Re: [tor-bugs] #22040 [Applications/Tor Browser]: DocShell is null for every tab during New Identity on Win 7

[Tor Bug Tracker & Wiki]

#22040: DocShell is null for every tab during New Identity on Win 7
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-newnym, tbb-e10s,  |  Actual Points:
  tbb-7.0-issues, tbb-regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 
https://gitweb.torproject.org/torbutton.git/tree/chrome/content/torbutton.js?h=maint-9.0#n1625

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32674 [Applications/Tor Browser]: Change link on 'Get involved' in about:tor to new community portal

[Tor Bug Tracker & Wiki]

#32674: Change link on 'Get involved' in about:tor to new community portal
--+---
 Reporter:  emmapeel  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  community
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 The link to 'Get involved should not point to the old volunteer page, now
 that we have the new community page.

 The link should be localized eventually, as the manual and others on that
 page, although for the moment there are no translations enabled.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32674 [Applications/Tor Browser]: Change link on 'Get involved' in about:tor to new community portal

[Tor Bug Tracker & Wiki]

#32674: Change link on 'Get involved' in about:tor to new community portal
--+--
 Reporter:  emmapeel  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  community |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by emmapeel):

 * Attachment "get_involved.png" added.

 link position

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32674 [Applications/Tor Browser]: Change link on 'Get involved' in about:tor to new community portal

[Tor Bug Tracker & Wiki]

#32674: Change link on 'Get involved' in about:tor to new community portal
--+--
 Reporter:  emmapeel  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  community |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Old description:

> The link to 'Get involved should not point to the old volunteer page, now
> that we have the new community page.
>
> The link should be localized eventually, as the manual and others on that
> page, although for the moment there are no translations enabled.

New description:

 The link to 'Get involved should not point to the old volunteer page, now
 that we have the new community page.

 The link should be localized eventually, as the manual and others on that
 page, although for the moment there are no translations enabled.

 [[Image(get_involved.png)]]

--

Comment (by emmapeel):

 Replying to [ticket:32674 emmapeel]:
 > The link to 'Get involved should not point to the old volunteer page,
 now that we have the new community page.
 >
 > The link should be localized eventually, as the manual and others on
 that page, although for the moment there are no translations enabled.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32674 [Applications/Tor Browser]: Change link on 'Get involved' in about:tor to new community portal

[Tor Bug Tracker & Wiki]

#32674: Change link on 'Get involved' in about:tor to new community portal
--+--
 Reporter:  emmapeel  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  community |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by emmapeel:

Old description:

> The link to 'Get involved should not point to the old volunteer page, now
> that we have the new community page.
>
> The link should be localized eventually, as the manual and others on that
> page, although for the moment there are no translations enabled.

New description:

 The link to 'Get involved should not point to the old volunteer page, now
 that we have the new community page.

 The link should be localized, as the manual and others on that page,
 although for the moment there are no translations enabled, but we can do
 some .htacess foo meanwhile on the community portal as we plan to
 translate it and it has a lot of content.

 [[Image(get_involved.png)]]

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21549, #26345, #28822, #30304, ...

[Tor Bug Tracker & Wiki]

Batch modification to #21549, #26345, #28822, #30304, #30429, #30460, #30463, 
#30504, #30662, #30665, #30846, #31065, #31192, #31286, #31308, #31448, #31450, 
#31457, #15563, #31395 by pili:


Comment:
BugSmashFund can be used for the ESR work done so far

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21549, #26345, #28822, #30304, ...

[Tor Bug Tracker & Wiki]

Batch modification to #21549, #26345, #28822, #30304, #30429, #30460, #30463, 
#30504, #30662, #30665, #30846, #31065, #31192, #31286, #31308, #31448, #31450, 
#31457, #15563, #31395 by pili:
sponsor to 

Comment:
Sponsor 44 only covered PM and Team Lead work 

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

[Tor Bug Tracker & Wiki]

#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Here's an attempt to reduce writes:

 {{{
 2019-12-05 09:45:45,384 INFO o.t.m.o.cron.Main:216 Document store
 7 list operations performed
 951,149 files listed
 56,448 files stored
 1.4 GiB stored
 912,471 files not rewritten   <--
 641.3 MiB not rewritten   <--
 983,247 files retrieved
 2.8 GiB retrieved
 0 files removed
 }}}

 The idea is to read existing files before writing them, compute their
 digests, compute digests of the content to be written, and then abort the
 write if nothing has changed.

 It looks like this saves us from overwriting a lot of unchanged files. It
 doesn't save as many bytes, but that might be secondary. Of course, this
 patch comes at the price of doing more reads and digest computations. It
 might be worth it, just saying that it's not free.

 I'll bring this patch up at today's team meeting. We should discuss this
 and possibly merge it before doing new deployments on `onionoo-
 backend-0[12]`.

 And then we could look at those graphs once more to see if we need to
 tweak things more. Thanks for making these graphs!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32493 [Applications/Tor Browser]: Consider adding MOZ_SERVICES_HEALTHREPORT to mozconfig

[Tor Bug Tracker & Wiki]

#32493: Consider adding MOZ_SERVICES_HEALTHREPORT to mozconfig
---+--
 Reporter:  boklm  |  Owner:  tbb-team
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201912  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 ticket:31457#comment:9
 The same is needed here:
 {{{
 -imply_option('MOZ_SERVICES_HEALTHREPORT', True)
 +imply_option('MOZ_SERVICES_HEALTHREPORT', False)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32009 [Community/Translations]: Tails MK locale release

[Tor Bug Tracker & Wiki]

#32009: Tails MK locale release
+--
 Reporter:  Zarko_Gjurov|  Owner:  emmapeel
 Type:  defect  | Status:  new
 Priority:  High|  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Major   | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by emmapeel):

 the Tails translations are managed by the Tails team, see here:

 https://tails.boum.org/contribute/how/translate/team/new/

 The translators mailing list is:
 https://www.autistici.org/mailman/listinfo/tails-l10n

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32009 [Community/Translations]: Tails MK locale release

[Tor Bug Tracker & Wiki]

#32009: Tails MK locale release
+---
 Reporter:  Zarko_Gjurov|  Owner:  emmapeel
 Type:  defect  | Status:  closed
 Priority:  High|  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Major   | Resolution:  not a bug
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by emmapeel):

 * status:  new => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32675 [Webpages/Website]: Add lt, ms, th locales to the alpha download page

[Tor Bug Tracker & Wiki]

#32675: Add lt, ms, th locales to the alpha download page
--+--
 Reporter:  boklm |  Owner:  hiro
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal|   Keywords:  TorBrowserTeam201912
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 We should add the lt, ms, th locales to the Tor Browser alpha download
 page.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32675 [Webpages/Website]: Add lt, ms, th locales to the alpha download page

[Tor Bug Tracker & Wiki]

#32675: Add lt, ms, th locales to the alpha download page
--+--
 Reporter:  boklm |  Owner:  hiro
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by boklm):

 This is done with commit cab9f95c5ec7434c967e2ccf5f98e7bbe5aed352:
 
https://gitweb.torproject.org/project/web/tpo.git/commit/?id=cab9f95c5ec7434c967e2ccf5f98e7bbe5aed352

 emmapeel: could you check if I used the correct names for the languages?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32675 [Webpages/Website]: Add lt, ms, th locales to the alpha download page

[Tor Bug Tracker & Wiki]

#32675: Add lt, ms, th locales to the alpha download page
--+--
 Reporter:  boklm |  Owner:  hiro
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by emmapeel):

 @boklm: yes, the names are correct. In case of doubt, I am gathering a
 list of locales at

 
https://trac.torproject.org/projects/tor/wiki/doc/translation/developers#Actuallist

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30542 [Applications/Tor Browser]: Investigate fingerprinting capability of viewport API (was: pinch-to-zoom viewport vs other screen/window)

[Tor Bug Tracker & Wiki]

#30542: Investigate fingerprinting capability of viewport API
-+-
 Reporter:  Thorin   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting-resolution, tbb-  |  Actual Points:
  mobile, tbb-parity, ff68-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-

Comment (by gk):

 https://bugzilla.mozilla.org/show_bug.cgi?id=1575690 might be relevant
 here. Right now, this is a mobile-only feature
 https://bugzilla.mozilla.org/show_bug.cgi?id=1551302 being the desktop
 bug.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31591 [Applications/Tor Browser]: Feature review for ESR68

[Tor Bug Tracker & Wiki]

#31591: Feature review for ESR68
-+-
 Reporter:  pili |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-9.0-must-alpha,  |  Actual Points:  6
  TorBrowserTeam201910, GeorgKoppen201910|
Parent ID:   | Points:  3
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:6 mikeperry]:
 > Ok I looked through FF68's dev docs in detail.

 The [https://developer.mozilla.org/en-US/docs/Web/API/Visual_Viewport_API
 Viewport API] might be relavant here, too, even though it does not seem
 too critical. We have #30542 for that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32675 [Webpages/Website]: Add lt, ms, th locales to the alpha download page

[Tor Bug Tracker & Wiki]

#32675: Add lt, ms, th locales to the alpha download page
--+
 Reporter:  boklm |  Owner:  hiro
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201912  |  Actual Points:  .1
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by boklm):

 * status:  new => closed
 * resolution:   => fixed
 * actualpoints:   => .1


Comment:

 Thanks. I should remember this page next time.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25924 [Metrics/Statistics]: Improve execution time of onion service statistics module

[Tor Bug Tracker & Wiki]

#25924: Improve execution time of onion service statistics module
+-
 Reporter:  karsten |  Owner:  karsten
 Type:  enhancement | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Metrics/Statistics  |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-

Comment (by karsten):

 It's deployed now. Last execution times of daily update runs in hours are:
 13.6, 14.4, 17.8, 15.8, '''5.4'''. Those 5.4 hours are from the first
 execution running this branch. Yay!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32460 [Webpages/Website]: download page has confusing flow, especially with donate banner

[Tor Bug Tracker & Wiki]

#32460: download page has confusing flow, especially with donate banner
--+--
 Reporter:  arma  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by pili):

 Step 1 will be to remove the fundraising banner from the download page. We
 will let that bake in for a while to see if it helps while we do some more
 user research and before making any more drastic changes.

 We are still evaluating:

 1. Changes to the download button e.g removing the arrow, making it scroll
 down to the OS icons in the download page
 2. Adding in text to the OS icons to make the OS clearer
 3. Sniffing the OS to provide the relevant download to the user <- I
 personally don't like this one and we need to evaluate the usability vs
 privacy tradeoffs

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30542 [Applications/Tor Browser]: Investigate fingerprinting capability of viewport API

[Tor Bug Tracker & Wiki]

#30542: Investigate fingerprinting capability of viewport API
-+-
 Reporter:  Thorin   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting-resolution, tbb-  |  Actual Points:
  mobile, tbb-parity, ff68-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-

Comment (by Thorin):

 FWIW, I added a keyboard and toolbar height PoC on TZP (it only shows if
 you're using android) .. and it is a bit wonky: it depends if I can catch
 the window size **with** the toolbar showing (which should happen with new
 content), but sometimes it doesn't (latency?). Once you scroll and the
 dynamic toolbar hides, I can calculate a relative height. Same if you
 click in the text box to start typing

 sysrqb had a plan for all this, but I haven't seen it yet. I'm concerned
 about keyboard height - I believe there's a lot of entropy there, and
 while it does require user gestures, it's not exactly easy for users to
 avoid using input fields. Maybe this needs it's own ticket?

 There's also differences for when you move to Fenix/GeckoView; e.g.
 - https://bugzilla.mozilla.org/show_bug.cgi?id=1514429
 - https://bugzilla.mozilla.org/show_bug.cgi?id=1523541

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28745 [Applications/Tor Browser]: THE Torbutton clean-up

[Tor Bug Tracker & Wiki]

#28745: THE Torbutton clean-up
-+-
 Reporter:  gk   |  Owner:  acat
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton, TorBrowserTeam201912  |  Actual Points:
Parent ID:  #30506   | Points:
 Reviewer:  gk   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => needs_revision
 * keywords:  tbb-torbutton, TorBrowserTeam201912R => tbb-torbutton,
 TorBrowserTeam201912


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28745 [Applications/Tor Browser]: THE Torbutton clean-up

[Tor Bug Tracker & Wiki]

#28745: THE Torbutton clean-up
-+-
 Reporter:  gk   |  Owner:  acat
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:  #30506   | Points:
 Reviewer:  gk   |Sponsor:
-+-

Comment (by gk):

 Okay, let's move on with the review process, commit
 8269902a22357697c46c7052c9d946bd874c3f55:

 Looks mostly good. It misses a `tor-browser` change to remove the
 `extensions.torbutton.updateNeeded` and
 `extensions.torbutton.versioncheck_enabled` pref, now that we moved the
 preferences. Additionally, please remove the `torbutton-update-needed.svg`
 as well. It seems to be obsolete now, too.

 For 8c0c18a09a30f14dd0b4a99fe67238fec0ad3bac what command did you run/tool
 did you use to check for those errors (and fix them)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28745 [Applications/Tor Browser]: THE Torbutton clean-up

[Tor Bug Tracker & Wiki]

#28745: THE Torbutton clean-up
-+-
 Reporter:  gk   |  Owner:  acat
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton, TorBrowserTeam201912  |  Actual Points:
Parent ID:  #30506   | Points:
 Reviewer:  gk   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:22 acat]:

 [snip]

 > There were some conflicts with the last commit of 28745+2
 (2d318efde8faccf3980c6d7da163c32103202b26) and the
 46efc92348dbed06fc31ddfb0a5ac2e4e8554de2 commit in master (#30237). I
 think these are not straightforward to solve, as in that commit I moved
 `m_tb_control_ipc_file, m_tb_control_host, m_tb_control_port,
 m_tb_control_pass, m_tb_control_desc` to a service while in the master
 commit those were moved to a different module and initialized via
 `configureControlPortModule`. I would suggest dropping that commit for
 now, and perhaps do it later in #30850 (some of the previous dropped
 commits are also related to that one).

 Sounds good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

[Tor Bug Tracker & Wiki]

#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  new => needs_review


Comment:

 irl, please review
 
[https://gitweb.torproject.org/user/karsten/onionoo.git/commit/?h=task-32660&id=4b7b13d37d2423f9b1dee865e203a524b8df488b
 commit 4b7b13d in my task-32660 branch].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32576 [Circumvention/Snowflake]: Fix race condition in snowflake broker

[Tor Bug Tracker & Wiki]

#32576: Fix race condition in snowflake broker
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  merge_ready
 Priority:  Very High|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics  |  Actual Points:  1
Parent ID:   | Points:
 Reviewer:  phw  |Sponsor:  Sponsor28
-+-

Comment (by cohosh):

 Merged in `06298eec73`: https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/?id=06298eec730aa2664bb61d4cce4ef56dfce91ee3

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31157 [Circumvention/Snowflake]: Collect metrics about what type of proxies are running

[Tor Bug Tracker & Wiki]

#31157: Collect metrics about what type of proxies are running
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  anti-censorship-roadmap-october  |  Actual Points:  1
Parent ID:   | Points:  3
 Reviewer:  karsten  |Sponsor:  Sponsor28
-+---
Changes (by cohosh):

 * status:  merge_ready => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32576 [Circumvention/Snowflake]: Fix race condition in snowflake broker

[Tor Bug Tracker & Wiki]

#32576: Fix race condition in snowflake broker
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  metrics  |  Actual Points:  1
Parent ID:   | Points:
 Reviewer:  phw  |Sponsor:  Sponsor28
-+---
Changes (by cohosh):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Deployed at broker at `2019/12/05 16:16:05`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32135 [Circumvention/BridgeDB]: Write BridgeDB metrics parser and analyse existing data

[Tor Bug Tracker & Wiki]

#32135: Write BridgeDB metrics parser and analyse existing data
+--
 Reporter:  phw |  Owner:  phw
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  s30-o21a1   |  Actual Points:
Parent ID:  #31274  | Points:  2
 Reviewer:  |Sponsor:
+--
Changes (by karsten):

 * cc: karsten, metrics-team (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32480 [Applications/GetTor]: Use Github/Gitlab releases to distribute gettor binaries

[Tor Bug Tracker & Wiki]

#32480: Use Github/Gitlab releases to distribute gettor binaries
-+--
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  github, releases |  Actual Points:  1
Parent ID:   | Points:  1
 Reviewer:  phw  |Sponsor:
-+--

Comment (by cohosh):

 Also added another commit this morning:
 
https://dip.torproject.org/cohosh/gettor/commit/233d7da2f7749f46ddc100099667f7b794e8f719

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32135 [Circumvention/BridgeDB]: Write BridgeDB metrics parser and analyse existing data

[Tor Bug Tracker & Wiki]

#32135: Write BridgeDB metrics parser and analyse existing data
+--
 Reporter:  phw |  Owner:  phw
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  s30-o21a1   |  Actual Points:
Parent ID:  #31274  | Points:  2
 Reviewer:  |Sponsor:
+--

Comment (by karsten):

 phw, you asked about adding any of these graphs to the metrics website. It
 does involve some coding and some documenting, but I think that having
 these graphs would be very useful, so let's talk.

 I guess my first question would be how many graphs you'd like to see on
 the metrics website. Ideally, we would be able to compress these graphs
 above into one or two. Unlike these one-off graphs the ones on the metrics
 website would be somewhat configurable with the parameters we're using for
 other graphs (or new ones, if really needed). So, can you think about your
 one or two most important graphs for the metrics website?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

[Tor Bug Tracker & Wiki]

#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf, teor   |Sponsor:  Sponsor27-can
-+-

Comment (by moonsikpark):

 OK, made CI happy by letting `circuit_free_()` free
 `or_circ->build_state->chosen_exit`.

 Before extending the exposure range of rp fingerprint, I think there might
 be other metrics we can export that can help onion services. Potentially
 `circ->rend_data->nr_streams` or `circ->hs_ident->intro_auth_pk` or
 `circ->hs_ident->rendezvous_cookie`.

 If we can't export all 20 bytes, exporting part of it and exporting other
 things like `which intro point did the client choose?` or `what was the
 rendezvous cookie?` or `how many streams is the client opening now?` might
 help.

 Also I think `INSTANCE_ID` don't have to be that long, we can change it to
 1 byte and move it to the front(`fdAA` where `AA=INSTANCE_ID`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

[Tor Bug Tracker & Wiki]

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  043-should, 041-backport,|  Actual Points:
  042-backport, consider-backport-after- |
  authority-test, fast-fix, teor-backlog,|
  network-health |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * owner:  (none) => neel
 * status:  new => assigned


Comment:

 Assigning this to myself.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

[Tor Bug Tracker & Wiki]

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  043-should, 041-backport,|  Actual Points:
  042-backport, consider-backport-after- |
  authority-test, fast-fix, teor-backlog,|
  network-health |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * status:  assigned => needs_review


Comment:

 PR: https://github.com/torproject/tor/pull/1586

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15213 [Circumvention/Pluggable transport]: DNS tunneling transport (like iodine, dnscat)

[Tor Bug Tracker & Wiki]

#15213: DNS tunneling transport (like iodine, dnscat)
-+
 Reporter:  federico3|  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Pluggable transport|Version:
 Severity:  Normal   | Resolution:
 Keywords:  DNS iodine tor tunneling ideas hard  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by dcf):

 Replying to [comment:7 dcf]:
 > Irvin Zhan wrote a working prototype transport in 2015, built on top of
 [https://github.com/iagox86/dnscat2 dnscat2]. The project report is here:
 >
 https://www.cs.princeton.edu/sites/default/files/uploads/irvin_zhan.pdf
 > The source code of the transport used to be at
 >   https://github.com/izhan/dnstun_pt
 > but as of 2015-01-26 it is 404.

 Today (2019-12-05) the link is working again.
   https://github.com/izhan/dnstun_pt
 Also phw has a fork:
   https://github.com/NullHypothesis/dnstun_pt

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
--+
 Reporter:  intrigeri |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  AffectsTails, tbb-
  |  rbm
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 At the moment, during a build of Tails, we download all Tor Browser Linux
 x86_64 tarballs, in order to grab every langpack XPI, which we then all
 ship in our images. This causes trouble for 2 categories of Tails
 contributors:

 * The Tails release manager has to semi-automatically download all these
 tarballs and then upload them to the Tails infrastructure (that's because
 at this time, the tarballs are available only on people.torproject.org,
 and later they will disappear from there; we need a stable URL that we can
 encode in our Git tree, for convenience and reproducibility purposes);
 this consumes time, bandwidth, and storage.
 * After a new Tor Browser has been imported into Tails, next time any
 Tails developer wants to build Tails, as part of the build, downloads each
 of these tarballs. This consumes time, bandwidth, and patience.

 One possible solution for these problems would be to publish, on Tor
 Browser team's side, an additional tarball, that contains all langpack
 XPIs, and nothing else. According to boklm, this tarball would about 16 MB
 large.

 Then, the Tails release manager would only have to import the en-US
 tarball and this all-langpacks tarball. Similarly, Tails developers would
 also have to download only these 2 files.

 This is _not_ a duplicate of #17400 nor #12967, which are about providing
 end-users a multi-lingual Tor Browser.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

[Tor Bug Tracker & Wiki]

#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by anarcat):

 before we start doing optimization tradeoffs, especially ones involving
 more CPU time, I think we should  diagnose the problem further. running
 checksums can take a while and might impose extra load on the server...
 couldn't we use timestamps or some faster mechanism?

 we should also diagnose why our numbers differ. there might be another
 process writing all that data in there...

 someone(tm) should run iotop during the peak periods to figure that out.
 :) i'll see if i can do that soon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
--+--
 Reporter:  intrigeri |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  AffectsTails, tbb-rbm |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by intrigeri):

 * Attachment "0001-Bug-32676-Create-a-tarball-with-all-Linux-
 x86_64-lan.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29801 [Core Tor/Tor]: Write a proposal for IPv6 "Happy Eyeballs" on Tor clients

[Tor Bug Tracker & Wiki]

#29801: Write a proposal for IPv6 "Happy Eyeballs" on Tor clients
-+-
 Reporter:  neel |  Owner:  neel
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, prop299,   |  Actual Points:
  042-deferred-20190918  |
Parent ID:  #17835   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 Sorry for the delay.

 Some of the suggestions in GitHub PR #87 rebased on the current torspec
 tree are in this new PR: https://github.com/torproject/torspec/pull/98

 Setting as needs review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32569 [Internal Services/Services Admin Team]: Make sure dip gettor repo is up to date with gitweb

[Tor Bug Tracker & Wiki]

#32569: Make sure dip gettor repo is up to date with gitweb
-+-
 Reporter:  cohosh   |  Owner:  hiro
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:  gettor   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * status:  new => assigned
 * cc: hiro (removed)
 * cc: gaba, ahf (added)
 * owner:  (none) => hiro


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by intrigeri):

 * keywords:  AffectsTails, tbb-rbm => AffectsTails, tbb-rbm,
 TorBrowserTeam201912R
 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32657 [Circumvention/Snowflake]: Investigate Snowflake blocking in China

[Tor Bug Tracker & Wiki]

#32657: Investigate Snowflake blocking in China
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  blocking, china  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor28
-+---

Comment (by dcf):

 Replying to [ticket:32657 cohosh]:
 > This almost certainly due to blocking, and as ambleclarity recently
 confirmed in #32597, not due to the blocking of STUN servers.

 Could it also be exacerbated by #32129, which has the proxy-go's polling
 every 5 s and the web-based proxies polling every 300 s? Blocking the
 single proxy-go IP address would therefore block a large fraction of
 effective proxies.

 But even so, that should only cause a failure rate of about 10%. https
 ://snowflake-broker.torproject.net/debug says:
 {{{
 current snowflakes available: 41
 standalone proxies: 4
 browser proxies: 0
 webext proxies: 37
 unknown proxies: 0
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by intrigeri):

 Note: the attached patch is a first, untested draft. Thanks boklm for
 helping me create something that has a vague chance to work, though :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30601 [Webpages/Website]: Please add link to HackerOne bug bounty portal to contacts for security issues

[Tor Bug Tracker & Wiki]

#30601: Please add link to HackerOne bug bounty portal to contacts for security
issues
--+
 Reporter:  gk|  Owner:  hiro
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  doschackathon |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by ggus):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32639 [Core Tor/Tor]: cancel_descriptor_fetches() uses wrong connection list function

[Tor Bug Tracker & Wiki]

#32639: cancel_descriptor_fetches() uses wrong connection list function
-+
 Reporter:  asn  |  Owner:  neel
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs newnym backport?  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+
Changes (by neel):

 * status:  new => assigned
 * owner:  (none) => neel


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32597 [Circumvention/Snowflake]: Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor network through snowflake bridge

[Tor Bug Tracker & Wiki]

#32597: Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor
network through snowflake bridge
-+
 Reporter:  amiableclarity2011   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Immediate|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Description changed by dcf:

Old description:

> Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor
> network through snowflake bridge.
>
> Below are Tor log messages.
>
> 11/25/19, 08:23:20.915 [NOTICE] DisableNetwork is set. Tor will not make
> or accept non-control network connections. Shutting down all existing
> connections.
> 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
> or accept non-control network connections. Shutting down all existing
> connections.
> 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
> or accept non-control network connections. Shutting down all existing
> connections.
> 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
> or accept non-control network connections. Shutting down all existing
> connections.
> 11/25/19, 08:23:29.953 [NOTICE] Opening Socks listener on 127.0.0.1:9150
> 11/25/19, 08:23:29.953 [NOTICE] Opened Socks listener on 127.0.0.1:9150
> 11/25/19, 08:23:30.818 [NOTICE] Bootstrapped 1% (conn_pt): Connecting to
> pluggable transport
> 11/25/19, 08:23:30.820 [NOTICE] Bootstrapped 2% (conn_done_pt): Connected
> to pluggable transport
> 11/25/19, 08:23:33.925 [NOTICE] Bootstrapped 10% (conn_done): Connected
> to a relay
> 11/25/19, 08:24:03.923 [WARN] Problem bootstrapping. Stuck at 10%
> (conn_done): Connected to a relay. (DONE; DONE; count 1; recommendation
> warn; host 2B280B23E1107BB62ABFC40DDCC8824814F80A72 at 0.0.3.0:1)
> 11/25/19, 08:24:03.923 [WARN] 1 connections have failed:
> 11/25/19, 08:24:03.923 [WARN] 1 connections died in state handshaking
> (TLS) with SSL state SSLv3/TLS write client hello in HANDSHAKE
> 11/25/19, 08:24:03.939 [NOTICE] Closing no-longer-configured Socks
> listener on 127.0.0.1:9150
> 11/25/19, 08:24:03.939 [NOTICE] DisableNetwork is set. Tor will not make
> or accept non-control network connections. Shutting down all existing
> connections.
> 11/25/19, 08:24:03.958 [WARN] Pluggable Transport process terminated with
> status code 0
>
> I upload my state file.
> Thank you very much for your help. I really appreciate it.

New description:

 Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor
 network through snowflake bridge.

 Below are Tor log messages.

 {{{
 11/25/19, 08:23:20.915 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 11/25/19, 08:23:29.953 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 11/25/19, 08:23:29.953 [NOTICE] Opening Socks listener on 127.0.0.1:9150
 11/25/19, 08:23:29.953 [NOTICE] Opened Socks listener on 127.0.0.1:9150
 11/25/19, 08:23:30.818 [NOTICE] Bootstrapped 1% (conn_pt): Connecting to
 pluggable transport
 11/25/19, 08:23:30.820 [NOTICE] Bootstrapped 2% (conn_done_pt): Connected
 to pluggable transport
 11/25/19, 08:23:33.925 [NOTICE] Bootstrapped 10% (conn_done): Connected to
 a relay
 11/25/19, 08:24:03.923 [WARN] Problem bootstrapping. Stuck at 10%
 (conn_done): Connected to a relay. (DONE; DONE; count 1; recommendation
 warn; host 2B280B23E1107BB62ABFC40DDCC8824814F80A72 at 0.0.3.0:1)
 11/25/19, 08:24:03.923 [WARN] 1 connections have failed:
 11/25/19, 08:24:03.923 [WARN] 1 connections died in state handshaking
 (TLS) with SSL state SSLv3/TLS write client hello in HANDSHAKE
 11/25/19, 08:24:03.939 [NOTICE] Closing no-longer-configured Socks
 listener on 127.0.0.1:9150
 11/25/19, 08:24:03.939 [NOTICE] DisableNetwork is set. Tor will not make
 or accept non-control network connections. Shutting down all existing
 connections.
 11/25/19, 08:24:03.958 [WARN] Pluggable Transport process terminated with
 status code 0
 }}}

 I upload my state file.
 Thank you very much for your help. I really appreciate it.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by intrigeri):

 * Attachment "0001-Bug-32676-Create-a-tarball-with-all-Linux-
 x86_64-lan.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

[Tor Bug Tracker & Wiki]

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  043-should, 041-backport,|  Actual Points:
  042-backport, consider-backport-after- |
  authority-test, fast-fix, teor-backlog,|
  network-health |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * cc: neel (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32639 [Core Tor/Tor]: cancel_descriptor_fetches() uses wrong connection list function

[Tor Bug Tracker & Wiki]

#32639: cancel_descriptor_fetches() uses wrong connection list function
-+
 Reporter:  asn  |  Owner:  neel
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs newnym backport?  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+
Changes (by neel):

 * cc: neel (added)


Comment:

 PR: https://github.com/torproject/tor/pull/1587

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32148 [Community/Translations]: "No Script" translations for MK locale are not updated.

[Tor Bug Tracker & Wiki]

#32148: "No Script" translations for MK locale are not updated.
+--
 Reporter:  Zarko_Gjurov|  Owner:  emmapeel
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by Zarko_Gjurov):

 Defect-fixed, you can close the ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32639 [Core Tor/Tor]: cancel_descriptor_fetches() uses wrong connection list function

[Tor Bug Tracker & Wiki]

#32639: cancel_descriptor_fetches() uses wrong connection list function
-+
 Reporter:  asn  |  Owner:  neel
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs newnym backport?  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+
Changes (by neel):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30579 [Circumvention/Snowflake]: Add more STUN servers to the default snowflake configuration in Tor Browser

[Tor Bug Tracker & Wiki]

#30579: Add more STUN servers to the default snowflake configuration in Tor 
Browser
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  stun, anti-censorship-roadmap-   |  Actual Points:  .3
  october|
Parent ID:  #31281   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor30-can
-+-

Comment (by dcf):

 I didn't know this until just now, but RFC 5389
 [https://tools.ietf.org/html/rfc5389#section-7.2.2 specifies STUN over TCP
 and/or TLS]. So I suppose it would be possible to tunnel over domain-
 fronted HTTP or something similar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32588 [Core Tor/Tor]: Setting ORPort [ipv6]:auto mistakenly advertises port 94

[Tor Bug Tracker & Wiki]

#32588: Setting ORPort [ipv6]:auto mistakenly advertises port 94
--+
 Reporter:  arma  |  Owner:  neel
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.1.6
 Severity:  Normal| Resolution:
 Keywords:  ipv6  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by neel):

 * cc: neel (added)
 * owner:  (none) => neel
 * status:  new => assigned
 * keywords:   => ipv6


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32677 [Circumvention/Snowflake]: Find a way to notify deployed proxy-go instances of updates

[Tor Bug Tracker & Wiki]

#32677: Find a way to notify deployed proxy-go instances of updates
-+
 Reporter:  cohosh   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:  Sponsor28|
-+
 We've had a few people run proxy-go instances in the past and express
 interest in running them. These instances should be updated periodically
 or when there is a critical reason to do so. Right now we don't have a
 good way to notify deployed instances of updates.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32677 [Circumvention/Snowflake]: Find a way to notify deployed proxy-go instances of updates

[Tor Bug Tracker & Wiki]

#32677: Find a way to notify deployed proxy-go instances of updates
-+---
 Reporter:  cohosh   |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor28
-+---
Changes (by cohosh):

 * type:  defect => task


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32677 [Circumvention/Snowflake]: Find a way to notify deployed proxy-go instances of updates

[Tor Bug Tracker & Wiki]

#32677: Find a way to notify deployed proxy-go instances of updates
-+---
 Reporter:  cohosh   |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor28
-+---

Comment (by arlolra):

 There's #31151 about compiling these bins.  Maybe the right thing to do is
 provide packages through an os and update them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32499 [Circumvention/Snowflake]: Add a build step / documentation for code reuse in Cupcake

[Tor Bug Tracker & Wiki]

#32499: Add a build step / documentation for code reuse in Cupcake
-+--
 Reporter:  arlolra  |  Owner:  arlolra
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  cohosh   |Sponsor:
-+--
Changes (by cohosh):

 * reviewer:   => cohosh


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

[Tor Bug Tracker & Wiki]

#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by irl):

 * status:  needs_review => merge_ready


Comment:

 Replying to [comment:10 anarcat]:
 > before we start doing optimization tradeoffs, especially ones involving
 more CPU time, I think we should  diagnose the problem further. running
 checksums can take a while and might impose extra load on the server...
 couldn't we use timestamps or some faster mechanism?

 I don't know enough about XFS to know if filesystem attributes can be
 trusted.

 Replying to [comment:9 karsten]:
 > irl, please review
 
[https://gitweb.torproject.org/user/karsten/onionoo.git/commit/?h=task-32660&id=4b7b13d37d2423f9b1dee865e203a524b8df488b
 commit 4b7b13d in my task-32660 branch].

 The change looks good if we decide we want to go this route. The JVM
 should use the Intel SHA extensions on recent processors, I don't think
 that we're going to see a huge increase in CPU load.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32597 [Circumvention/Snowflake]: Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor network through snowflake bridge

[Tor Bug Tracker & Wiki]

#32597: Hello, currently, in China, Tor Browser 9.5a2 still can't connect to Tor
network through snowflake bridge
-+
 Reporter:  amiableclarity2011   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Immediate|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by dcf):

 Replying to [comment:7 cohosh]:
 > Replying to [comment:5 amiableclarity2011]:
 > > thank you very much for your help. i really appreciate it.
 > >
 > > but it seems that stun.ekiga.net is not blocked by great firewall
 > >
 > >
 > > {{{
 > > ping stun.ekiga.net
 > > PING stun.ekiga.net (216.93.246.18) 56(84) bytes of data.
 > > }}}
 >
 > > {{{
 > > --- stun.ekiga.net ping statistics ---
 > > 25 packets transmitted, 24 received, 4% packet loss, time 28759ms
 > > rtt min/avg/max/mdev = 222.237/226.342/242.273/4.449 ms
 > > }}}
 > >
 > >
 > >
 > > above is the ping result.
 > Thanks for the information, that matches what I'm seeing on the VPS
 then.

 I suppose it's possible that stun.ekiga.net's IP address could be
 reachable to ICMP echo, but still have its UDP STUN port blocked. Could
 you try one of these commands? The data string is a
 [https://tools.ietf.org/html/rfc5389#section-6 Binding request] that
 should elicit a response.

 {{{
 $ nping -d --udp -p 3478 stun.ekiga.net --data
 00012112a442

 Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-12-05 12:10
 SENT (0.0062s) UDP packet with 20 bytes to stun.ekiga.net:3478
 (216.93.246.18:3478)
 RCVD (0.0914s) UDP packet with 92 bytes from stun.ekiga.net:3478
 (216.93.246.18:3478)
 SENT (1.0076s) UDP packet with 20 bytes to stun.ekiga.net:3478
 (216.93.246.18:3478)
 RCVD (1.0911s) UDP packet with 92 bytes from stun.ekiga.net:3478
 (216.93.246.18:3478)
 SENT (2.0093s) UDP packet with 20 bytes to stun.ekiga.net:3478
 (216.93.246.18:3478)
 RCVD (2.0819s) UDP packet with 92 bytes from stun.ekiga.net:3478
 (216.93.246.18:3478)
 SENT (3.0103s) UDP packet with 20 bytes to stun.ekiga.net:3478
 (216.93.246.18:3478)
 RCVD (3.1011s) UDP packet with 92 bytes from stun.ekiga.net:3478
 (216.93.246.18:3478)
 SENT (4.0123s) UDP packet with 20 bytes to stun.ekiga.net:3478
 (216.93.246.18:3478)
 RCVD (4.1005s) UDP packet with 92 bytes from stun.ekiga.net:3478
 (216.93.246.18:3478)

 Max rtt: 90.767ms | Min rtt: 72.616ms | Avg rtt: 84.077ms
 UDP packets sent: 5 | Rcvd: 5 | Lost: 0 (0.00%)
 Tx time: 4.00710s | Tx bytes/s: 24.96 | Tx pkts/s: 1.25
 Rx time: 4.09550s | Rx bytes/s: 112.32 | Rx pkts/s: 1.22
 Nping done: 1 IP address pinged in 4.10 seconds
 }}}

 {{{
 $ echo 00012112a442 | xxd -p -r > payload
 $ sudo /usr/sbin/hping3 -c 5 --udp -p 3478 stun.ekiga.net -d 20 -E payload
 HPING stun.ekiga.net (216.93.246.18): udp mode set, 28 headers + 20 data
 bytes
 len=120 ip=216.93.246.18 ttl=48 DF id=0 seq=0 rtt=83.8 ms
 len=120 ip=216.93.246.18 ttl=48 DF id=0 seq=1 rtt=83.6 ms
 len=120 ip=216.93.246.18 ttl=48 DF id=0 seq=2 rtt=91.5 ms
 len=120 ip=216.93.246.18 ttl=48 DF id=0 seq=3 rtt=87.4 ms

 --- stun.ekiga.net hping statistic ---
 5 packets transmitted, 4 packets received, 20% packet loss
 round-trip min/avg/max = 83.6/86.6/91.5 ms
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information

[Tor Bug Tracker & Wiki]

#32678: Tor's DNS cache leaks information
--+
 Reporter:  mikeperry |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 In a soon-to-appear paper by Tobias Pulls and Rasmus Dahlberg, they
 discovered that it was possible to use Tor's Exit DNS cache to determine
 if a particular domain was accessed from that exit in the past hour.

 One option is to disable caching entirely. I'm not a fan of this approach.

 I think it is better for the cache to perform some kind of "hotness"
 threshold, where entries are stored in the cache as today, but not *used*
 from the cache until they are "hot" enough to no longer represent unique
 visits.. Something like N hits in T time. The edges of this threshhold
 would have to be randomized, to prevent an adversary from trivially
 keeping the cache on the edge of "hot" in order to probe it as it crosses
 over to hot by one visit..

 The cache in general should be more closely tied to RTT, IMO, so we can
 cache longer than an hour if a name supports it. It also should be given
 better OOM priority, so it is not trivial to flush by SENDME window
 filling attacks.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information

[Tor Bug Tracker & Wiki]

#32678: Tor's DNS cache leaks information
--+
 Reporter:  mikeperry |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Description changed by mikeperry:

Old description:

> In a soon-to-appear paper by Tobias Pulls and Rasmus Dahlberg, they
> discovered that it was possible to use Tor's Exit DNS cache to determine
> if a particular domain was accessed from that exit in the past hour.
>
> One option is to disable caching entirely. I'm not a fan of this
> approach.
>
> I think it is better for the cache to perform some kind of "hotness"
> threshold, where entries are stored in the cache as today, but not *used*
> from the cache until they are "hot" enough to no longer represent unique
> visits.. Something like N hits in T time. The edges of this threshhold
> would have to be randomized, to prevent an adversary from trivially
> keeping the cache on the edge of "hot" in order to probe it as it crosses
> over to hot by one visit..
>
> The cache in general should be more closely tied to RTT, IMO, so we can
> cache longer than an hour if a name supports it. It also should be given
> better OOM priority, so it is not trivial to flush by SENDME window
> filling attacks.

New description:

 In a soon-to-appear paper by Tobias Pulls and Rasmus Dahlberg, they
 discovered that it was possible to use Tor's Exit DNS cache to determine
 if a particular domain was accessed from that exit in the past hour.

 One option is to disable caching entirely. I'm not a fan of this approach.

 I think it is better for the cache to perform some kind of "hotness"
 threshold, where entries are stored in the cache as today, but not *used*
 from the cache until they are "hot" enough to no longer represent unique
 visits.. Something like N hits in T time. The edges of this threshhold
 would have to be randomized, to prevent an adversary from trivially
 keeping the cache on the edge of "hot" in order to probe it as it crosses
 over to hot by one visit..

 The cache in general should be more closely tied to RTT, IMO, so we can
 cache longer than an hour if a name supports it. It also should be given
 better OOM priority, so it is not trivial to flush by SENDME window
 filling attacks.

 Alex also suggested that we may just want to provide our own recursive
 resolver, perhaps sandboxed, so that people don't misconfigure DNS to
 cache in ways that are detectable, or use centralized DNS due to a system-
 wide default.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information

[Tor Bug Tracker & Wiki]

#32678: Tor's DNS cache leaks information
--+
 Reporter:  mikeperry |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Description changed by mikeperry:

Old description:

> In a soon-to-appear paper by Tobias Pulls and Rasmus Dahlberg, they
> discovered that it was possible to use Tor's Exit DNS cache to determine
> if a particular domain was accessed from that exit in the past hour.
>
> One option is to disable caching entirely. I'm not a fan of this
> approach.
>
> I think it is better for the cache to perform some kind of "hotness"
> threshold, where entries are stored in the cache as today, but not *used*
> from the cache until they are "hot" enough to no longer represent unique
> visits.. Something like N hits in T time. The edges of this threshhold
> would have to be randomized, to prevent an adversary from trivially
> keeping the cache on the edge of "hot" in order to probe it as it crosses
> over to hot by one visit..
>
> The cache in general should be more closely tied to RTT, IMO, so we can
> cache longer than an hour if a name supports it. It also should be given
> better OOM priority, so it is not trivial to flush by SENDME window
> filling attacks.
>
> Alex also suggested that we may just want to provide our own recursive
> resolver, perhaps sandboxed, so that people don't misconfigure DNS to
> cache in ways that are detectable, or use centralized DNS due to a
> system-wide default.

New description:

 In a soon-to-appear paper by Tobias Pulls and Rasmus Dahlberg, they
 discovered that it was possible to use Tor's Exit DNS cache to determine
 if a particular domain was accessed from that exit in the past hour.

 One option is to disable caching entirely. I'm not a fan of this approach.

 I think it is better for the cache to perform some kind of "hotness"
 threshold, where entries are stored in the cache as today, but not *used*
 from the cache until they are "hot" enough to no longer represent unique
 visits.. Something like N hits in T time. The edges of this threshhold
 would have to be randomized, to prevent an adversary from trivially
 keeping the cache on the edge of "hot" in order to probe it as it crosses
 over to hot by one visit..

 The cache in general should be more closely tied to TTL, IMO, so we can
 cache longer than an hour if a name supports it. It also should be given
 better OOM priority, so it is not trivial to flush by SENDME window
 filling attacks.

 Alex also suggested that we may just want to provide our own recursive
 resolver, properly sandboxed, so that people don't misconfigure DNS to
 cache in ways that are detectable, or use centralized DNS due to a system-
 wide default. Until then we should at least come up with some kind of
 official resolver conf recommendation. If Tor's cache is smart, it seems
 reasonable to instruct people to disable upstream DNS caching.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32679 [Internal Services/Tor Sysadmin Team]: Create VM to run monitoring software for anti-censorship team

[Tor Bug Tracker & Wiki]

#32679: Create VM to run monitoring software for anti-censorship team
-+-
 Reporter:  phw  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 So far, the anti-censorship team's infrastructure is monitored by a sysmon
 instance that gman999 generously runs for us. Every five minutes, sysmon
 establishes TCP connections to a number of machines and if any of these
 checks fails twice, we get an email alert.

 The problem is that we cannot directly edit its configuration file, so we
 email gman999 whenever it needs an update. I would like to avoid this
 friction. Besides, sysmon is very simple and cannot handle, say, HTTP
 redirects.

 I think it would be best for the anti-censorship team to run its own
 monitoring service, on a dedicated VM. We can then add monitoring targets
 ourselves and don't need to block on others.

 I have been experimenting with a service called [https://mmonit.com/monit/
 monit]. It's free software and lightweight, yet flexible enough to fulfill
 our needs. I think it would be helpful to run monit on a dedicated VM.
 Does this make sense?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32679 [Internal Services/Tor Sysadmin Team]: Create VM to run monitoring software for anti-censorship team

[Tor Bug Tracker & Wiki]

#32679: Create VM to run monitoring software for anti-censorship team
-+-
 Reporter:  phw  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 my first, gut reaction to this is that we shouldn't use another tool than
 what we already have to do monitoring. more specifically, I think we
 should embrace the Prometheus infrastructure I have setup in march, and
 instead of setting up Monit, we should setup a Prometheus
 [https://github.com/prometheus/blackbox_exporter black box exporter]
 service.

 I will also note that the anti-censorship team has asked about this in the
 past (#30929, #29863). To be more precise, you *already* have a VM for
 monitoring, it has the lovely name of `hetzner-nbg1-02` and is currently
 setup with a bare Prometheus setup, but does nothing. :)

 I would be *very* happy to get more people involved in managing that
 thing. How about we use that infrastructure instead? :)

 Or, in other words, what's missing from the Prometheus setup so that you
 can do your work? Tell me, I want to help! But I'm hesitant in deploying a
 different service that what we're trying to converge upon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

[Tor Bug Tracker & Wiki]

#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by anarcat):

 >  I don't know enough about XFS to know if filesystem attributes can be
 trusted.

 I would be very surprised if they can't, unless you're doing something
 funky with those. That said, filesystems, in general, can hardly be
 trusted :p

 >  The change looks good if we decide we want to go this route. The JVM
 should use the Intel SHA extensions on recent processors, I don't think
 that we're going to see a huge increase in CPU load.

 Okay.

 What do you think about the discrepancy between the estimated writes
 onionoo self-reports and what Prometheus collects?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32679 [Internal Services/Tor Sysadmin Team]: Create VM to run monitoring software for anti-censorship team

[Tor Bug Tracker & Wiki]

#32679: Create VM to run monitoring software for anti-censorship team
-+-
 Reporter:  phw  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 oops! i just talked with hiro and just realized she recommended you open
 this ticket. I'll talk with her about this and get back to you, sorry for
 the confusion. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:  boklm|Sponsor:
-+-
Changes (by sysrqb):

 * reviewer:   => boklm


Comment:

 Thanks for the patch, intrigeri!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32116 [Applications/Tor Browser]: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux by default

[Tor Bug Tracker & Wiki]

#32116: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux 
by
default
--+--
 Reporter:  pospeselr |  Owner:  pospeselr
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912R |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+--

Comment (by sysrqb):

 Replying to [comment:11 pospeselr]:
 > So, I'm coming at this primarily using the tor-browser repo to do
 incremental 64-bit Linux desktop builds. I don't think I've ever had a dev
 scenario where I didn't clone the tor-launcher repo.
 >
 > What does the Tor Browser Android devs workflow look like? Do y'all use
 the tor-browser repo for Android builds, or do you to use tor-browser-
 build?

 I use both, but I use tor-browser for faster development with incremental
 builds. tor-launcher isn't included on Android, so we don't run into that
 problem.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32679 [Internal Services/Tor Sysadmin Team]: Create VM to run monitoring software for anti-censorship team

[Tor Bug Tracker & Wiki]

#32679: Create VM to run monitoring software for anti-censorship team
-+-
 Reporter:  phw  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by phw):

 Oh, I didn't know about hetzner-nbg1-02. I'm fine with using something
 that's already set up. I just want our team to be able to configure
 monitoring targets ourselves, so we don't need to block on anyone else.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32531 [Applications/Tor Browser]: Back out the backport for bug 1534339

[Tor Bug Tracker & Wiki]

#32531: Back out the backport for bug 1534339
--+-
 Reporter:  gk|  Owner:  gk
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  TorBrowserTeam201912R |  Actual Points:  0.1
Parent ID:| Points:  0.1
 Reviewer:  sysrqb|Sponsor:
--+-
Changes (by sysrqb):

 * status:  needs_review => closed
 * resolution:   => wontfix


Comment:

 Agreed. Mozilla landed this patch again yesterday.
 https://bugzilla.mozilla.org/show_bug.cgi?id=1534339#c7

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32567 [Applications/GetTor]: Generate an authentication token for torproject-pusher

[Tor Bug Tracker & Wiki]

#32567: Generate an authentication token for torproject-pusher
-+
 Reporter:  cohosh   |  Owner:  hiro
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by cohosh):

 * status:  assigned => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32567 [Applications/GetTor]: Generate an authentication token for torproject-pusher

[Tor Bug Tracker & Wiki]

#32567: Generate an authentication token for torproject-pusher
-+--
 Reporter:  cohosh   |  Owner:  hiro
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cohosh):

 This has been done, and the token works :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32361 [Applications/Tor Browser]: Unresponsive script error when I start Tor browser

[Tor Bug Tracker & Wiki]

#32361: Unresponsive script error when I start Tor browser
--+---
 Reporter:  LokiAstaroth  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by sysrqb):

 * status:  new => needs_information


Comment:

 I wonder if this is related to #23719, as well - either https-e or
 noscript.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31157 [Circumvention/Snowflake]: Collect metrics about what type of proxies are running

[Tor Bug Tracker & Wiki]

#31157: Collect metrics about what type of proxies are running
-+---
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  anti-censorship-roadmap-october  |  Actual Points:  1
Parent ID:   | Points:  3
 Reviewer:  karsten  |Sponsor:  Sponsor28
-+---

Comment (by dcf):

 Replying to [comment:14 cohosh]:
 > When updating the website I got the following errors:

 I'm not sure how it got this way but there were some files in the `dcf`
 and `cohosh` groups.
 {{{
 dcf@staticiforme:/srv/snowflake.torproject.org/htdocs$ find . -not -group
 snowflake | xargs ls -ld
 -rw-rw-r-- 1 dcfdcf3496 Oct 29 00:53 ./_locales/ca/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53 ./_locales/da/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53 ./_locales/de/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53
 ./_locales/en_US/messages.json
 -rw-rw-r-- 1 cohosh cohosh 3520 Dec  3 19:17 ./_locales/es/messages.json
 -rw-rw-r-- 1 dcfdcf3746 Oct 29 00:53 ./_locales/fr/messages.json
 -rw-rw-r-- 1 dcfdcf3941 Nov 14 20:21 ./_locales/he/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53 ./_locales/it/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53 ./_locales/ka/messages.json
 -rw-rw-r-- 1 cohosh cohosh 3345 Dec  3 19:17 ./_locales/lt/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53 ./_locales/messages.json
 -rw-rw-r-- 1 dcfdcf5006 Oct 29 00:53 ./_locales/mk/messages.json
 drwxrwxr-x 2 dcfdcf4096 Oct 29 00:53 ./_locales/nl
 -rw-rw-r-- 1 dcfdcf3305 Oct 29 00:53 ./_locales/nl/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53
 ./_locales/pt_BR/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Oct 29 00:53
 ./_locales/pt_PT/messages.json
 -rw-rw-r-- 1 dcfdcf3267 Nov 14 20:21 ./_locales/sv/messages.json
 -rw-rw-r-- 1 cohosh cohosh 3583 Dec  3 19:17 ./_locales/tr/messages.json
 -rw-rw-r-- 1 dcfdcf3252 Oct 29 00:53
 ./_locales/zh_CN/messages.json
 }}}

 I've just fixed the ones owned by `dcf`. I think you need to do the ones
 owned by `cohosh`:
 {{{
 $ ssh staticiforme 'chgrp -R snowflake
 /srv/snowflake.torproject.org/htdocs'
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30767 [Applications/Tor Browser]: Custom obfs4 bridge does not work on Tor Browser for Android

[Tor Bug Tracker & Wiki]

#30767: Custom obfs4 bridge does not work on Tor Browser for Android
-+-
 Reporter:  gk   |  Owner:  sisbell
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-parity, tbb-mobile,  |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:  #31284   | Points:  0.5
 Reviewer:  sysrqb   |Sponsor:
 |  Sponsor30-can
-+-
Changes (by sysrqb):

 * owner:  tbb-team => sisbell
 * reviewer:   => sysrqb
 * status:  needs_revision => assigned
 * cc: sisbell (removed)
 * cc: tbb-team (added)
 * keywords:  tbb-parity, tbb-mobile, TorBrowserTeam201912 => tbb-parity,
 tbb-mobile, TorBrowserTeam201912R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30767 [Applications/Tor Browser]: Custom obfs4 bridge does not work on Tor Browser for Android

[Tor Bug Tracker & Wiki]

#30767: Custom obfs4 bridge does not work on Tor Browser for Android
-+-
 Reporter:  gk   |  Owner:  sisbell
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-parity, tbb-mobile,  |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:  #31284   | Points:  0.5
 Reviewer:  sysrqb   |Sponsor:
 |  Sponsor30-can
-+-
Changes (by sysrqb):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32663 [Core Tor/Tor]: Require coccinelle 1.0.4 in check_cocci_parse.sh

[Tor Bug Tracker & Wiki]

#32663: Require coccinelle 1.0.4 in check_cocci_parse.sh
+
 Reporter:  teor|  Owner:  teor
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  043-must, tor-test  |  Actual Points:  0.3
Parent ID:  | Points:  0.5
 Reviewer:  ahf |Sponsor:  Sponsor31-can
+
Changes (by catalyst):

 * cc: catalyst (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32481 [Applications/Tor Browser]: Backport 1571003

[Tor Bug Tracker & Wiki]

#32481: Backport 1571003
--+--
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sysrqb):

 This shipped in FF71 this week.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32331 [Applications/Tor Browser]: Tor Browser 9 on Lineage OS 14.1 stalls during start-up

[Tor Bug Tracker & Wiki]

#32331: Tor Browser 9 on Lineage OS 14.1 stalls during start-up
-+-
 Reporter:  gk   |  Owner:  sisbell
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-9.0-issues, tbb-regression,  |  Actual Points:
  tbb-9.0.4-can, tbb-9.5a4-must, |
  TorBrowserTeam201912   |
Parent ID:   | Points:
 Reviewer:  sysrqb   |Sponsor:
-+-
Changes (by sysrqb):

 * keywords:  tbb-9.0-issues, tbb-regression, tbb-9.1.0-can,
 TorBrowserTeam201912 =>
 tbb-9.0-issues, tbb-regression, tbb-9.0.4-can, tbb-9.5a4-must,
 TorBrowserTeam201912
 * owner:  tbb-team => sisbell
 * status:  needs_information => assigned
 * reviewer:   => sysrqb


Comment:

 We should try shipping 9.5a4 with the newer tor version and see if that
 solves the problem. I don't want to ship a new tor version in a stable
 version without testing it in an alpha.

 I might grab this if I have time.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31161 [Applications/Tor Browser]: Document usage and setup of Android signing token

[Tor Bug Tracker & Wiki]

#31161: Document usage and setup of Android signing token
+--
 Reporter:  gk  |  Owner:  sysrqb
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-sign, TorBrowserTeam201912  |  Actual Points:
Parent ID:  | Points:  2
 Reviewer:  gk  |Sponsor:
+--
Changes (by sysrqb):

 * keywords:  GeorgKoppen201911, tbb-sign, TorBrowserTeam201912 => tbb-sign,
 TorBrowserTeam201912
 * reviewer:   => gk


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:  boklm|Sponsor:
-+-
Changes (by intrigeri):

 * Attachment "0001-Bug-32676-Create-a-tarball-with-all-Linux-
 x86_64-lan-v2.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32499 [Circumvention/Snowflake]: Add a build step / documentation for code reuse in Cupcake

[Tor Bug Tracker & Wiki]

#32499: Add a build step / documentation for code reuse in Cupcake
-+-
 Reporter:  arlolra  |  Owner:  arlolra
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  cohosh   |Sponsor:
-+-
Changes (by cohosh):

 * status:  needs_review => merge_ready


Comment:

 This looks great, thank you for working on this. I also appreciate the
 more detailed instructions and pulling the webextension information into
 the README.

 When talking about initializing a new snowflake
 
[https://github.com/keroserene/snowflake/commit/276645cf9bd2713d505da0a5e8fc76d2a5d84c3d
 #diff-29bf2e0e7e02238523200d8e1c149d54R125 here], can we also encourage
 setting the proxy type field that's introduced in #31157? Here's an
 example of how it's set in init-webext.js: https://gitweb.torproject.org
 /pluggable-transports/snowflake.git/tree/proxy/init-webext.js#n175

 It would be nice if they also let us know that they've worked it into
 their tool. We could add a sentence encouraging them to reach out to us.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32629 [Core Tor/Tor]: Re-enable 1 or 2 more macOS jobs in Travis

[Tor Bug Tracker & Wiki]

#32629: Re-enable 1 or 2 more macOS jobs in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-immediately, tor-  |  Actual Points:  0.3
  ci, ipv6, macos, 029-backport, 035-backport,   |
  040-backport, 041-backport, 042-backport   |
Parent ID:   | Points:  0.5
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by catalyst):

 * status:  needs_review => needs_information


Comment:

 Replying to [comment:2 teor]:
 > I re-enabled the macOS chutney job, but not the macOS Rust job. (macOS
 is slow, and Rust is the lowest priority.)
 >
 > Here are my PRs:
 > * 0.2.9: https://github.com/torproject/tor/pull/1575
 > * 0.3.5: https://github.com/torproject/tor/pull/1576
 > * 0.4.2: https://github.com/torproject/tor/pull/1577
 >
 > Test branches:
 > * https://travis-ci.org/teor2345/tor/branches
 Thanks! Mostly looks good. I did notice that the macOS chutney job is
 significantly slow, about 20 minutes? I'm not sure it significantly adds
 to the total run time except maybe on 0.2.9.

 Also, do we need a changes file? Some of the upcoming releases might ship
 with #32177.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32480 [Applications/GetTor]: Use Github/Gitlab releases to distribute gettor binaries

[Tor Bug Tracker & Wiki]

#32480: Use Github/Gitlab releases to distribute gettor binaries
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  github, releases |  Actual Points:  1
Parent ID:   | Points:  1
 Reviewer:  phw  |Sponsor:
-+-
Changes (by phw):

 * status:  needs_review => merge_ready


Comment:

 Looks good to me! I only had a minor nitpick, which I left in the code.
 Putting the authentication token into an environment variable seems like a
 good solution.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

[Tor Bug Tracker & Wiki]

#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf, teor   |Sponsor:  Sponsor27-can
-+-

Comment (by teor):

 Replying to [comment:21 moonsikpark]:
 > OK, made CI happy by letting `circuit_free_()` free
 `or_circ->build_state->chosen_exit`.

 Thanks!

 > Before extending the exposure range of rp fingerprint, I think there
 might be other metrics we can export that can help onion services.
 Potentially `circ->rend_data->nr_streams` or
 `circ->hs_ident->intro_auth_pk`

 Sure that seems fine.

 > or `circ->hs_ident->rendezvous_cookie`.

 No, I don't think we should export raw cryptographic material. If you
 really want this info, you should export
 `siphash(circ->hs_ident->rendezvous_cookie)`. (The cookie should not be
 common across instances, unless the client is doing a replay attack across
 different instances. If you want to be able to detect relay attacks, you
 should do `H(CONSTANT_PREFIX|circ->hs_ident->rendezvous_cookie)`.)

 > I think `INSTANCE_ID` don't have to be that long, we can change it to 1
 byte and move it to the front(`fdAA` where `AA=INSTANCE_ID`).

 Sure.

 > And I'm curious about `dst_ipv6` fixed to `::1`. `real_addr` of
 `rend_service_port_config_t` is not always `localhost`. Does backends
 ignore the destination address?

 I don't know who is actually using this feature right now. Maybe ahf does?

 > Does it mean we can cram data in `dst_ipv6` too?

 That's 16 bytes, so you could get the whole fingerprint if you wanted it.
 But maybe there are more valuable things.

 I'm going to suggest a way forward:
 1. We decide what to do about the existing broken fields:
 https://trac.torproject.org/projects/tor/ticket/32604?replyto=21#comment:19
 2. We do a design for the final set of fields.
 3. We land this patch with the current fields, in the positions they will
 have in the final design.
 4. We open a new ticket for any new fields.

 This feature is getting complex enough that we might need a proposal, a
 spec, or a very well-designed manual page entry.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32676 [Applications/Tor Browser]: Consider publishing a tarball with all Tor Browser langpacks

[Tor Bug Tracker & Wiki]

#32676: Consider publishing a tarball with all Tor Browser langpacks
-+-
 Reporter:  intrigeri|  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  AffectsTails, tbb-rbm,   |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:   | Points:
 Reviewer:  boklm|Sponsor:
-+-

Comment (by boklm):

 The patch looks good to me, and works fine.

 The patch is in my branch `bug_32676_v2`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_32676_v2&id=717bfab21f38279e9d991c52f6135ed4552d00be

 After running `make alpha-linux-x86_64` it created the file
 `alpha/unsigned/9.5a3-build1/langpacks-tor-browser-9.5a3.tar.xz` which is
 15M.

 However as I participated in writing this patch, maybe someone else should
 review it too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21369 [Core Tor/Tor]: Tor crashes with tor_assertion_failed_() [Assertion buf->datalen < INT_MAX failed in write_to_buf at ../src/or/buffers.c:832]

[Tor Bug Tracker & Wiki]

#21369: Tor crashes with tor_assertion_failed_() [Assertion buf->datalen < 
INT_MAX
failed in write_to_buf at ../src/or/buffers.c:832]
-+
 Reporter:  svengo   |  Owner:  nickm
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor |Version:  Tor: 0.2.9.9
 Severity:  Critical | Resolution:  fixed
 Keywords:  review-group-16  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by teor):

 * keywords:  029-backport, review-group-16 => review-group-16


Comment:

 This fix was never backported to 0.2.9.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32673 [Core Tor/Tor]: 'buf_read_from_tls()' can return the wrong error code

[Tor Bug Tracker & Wiki]

#32673: 'buf_read_from_tls()' can return the wrong error code
-+-
 Reporter:  opara|  Owner:  nickm
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.0.4-rc
 Severity:  Normal   | Resolution:
 Keywords:  tor-tls, tor-security,   |  Actual Points:
  035-backport, 040-backport, 041-backport,  |
  042-backport   |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  tor-tls, tor-security =>
 tor-tls, tor-security, 035-backport, 040-backport, 041-backport,
 042-backport
 * version:   => Tor: 0.3.0.4-rc


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32480 [Applications/GetTor]: Use Github/Gitlab releases to distribute gettor binaries

[Tor Bug Tracker & Wiki]

#32480: Use Github/Gitlab releases to distribute gettor binaries
-+
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  github, releases |  Actual Points:  1
Parent ID:   | Points:  1
 Reviewer:  phw  |Sponsor:
-+
Changes (by cohosh):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged at `5684c4fc95`:
 
https://gitweb.torproject.org/gettor.git/commit/scripts?id=5684c4fc95170951f062b36002733034cb6a3904

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

[Tor Bug Tracker & Wiki]

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  043-should, 041-backport,|  Actual Points:
  042-backport, consider-backport-after- |
  authority-test, fast-fix, network-health   |
Parent ID:   | Points:  0.5
 Reviewer:  teor |Sponsor:
-+-
Changes (by teor):

 * keywords:
 043-should, 041-backport, 042-backport, consider-backport-after-
 authority-test, fast-fix, teor-backlog, network-health
 =>
 043-should, 041-backport, 042-backport, consider-backport-after-
 authority-test, fast-fix, network-health
 * reviewer:   => teor
 * status:  needs_review => needs_revision


Comment:

 Thanks, just a few fixes needed:
 1. fix a comment to explain what happened to 0.3.6.0-alpha-dev
 2. add tests for current releases
 3. work out if we want to reject 0.4.0 alphas and rcs. To do that, we need
 to check how many there are in the network.
 4. Rebase on 0.4.1, because we might backport this branch to 0.4.1

 Once we've made these changes, we should email all the affected operators,
 and then test this patch on moria1. After we've done both those things, we
 can merge.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32629 [Core Tor/Tor]: Re-enable 1 or 2 more macOS jobs in Travis

[Tor Bug Tracker & Wiki]

#32629: Re-enable 1 or 2 more macOS jobs in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-immediately, tor-  |  Actual Points:  0.3
  ci, ipv6, macos, 029-backport, 035-backport,   |
  040-backport, 041-backport, 042-backport   |
Parent ID:   | Points:  0.5
 Reviewer:  catalyst |Sponsor:
-+-

Comment (by teor):

 Replying to [comment:5 catalyst]:
 > Replying to [comment:2 teor]:
 > > I re-enabled the macOS chutney job, but not the macOS Rust job. (macOS
 is slow, and Rust is the lowest priority.)
 > >
 > > Here are my PRs:
 > > * 0.2.9: https://github.com/torproject/tor/pull/1575
 > > * 0.3.5: https://github.com/torproject/tor/pull/1576
 > > * 0.4.2: https://github.com/torproject/tor/pull/1577
 > >
 > > Test branches:
 > > * https://travis-ci.org/teor2345/tor/branches
 > Thanks! Mostly looks good. I did notice that the macOS chutney job is
 significantly slow, about 20 minutes? I'm not sure it significantly adds
 to the total run time except maybe on 0.2.9.

 Yes, it's slow. It does add to the total run time, but the job can finish
 successfully without it - that's why it's in allow_failure/fast_finish.

 > Also, do we need a changes file? Some of the upcoming releases might
 ship with #32177.

 The revert deletes the changes file, but you're right, we should replace
 it with another one. I'll do that now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32629 [Core Tor/Tor]: Re-enable 1 or 2 more macOS jobs in Travis

[Tor Bug Tracker & Wiki]

#32629: Re-enable 1 or 2 more macOS jobs in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-immediately, tor-  |  Actual Points:  0.3
  ci, ipv6, macos, 029-backport, 035-backport,   |
  040-backport, 041-backport, 042-backport   |
Parent ID:   | Points:  0.5
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by teor):

 * status:  needs_information => needs_review


Comment:

 I deleted and replaced the #32177 changes file in 0.2.9 and 0.3.5, because
 it hadn't been released yet. I added a different changes file to 0.4.2.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32300 [Circumvention/Snowflake]: Improve snowflake server test coverage

[Tor Bug Tracker & Wiki]

#32300: Improve snowflake server test coverage
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:  .5
Parent ID:  #29259   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by phw):

 * status:  needs_review => merge_ready


Comment:

 Looks good to me!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32639 [Core Tor/Tor]: cancel_descriptor_fetches() uses wrong connection list function

[Tor Bug Tracker & Wiki]

#32639: cancel_descriptor_fetches() uses wrong connection list function
-+
 Reporter:  asn  |  Owner:  neel
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs newnym backport?  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 The commit message for this ticket is wrong, it says
 cancel_descriptor_fetches() twice.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information

[Tor Bug Tracker & Wiki]

#32678: Tor's DNS cache leaks information
--+
 Reporter:  mikeperry |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by pulls):

 The hotness threshold sounds like a great idea. It should be randomized in
 such a way that an attacker cannot predict the threshold for a given entry
 in the cache at the time it gets added to the cache. If all entries in a
 cache share the same threshold, then it's trivial for the attacker to
 probe this using a domain it controls. If the threshold does not change
 each time the same domain is added to the cache at a relay, then the
 attacker can probe it as well. (I guess this is what was meant above, just
 spelling it out.)

 Another issue is if an attacker can detect when a entry expires from the
 cache. If the TTL calculation is deterministic, like now set to one hour,
 it tells you when the entry was visited at the exit. Probably want to
 randomize this as well in the order of at least a few minutes (up, never
 down).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32639 [Core Tor/Tor]: cancel_descriptor_fetches() uses wrong connection list function

[Tor Bug Tracker & Wiki]

#32639: cancel_descriptor_fetches() uses wrong connection list function
-+
 Reporter:  asn  |  Owner:  neel
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs newnym backport?  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor27-can
-+
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 Fixed it. Did a force push as there were no comments on the branch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

[Tor Bug Tracker & Wiki]

#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  043-should, 041-backport,|  Actual Points:
  042-backport, consider-backport-after- |
  authority-test, fast-fix, network-health   |
Parent ID:   | Points:  0.5
 Reviewer:  teor |Sponsor:
-+-
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 Rebasing this branch over 0.4.1 doesn't make sense, as the tests are
 missing on that branch. However, I have a secondary PR for 0.4.1.

 About blocking 0.4.1 alphas/rc, I would be against it unless there is a
 crippling bug on the 0.4.1 alphas/rc releases. For instance, 0.2.9.5-rc is
 allowed on the network because it "works" (may not be the most secure, but
 technically works), whereas 0.2.9.4 and below have a consensus bug.

 The changes are posted to both the original PR based off master and the
 0.4.1 PR here: https://github.com/torproject/tor/pull/1588

 I don't know if two PRs will work for you, but here it is.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29259 [Circumvention/Snowflake]: Ensure high test coverage for Snowflake

[Tor Bug Tracker & Wiki]

#29259: Ensure high test coverage for Snowflake
---+---
 Reporter:  ahf|  Owner:  cohosh
 Type:  task   | Status:
   |  merge_ready
 Priority:  Medium |  Milestone:
Component:  Circumvention/Snowflake|Version:
 Severity:  Normal | Resolution:
 Keywords:  anti-censorship-roadmap-september  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
   |  Sponsor28-must
---+---
Changes (by phw):

 * status:  needs_review => merge_ready


Comment:

 Replying to [comment:13 cohosh]:
 > Here are some test additions and touch-ups to existing go unit testing
 code: https://github.com/cohosh/snowflake/pull/16
 [[br]]
 Looks good to me!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32629 [Core Tor/Tor]: Re-enable 1 or 2 more macOS jobs in Travis

[Tor Bug Tracker & Wiki]

#32629: Re-enable 1 or 2 more macOS jobs in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-immediately, tor-  |  Actual Points:  0.3
  ci, ipv6, macos, 029-backport, 035-backport,   |
  040-backport, 041-backport, 042-backport   |
Parent ID:   | Points:  0.5
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 I didn't realise the releases were already out. I'll revert these changes,
 and just use the post-release changes file for each one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32680 [Core Tor/Tor]: Circpad: More/better pattern recognition events

[Tor Bug Tracker & Wiki]

#32680: Circpad: More/better pattern recognition events
-+-
 Reporter:   |  Owner:  (none)
  mikeperry  |
 Type:   | Status:  new
  enhancement|
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core |Version:
  Tor/Tor|   Keywords:  circpad-researchers-maybe-want wtf-
 Severity:  Normal   |  pad
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Researchers might want other internal events for custom packet pattern
 recognition, so that they do not have to build quite so complicated state
 machines. One such example would be an event for ANY_BINS_EMPTY. Others
 might include packet arrival length counts or patterns.

 These are best implemented by adding new circpad_internal_event_*()
 functions and internal event enums, so that it is easy for machines to
 make use of them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32040 [Core Tor/Tor]: HS intro padding machine reactivates after receiving INTRODUCE_ACK

[Tor Bug Tracker & Wiki]

#32040: HS intro padding machine reactivates after receiving INTRODUCE_ACK
-+-
 Reporter:  asn  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  wtf-pad padding circpad- |  Actual Points:
  researchers-want   |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor2
-+-
Changes (by mikeperry):

 * keywords:  wtf-pad padding => wtf-pad padding circpad-researchers-want


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs