Thanks for the vid

 **I'm not mac savvy at all**, so correct me if I'm wrong. But to me it
 looks like letterboxing it's working as it's meant to, except I don't
 fully understand the mac actions (and the video is too fast for an old guy
 like me). OK, I downloaded the vid and am playing it locally at super slow
 speed :) I'm typping comments as I go, so it might get a little messy

 Some comments
 - That doesn't look like FS (full screen) to me (the urlbar is still
 visible), that looks like maximizing. However, letterboxing doesn't
 distinguish those, and should work the same way.
 - When you open TB and the size is perfect (no letterboxing), e.g
 1000x1000 and you go FS and then non-FS (i.e you return to the original
 state), or go maximized and then restore: well, of course the restored
 state will not have letterboxing, because it didn't before you
 maximized/FS'ed it.


 This is what I see:
 - 12 secs: you start tor, etc
 - 15 secs: it has loaded chrome but no content (pale grey)
 - 16 secs: it has loaded the Tor Browser purple text in the urlbar
 - 17 secs: it has loaded the content (the purple page). It is not
 letterboxed (therefore it is in multiples of `200`x`100` or see **note**
 below), and the size has not changed from first paint
 - 18/19 seconds - you have clicked the `green` button, and it transitions
 to a maximized state and letterboxing kicks in (it doesn't look vertically
 centered)
 - 21 seconds - you have clicked the `green` button again, and it restores
 and the letterboxing has gone. It is back at the same size. I took screen
 shots of each stage and compared them
 - **Note**: sometimes, letterboxing does not kick in on the very first
 page load: I have not seen this in TB, but I get it every time on my
 Firefox. My landing/home page of speed dials loads before letterboxing.
 It's a speed/racy thing. I can't tell if this is the case in your vid.

 So at this stage, that part is working fine AFAICT

 ---

 The first part of the video
 - 0 secs: TB is open, no letterboxing
 - 1 secs: you click the green button, it maximizes, gets letterboxed
 - 2 secs: you click new ID
 - 3 secs: the existing window is closed
 - 4 secs: a new window opens, but the size is **full height** (it wasn't
 when you started TB at the 12+ sec mark)
 - 5 secs: the purple tor page is loaded and letterboxing has kicked it, as
 it should **because the inner window height** is not what it should be, it
 is trying to use **full height**


 When you go new ID, all exiting windows are destroyed and you get a brand
 new one which does not respect any previous window sizes or states

 It might help is you grabbed the inner window screen measurements at each
 step: e.g load
 https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html - but I
 don't think that there is a problem with that.

 The problem seems to be that, on Mac, the new window height is not
 adjusted

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32071 [Core Tor/Tor]: Remove perl scripts from development process?

[Tor Bug Tracker & Wiki]

#32071: Remove perl scripts from development process?
--+--
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by teor:

Old description:

> There are a few perl5 scripts in our development process:
>
> {{{
> [1099]$ git grep /usr/bin/perl
>  [...]
> contrib/or-tools/checksocks.pl:#!/usr/bin/perl -w
> scripts/coccinelle/test-operator-cleanup:#!/usr/bin/perl -w -p -i
> scripts/codegen/gen_linux_syscalls.pl:#!/usr/bin/perl -w
> scripts/maint/checkLogs.pl:#!/usr/bin/perl -w
> scripts/maint/checkOptionDocs.pl.in:#!/usr/bin/perl -w
> scripts/maint/checkSpace.pl:#!/usr/bin/perl
> scripts/maint/check_config_macros.pl:#!/usr/bin/perl -w
> scripts/maint/findMergedChanges.pl:#!/usr/bin/perl
> scripts/maint/updateCopyright.pl:#!/usr/bin/perl -i -w -p
> scripts/test/cov-exclude:#!/usr/bin/perl -p -i
> }}}
>
> We could do any of the following:
>* Declare that perl5 is lovely and we don't care.
>* Declare that perl5 is ugly but not really a problem.
>* Declare that we will no longer require perl, and migrate all of
> these scripts to python and/or bash+sed+awk+etc
>* Declare that we will only allow perl as a "better sed/awk", and
> migrate all of the more complex scripts to python and/or bash+sed+awk,
> but leaves the others asd perl.
>
> I am excluding these possibilities, but the imp of the perverse demands
> that I mention them:
>* Migrate to perl6 ^W raku

New description:

 There are a few perl5 scripts in our development process:

 {{{
 [1099]$ git grep /usr/bin/perl
  [...]
 contrib/or-tools/checksocks.pl:#!/usr/bin/perl -w
 scripts/coccinelle/test-operator-cleanup:#!/usr/bin/perl -w -p -i
 scripts/codegen/gen_linux_syscalls.pl:#!/usr/bin/perl -w
 scripts/maint/checkLogs.pl:#!/usr/bin/perl -w
 scripts/maint/checkOptionDocs.pl.in:#!/usr/bin/perl -w
 scripts/maint/checkSpace.pl:#!/usr/bin/perl
 scripts/maint/check_config_macros.pl:#!/usr/bin/perl -w
 scripts/maint/findMergedChanges.pl:#!/usr/bin/perl
 scripts/maint/updateCopyright.pl:#!/usr/bin/perl -i -w -p
 scripts/test/cov-exclude:#!/usr/bin/perl -p -i
 }}}

 We could do any of the following:
* Declare that perl5 is lovely and we don't care.
* Declare that perl5 is ugly but not really a problem.
* Declare that we will no longer require perl, and migrate all of these
 scripts to python and/or bash+sed+awk+etc
* Declare that we will only allow perl as a "better sed/awk", and
 migrate all of the more complex scripts to python and/or bash+sed+awk, but
 leaves the others asd perl.

 I am excluding these possibilities, but the imp of the perverse demands
 that I mention them:
* Migrate to perl6 {{{^W}}} raku

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs