Re: [tor-bugs] #1922 [Core Tor/Tor]: torrc.d-style configuration directories

2017-04-03 Thread Tor Bug Tracker & Wiki 
#1922: torrc.d-style configuration directories
-+-
 Reporter:  aa138346 |  Owner:
 |  Jigsaw52
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, intro,   |  Actual Points:
  tor-03-unspecified-201612  |
Parent ID:   | Points:  medium
 Reviewer:   |Sponsor:
-+-

Comment (by Jigsaw52):

 I think it is ready.

 tor branch: https://github.com/Jigsaw52/tor/tree/torrc-dir-fix-1922
 torspec branch: https://github.com/Jigsaw52/torspec/tree/torrc-dir-
 fix-1922

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #1922 [Core Tor/Tor]: torrc.d-style configuration directories

2017-04-03 Thread Tor Bug Tracker & Wiki 
#1922: torrc.d-style configuration directories
-+-
 Reporter:  aa138346 |  Owner:
 |  Jigsaw52
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, intro,   |  Actual Points:
  tor-03-unspecified-201612  |
Parent ID:   | Points:  medium
 Reviewer:   |Sponsor:
-+-
Changes (by Jigsaw52):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16010 [Applications/Tor Browser]: Get a working content process sandbox for Tor Browser on Windows

2017-04-03 Thread Tor Bug Tracker & Wiki 
#16010: Get a working content process sandbox for Tor Browser on Windows
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-gitian, tbb-security,  |  Actual Points:
  tbb-7.0-must, TorBrowserTeam201703,|
  GeorgKoppen201703  |
Parent ID:  #21147   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 Replying to [comment:18 tom]:
 > Replying to [comment:17 cypherpunks]:
 > > According to https://dxr.mozilla.org/mozilla-
 esr52/search?limit=100=false=__except%20path%3Asecurity/sandbox%2F
 you can use #12425 as an easy-fix/dirty-haxx just to get it working like
 #12113, but it's not safe, however.
 >
 > I'm pretty sure we cannot. try {} except {} can be replaced with
 setjmp/longjmp but __try / __except are a special MSVC extension that
 catches what would otherwise be a segfault.
 See the link: sandbox doesn't catch segfaults, it seems. But if it does,
 sjlj is no op. (try/except? Maybe, C++ try/catch? {{{__try/__except}}} are
 for system SEH, Clang 3.7 claims to support that)
 > Right now we're looking at a few options:
 > 1) Rip out all __try /__except and just hope we don't hit an access
 violation in normal usage
 > 2) MinGW's __try1 / __except1 construct
 > 3) libseh from here:
 http://www.programmingunlimited.net/siteexec/content.cgi?page=mingw-seh
 >
 > Preliminary testing of both 1 and 2 indicate these probably don't work.
 But we don't know exactly why yet.
 It's not a problem to use SEH, it's a huge problem to use it safely. MS
 uses version 4 (SEH4) or later of its implementation. There are a lot of
 undocumented tricks, hopefully, we don't need C++ EH stuff. But also
 without it, there are a lot of things to do.
 (some code from the net: https://gist.github.com/kikairoya/1710310)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21778 [Applications/Tor Browser]: Canvas prompt is not showing up anymore in Tor Browser based in ESR52

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21778: Canvas prompt is not showing up anymore in Tor Browser based in ESR52
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff52-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * cc: brade, mcs (added)


Comment:

 When I tested on OSX, disabling e10s mode made the prompt work again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 Replying to [comment:42 mcs]:
 > One more thing: on OSX at least, the canvas permission prompt is not
 displayed (access is always blocked). It looks like the `canvas-
 permissions-prompt` observer notification is not received. This seems to
 be an e10s problem, because the prompt is correctly displayed if I disable
 multiprocess mode.

 I just realized that this issue is already being tracked in #21778.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18589 [Applications/Tor Browser]: Tor browser writes SiteSecurityServiceState.txt with usage history

2017-04-03 Thread Tor Bug Tracker & Wiki 
#18589: Tor browser writes SiteSecurityServiceState.txt with usage history
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-disk-leak |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Tor Browser does that only for requests from its parts that are not in
 Private Browsing. See #20491.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16010 [Applications/Tor Browser]: Get a working content process sandbox for Tor Browser on Windows

2017-04-03 Thread Tor Bug Tracker & Wiki 
#16010: Get a working content process sandbox for Tor Browser on Windows
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-gitian, tbb-security,  |  Actual Points:
  tbb-7.0-must, TorBrowserTeam201703,|
  GeorgKoppen201703  |
Parent ID:  #21147   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by tom):

 Replying to [comment:17 cypherpunks]:
 > According to https://dxr.mozilla.org/mozilla-
 esr52/search?limit=100=false=__except%20path%3Asecurity/sandbox%2F
 you can use #12425 as an easy-fix/dirty-haxx just to get it working like
 #12113, but it's not safe, however.

 I'm pretty sure we cannot. try {} except {} can be replaced with
 setjmp/longjmp but __try / __except are a special MSVC extension that
 catches what would otherwise be a segfault.

 Right now we're looking at a few options:
 1) Rip out all __try / __except and just hope we don't hit an access
 violation in normal usage
 2) MinGW's __try1 / __except1 construct
 3) libseh from here:
 http://www.programmingunlimited.net/siteexec/content.cgi?page=mingw-seh

 Preliminary testing of both 1 and 2 indicate these probably don't work.
 But we don't know exactly why yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16010 [Applications/Tor Browser]: Get a working content process sandbox for Tor Browser on Windows

2017-04-03 Thread Tor Bug Tracker & Wiki 
#16010: Get a working content process sandbox for Tor Browser on Windows
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-gitian, tbb-security,  |  Actual Points:
  tbb-7.0-must, TorBrowserTeam201703,|
  GeorgKoppen201703  |
Parent ID:  #21147   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 According to https://dxr.mozilla.org/mozilla-
 esr52/search?limit=100=false=__except%20path%3Asecurity/sandbox%2F
 you can use #12425 as an easy-fix/dirty-haxx just to get it working like
 #12113, but it's not safe, however.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12426 [Applications/Tor Browser]: Make use of HeapEnableTerminationOnCorruption in Tor Browser on Windows (was: Make use of EnableTerminationOnHeapCorruption() in Tor Browser)

2017-04-03 Thread Tor Bug Tracker & Wiki 
#12426: Make use of HeapEnableTerminationOnCorruption in Tor Browser on Windows
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-security, tbb-firefox-patch, |  Actual Points:
  tbb-hardened, tbb-easy, TorBrowserTeam201704R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * status:  new => needs_review
 * keywords:  tbb-security, tbb-firefox-patch, tbb-hardened =>
 tbb-security, tbb-firefox-patch, tbb-hardened, tbb-easy,
 TorBrowserTeam201704R
 * severity:   => Major


Comment:

 One system function call that should have been applied long long ago. (For
 tor.exe and others, please, too.)
 https://bugzilla.mozilla.org/show_bug.cgi?id=805173
 P.S. It is not necessary for applications to enable it since Win 8 because
 the system uses it for all processes by default.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 Replying to [comment:41 mcs]:
 > Replying to [comment:36 gk]:
 > > `013d0cd1f153626cb7f40cc39288300ee55e100e`: (mcs/brade could you have
 a second look here as well?)

 One more thing: on OSX at least, the canvas permission prompt is not
 displayed (access is always blocked). It looks like the `canvas-
 permissions-prompt` observer notification is not received. This seems to
 be an e10s problem, because the prompt is correctly displayed if I disable
 multiprocess mode.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  implemented
  tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => implemented


Comment:

 merged that too

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 Replying to [comment:36 gk]:
 > `013d0cd1f153626cb7f40cc39288300ee55e100e`: (mcs/brade could you have a
 second look here as well?)
 >
 > in `IsImageExtractionAllowed` why did you replace the old getting-the-
 first-party-code with:
 > {{{
 > +nsIDocument* topLevelDocument =
 aDocument->GetTopLevelContentDocument();
 > +nsIURI *topLevelDocURI = topLevelDocument ?
 topLevelDocument->GetDocumentURI() : nullptr;
 > +nsCString topLevelDocURISpec;
 > +topLevelDocURI->GetSpec(topLevelDocURISpec);
 > }}}
 > It seems you are not guarding against a possible null-pointer-deref
 there?

 The old API is gone. Kathy and I agree that a NULL pointer check should be
 added.

 > {{{
 > +rv = permissionManager->TestPermission(docURI,
 > +
 PERMISSION_CANVAS_EXTRACT_DATA, );
 > +NS_ENSURE_SUCCESS(rv, false);
 > }}}
 > Why not `topLevelDocURI` instead of `docURI`? in 45.8.0 it is
 `firstPartyURI` that gets tested.

 Kathy and I agree that it should be `topLevelDocURI`.

 Here are the additional things that we noticed:
 * The second call to `CanvasPermissionPromptHelper.init();` should be
 `.uninit();`
 * In `browser/base/content/browser.xul`, the class `canvas-icon` was added
 but Kathy and I do not see why it is needed.
 * In `dom/canvas/OffscreenCanvas.cpp`, maybe add a reference to #18599 and
 also mention that for now placeholder image data is always returned to
 users of OffscreenCanvas.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  Actual Points:
  tor-03-unspecified-201612  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by dgoulet):

 * status:  needs_review => merge_ready


Comment:

 lgtm! Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  Actual Points:
  tor-03-unspecified-201612  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by catalyst):

 * status:  reopened => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  Actual Points:
  tor-03-unspecified-201612  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by catalyst):

 * status:  closed => reopened
 * resolution:  implemented =>


Comment:

 Proposed patch at https://gitlab.com/argonblue/tor/merge_requests/1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 The final trove:

 `7a094d1375d3f127b23427362a1d22424ac3cfe3`: good
 `3882cea932e6b035120de45ca09d14cdd7314867`: good
 `70ed7f54da8a431970a8a35d6f6f2e3b7ff69a4d`:
 {{{
 +ac_add_options --enable-signmar
 +ac_add_options --enable-verify-mar
 }}}
 These are in the commit message for
 `16c4e654f2096b82a0e8922e29ee26a9f81b1ef0` and it seems to me enabling the
 signing things in all .mozconfig files does fit there better.

 `16c4e654f2096b82a0e8922e29ee26a9f81b1ef0`: good (see previous comment)
 `44316a8f135da5085111cdff409151282997d023`:

 1) In the second whitelist there is only "|welcomeback" but it seems
 "|tor" is missing (the esr45 patch has it)
 2)
 {{{
 +  // When electrolysis is enabled we will need to adopt an architecture
 that is
 +  // more similar to the one that is used for about:home (see
 AboutHomeListener
 +  // in this file and browser/modules/AboutHome.jsm).
 }}}
 Has this been done? Or is there at least a ticket filed somewhere?

 `dea0055d7dabfbe23fe8191b42dbf4ac0a9c02d0`: good
 `d6a9e29b04760f56bf7f4d82798d915da5a28c2c`: good
 `015699fe2b5fb82884e900901d7648727a720e06` (mozilla backport): good
 `697a2218e7c6511174e2946137d4f2d62aeca8c5` (mozilla backport): good (use
 fix for 1348841 instead or get it uplifted)
 `af782600b9ea29529a74d06e5c5cff6f4dfed0ad`: good
 `636eddeeb0ab2354689068257ff00b80199338b8`: good (changes due to #21309 I
 guess; do we have a follow-up ticket taking care of getting rid of the
 tor-browser-bundle changes needed in #18915?)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  implemented
  tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by dgoulet):

 Replying to [comment:26 catalyst]:
 > dgoulet: Do you mean like using `expect_log_msg_containing()` to keep
 the test log cleaner? (and maybe to verify that those additional details
 get logged?)

 Yes! Precisely.

 (Sorry, I wanted to offer a patch but I'm kind of physically unable right
 now so I noted at least the issue for later ref.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20426 [Applications/Tor Browser]: Getting rbm-based Tor Browser builds reproductible for all platforms

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20426: Getting rbm-based Tor Browser builds reproductible for all platforms
--+--
 Reporter:  boklm |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:  #17379| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:5 boklm]:
 > Replying to [comment:4 cypherpunks]:
 > > Why don't you build tor.exe for Win with libfaketime like in
 https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/tree/gitian/descriptors/windows/gitian-tor.yml?
 >
 > I tried, but it did not fix the problem. Maybe I did not do it
 correctly, so I will try again to make sure.
 With
 {{{
 -  export LD_PRELOAD=/usr/lib/faketime/libfaketime.so.1
 +  export LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1
 }}}
 ?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  implemented
  tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by catalyst):

 dgoulet: Do you mean like using `expect_log_msg_containing()` to keep the
 test log cleaner? (and maybe to verify that those additional details get
 logged?)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 Replying to [comment:10 mcs]:
 > Replying to [comment:7 cypherpunks]:
 > > Actually, it's an archive in archive, so you need some tricks to
 "decypher" it ;)))
 >
 > You are right. I uploaded the attachment again, but the result is the
 same. Must be a Trac "feature."
 for cypherpunks only ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20426 [Applications/Tor Browser]: Getting rbm-based Tor Browser builds reproductible for all platforms

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20426: Getting rbm-based Tor Browser builds reproductible for all platforms
--+--
 Reporter:  boklm |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:  #17379| Points:
 Reviewer:|Sponsor:
--+--

Comment (by boklm):

 Replying to [comment:4 cypherpunks]:
 > Why don't you build tor.exe for Win with libfaketime like in
 https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/tree/gitian/descriptors/windows/gitian-tor.yml?

 I tried, but it did not fix the problem. Maybe I did not do it correctly,
 so I will try again to make sure.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20426 [Applications/Tor Browser]: Getting rbm-based Tor Browser builds reproductible for all platforms

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20426: Getting rbm-based Tor Browser builds reproductible for all platforms
--+--
 Reporter:  boklm |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:  #17379| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Why don't you build tor.exe for Win with libfaketime like in
 https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/tree/gitian/descriptors/windows/gitian-tor.yml?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 Replying to [comment:7 cypherpunks]:
 > Actually, it's an archive in archive, so you need some tricks to
 "decypher" it ;)))

 You are right. I uploaded the attachment again, but the result is the
 same. Must be a Trac "feature."

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21625 [Applications/Tor Browser]: Review networking code for Firefox 52

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21625: Review networking code for Firefox 52
-+-
 Reporter:  gk   |  Owner:
 |  mikeperry
 Type:  task | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  TorBrowserTeam201703, ff52-esr,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by tom):

 * cc: tom (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20426 [Applications/Tor Browser]: Getting rbm-based Tor Browser builds reproductible for all platforms

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20426: Getting rbm-based Tor Browser builds reproductible for all platforms
--+--
 Reporter:  boklm |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:  #17379| Points:
 Reviewer:|Sponsor:
--+--

Comment (by boklm):

 To check the status of reproducibility, I did a build using commit
 `bfc288d54a28f00e088ba9ce08bd718156d8ff2f` on two machines, and legind did
 one too.

 The OSX bundles matched in all 3 builds. The Windows bundles didn't match
 because of a small diff in tor.exe (similar to the one above). The linux32
 bundles matched in all 3 builds, but the linux64 ones only matched in 2 of
 the builds, with a diff in libxul.so. I did not yet investigate the reason
 for the diff in one of the linux64 builds.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 Hmm, one spam template can be overcome.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 {{{
 Process 26651 stopped
 * thread #1: tid = 0x7801d1, 0x000108aecfa3
 XUL`base::KillProcess(process_id=26709, exit_code=1, wait=false) + 35 at
 process_util_posix.cc:71, queue = 'com.apple.main-thread', stop reason =
 breakpoint 1.2
 frame #0: 0x000108aecfa3 XUL`base::KillProcess(process_id=26709,
 exit_code=1, wait=false) + 35 at process_util_posix.cc:71
68   // entry structure.  Ignores specified exit_code; posix can't
 force that.
69   // Returns true if this is successful, false otherwise.
70   bool KillProcess(ProcessHandle process_id, int exit_code, bool
 wait) {
 -> 71   fprintf(stderr, "\n\nKillProcess %d\n\n", process_id);
72 bool result = kill(process_id, SIGTERM) == 0;
73
74 if (result && wait) {
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19479 [Applications/Tor Browser]: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48

2017-04-03 Thread Tor Bug Tracker & Wiki 
#19479: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff59-esr, tbb-fingerprinting  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by arthuredelstein):

 * keywords:  ff52-esr, tbb-fingerprinting, tbb-7.0-must,
 TorBrowserTeam201703 => ff59-esr, tbb-fingerprinting


Comment:

 Turns out this API is still only exposed in Firefox Nightly or chrome
 code. So I think we can postpone patching it until the next ESR.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by cypherpunks):

 Replying to [comment:6 arthuredelstein]:
 > Replying to [comment:5 mcs]:
 >
 > For some reason I can't open the stack.txt.gz. It unzips but I don't get
 readable text.
 It's an April Fool's day joke ;)
 Trac's preview of gz too :))
 Actually, it's an archive in archive, so you need some tricks to
 "decypher" it ;)))
 Unfortunately, Trac's captcha fails with error when trying to submit this
 call stack in comment, because Tor Browser is broken :(

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21328 [Applications/Tor Browser]: Move to clang 3.8.0 for Tor Browser's clang-based macOS toolchain

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21328: Move to clang 3.8.0 for Tor Browser's clang-based macOS toolchain
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-gitian, ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703R, GeorgKoppen201703,  |
  tbb-7.0-must-nightly   |
Parent ID:  #21147   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by boklm):

 Replying to [comment:18 gk]:
 > This makes sense, thanks. I just pushed `bug_21328_v4` (the new commit
 https://gitweb.torproject.org/user/gk/tor-browser-
 bundle.git/commit/?h=bug_21328_v4=b9ee73abc959b930186138ea203152d1773b24f8)
 with small changes and the one mentioned in comment:17.

 The changes in this branch look good to me.

 I also pushed branch `bug_21328` in my `tor-browser-build.git` user repo,
 doing corresponding changes to the rbm based build:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/log/?h=bug_21328

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21766 [Applications/Tor Browser]: Tor Browser based on ESR52 with e10s enabled crashed whle trying to download a file

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21766: Tor Browser based on ESR52 with e10s enabled crashed whle trying to
download a file
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  tbb-7.0-must, ff52-esr,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by arthuredelstein):

 Replying to [comment:5 mcs]:

 For some reason I can't open the stack.txt.gz. It unzips but I don't get
 readable text.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21754 [Applications/Tor Browser]: Switch to OS X 10.7 SDK everywhere in our OS X descriptors

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21754: Switch to OS X 10.7 SDK everywhere in our OS X descriptors
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201703R,   |  Actual Points:
  GeorgKoppen201703, tbb-gitian  |
Parent ID:  #21328   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:2 gk]:
 > `bug_21754_v2` (https://gitweb.torproject.org/user/gk/tor-browser-
 bundle.git/commit/?h=bug_21754_v2=6ff54b812b08f3b64fb277f0541dfd9562bf3d6e)`
 has a proposed fix for the clean-up. It's based on top of the fixes for
 #21753, #10369, and #19783.
 This looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19783 [Applications/Tor Browser]: Typo in build helpers: `MAXOSX_DEPLOYEMENT_TARGET`

2017-04-03 Thread Tor Bug Tracker & Wiki 
#19783: Typo in build helpers: `MAXOSX_DEPLOYEMENT_TARGET`
-+-
 Reporter:  dcf  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Minor| Resolution:
 Keywords:  tbb-gitian, TorBrowserTeam201703R,   |  Actual Points:
  ff52-esr   |
Parent ID:  #21328   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:6 gk]:
 > `bug_19783` (https://gitweb.torproject.org/user/gk/tor-browser-
 bundle.git/commit/?h=bug_19783=85693f597f65269daf49d9d93f129f9cabe673ce)
 has a commit that removes those helper scripts. It is on top of the fixes
 for #10369 and #21753.

 This looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10369 [Applications/Tor Browser]: Building the Utils component in OS X TBBs is broken with the new cross-compiler

2017-04-03 Thread Tor Bug Tracker & Wiki 
#10369: Building the Utils component in OS X TBBs is broken with the new cross-
compiler
-+-
 Reporter:  gk   |  Owner:  gk
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  gitian, tbb-3.0, tbb-gitian, |  Actual Points:
  GeorgKoppen201703, TorBrowserTeam201703R   |
Parent ID:  #21328   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 The patch for this included in branch `gk/bug_21328_v4` looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18589 [Applications/Tor Browser]: Tor browser writes SiteSecurityServiceState.txt with usage history

2017-04-03 Thread Tor Bug Tracker & Wiki 
#18589: Tor browser writes SiteSecurityServiceState.txt with usage history
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-disk-leak |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gacar):

 Replying to [comment:13 gk]:

 > Interesting. Does the same happen with a vanilla Firefox 45.8.0esr? How
 did you test that?

 No, Firefox 45.8.0esr stores the HSTS and HPKP pins from all sites.

 I start with a fresh profile, visit HSTS/HPKP enables sites such as
 github.com, ssllabs.com and metrics.torproject.org. Then I close the
 browser and check the SiteSecurityServiceState.txt contents.

 Vanilla ESR stores GitHub, ssllabs and metrics.torproject.org HSTS (and
 HPKP where available) pins, whereas TB only stores entries related to
 torproject.org.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21756 [Applications/Tor Browser]: HTTP Authentication data is still sent to third parties with ESR 52 based Tor Browser

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21756: HTTP Authentication data is still sent to third parties with ESR 52 
based
Tor Browser
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by arthuredelstein):

 * keywords:  ff52-esr, tbb-7.0-must, TorBrowserTeam201703 => ff52-esr,
 tbb-7.0-must, TorBrowserTeam201703R
 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21756 [Applications/Tor Browser]: HTTP Authentication data is still sent to third parties with ESR 52 based Tor Browser

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21756: HTTP Authentication data is still sent to third parties with ESR 52 
based
Tor Browser
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by arthuredelstein):

 In the #20680 branch, I dropped our #13900 patch because ESR52 is supposed
 to isolate HTTP Auth by first party. There is an automated test in ESR52
 from https://bugzilla.mozilla.org/1301523. So I think the http://ip-
 check.info site is detecting that the HTTP Auth credentials are being
 saved to the third party, but it isn't testing if these credentials are
 shared by with first party.

 I wrote a manual test and was able to confirm that first-party isolation
 (double keying) is working. Here's the test:

 First visit https://arthuredelstein.net/auth-test.html. It contains an
 iframe located at `torpat.ch/auth`. Username is "username" and password is
 "password". Once credentials are entered at the prompt, you can reload and
 the credentials will be remembered such that no prompt is shown for a
 second time.

 Next visit https://torpat.ch/auth-test.html. It also has an iframe at the
 same location. If double-keying is working correctly, the browser should
 prompt again for username and password even though the third-party domain
 is the same (torpat.ch).

 Test source: https://github.com/arthuredelstein/auth-test

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #21848 [- Select a component]: Tor always crashes after a few clicks

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21848: Tor always crashes after a few clicks
--+-
 Reporter:  fuze83|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Tor always crashes after a few clicks.
 always.


 Process:   firefox [1118]
 Path:  /Applications/TorBrowser.app/Contents/MacOS/firefox
 Identifier:firefox
 Version:   tbb-nightly (4510.40.10)
 Code Type: X86-64 (Native)
 Parent Process:??? [1]
 Responsible:   firefox [1118]
 User ID:   501

 Date/Time: 2017-04-03 12:54:58.238 +0200
 OS Version:Mac OS X 10.11.6 (15G1217)
 Report Version:11
 Anonymous UUID:0F81DF59-5CB7-39C5-A16E-D07B6D426B31


 Time Awake Since Boot: 820 seconds

 System Integrity Protection: enabled

 Crashed Thread:0  Dispatch queue: com.apple.main-thread

 Exception Type:EXC_BAD_ACCESS (SIGSEGV)
 Exception Codes:   KERN_INVALID_ADDRESS at 0x0ab00065
 Exception Note:EXC_CORPSE_NOTIFY

 VM Regions Near 0xab00065:
 mapped file00013290-000132ed [ 5952K]
 rw-/rwx SM=COW
 -->
 STACK GUARD7000-70001000 [4K]
 ---/rwx SM=NUL  stack guard for thread 1

 Application Specific Information:
 objc_msgSend() selector name: hash


 Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
 0   libobjc.A.dylib 0x7fff99f684e9 objc_msgSend +
 41
 1   com.apple.Foundation0x7fff94d08644
 -[NSConcreteMapTable objectForKey:] + 42
 2   com.apple.UIFoundation  0x7fff94266809
 +[__NSFontTypefaceInfo typefaceInfoForPostscriptName:options:] + 155
 3   com.apple.UIFoundation  0x7fff9426d56f
 __NSGetMetaFontInstance + 983
 4   XUL 0x000101cc4472
 gfxMacPlatformFontList::GetDefaultFont(gfxFontStyle const*) + 82

 Thread 1:
 0   libsystem_kernel.dylib  0x7fff941265e2
 __workq_kernreturn + 10
 1   libsystem_pthread.dylib 0x7fff8cc6b578
 _pthread_wqthread + 1283
 2   libsystem_pthread.dylib 0x7fff8cc69341 start_wqthread
 + 13

 Thread 2:: Dispatch queue: com.apple.libdispatch-manager
 0   libsystem_kernel.dylib  0x7fff94126efa kevent_qos + 10
 1   libdispatch.dylib   0x7fff8a27b165
 _dispatch_mgr_invoke + 216
 2   libdispatch.dylib   0x7fff8a27adcd
 _dispatch_mgr_thread + 52

 Thread 3:: Gecko_IOThread
 0   libsystem_kernel.dylib  0x7fff94126eca kevent + 10
 1   XUL 0x0001016aa22c kq_dispatch +
 716

 Thread 4:: Closing Service
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 5:: Socket Thread
 0   libsystem_kernel.dylib  0x7fff9412607a __select + 10
 1   libnss3.dylib   0x000101209775 poll + 469

 Thread 6:: JS Helper
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 7:: JS Helper
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 8:: JS Helper
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 9:: JS Helper
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 10:: JS Helper
 0   libsystem_kernel.dylib  0x7fff94125db6 __psynch_cvwait
 + 10
 1   libsystem_pthread.dylib 0x7fff8cc6c728
 _pthread_cond_wait + 767
 2   libnss3.dylib   0x00010121decd PR_WaitCondVar
 + 253

 Thread 11:: JS Helper
 0   libsystem_kernel.dylib

Re: [tor-bugs] #21796 [Core Tor/Tor]: missing evutil_secure_rng_add_bytes()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21796: missing evutil_secure_rng_add_bytes()
---+---
 Reporter:  cypherpunks|  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.1.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  030-backport 029-backport  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by nickm):

 Any progress here?  Is libevent going to restore the API?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  implemented
  tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by dgoulet):

 This test could benefit from having an expected msg modification (not
 failing just verbose):
 {{{
 circuitbuild/unhandled_exit: Apr 03 12:06:20.192 [warn]
 route_len_for_purpose(): Bug: Unhandled purpose 19 with a chosen exit;
 assuming routelen 4. (on Tor 0.3.1.0-alpha-dev 67c88fd10dd74d03)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13790 [Core Tor/Tor]: Refactor and add comments to new_route_len()

2017-04-03 Thread Tor Bug Tracker & Wiki 
#13790: Refactor and add comments to new_route_len()
-+-
 Reporter:  dgoulet  |  Owner:
 |  catalyst
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  026-deferrable,  |  implemented
  tor-03-unspecified-201612  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 This looks good to me; I'm merging it. (I had to rebase first since it
 seems to have picked up a copy of  ef4c10fb42e796a7a166 as
 4c97157e8963934698d. No worries; worse things happen in C.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21842 [Core Tor/Tor]: Remove tor-checkkey

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21842: Remove tor-checkkey
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  needs_revision => needs_review


Comment:

 Branch updated.  I've left the .gitignore stuff alone, since it's annoying
 to get a bunch of warnings about stale binaries when you switch back and
 forth between branches.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by mcs):

 Replying to [comment:35 gk]:
 > Here is the next batch:
 >
 > `43d4fc730a6216433c059345111c5fe9d11deae6`: looks good to me. mcs/brade
 could you have a second look?

 We have a couple of small comments:
 * In `dom/base/nsObjectLoadingContent.cpp`, the `SVGs load as documents,
 but are their own capability` comment should not be added (that comment
 was removed from the Mozilla code because it is no longer applicable).
 * In `parser/html/nsHtml5DocumentBuilder.cpp`, the old patch removed the
 `NS_ASSERTION(ssle, "Node didn't QI to style.");` statement. It seems like
 we still want to remove that since the patched code uses `if (ssle)` to
 handle the now expected case where `ssle` is NULL.

 Also, we could instead backport the fix that Mozilla landed for Firefox
 53: https://bugzilla.mozilla.org/show_bug.cgi?id=1216893
 One problem we see with that approach is that the favicon portion is
 missing upstream (#18602).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21272 [Metrics]: Onionperf deployment

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21272: Onionperf deployment
-+--
 Reporter:  hiro |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 H, it looks like the direct downloads are fine now, but all onion
 service requests time out.  Ugh.

 Maybe OnionPerf tries to connect to port 80 for onion service requests,
 too, and there's no onion service and no local port forwarding.

 robgjansen, any ideas how to fix/work around this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21403, #20961, #20700, #20524, ...

2017-04-03 Thread Tor Bug Tracker & Wiki 
Batch modification to #21403, #20961, #20700, #20524, #17690, #17242, #12424 by 
dgoulet:
milestone to Tor: 0.3.2.x-final

Comment:
prop224 tickets going in 032 for early merge. Decided after Amsterdam meeting.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21848 [Applications/Tor Browser]: Tor always crashes after a few clicks

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21848: Tor always crashes after a few clicks
--+--
 Reporter:  fuze83|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dgoulet):

 * owner:   => tbb-team
 * component:  - Select a component => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21820 [Core Tor/Tor]: Update release checklist to add step about highlighting certain changes for operators

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21820: Update release checklist to add step about highlighting certain changes 
for
operators
--+
 Reporter:  Sebastian |  Owner:
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 merged, thanks

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21596 [Core Tor/Tor]: When hidden services stop creating new intro points, they also stop checking existing ones

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21596: When hidden services stop creating new intro points, they also stop
checking existing ones
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.7.2-alpha
 Severity:  Normal| Resolution:  fixed
 Keywords:  tor-hs, 030-backport  |  Actual Points:  0.2
Parent ID:| Points:  0.2
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 No apparent explosions. Backporting to 0.3.0. Thanks everybody!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21415 [Core Tor/Tor]: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845: select_entry_guard_for_circuit: Non-fatal assertion !(!guard_has_descriptor(guard)) failed.

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21415: tor_bug_occurred_: Bug: src/or/entrynodes.c:1845:
select_entry_guard_for_circuit: Non-fatal assertion
!(!guard_has_descriptor(guard)) failed.
--+
 Reporter:  cypherpunks   |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.3-alpha
 Severity:  Normal| Resolution:  fixed
 Keywords:  030-backport  |  Actual Points:
Parent ID:| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 merged to 0.3.0; thanks again, asn!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21625 [Applications/Tor Browser]: Review networking code for Firefox 52

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21625: Review networking code for Firefox 52
-+-
 Reporter:  gk   |  Owner:
 |  mikeperry
 Type:  task | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Critical | Resolution:
 Keywords:  TorBrowserTeam201703, ff52-esr,  |  Actual Points:
  tbb-7.0-must   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * cc: brade, mcs (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20451 [Obfuscation/meek]: The communication stream of managed proxy '/usr/bin/meek-client' is 'closed'

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20451: The communication stream of managed proxy '/usr/bin/meek-client' is
'closed'
--+--
 Reporter:  tagener-noisu |  Owner:  dcf
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Obfuscation/meek  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by asn):

 Eek. I guess the proper long-term fix here involves introducing another
 error type that can be emited mid-run? For example, `PT-ERROR` or
 `GENERAL-ERROR` or something?

 Abusing `CMETHOD-ERROR` seems like a reasonable choice for the short-term.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21328 [Applications/Tor Browser]: Move to clang 3.8.0 for Tor Browser's clang-based macOS toolchain

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21328: Move to clang 3.8.0 for Tor Browser's clang-based macOS toolchain
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-gitian, ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703R, GeorgKoppen201703,  |
  tbb-7.0-must-nightly   |
Parent ID:  #21147   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by boklm):

 Replying to [comment:18 gk]:
 > This makes sense, thanks. I just pushed `bug_21328_v4` (the new commit
 https://gitweb.torproject.org/user/gk/tor-browser-
 bundle.git/commit/?h=bug_21328_v4=b9ee73abc959b930186138ea203152d1773b24f8)
 with small changes and the one mentioned in comment:17.

 I have been building this branch twice and got the same result.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17242 [Core Tor/Tor]: prop224: Implement client support

2017-04-03 Thread Tor Bug Tracker & Wiki 
#17242: prop224: Implement client support
-+
 Reporter:  dgoulet  |  Owner:
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  parent
 Reviewer:   |Sponsor:  SponsorR-must
-+
Changes (by asn):

 * milestone:  Tor: 0.3.1.x-final => Tor: 0.3.2.x-final


Comment:

 Triaging this into 0.3.2 after amsterdam discussion.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21749 [Applications/Tor Browser]: bitcoin.de

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21749: bitcoin.de
-+-
 Reporter:  globos   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-usability-website, ff52-esr- |  Actual Points:
  will-have  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 That got fixed on Clouadflare's side. Thanks to all who helped here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  assigned
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:   |Sponsor:  SponsorR-must
-+
Changes (by asn):

 * milestone:  Tor: 0.3.1.x-final => Tor: 0.3.2.x-final


Comment:

 Triaging this to very-early 0.3.2 based on amsterdam discussion.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 Another bunch of comment:

 `b0b8846de6ff4764b47035c72faf7764df29c5ea`: good
 `e5669287f7218a7f97c2bf4895524e9a6dbfc9df`: good
 `88b6156799a5e6d7f8f0de10c3e06dc3f668a3da`: good (update to newer
 jemalloc4?)
 `5d5007a994f6f0965f4dbd0355919002384deb55`: good
 `219ef733285a0c9a40955104354deb0ae8bab55e`:

 "Do not accept or send remote commands;" -> "(default) Do not accept or
 send remote commands;"

 `ecbe2ed5a640738473c9f1b0936532b5b8c1f89e`: good
 `6c9b2590ec741122413db9f99f4e5663935e6fc0`: good
 `e44e6f529e10468c2694b889a70b9b85f109f949`: good (but see comment:34)
 `98d3dfbce9af151d037cce74325a989a4fc1cf35`: good
 `26acfcf65151ea6051646548c52c9be1c1158ab0`: good

 We need a rebased patch for #18885 due to
 https://bugzilla.mozilla.org/show_bug.cgi?id=1188657

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 Here comes another batch:

 `0e0368701c236f103218cce56b7de22bd364e633`:
 1)
 {{{
 +  // Ensure that we allow torbutton, tor-launcher, and https-everywhere
 }}}
 should be
 {{{
 // Ensure that we allow Torbutton, TorLauncher, HTTPS-Everywhere, and
 meek.
 }}}
 2) see comment:34 and my bug_20680_icu_fixup)

 `07b1bd53e8802bab19947b23177805636513ebc6`: good
 `b2b1409e8ee349c059da9d2bffbf43ca2fffd89c`: good
 `54603a99ddf0796457d428d19fedfa2d9c532984`: good
 `98bb714d7ca671dbff48bd4c00251ff691c2a349`: good
 `5c0cdcab7c396a0a6bc1e112990266a0481f518f`: good
 `5e0b61b2ff09ddbc71e4544ec5346c050ff1700c`: good
 `3eb3616578465c2079caf5210e3e89770e21004c`: good
 `8392e637ba1925606d6f5016e091022e8a1713ed`: good
 `87a339023519749b736fde0cb5367a5decd74215`: good (but still needed!?)
 `49e660828cc33168915edcb7ab5afe84620a8d9b`: good
 `c7113c8588eba3de80819090c38145d08d9eea0a`: good (but see comment:34)
 `1184271cd3ea12a0bae3c45e9817a2d6b6423e4e`: good
 `f1ed90364cd203a5cb65f07f86eb30674f4b39f8`: good
 `f161c394e049a440637f06ba87dd6be6f73479bb`: good
 `f3ec07bff9a96ffbfe9c3d03c1725a557097cc61`: good (but see comment:34)
 `dddcf25888d4eb7ee829ec5939876420fd4b005e`: good
 `f392b99d215ba50727eb8b23823811c9ab079104` +
 `cda80ad28fa7c5508ae5686a6c0819fddc4cc595`: good
 `977cf8724cd8a847f68248656e86a7c31c2c30bb`: take patch from
 https://bugzilla.mozilla.org/show_bug.cgi?id=1330882 ?
 `8387adbc333c6502e098eb21f8a1934e91a7c8d4`: good

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21340 [Applications/Tor Browser]: Identify and backport new patches from Firefox

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21340: Identify and backport new patches from Firefox
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-
Changes (by gk):

 * status:  needs_revision => assigned
 * parent:  #20680 =>


Comment:

 https://bugzilla.mozilla.org/show_bug.cgi?id=1348841 seems relevant as
 well

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21712 [Applications/Tor Browser]: Is our patch for #19212 still necessary in ESR52?

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21712: Is our patch for #19212 still necessary in ESR52?
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #20680| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * parent:   => #20680


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21272 [Metrics]: Onionperf deployment

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21272: Onionperf deployment
-+--
 Reporter:  hiro |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by hiro):

 list of file on all VMs now updated.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20680 [Applications/Tor Browser]: Rebase Tor Browser patches to 52 ESR

2017-04-03 Thread Tor Bug Tracker & Wiki 
#20680: Rebase Tor Browser patches to 52 ESR
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201703, tbb-7.0-must-nightly |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 Here comes another batch:

 `2c0fdc9fb55dc4f28edb96c2a69a1451bcf8dcf3`: good
 `1e1736ebc1a35427d1c1738d199b9c2ecca6373e`: good
 `0e58aa9e4028085038827a583f12ea943fa2405e`: good
 `8de96436b99518e947c6dedf3019d1df83714985`: good
 `230c803c10f8c0aedc8beaaf18d13e92e5d95259`: good
 `22508fe47768201b37ae86b2d995b14394727882`: good
 `414a6ce893d50c1374968e485113ac21dfb0b5dd`: good
 `85311e454060b97bc83494e6b59fb99e42b5f778`: good
 `1985add6bc2fcc8d3167b1381b985d543bd80998`: good
 `2399284cd6a7eaf4f21e01ce5d7d04b6297876f5`: good
 `b379130d85235ea6395ac36ad6e82eff4ea15359`: good
 `5c0f41dc2b317dcf1f4934c7cbc34a1de88e666b`: good
 `20dfcf1c67fbeeebd1b580fc59b83baf99bb66c6`: good
 `441f91e03424305e978bf27ca8b479c5929d9594`: good
 `106f19b01457ffd88273cea1e0ef39caa779a298`: good
 `b946f6cbe6cdecc3925e044c586810c7e48fcbc0`: good (should we merge that
 with TB4 commit?)
 `013d0cd1f153626cb7f40cc39288300ee55e100e`: (mcs/brade could you have a
 second look here as well?)

 in ``IsImageExtractionAllowed` why did you replace the old getting-the-
 first-party-code with:
 {{{
 +nsIDocument* topLevelDocument =
 aDocument->GetTopLevelContentDocument();
 +nsIURI *topLevelDocURI = topLevelDocument ?
 topLevelDocument->GetDocumentURI() : nullptr;
 +nsCString topLevelDocURISpec;
 +topLevelDocURI->GetSpec(topLevelDocURISpec);
 }}}
 It seems you are not guarding against a possible null-pointer-deref there?
 {{{
 +rv = permissionManager->TestPermission(docURI,
 +
 PERMISSION_CANVAS_EXTRACT_DATA, );
 +NS_ENSURE_SUCCESS(rv, false);
 }}}
 Why not `topLevelDocURI` instead of `docURI`? in 45.8.0 it is
 `firstPartyURI` that gets tested.

 `fd11d2ad97ea828f9e68750165de70cb34e3a7e0`: good
 `d882e68b91a8a9ac1b6656bec5c38a2a7514115d`: good
 `d85df6ecd6f8de4ff718b3dc85882686f94488a9`: good

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21845 [Applications/Tor Browser]: Active Reader view

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21845: Active Reader view
--+---
 Reporter:  rick17|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * keywords:   => tbb-usability
 * status:  new => needs_information


Comment:

 So, this works in a normal Firefox 45 but not in Tor Browser? The only
 thing we changed regarding Reader View is in #18950 (see:
 https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_18950). Does flipping those prefs help?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21844 [Applications/Tor Browser]: Additional packages needed

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21844: Additional packages needed
--+--
 Reporter:  tom   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:  #19738| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * parent:   => #19738


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18785 [Applications/Tor Browser]: Debian needs the libvirt-daemon-system package for the libvirt group

2017-04-03 Thread Tor Bug Tracker & Wiki 
#18785: Debian needs the libvirt-daemon-system package for the libvirt group
--+--
 Reporter:  dcf   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: #19738 (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21843 [Applications/Tor Browser]: Switching from `make alpha` to `make nightly` doesn't work

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21843: Switching from `make alpha` to `make nightly` doesn't work
--+--
 Reporter:  tom   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-gitian


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21847 [Applications/Tor Browser]: Update copy for security slider to be consistent with the mobile experience

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21847: Update copy for security slider to be consistent with the mobile 
experience
--+--
 Reporter:  isabela   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-usability
 * type:  defect => enhancement


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21844 [Applications/Tor Browser]: Additional packages needed

2017-04-03 Thread Tor Bug Tracker & Wiki 
#21844: Additional packages needed
--+--
 Reporter:  tom   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-gitian|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dcf):

 * keywords:   => tbb-gitian


Comment:

 I just got this too, on Ubuntu 14.05.
 {{{
 user@ubuntu:~/tor-browser-bundle/gitian$ ./make-vms.sh
 Generating public/private rsa key pair.
 Your identification has been saved in var/id_rsa.
 Your public key has been saved in var/id_rsa.pub.
 The key fingerprint is:
 76:d9:4e:bf:fe:98:13:e6:50:fd:d8:99:6f:6d:c6:97 user@ubuntu
 The key's randomart image is:
 +--[ RSA 2048]+
 | |
 | |
 |   . |
 |   o  . .|
 |S o o. o+|
 |   . . o..+oo|
 |.+.o+|
 |  oEO|
 | .=*o|
 +-+
 2017-04-03 05:13:54,161 INFO: logging to file: /tmp/tmpJi83Tg
 2017-04-03 05:13:54,186 INFO: Calling hook: preflight_check
 2017-04-03 05:13:54,188 INFO: Calling hook: set_defaults
 2017-04-03 05:13:54,189 INFO: Calling hook: bootstrap
 2017-04-03 05:19:20,032 INFO: Calling hook: configure_os
 2017-04-03 05:19:20,034 INFO: Cleaning up
 Traceback (most recent call last):
   File "/usr/local/bin/vmbuilder", line 24, in 
 cli.main()
   File "/usr/local/lib/python2.7/dist-packages/VMBuilder/contrib/cli.py",
 line 221, in main
 distro.build_chroot()
   File "/usr/local/lib/python2.7/dist-packages/VMBuilder/distro.py", line
 84, in build_chroot
 self.call_hooks('configure_os')
   File "/usr/local/lib/python2.7/dist-packages/VMBuilder/distro.py", line
 67, in call_hooks
 call_hooks(self, *args, **kwargs)
   File "/usr/local/lib/python2.7/dist-packages/VMBuilder/util.py", line
 170, in call_hooks
 getattr(context, func)(*args, **kwargs)
   File "/usr/local/lib/python2.7/dist-
 packages/VMBuilder/plugins/debian/distro.py", line 133, in configure_os
 self.suite.install_sources_list()
   File "/usr/local/lib/python2.7/dist-
 packages/VMBuilder/plugins/debian/potato.py", line 236, in
 install_sources_list
 'suite' : suite })
   File "/usr/local/lib/python2.7/dist-
 packages/VMBuilder/plugins/debian/potato.py", line 336, in
 install_from_template
 return self.context.install_from_template(*args, **kwargs)
   File "/usr/local/lib/python2.7/dist-
 packages/VMBuilder/plugins/__init__.py", line 83, in install_from_template
 return self.install_file(path,
 VMBuilder.util.render_template(self.__module__.split('.')[2],
 self.context, tmplname, context), mode=mode)
   File "/usr/local/lib/python2.7/dist-packages/VMBuilder/util.py", line
 133, in render_template
 from   Cheetah.Template import Template
 ImportError: No module named Cheetah.Template
 qemu-img: target-wheezy-i386.qcow2: Could not open 'base-
 wheezy-i386.qcow2': Could not open 'base-wheezy-i386.qcow2': No such file
 or directory: No such file or directory
 i386 wheezy VM creation failed
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs