Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-23 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201905R|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:9 cohosh]:
 > It turns out there's an easier way to handle this by putting the cgo
 directives into an environment variable. I attached a new version of the
 patch to this ticket.
 >
 > My reasoning for putting this in `projects/go/config` as opposed to just
 `projects/go-webrtc/config` is that this problem will occur in all go
 projects that use cgo, and it also allows us to use the template build
 script `projects/go/var/build_go_lib` in `go-webrtc`.

 Nice! Looks good to me. Applied to `tor-browser-build`'s `master` (commit
 24f585bf1851bfa022128a5b587b7c0940ec775c).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-23 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
+
 Reporter:  boklm   |  Owner:  cohosh
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Circumvention/Snowflake |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  TorBrowserTeam201905R, tbb-rbm  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by gk):

 * keywords:  TorBrowserTeam201905R => TorBrowserTeam201905R, tbb-rbm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-23 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905R|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by gk):

 * keywords:  TorBrowserTeam201905 => TorBrowserTeam201905R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-21 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905 |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * status:  needs_revision => needs_review


Comment:

 It turns out there's an easier way to handle this by putting the cgo
 directives into an environment variable. I attached a new version of the
 patch to this ticket.

 My reasoning for putting this in `projects/go/config` as opposed to just
 `projects/go-webrtc/config` is that this problem will occur in all go
 projects that use cgo, and it also allows us to use the template build
 script `projects/go/var/build_go_lib` in `go-webrtc`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-21 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905 |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by cohosh):

 * Attachment "0001-Compile-go-webrtc-with-a-non-executable-stack.3.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-21 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905 |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by gk):

 * status:  needs_review => needs_revision
 * keywords:  TorBrowserTeam201905R => TorBrowserTeam201905


Comment:

 Per chat with cohosh: I'd take the patch if there is an upcoming release
 anyway but I'd prefer if we can get the fix merged upstream as any
 additional patch we need in `tor-browser-build` is a bug we should try to
 fix. I heard there are folks in Cc to this ticket who are able to review
 and push the pull request. Let's try to go that route first with a new
 patch that just updates the `go-webrtc` commit once the patch landed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-15 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+---
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905R|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by cohosh):

 * Attachment "0001-Compile-go-webrtc-with-a-non-executable-stack.2.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-15 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905R|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * status:  needs_information => needs_review


Comment:

 Replying to [comment:6 gk]:
 > This seems to be something to review for us? Setting the respective
 keyword. So, *is* this just a Linux issue or not? comment:4 seems to
 suggest so, but the patch touches non-Linux parts as well (like in the
 `go` config file) which confuses me.

 That was my bad, I forgot to make the environment variable change for
 linux only. I uploaded a new version of the patch that should fix this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-15 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+---
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201905R|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by gk):

 * status:  needs_review => needs_information
 * keywords:   => TorBrowserTeam201905R


Comment:

 This seems to be something to review for us? Setting the respective
 keyword. So, *is* this just a Linux issue or not? comment:4 seems to
 suggest so, but the patch touches non-Linux parts as well (like in the
 `go` config file) which confuses me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-14 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cohosh):

 Since this is a linux-specific issue I just made a patch for go-webrtc
 instead of waiting for a PR.

 It looks successful:
 {{{
 $ readelf -W -l TorBrowser/Tor/PluggableTransports/snowflake-client | grep
 GNU_STACK
   GNU_STACK  0x00 0x 0x 0x00
 0x00 RW  0x10
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-14 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-14 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * Attachment "0001-Compile-go-webrtc-with-a-non-executable-stack.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-13 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cohosh):

 I created a pull request for go-webrtc: https://github.com/keroserene/go-
 webrtc/pull/105

 I've also attached a patch to this ticket, we'll have to wait until the
 above pull request is accepted before we can test if it works so I'll
 leave this as assigned until then.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-13 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * Attachment "0001-Allow-cgo-nonexecstack-flags.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-13 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cohosh):

 Yep, it's a cgo thing.

 The solution here is to add the `noexecstack` cgo LD flag to go-webrtc:
 {{{ #cgo LDFLAGS: -L${SRCDIR}/lib -z noexecstack }}}

 However, this will currently throw an error because of golang's
 [https://github.com/golang/go/issues/23937 whitelist] on linker and
 compiler options. This can be solved by setting the environment variable
 `CGO_LDFLAGS_ALLOW` to a regex that recognizes the `-z noexecstack`
 option.

 I'll work on a patch for this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30451 [Circumvention/Snowflake]: snowflake-client has executable stack

2019-05-13 Thread Tor Bug Tracker & Wiki 
#30451: snowflake-client has executable stack
-+--
 Reporter:  boklm|  Owner:  cohosh
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cohosh):

 * owner:  (none) => cohosh
 * status:  new => assigned


Comment:

 Hmm, looking at the go linker it seems like PT_GNU_STACK should be set:
 https://golang.org/src/cmd/link/internal/ld/elf.go#L240

 The proxy-go instances have the same problem, but the broker does not:
 {{{
 $ readelf -W -l broker
 Program Headers:
   Type   Offset   VirtAddr   PhysAddr   FileSiz
 MemSiz   Flg Align
   GNU_STACK  0x00 0x 0x 0x00
 0x00 RW  0x8
 }}}

 I wonder if this has something to do with CGO

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs