Re: [tor-bugs] #22657 [Community/Outreach]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
+
 Reporter:  mrphs   |  Owner:  mrphs
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by mrphs):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 'social' now has full access to the account

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22653 [Core Tor/Tor]: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to build circuits

[Tor Bug Tracker & Wiki]

#22653: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to 
build
circuits
--+
 Reporter:  t0r   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:  tor-guard |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by t0r):

 Replying to [comment:11 teor]:
 > This looks similar to #22576.
 > If it is, it's not a bug in Tor, it's likely a bug in the pluggable
 transport: either the config, or the compilation. Please check that ticket
 for details.
 After reading through #22576, I think they are not related. I don't use
 squid HTTP proxy.
 I added more tests above, and pretty sure it's not obfs4proxy problem.
 > We also need to check and see if it's a guard issue in tor.
 It's probably the new '''guard''' feature drawn into Tor-0.3. There exists
 two clues:

 1. Based on all comments so far, I narrowed down the issue to Tor-0.3
 binary. I also tried to replace Tor binary in 7.0.1 with 6.5.2. But it
 reports error:

 {{{
 Launching './Browser/start-tor-browser --detach --debug --log'...
 Logging Tor Browser debug information to tor-browser.log
 Jun 19 12:54:49.584 [notice] Tor 0.2.9.10 (git-1f6c8eda0073f464) running
 on Linux with Libevent 2.0.22-stable, OpenSSL 1.0.2k and Zlib 1.2.11.
 Jun 19 12:54:49.584 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Jun 19 12:54:49.584 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults".
 Jun 19 12:54:49.584 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc".
 Jun 19 12:54:49.594 [warn] Failed to parse/validate config: Unknown option
 '__ControlPort'.  Failing.
 Jun 19 12:54:49.594 [err] Reading config failed--see warnings above.
 }}}

 2. If we compare the log difference between Tor-0.2 and Tor-0.3 above, the
 later exclusively contains a special line:

 {{{
 Starting with guard context "bridges"
 }}}

 3. Although no circuits built with bridge and obfs4proxy, Tor-0.3 onward
 works greatly with Socks5Proxy option support since that proxy bypasses
 censorship successively.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22668 [Core Tor/Tor]: Add ed25519 public key to format_node_description and callers

[Tor Bug Tracker & Wiki]

#22668: Add ed25519 public key to format_node_description and callers
--+
 Reporter:  teor  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  easy, tor-log, tor-ed25519
Actual Points:|  Parent ID:
   Points:  1 |   Reviewer:
  Sponsor:|
--+
 Now that we are pinning relay ed25519 public keys, it would be great to
 log them along with RSA key fingerprints.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20116 [Applications/GetTor]: Get @get_tor twitter account verified

[Tor Bug Tracker & Wiki]

#20116: Get @get_tor twitter account verified
-+--
 Reporter:  mrphs|  Owner:  mrphs
 Type:  defect   | Status:  reopened
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by ilv):

 * status:  closed => reopened
 * resolution:  wontfix =>


Comment:

 Fair enough. Let's try again and see what happens.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12931 [Core Tor/Tor]: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt

[Tor Bug Tracker & Wiki]

#12931: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt
-+-
 Reporter:  yawning  |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  pluggable, transports, pt-spec,  |  Actual Points:  0
  review-group-18|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dcf):

 * cc: dcf (added)


Comment:

 This would make it impossible for a ''`key`'' or a ''`k`'' to contains an
 equals sign; I guess that's all right.

 Does the same inconsistency exist with regard to client SOCKS arguments?
 > First the "=" formatted arguments MUST be escaped, such that
 all backslash, equal sign, and semicolon characters are escaped with a
 backslash.

 What is an implementation supposed to do when it finds a backslash that
 precedes something other than colon, semicolon, or backslash? That is,
 colon, semicolon, and backslash MUST be backslash-escaped, but MAY other
 characters be backslash-escaped? Also: are equals signs forbidden in
 ''`v`'', or can you have unescaped ones as in `t:k=base64==`?

 For what it's worth, goptlib allows any character to be backslash-escaped
 (and for that reason allows `=` in ''`k`''). There is
 [https://gitweb.torproject.org/pluggable-
 transports/goptlib.git/tree/args_test.go?id=0.7#n277 a test for it]; I'd
 like to know if this specification change would require any change in the
 expected output. Input:
 {{{
 t:k\:1=v;t:k\=2=v;t:k\;3=v;t:k\\4=v
 }}}
 Expected output:
 {{{
 { "t": { "k:1": "v", "k=2": "v", "k;3": "v", "k\\4": "v" } }
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20116 [Applications/GetTor]: Get @get_tor twitter account verified

[Tor Bug Tracker & Wiki]

#20116: Get @get_tor twitter account verified
-+-
 Reporter:  mrphs|  Owner:  mrphs
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mrphs):

 Hey, don't despair. We can always try again :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20790 [Applications/GetTor]: Support SMS

[Tor Bug Tracker & Wiki]

#20790: Support SMS
-+-
 Reporter:  Coder206 |  Owner:  ilv
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ilv):

 * status:  new => closed
 * resolution:   => wontfix


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22653 [Core Tor/Tor]: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to build circuits

[Tor Bug Tracker & Wiki]

#22653: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to 
build
circuits
--+
 Reporter:  t0r   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:  tor-guard |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by t0r):

 In a short summary above, Tor-'''0.2.9.10''' succeeds in building circuits
 while Tor-'''0.3.0.8''' and Tor-'''0.3.1.3_alpha''' do not, irrespective
 of Tor browser, compiled Tor binary or which obfs4proxy.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20116 [Applications/GetTor]: Get @get_tor twitter account verified

[Tor Bug Tracker & Wiki]

#20116: Get @get_tor twitter account verified
-+-
 Reporter:  mrphs|  Owner:  mrphs
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ilv):

 * status:  new => closed
 * resolution:   => wontfix


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22604 [Applications/GetTor]: GetTor better channels

[Tor Bug Tracker & Wiki]

#22604: GetTor better channels
-+---
 Reporter:  dracofrog|  Owner:  ilv
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  duplicate
 Keywords:  GetTor , Torrent |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by ilv):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Duplicate of #9071

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22653 [Core Tor/Tor]: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to build circuits

[Tor Bug Tracker & Wiki]

#22653: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to 
build
circuits
--+
 Reporter:  t0r   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:  tor-guard |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by t0r):

 Replying to [comment:6 cypherpunks]:
 > Oh, you're really in the situation Tor Browser is intended for :(
 > Log is working "as is", as usually, just has no lines. :(
 > You can try a trick: overwrite your obfs4proxy.exe with the same from
 6.5.2 and try again.
 I have examined obfs4proxy in both 6.5.2 and 7.0.1, both are
 '''obfs4proxy-0.0.5'''. Take go version into consideration, I copy 6.5.2's
 obfs4proxy to overwrite 7.0.1's. But that does NOT make any difference.
 > (By "downgrading to Tor-0.2.9.10" you mean "overwrite the whole
 directory, right?)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #14114 [Applications/GetTor]: Integrate cloud services that are not blocked in mainland China

[Tor Bug Tracker & Wiki]

#14114: Integrate cloud services that are not blocked in mainland China
-+
 Reporter:  ilv  |  Owner:  ilv
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  worksforme
 Keywords:  china|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by ilv):

 * status:  new => closed
 * resolution:   => worksforme
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21903 [Core Tor/Chutney]: Disable DNS in chutney by default, and add an option to enable it

[Tor Bug Tracker & Wiki]

#21903: Disable DNS in chutney by default, and add an option to enable it
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #19573| Points:  0.5
 Reviewer:|Sponsor:
--+

Comment (by teor):

 Rebased onto master as no-dns-rebased-v2.
 Still need to add `ServerDNSDetectHijacking 0` and implement --offline
 /--dns-auto/--dns-conf=path.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22653 [Core Tor/Tor]: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to build circuits

[Tor Bug Tracker & Wiki]

#22653: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to 
build
circuits
--+
 Reporter:  t0r   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:  tor-guard |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by t0r):

 ''obfs4proxy'' binary version in ''tor-browser-linux64-7.0.1_en-US'' is
 '''0.0.5'''

 ''tor-browser-linux64-7.0.1_en-US'' '''default bridge''' log:

 {{{
 Jun 19 11:44:32.140 [notice] Tor 0.3.0.8 (git-802d30d9b71a6d54) running on
 Linux with Libevent 2.0.22-stable, OpenSSL 1.0.2k and Zlib 1.2.11.
 Jun 19 11:44:32.140 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Jun 19 11:44:32.141 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults".
 Jun 19 11:44:32.141 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc".
 Jun 19 11:44:32.155 [notice] Opening Control listener on 127.0.0.1:9151
 Jun 19 11:44:32.155 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:44:32.000 [notice] Parsing GEOIP IPv4 file /home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/geoip.
 Jun 19 11:44:32.000 [notice] Parsing GEOIP IPv6 file /home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/geoip6.
 Jun 19 11:44:32.000 [notice] Bootstrapped 0%: Starting
 Jun 19 11:44:32.000 [notice] Starting with guard context "bridges"
 Jun 19 11:44:32.000 [notice] new bridge descriptor 'acanthdisorienta'
 (cached): $37CD6046C23F385102D0D1BF0AD827070E26E528~acanthdisorienta at
 138.197.219.241
 Jun 19 11:44:32.000 [notice] Delaying directory fetches: DisableNetwork is
 set.
 Jun 19 11:44:32.000 [notice] New control connection opened from 127.0.0.1.
 Jun 19 11:44:32.000 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:44:32.000 [notice] New control connection opened from 127.0.0.1.
 Jun 19 11:44:47.000 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:44:47.000 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:44:47.000 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:44:48.000 [notice] Opening Socks listener on 127.0.0.1:9150
 Jun 19 11:44:49.000 [notice] Bootstrapped 5%: Connecting to directory
 server
 Jun 19 11:44:49.000 [notice] Bootstrapped 10%: Finishing handshake with
 directory server
 Jun 19 11:44:50.000 [warn] Proxy Client: unable to connect to
 12.34.56.78:40035 ("general SOCKS server failure")
 ...
 Jun 19 11:47:01.000 [warn] Proxy Client: unable to connect to
 12.34.56.78:443 ("general SOCKS server failure")
 Jun 19 11:47:12.000 [notice] Closing no-longer-configured Socks listener
 on 127.0.0.1:9150
 Jun 19 11:47:12.000 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:47:12.000 [notice] Closing old Socks listener on 127.0.0.1:9150
 Jun 19 11:47:15.000 [notice] Owning controller connection has closed --
 exiting now.
 Jun 19 11:47:15.000 [notice] Catching signal TERM, exiting cleanly.
 }}}

 ''tor-browser-linux64-7.0.1_en-US'' '''private bridge''' log:

 {{{
 Jun 19 11:37:14.440 [notice] Tor 0.3.0.8 (git-802d30d9b71a6d54) running on
 Linux with Libevent 2.0.22-stable, OpenSSL 1.0.2k and Zlib 1.2.11.
 Jun 19 11:37:14.440 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Jun 19 11:37:14.440 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults".
 Jun 19 11:37:14.440 [notice] Read configuration file "/home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/torrc".
 Jun 19 11:37:14.456 [notice] Opening Control listener on 127.0.0.1:9151
 Jun 19 11:37:14.456 [notice] DisableNetwork is set. Tor will not make or
 accept non-control network connections. Shutting down all existing
 connections.
 Jun 19 11:37:14.000 [notice] Parsing GEOIP IPv4 file /home/bobme/opt/tor-
 browser_en-US/Browser/TorBrowser/Data/Tor/geoip.
 Jun 19 11:37:14.000 [notice] Parsing GEOIP IPv6 file /home/bobme/opt/tor-
 

Re: [tor-bugs] #22667 [Core Tor/Chutney]: Add a minimal chutney network with a hidden service and an exit

[Tor Bug Tracker & Wiki]

#22667: Add a minimal chutney network with a hidden service and an exit
--+
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Implemented as networks/hs-exit-min (branch hs-exit-min) in 72fa261.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22667 [Core Tor/Chutney]: Add a minimal chutney network with a hidden service and an exit

[Tor Bug Tracker & Wiki]

#22667: Add a minimal chutney network with a hidden service and an exit
--+--
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 EOT

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22666 [Applications/Tor Browser Sandbox]: Rewrite this (again) into something maintainable, that's fun to work on.

[Tor Bug Tracker & Wiki]

#22666: Rewrite this (again) into something maintainable, that's fun to work on.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * type:  enhancement => project


Comment:

 This also maybe falls under the "replace the tor-launcher extension with a
 standalone application" banner.

 More details in this thread: https://lists.torproject.org/pipermail/tbb-
 dev/2017-May/000548.html

 And yes, rewriting everything just to switch languages and to rearchitect
 containerization again is probably a waste of time, but at least my time
 is the only thing that's getting wasted if I chose to do such a thing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22240 [Applications/Tor Browser Sandbox]: Selectively re-enable extension auto updates.

[Tor Bug Tracker & Wiki]

#22240: Selectively re-enable extension auto updates.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  new
 Priority:  Very Low  |  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * priority:  Medium => Very Low


Comment:

 Lowering priority.  This requires Tor Browser side changes to be widely
 available, and people that install extra extensions to the sandboxed
 variant are voiding their non-existent warranty anyway.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22262 [Applications/Tor Browser Sandbox]: Tor Browser Sandbox should offer the possibility to download the Tor Browser from mirrors

[Tor Bug Tracker & Wiki]

#22262: Tor Browser Sandbox should offer the possibility to download the Tor
Browser from mirrors
--+-
 Reporter:  blockflare|  Owner:  yawning
 Type:  enhancement   | Status:  new
 Priority:  Low   |  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #20792| Points:
 Reviewer:|Sponsor:
--+-
Changes (by ilv):

 * cc: ilv@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22666 [Applications/Tor Browser Sandbox]: Rewrite this (again) into something maintainable, that's fun to work on.

[Tor Bug Tracker & Wiki]

#22666: Rewrite this (again) into something maintainable, that's fun to work on.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * owner:   => yawning
 * component:  - Select a component => Applications/Tor Browser Sandbox


Comment:

 Whoops, actually set a component, sorry.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22665 [Applications/GetTor]: Use internet archive's wayback machine.

[Tor Bug Tracker & Wiki]

#22665: Use internet archive's wayback machine.
-+-
 Reporter:  ilv  |  Owner:  ilv
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Original ticket in https://github.com/TheTorProject/gettor/issues/16

 Opening this ticket to continue the discussion. A quick look gives me the
 impression that the only thing we should do after a new Tor Browser is
 released is visting the url
 
http://web.archive.org/save/https://dist.torproject.org/torbrowser/version/name_version_lc.{exe,dmg,xz}
 and then the link will be created. I have to test if this works using a
 script.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22666 [- Select a component]: Rewrite this (again) into something maintainable, that's fun to work on.

[Tor Bug Tracker & Wiki]

#22666: Rewrite this (again) into something maintainable, that's fun to work on.
--+-
 Reporter:  yawning   |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Not sure if this will happen, and it's more likely that the existing code
 will just rot away into irrelevance due to lack of development, but given
 that:

  * I don't like, and I'm not very good at writing UI code
  * I don't like Go
  * Adding more containers to reduce the amount of code that runs
 uncontainerized on the host system would be a great idea that will
 increase security

 This might be a reasonable thing to do.  In theory the UI is somewhat
 abstracted from the rest of the code, but in practice a lot of the
 boundaries aren't as clean as they should be because the emphasis was on
 "get something working".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20775 [Applications/Tor Browser Sandbox]: Use Tor Browser's integrated `AF_LOCAL` support on alpha.

[Tor Bug Tracker & Wiki]

#20775: Use Tor Browser's integrated `AF_LOCAL` support on alpha.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * priority:  Low => High


Comment:

 7.0 is stable in all forms now, so this should probably happen sooner
 rather than later, especially as it's trivial to do assuming the Tor
 Browser side works as advertised.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #20783, #20792, #22262

[Tor Bug Tracker & Wiki]

Batch modification to #20783, #20792, #22262 by yawning:
priority to Low

Comment:
Lowering the priority on UI/UX related tasks.  The entire UI code needs to be 
taken out back behind a shed and shot, and not incrementally added to.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20777 [Applications/Tor Browser Sandbox]: Investigate ways to make the install/update download process more robust.

[Tor Bug Tracker & Wiki]

#20777: Investigate ways to make the install/update download process more 
robust.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  sandbox-update|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Calling this fixed, because the fallback path exists.  It's primarily of
 importantce for updates, and background updates, if/when they happen
 basically "solve" or at least mask this issue, so there's no point in
 spending additional effort here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20794 [Applications/Tor Browser Sandbox]: Track what mozilla is doing with their sandboxing efforts.

[Tor Bug Tracker & Wiki]

#20794: Track what mozilla is doing with their sandboxing efforts.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 "The goal of our sandboxing should be to augument such things, and not
 replace them."

 Is totally wrong in hindsight.  Firefox is untrusted, thus anything that
 it does, needs to be replicated by something on the host system that is
 trusted, because Firefox shouldn't be trusted to handle securing itself.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20879 [Applications/Tor Browser Sandbox]: Set rlimits in the containers.

[Tor Bug Tracker & Wiki]

#20879: Set rlimits in the containers.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  sandbox-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 I'm calling this fixed because rlimits are set.  At some point in the
 future, they could be improved.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20804 [Applications/Tor Browser Sandbox]: Make the progress dialog box `Cancel` operation more robust.

[Tor Bug Tracker & Wiki]

#20804: Make the progress dialog box `Cancel` operation more robust.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #20783| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 This is probably sufficient for now, the entire UI code needs a rewrite at
 some point anyway.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20841 [Applications/Tor Browser Sandbox]: Come up with a better way of keeping the bridges in sync.

[Tor Bug Tracker & Wiki]

#20841: Come up with a better way of keeping the bridges in sync.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 There is no better way, short of writing a fragile script or convincing
 the browser people to not store bridges as a series of javascript calls
 with hardcoded params.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20975 [Applications/Tor Browser Sandbox]: Tor Browser fails to launch after update(?)

[Tor Bug Tracker & Wiki]

#20975: Tor Browser fails to launch after update(?)
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 I haven't seen this happen, and lots of things changed since then.

 Reopen it if there's actionable information.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21185 [Applications/Tor Browser Sandbox]: Figure out how to sandbox snowflake in a sensible way.

[Tor Bug Tracker & Wiki]

#21185: Figure out how to sandbox snowflake in a sensible way.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 Reopen this when the graphs show at least a 3 orders of magnitude increase
 in users.

 https://metrics.torproject.org/userstats-bridge-
 transport.html?start=2017-03-22=2017-06-20=snowflake

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22664 [Applications/GetTor]: Check for existing bundles in dropbox and handle them accordingly

[Tor Bug Tracker & Wiki]

#22664: Check for existing bundles in dropbox and handle them accordingly
-+-
 Reporter:  ilv  |  Owner:  ilv
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 When we upload bundles to Dropbox (or any other service for that matter),
 check if the bundles exists already and then do something smart with them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20793 [Applications/Tor Browser Sandbox]: `sandboxed-tor-browser` probably needs a `.desktop` file.

[Tor Bug Tracker & Wiki]

#20793: `sandboxed-tor-browser` probably needs a `.desktop` file.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 Not my problem, packagers can provide this if it's important.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20774 [Applications/Tor Browser Sandbox]: Support foreign language input where possible.

[Tor Bug Tracker & Wiki]

#20774: Support foreign language input where possible.
--+-
 Reporter:  yawning   |  Owner:  yawning
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser Sandbox  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by yawning):

 I don't think this is actually possible to do safely without spending a
 few months carefully pouring over the I-Bus/D-Bus code to ensure that
 enabling any of this doesn't create a sandbox escape that allows for code
 execution or data exfiltration.

 So while important I'm tempted to WONTFIX this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22011 [Applications/GetTor]: Implement telegram bot for gettor

[Tor Bug Tracker & Wiki]

#22011: Implement telegram bot for gettor
-+-
 Reporter:  hellais  |  Owner:  ilv
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ilv):

 * priority:  Medium => Low


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #3921 [Applications/GetTor]: Allow windows+de in addition to windows_de

[Tor Bug Tracker & Wiki]

#3921: Allow windows+de in addition to windows_de
-+-
 Reporter:  arma |  Owner:
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ilv):

 * status:  new => closed
 * resolution:   => invalid
 * severity:   => Normal


Comment:

 Closing 6 years old ticket. For what it's worth, gettor now handles +,
 which is defined in postfix configuration.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13781 [Applications/GetTor]: Add support for downloading .mar files

[Tor Bug Tracker & Wiki]

#13781: Add support for downloading .mar files
-+-
 Reporter:  ilv  |  Owner:  ilv
 Type:  enhancement  | Status:  closed
 Priority:  Low  |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Normal   | Resolution:  invalid
 Keywords:  gettor mar mozilla   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ilv):

 * status:  new => closed
 * resolution:   => invalid
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20890 [Applications/Tor Browser]: Could not connect to Tor control port

[Tor Bug Tracker & Wiki]

#20890: Could not connect to Tor control port
--+--
 Reporter:  torrc591  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by TimeForGoToBed):

 I am having the same issue (or a closely related one).  I see there are a
 number of tickets about this bug, but none of them provided any help for
 my situation.  I am running Tor Browser 7.0.1 on Windows 7 Starter (which
 is 32-bit).  I tried downgrading to 6.0.5, but that didn't help.
 Everything works fine on my Windows 7 64-bit system.

 On Windows 7 Starter system, Tor always works after a fresh install, but
 never works again after the first run.  Rebooting does not help, in my
 case, only reinstalling (or copying from an install directory saved before
 the first run).  This 32-bit system is a relatively slow netbook from a
 few years ago, so it may be the hardcoded 30-second timeout that's causing
 it to get the Tor Launcher "Could not connect to Tor Control port." popup.
 It takes over 30 seconds on this system between launching the executable
 and the Tor Status window even appearing (and the progress bar never makes
 any progress before it fails).  That timeout value should really be
 controllable via an extensions.torbutton.* preference and/or an
 environment variable.  As with the OP, disabling Windows firewall and
 antivirus doesn't help.  Also, hitting "Open Settings" after the failure
 results in a Tor Network Settings window that just displays a permanent
 "Waiting for Tor to start..." message.  After a fresh install, that
 message only appears for a few seconds, and then after pressing "Connect",
 the connecting progress bar starts making progress pretty much
 immediately.

 Oddly, if I do a 'telnet localhost 9151' before (or after) the "Could not
 connect to Tor Control port." popup appears, I am able to successfully
 connect to the port (though I didn't try anything beyond connecting).  I
 tried using the extensions.torlauncher.prompt_at_startup preference and
 the TOR_FORCE_NET_CONFIG=1 environment variable to get it to start with
 the Tor Network Settings dialog after the first run, in the hopes that the
 explicit wait for Tor to start would work around the 30-second timeout,
 but strangely, in that situation, too, I just get a permanent "Waiting for
 Tor to start..." message.  I have confirmed that tor.exe and firefox.exe
 are getting properly shut down between runs.  Also, as with the OP, when I
 start firefox with -console -jsconsole, I get no console output.  There
 are a couple of add-ons I need to use with Tor Browser (they do not change
 my browser signature, and I believe their authors to be trustworthy), but
 since they require restarting to use, I can never use them, since I need
 to start with a fresh install every time.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22489 [Core Tor/Tor]: Bridge oftenly reports Failed to find node for hop 0 of our path. Discarding this circuit.

[Tor Bug Tracker & Wiki]

#22489: Bridge oftenly reports Failed to find node for hop 0 of our path.
Discarding this circuit.
+--
 Reporter:  s7r |  Owner:
 Type:  defect  | Status:
|  needs_information
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.1.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.3.1.2-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-client tor-bridge 030-backport  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by isis):

 * status:  new => needs_information


Comment:

 You're seeing this in the logs of the bridge relay? Or the client?

 That log message is in `onion_extend_cpath(origin_circuit_t *circ)`, which
 should really only ever be called by a client (or I think also onion
 services).  (Or a bridge which uses #7144, but it's not merged yet.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22657 [Community/Outreach]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
+---
 Reporter:  mrphs   |  Owner:  mrphs
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by mrphs):

 * component:  - Select a component => Community/Outreach


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22663 [Core Tor/Tor]: Tor keeps using a very slow guard

[Tor Bug Tracker & Wiki]

#22663: Tor keeps using a very slow guard
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Give up on a slow guard, pick a new guard, then revert back to the
 previous guard if it becomes fast (i.e. the Fast relay flag) again?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22654 [Applications/Tor Browser]: Firefox icon is shown for Tor Browser on Windows 10 start menu

[Tor Bug Tracker & Wiki]

#22654: Firefox icon is shown for Tor Browser on Windows 10 start menu
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-branding  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Happens with Ubuntu as well in the Unity Launcher after the Tor Browser
 finishes launching.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22653 [Core Tor/Tor]: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to build circuits

[Tor Bug Tracker & Wiki]

#22653: upgrading Tor-0.2.9.10 to Tor-0.3.0.8 or Tor-0.3.1.3_alpha fails to 
build
circuits
--+
 Reporter:  t0r   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal| Resolution:
 Keywords:  tor-guard |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * keywords:   => tor-guard
 * priority:  High => Medium
 * severity:  Critical => Normal
 * milestone:  Tor: 0.3.0.x-final => Tor: 0.3.1.x-final


Comment:

 This looks similar to #22576.
 If it is, it's not a bug in Tor, it's likely a bug in the pluggable
 transport: either the config, or the compilation. Please check that ticket
 for details.

 We also need to check and see if it's a guard issue in tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22543 [Applications/Tor Browser]: Tor Browser 7.0 shows window resize warning on every new window for a few seconds

[Tor Bug Tracker & Wiki]

#22543: Tor Browser 7.0 shows window resize warning on every new window for a 
few
seconds
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-issues, tbb-   |  Actual Points:
  regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 The warning is shown permanently when I drag a tab out into a new window.
 I am using 7.0.1 in high security mode.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22589 [Core Tor/Tor]: Tor is too slow!

[Tor Bug Tracker & Wiki]

#22589: Tor is too slow!
--+---
 Reporter:  cypherpunks   |  Owner:  nickm
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  performance   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by teor):

 * status:  assigned => needs_information
 * milestone:   => Tor: unspecified


Comment:

 This might be an instance of #22663, but it's hard to tell without further
 information.
 It would help to know which relay in the circuit is slow, but don't post
 your guard, that wrecks your anonymity.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22662 [Core Tor/Tor]: Reload the state file on HUP

[Tor Bug Tracker & Wiki]

#22662: Reload the state file on HUP
--+--
 Reporter:  teor  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+--

Comment (by arma):

 If Tor did anything with its state file on hup, I would expect it to flush
 its current state to the state file.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22663 [Core Tor/Tor]: Tor keeps using a very slow guard

[Tor Bug Tracker & Wiki]

#22663: Tor keeps using a very slow guard
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.8
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 I'm running Tor Browser 7.0.1 with tor 0.3.0.8.

 My guard slowed down significantly in the past week.
 It became very hard to get pages to load completely, although sometimes
 partial data was returned.

 I expect that after a lot of failures to connect to an exit (there are
 hundreds in my logs) tor would at least try another guard.

 But it didn't, and there is no easy way for me to tell it to try another
 guard. (New Circuit only changes middle and exit, the state file isn't
 reloaded on HUP #22662, and I didn't try New Identity, but NEWNYM is not
 documented to reset guards).

 Maybe making it hard to change guards is a feature, but if it is, we need
 to either use more than 1 guard (linkability implications), or give up on
 a slow guard.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22662 [Core Tor/Tor]: Reload the state file on HUP

[Tor Bug Tracker & Wiki]

#22662: Reload the state file on HUP
--+--
 Reporter:  teor  |  Owner:
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:  1 |   Reviewer:
  Sponsor:|
--+--
 I was trying to reset my tor state, so I removed the state file and issued
 a SIGHUP. But tor didn't reload the state file.

 This was surprising, given the man page entry:
 {{{
SIGHUP
The signal instructs Tor to reload its configuration (including
closing and reopening logs), and kill and restart its helper
processes if applicable.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22657 [- Select a component]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
--+---
 Reporter:  mrphs |  Owner:  mrphs
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by mrphs):

 and 'soc...@torproject.org' has been invited as the owner of the account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22657 [- Select a component]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
--+---
 Reporter:  mrphs |  Owner:  mrphs
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by mrphs):

 After going through a rabbit hole of settings and instructions, the
 account has been moved to a "brand account". All the videos, subscribers,
 etc have been moved to the new account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22643 [HTTPS Everywhere/EFF-HTTPS Everywhere]: www.ikea.de and www.ikea.at ist broken when https everywhere is active

[Tor Bug Tracker & Wiki]

#22643: www.ikea.de and www.ikea.at ist broken when https everywhere is active
---+--
 Reporter:  cypherpunks|  Owner:  jsha
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS Everywhere  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by cypherpunks):

 * status:  needs_information => new


Comment:

 You should have javascript enabled I guess.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22661 [Applications/Quality Assurance and Testing]: Make FPCentral recognize the new security slider values

[Tor Bug Tracker & Wiki]

#22661: Make FPCentral recognize the new security slider values
-+-
 Reporter:  cypherpunks  |  Owner:  cypherpunks
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance   |Version:
  and Testing|   Keywords:
 Severity:  Normal   |  TorBrowserTeam201706
Actual Points:   |  Parent ID:  #6119
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Now Medium-Low doesn't exist anymore, and Medium-High is basically the new
 Medium.

 This is bug 5 https://github.com/plaperdr/fp-central/issues/5

 Apologies if this has been already fixed/addressed somewhere.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20532 [Core Tor/Tor]: Make sure directory_initiate_request handles pluggable transports correctly

[Tor Bug Tracker & Wiki]

#20532: Make sure directory_initiate_request handles pluggable transports 
correctly
--+
 Reporter:  teor  |  Owner:  catalyst
 Type:  defect| Status:  accepted
 Priority:  High  |  Milestone:  Tor:
  |  0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  bridge-client, bridge-bypass  |  Actual Points:
Parent ID:| Points:  2
 Reviewer:|Sponsor:
--+
Changes (by catalyst):

 * owner:   => catalyst
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18186 [Applications/Tor Browser]: tor browser updater handles full disk poorly

[Tor Bug Tracker & Wiki]

#18186: tor browser updater handles full disk poorly
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by torusers):

 Hello,

 I can confirm this. Just yesterday, the updated process crashed my
 computer.
 The Linux UI was almost completely unresponsive, I managed to kill -9 the
 Tor process and related processes after several minutes.

 Only today, when the whole ordeal started again just seconds after
 starting the TBB, I checked iotop and noticed that the Tor updater was the
 culprit.

 *Please* disable this "staging" stuff, it definitely does more harm than
 good. Instead of relying on a well-running PC for a few seconds for the
 update process, the PC has to run many minutes or even hours for the
 "staging".

 Please remember that there are still many people with non-SSD HDDs, where
 reading and writing at the same time on the same disk is *really* slow.

 This is seriously the only thing that nags me with the TBB, everything
 else is great.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22660 [Core Tor/Tor]: Guard against stack smashing attacks in tor

[Tor Bug Tracker & Wiki]

#22660: Guard against stack smashing attacks in tor
-+
 Reporter:  teor |  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hardening, security  |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+

Old description:

> If we tor with -fstack-check (GCC, it's a no-op in clang[0]), it will
> protect against stack smashing attacks that jump the stack guard page(s):
> {{{
> Recompile all userland code (ld.so, libraries, binaries) with GCC's
>   "-fstack-check" option, which prevents the stack-pointer from moving
>   into another memory region without accessing the stack guard-page (it
>   writes one word to every 4KB page allocated on the stack).
> }}}
> III. Solutions, https://www.qualys.com/2017/06/19/stack-clash/stack-
> clash.txt
>
> {{{
> -fstack-check
> Generate code to verify that you do not go beyond the boundary of the
> stack. You should specify this flag if you are running in an environment
> with multiple threads, but only rarely need to specify it in a single-
> threaded environment since stack overflow is automatically detected on
> nearly all systems if there is only one stack.
> Note that this switch does not actually cause checking to be done; the
> operating system must do that. The switch causes generation of code to
> ensure that the operating system sees the stack being extended.
> }}}
> http://gcc.gnu.org/onlinedocs/gcc-4.3.6/gcc/Code-Gen-Options.html#Code-
> Gen-Options
>
> This protects against:
> {{{
> - a local-root exploit against ld.so and most SUID-root binaries
>   (CVE-2017-1000366, CVE-2017-1000379) on amd64 Debian, Ubuntu, Fedora,
>   CentOS;
> }}}
>
> There are remote attack possibilities mentioned in the paper as well.
>
> We might also want to add:
> {{{
> -Wl,-z,noexecstack and -Wl,-z,noexecheap
> }}}
> https://www.owasp.org/index.php/C-Based_Toolchain_Hardening#GCC.2FBinutils
>
> [0]: for clsng, we could use -fsanitize=safe-stack instead, but that's
> more intrusive: https://blog.quarkslab.com/clang-hardening-cheat-
> sheet.html

New description:

 If we tor with -fstack-check (GCC, it's a no-op in clang[0]), it will
 protect against stack smashing attacks that jump the stack guard page(s):
 {{{
 Recompile all userland code (ld.so, libraries, binaries) with GCC's
   "-fstack-check" option, which prevents the stack-pointer from moving
   into another memory region without accessing the stack guard-page (it
   writes one word to every 4KB page allocated on the stack).
 }}}
 III Solutions, https://www.qualys.com/2017/06/19/stack-clash/stack-
 clash.txt

 "
 -fstack-check
 Generate code to verify that you do not go beyond the boundary of the
 stack. You should specify this flag if you are running in an environment
 with multiple threads, but only rarely need to specify it in a single-
 threaded environment since stack overflow is automatically detected on
 nearly all systems if there is only one stack.
 Note that this switch does not actually cause checking to be done; the
 operating system must do that. The switch causes generation of code to
 ensure that the operating system sees the stack being extended.
 "
 http://gcc.gnu.org/onlinedocs/gcc-4.3.6/gcc/Code-Gen-Options.html#Code-
 Gen-Options

 This protects against:
 {{{
 - a local-root exploit against ld.so and most SUID-root binaries
   (CVE-2017-1000366, CVE-2017-1000379) on amd64 Debian, Ubuntu, Fedora,
   CentOS;
 }}}

 There are remote attack possibilities mentioned in the paper as well.

 We might also want to add:
 {{{
 -Wl,-z,noexecstack and -Wl,-z,noexecheap
 }}}
 https://www.owasp.org/index.php/C-Based_Toolchain_Hardening#GCC.2FBinutils

 [0]: for clsng, we could use -fsanitize=safe-stack instead, but that's
 more intrusive: https://blog.quarkslab.com/clang-hardening-cheat-
 sheet.html

--

Comment (by teor):

 My internal wiki wysiwyg is broken.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22660 [Core Tor/Tor]: Guard against stack smashing attacks in tor

[Tor Bug Tracker & Wiki]

#22660: Guard against stack smashing attacks in tor
--+-
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-hardening, security
Actual Points:|  Parent ID:
   Points:  0.5   |   Reviewer:
  Sponsor:|
--+-
 If we tor with -fstack-check (GCC, it's a no-op in clang[0]), it will
 protect against stack smashing attacks that jump the stack guard page(s):
 {{{
 Recompile all userland code (ld.so, libraries, binaries) with GCC's
   "-fstack-check" option, which prevents the stack-pointer from moving
   into another memory region without accessing the stack guard-page (it
   writes one word to every 4KB page allocated on the stack).
 }}}
 III. Solutions, https://www.qualys.com/2017/06/19/stack-clash/stack-
 clash.txt

 {{{
 -fstack-check
 Generate code to verify that you do not go beyond the boundary of the
 stack. You should specify this flag if you are running in an environment
 with multiple threads, but only rarely need to specify it in a single-
 threaded environment since stack overflow is automatically detected on
 nearly all systems if there is only one stack.
 Note that this switch does not actually cause checking to be done; the
 operating system must do that. The switch causes generation of code to
 ensure that the operating system sees the stack being extended.
 }}}
 http://gcc.gnu.org/onlinedocs/gcc-4.3.6/gcc/Code-Gen-Options.html#Code-
 Gen-Options

 This protects against:
 {{{
 - a local-root exploit against ld.so and most SUID-root binaries
   (CVE-2017-1000366, CVE-2017-1000379) on amd64 Debian, Ubuntu, Fedora,
   CentOS;
 }}}

 There are remote attack possibilities mentioned in the paper as well.

 We might also want to add:
 {{{
 -Wl,-z,noexecstack and -Wl,-z,noexecheap
 }}}
 https://www.owasp.org/index.php/C-Based_Toolchain_Hardening#GCC.2FBinutils

 [0]: for clsng, we could use -fsanitize=safe-stack instead, but that's
 more intrusive: https://blog.quarkslab.com/clang-hardening-cheat-
 sheet.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22637 [Webpages/Website]: Find a more maintainable approach for the signing-keys page

[Tor Bug Tracker & Wiki]

#22637: Find a more maintainable approach for the signing-keys page
--+-
 Reporter:  arma  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by cypherpunks):

 I would like to see key revocations explained.

 For example, `05FA 4425 3F6C 19A8 B7F5  18D4 2D00 0988 5898 39A3`, revoked
 subkey of `Tor Browser Developers`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12931 [Core Tor/Tor]: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt

[Tor Bug Tracker & Wiki]

#12931: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt
-+-
 Reporter:  yawning  |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Low  |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  pluggable, transports, pt-spec,  |  Actual Points:  0
  review-group-18|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by catalyst):

 * status:  needs_review => merge_ready


Comment:

 This looks good to me.  I was worried we might paint ourselves into a
 corner with respect to #12930 and #22088, but your changes look compatible
 with several reasonable options.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21852 [Applications/Tor Browser]: update jemalloc?

[Tor Bug Tracker & Wiki]

#21852: update jemalloc?
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  ff52-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:5 gk]:
 > Replying to [comment:4 cypherpunks]:
 > > For esr52 cycle it is possible to use jemalloc4, updated to 4.5 at
 least or later, or you are going to use better approaches?
 >
 > It's not sure yet what we are going to use.
 https://bugzilla.mozilla.org/show_bug.cgi?id=1052573 sounds interesting,
 though.
 Have they decided to improve mozjemalloc with it (and abandon jemalloc4),
 but do nothing for mingw?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18913 [Applications/Tor Browser]: about:tor should not have chrome privileges

[Tor Bug Tracker & Wiki]

#18913: about:tor should not have chrome privileges
-+-
 Reporter:  mcs  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 I forgot to mention that Kathy and I did some testing of this patch on
 OSX, Linux64, and Windows 10.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18913 [Applications/Tor Browser]: about:tor should not have chrome privileges

[Tor Bug Tracker & Wiki]

#18913: about:tor should not have chrome privileges
-+-
 Reporter:  mcs  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * keywords:  ff52-esr, TorBrowserTeam201706 => ff52-esr,
 TorBrowserTeam201706R
 * status:  new => needs_review


Comment:

 Here is a patch for review:
 
https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug18913-01=984af558af58bb8715af72c4811acc7fc4253bc1
 This change fixes #21948 and #22525 as well, so it would be great to
 include it in a Tor Browser release soon. While the patch is somewhat
 large, that is mainly because we had to move a lot of code out of
 torbutton.js into the new aboutTor-content.js content script (so it can
 run in the content process where the about:tor DOM is accessible).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22610 [Applications/Tor Browser]: Tor Browser 7 crashes when opening a PDF file on my desktop and cancelling (the download) (was: Tor Browser 7 crashes when opening a PDF file on my de

[Tor Bug Tracker & Wiki]

#22610: Tor Browser 7 crashes when opening a PDF file on my desktop and 
cancelling
(the download)
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-crash, tbb-7.0-issues, tbb-  |  Actual Points:
  regression, tbb-e10s   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22658 [Applications/Tor Browser]: tor browser crashes after download cancel

[Tor Bug Tracker & Wiki]

#22658: tor browser crashes after download cancel
--+---
 Reporter:  tilman|  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Duplicate of #22610.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22610 [Applications/Tor Browser]: Tor Browser 7 crashes when opening a PDF file on my desktop not using the pdf viewer

[Tor Bug Tracker & Wiki]

#22610: Tor Browser 7 crashes when opening a PDF file on my desktop not using 
the
pdf viewer
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-crash, tbb-7.0-issues, tbb-  |  Actual Points:
  regression, tbb-e10s   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: tilman (added)


Comment:

 #22658 shows how one can reproduce the problem in default settings
 (without disabling `pdfjs`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22659 [Applications/Tor Browser]: Changes to `intl.accept.languages` get overwritten after restart

[Tor Bug Tracker & Wiki]

#22659: Changes to `intl.accept.languages` get overwritten after restart
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-7.0-issues, tbb-
 Severity:  Normal   |  regression, TorBrowserTeam201706,
 |  GeorgKoppen201706
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 After mentioning an issue with localized content on the blog (
 https://blog.torproject.org/comment/269161#comment-269161) I investigated
 a bit and it seems changes to `intl.accept_languages` get overwritten
 after restarting Tor Browser by our custom values. Other preferences might
 be affected as well.

 This is at least affecting our fix for #21999.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22658 [Applications/Tor Browser]: tor browser crashes after download cancel

[Tor Bug Tracker & Wiki]

#22658: tor browser crashes after download cancel
--+--
 Reporter:  tilman|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Tor browser 7.0.1 on Windows 10 64bit, security set "high".

 Take any PDF file and drag 'n drop it on the browser window, it will
 display with PDF.js. Now click the download button at the top right. A
 warning will come "Download an external file type?" Press "cancel", tor
 browser crashes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22400 [Core Tor/Tor]: We bootstrap from different primary guards when we start with a non-live consensus and not enough guards in the state file

[Tor Bug Tracker & Wiki]

#22400: We bootstrap from different primary guards when we start with a non-live
consensus and not enough guards in the state file
---+---
 Reporter:  arma   |  Owner:  nickm
 Type:  defect | Status:
   |  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.3.0.7
 Severity:  Normal | Resolution:
 Keywords:  tor-client tor-guard 030-backport  |  Actual Points:
Parent ID: | Points:  3
 Reviewer: |Sponsor:
---+---
Changes (by nickm):

 * keywords:  tor-client gor-guard 030-backport => tor-client tor-guard
 030-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5190 [Core Tor/Tor]: Collect Rob's patch for throttling flows at guards

[Tor Bug Tracker & Wiki]

#5190: Collect Rob's patch for throttling flows at guards
-+-
 Reporter:  arma |  Owner:
 |  robgjansen
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  performance, scheduling, SponsorZ,   |  Actual Points:
  tor-relay, review-group-18 |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by robgjansen):

 * owner:  rogbjansen => robgjansen
 * status:  needs_review => assigned


Comment:

 This was assigned to me, but I'm not sure why. Could someone clarify that
 please?

 Is some type of throttling something that is seriously being considered
 for merge? It's unlikely that I will have a significant amount of time
 within the next six months to push this forward enough to make it merge-
 able, but I'm happy to provide guidance if someone else plans to wear that
 hat.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22400 [Core Tor/Tor]: We bootstrap from different primary guards when we start with a non-live consensus and not enough guards in the state file

[Tor Bug Tracker & Wiki]

#22400: We bootstrap from different primary guards when we start with a non-live
consensus and not enough guards in the state file
---+---
 Reporter:  arma   |  Owner:  nickm
 Type:  defect | Status:
   |  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.3.0.7
 Severity:  Normal | Resolution:
 Keywords:  tor-client gor-guard 030-backport  |  Actual Points:
Parent ID: | Points:  3
 Reviewer: |Sponsor:
---+---
Changes (by nickm):

 * status:  accepted => needs_review
 * keywords:   => tor-client gor-guard 030-backport
 * points:   => 3


Comment:

 So, the main root bug here is fixed in my branch `bug22400_030_01`.  (I'll
 let #4187 speak for itself.)

 I have a corresponding spec change in branch `bug22400_01` in torspec.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22105 [Core Tor/Tor]: define a more generic LIBFUZZER = ... in Makefile.in

[Tor Bug Tracker & Wiki]

#22105: define a more generic LIBFUZZER = ... in Makefile.in
--+
 Reporter:  toralf|  Owner:  nickm
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.6
 Severity:  Minor | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  .1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


Comment:

 For review in `bug22105_031`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22105 [Core Tor/Tor]: define a more generic LIBFUZZER = ... in Makefile.in

[Tor Bug Tracker & Wiki]

#22105: define a more generic LIBFUZZER = ... in Makefile.in
--+
 Reporter:  toralf|  Owner:  nickm
 Type:  enhancement   | Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.6
 Severity:  Minor | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  .1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * cc: dgoulet (added)


Comment:

 dgoulet, what do you think about having this just do "-lFuzzer", and
 require that you have libFuzzer in an appropriate path if you're going to
 be messing around with libfuzzer support?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22410 [Core Tor/Tor]: ensure that uint8_t is unsigned char

[Tor Bug Tracker & Wiki]

#22410: ensure that uint8_t is unsigned char
-+
 Reporter:  catalyst |  Owner:  catalyst
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  implemented
 Keywords:  review-group-18  |  Actual Points:
Parent ID:  #6877| Points:
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 Merged to master!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22356 [Core Tor/Tor]: [warn] assign_to_cpuworker failed. Ignoring.

[Tor Bug Tracker & Wiki]

#22356: [warn] assign_to_cpuworker failed. Ignoring.
--+
 Reporter:  arma  |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


Comment:

 Downgrade in `bug22356_029`.  The only tricky part was reviewing all the
 paths and making sure they already had better log messages.

 This branch is based on maint-0.2.9, but I vote "no backport."

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22410 [Core Tor/Tor]: ensure that uint8_t is unsigned char

[Tor Bug Tracker & Wiki]

#22410: ensure that uint8_t is unsigned char
-+
 Reporter:  catalyst |  Owner:  catalyst
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  review-group-18  |  Actual Points:
Parent ID:  #6877| Points:
 Reviewer:   |Sponsor:
-+
Changes (by catalyst):

 * status:  needs_revision => needs_review


Comment:

 Thanks.  Added changes file and rebased on maint-0.3.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22657 [- Select a component]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
--+---
 Reporter:  mrphs |  Owner:  mrphs
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by mrphs):

 The soc...@torproject.org email need to become a Google account for this
 to work. Stephanie told me she's access to this account and it is indeed
 associated with a Google account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22657 [- Select a component]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
--+---
 Reporter:  mrphs |  Owner:  mrphs
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by mrphs):

 Seems like a better approach to this, is to make the Youtube account, a
 "Brand Account":

 https://support.google.com/accounts/answer/7001996?hl=en
 https://support.google.com/youtube/answer/3056283?hl=en

 I'm going to try that and then add Social to the managers. That way, not
 one person can be the bottleneck for managing the account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22657 [- Select a component]: Managing Youtube Account

[Tor Bug Tracker & Wiki]

#22657: Managing Youtube Account
--+---
 Reporter:  mrphs |  Owner:  mrphs
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 Currently the Tor Project Youtube account is tied to my @tpo email
 address. In order to pass it to comms people, we need to migrate the
 account to soc...@torproject.org or make a new one such as
 yout...@torproject.org

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22584 [Applications/Tor Browser]: More RWX memory pages for TBB on some Windows versions

[Tor Bug Tracker & Wiki]

#22584: More RWX memory pages for TBB on some Windows versions
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:10 arthuredelstein]:
 > I did some more investigation and posted a question on the mingw-w64
 help discussion board:
 https://sourceforge.net/p/mingw-w64/discussion/723798/thread/2f2c014b/
 Maybe, it would be easier to track this down with Tor Expert Bundle first.
 Compiling without SSP and then without all flags could also help.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22584 [Applications/Tor Browser]: More RWX memory pages for TBB on some Windows versions

[Tor Bug Tracker & Wiki]

#22584: More RWX memory pages for TBB on some Windows versions
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:9 arthuredelstein]:
 > Replying to [comment:8 cypherpunks]:
 > > TBB 7.5a1 on Win 7: 10 private RWX pages are observable.
 > > {{{
 > > ││   ├──0.04 MB (00.00%) ── execute-readwrite(segments=1)
 > > }}}
 > >
 > > {{{
 > > 0x426, Private: Commit, 40 kB, RWX
 > > }}}
 >
 > Thanks. Could you check what DLLs (or exe) these pages are associated
 with? VMMap will tell you (https://technet.microsoft.com/en-
 us/sysinternals/vmmap.aspx).
 Well, it's a private block of the main firefox.exe process.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22006 [Core Tor/Tor]: prop224: Validate ed25519 pubkeys to remove torsion component

[Tor Bug Tracker & Wiki]

#22006: prop224: Validate ed25519 pubkeys to remove torsion component
-+-
 Reporter:  asn  |  Owner:  asn
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224, ed25519, review-|  Actual Points:
  group-18   |
Parent ID:  #21888   | Points:
 Reviewer:  nickm|Sponsor:
 |  SponsorR-can
-+-
Changes (by nickm):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20575 [Core Tor/Tor]: Deprecate HTTPProxy and httpproxyauthenticator

[Tor Bug Tracker & Wiki]

#20575: Deprecate HTTPProxy and httpproxyauthenticator
-+
 Reporter:  cypherpunks  |  Owner:  dgoulet
 Type:  task | Status:  closed
 Priority:  High |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  implemented
 Keywords:  review-group-18  |  Actual Points:
Parent ID:   | Points:  .2
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 merged; please feel free to open more tickets to deprecate the other
 things mentioned above :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22497 [Core Tor/Tor]: Clean-up tt_assert() usage in our tests

[Tor Bug Tracker & Wiki]

#22497: Clean-up tt_assert() usage in our tests
-+
 Reporter:  ahf  |  Owner:  ahf
 Type:  enhancement  | Status:  merge_ready
 Priority:  Low  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  review-group-18  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  nickm|Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => merge_ready
 * reviewer:   => nickm


Comment:

 lgtm, but has some conflicts, and probably will have more as more stuff is
 merged. I'll take this at the end of review-group-18, either resolving
 conflicts or reapplying patch tools as needed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22585 [Applications/Quality Assurance and Testing]: FPCentral is not working with Tor Browser 7.0

[Tor Bug Tracker & Wiki]

#22585: FPCentral is not working with Tor Browser 7.0
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201706 |  Actual Points:
Parent ID:  #6119| Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 {{{
 -   "Accept-Encoding": "gzip, deflate",
 +   "Accept-Encoding": "gzip, deflate, br",
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22420 [Core Tor/Tor]: Mysterious "XXXX RD This is a bug, right?" comment from Nick

[Tor Bug Tracker & Wiki]

#22420: Mysterious " RD This is a bug, right?" comment from Nick
-+
 Reporter:  arma |  Owner:  arma
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  review-group-18  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 lgtm. merged, and removing the , since neither of us knows what it
 means. (bf95d678e86598c5200417e96d4d4069ace8b851)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22410 [Core Tor/Tor]: ensure that uint8_t is unsigned char

[Tor Bug Tracker & Wiki]

#22410: ensure that uint8_t is unsigned char
-+
 Reporter:  catalyst |  Owner:  catalyst
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  review-group-18  |  Actual Points:
Parent ID:  #6877| Points:
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Code lgtm but needs a changes file

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7890 [Core Tor/Tor]: meaningless error message displayed by tor at start up

[Tor Bug Tracker & Wiki]

#7890: meaningless error message displayed by tor at start up
-+-
 Reporter:  mr-4 |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.6-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, usability, english,  |  Actual Points:  0
  logging, easy, review-group-18 |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7890 [Core Tor/Tor]: meaningless error message displayed by tor at start up

[Tor Bug Tracker & Wiki]

#7890: meaningless error message displayed by tor at start up
-+-
 Reporter:  mr-4 |  Owner:  nickm
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.6-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-client, usability, english,  |  Actual Points:  0
  logging, easy, review-group-18 |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * owner:   => nickm
 * status:  needs_review => assigned


Comment:

 setting owner

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22584 [Applications/Tor Browser]: More RWX memory pages for TBB on some Windows versions

[Tor Bug Tracker & Wiki]

#22584: More RWX memory pages for TBB on some Windows versions
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arthuredelstein):

 I did some more investigation and posted a question on the mingw-w64 help
 discussion board:
 https://sourceforge.net/p/mingw-w64/discussion/723798/thread/2f2c014b/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #3056 [Core Tor/Tor]: surprising dns responses received from hosts that aren't our resolver

[Tor Bug Tracker & Wiki]

#3056: surprising dns responses received from hosts that aren't our resolver
-+-
 Reporter:  freeeveryone4ever|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.3.10-alpha
 Severity:  Normal   | Resolution:
 Keywords:  libevent, eventdns, tor-relay,   |  Actual Points:  0
  logging, review-group-18   |
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #3056 [Core Tor/Tor]: surprising dns responses received from hosts that aren't our resolver

[Tor Bug Tracker & Wiki]

#3056: surprising dns responses received from hosts that aren't our resolver
-+-
 Reporter:  freeeveryone4ever|  Owner:  nickm
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.3.10-alpha
 Severity:  Normal   | Resolution:
 Keywords:  libevent, eventdns, tor-relay,   |  Actual Points:  0
  logging, review-group-18   |
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * owner:   => nickm
 * status:  needs_review => assigned


Comment:

 setting owner

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5190 [Core Tor/Tor]: Collect Rob's patch for throttling flows at guards

[Tor Bug Tracker & Wiki]

#5190: Collect Rob's patch for throttling flows at guards
-+-
 Reporter:  arma |  Owner:
 |  rogbjansen
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  performance, scheduling, SponsorZ,   |  Actual Points:
  tor-relay, review-group-18 |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5190 [Core Tor/Tor]: Collect Rob's patch for throttling flows at guards

[Tor Bug Tracker & Wiki]

#5190: Collect Rob's patch for throttling flows at guards
-+-
 Reporter:  arma |  Owner:
 |  rogbjansen
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  performance, scheduling, SponsorZ,   |  Actual Points:
  tor-relay, review-group-18 |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => assigned
 * owner:   => rogbjansen


Comment:

 setting owner

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22420 [Core Tor/Tor]: Mysterious "XXXX RD This is a bug, right?" comment from Nick

[Tor Bug Tracker & Wiki]

#22420: Mysterious " RD This is a bug, right?" comment from Nick
-+
 Reporter:  arma |  Owner:  arma
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  review-group-18  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22420 [Core Tor/Tor]: Mysterious "XXXX RD This is a bug, right?" comment from Nick

[Tor Bug Tracker & Wiki]

#22420: Mysterious " RD This is a bug, right?" comment from Nick
-+
 Reporter:  arma |  Owner:  arma
 Type:  defect   | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  review-group-18  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by nickm):

 * owner:   => arma
 * status:  needs_review => assigned


Comment:

 setting owner

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22584 [Applications/Tor Browser]: More RWX memory pages for TBB on some Windows versions

[Tor Bug Tracker & Wiki]

#22584: More RWX memory pages for TBB on some Windows versions
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arthuredelstein):

 Replying to [comment:8 cypherpunks]:
 > TBB 7.5a1 on Win 7: 10 private RWX pages are observable.
 > {{{
 > ││   ├──0.04 MB (00.00%) ── execute-readwrite(segments=1)
 > }}}
 >
 > {{{
 > 0x426, Private: Commit, 40 kB, RWX
 > }}}

 Thanks. Could you check what DLLs (or exe) these pages are associated
 with? VMMap will tell you (https://technet.microsoft.com/en-
 us/sysinternals/vmmap.aspx).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #17857, #22212

[Tor Bug Tracker & Wiki]

Batch modification to #17857, #22212 by nickm:


Action: reassign

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #8240 [Core Tor/Tor]: Raise our guard rotation period, if appropriate

[Tor Bug Tracker & Wiki]

#8240: Raise our guard rotation period, if appropriate
-+-
 Reporter:  arma |  Owner:
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.3.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.7
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-client, needs-proposal,  |  Actual Points:
  unfrozen, SponsorU-deferred|
Parent ID:   | Points:  medium
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_information => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22422 [Core Tor/Tor]: Add noise to PaddingStatistics

[Tor Bug Tracker & Wiki]

#22422: Add noise to PaddingStatistics
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * cc: mikeperry (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22656 [Applications/Quality Assurance and Testing]: Make FPCentral recognize Tor Browser 7.0 and show "acceptable values"

[Tor Bug Tracker & Wiki]

#22656: Make FPCentral recognize Tor Browser 7.0 and show "acceptable values"
-+-
 Reporter:  boklm|  Owner:  boklm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201706 |  Actual Points:
Parent ID:  #6119| Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 This is done in this patch: https://github.com/plaperdr/fp-central/pull/7

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22516 [Core Tor/Tor]: tor fails to start with 'Sandbox 1'

[Tor Bug Tracker & Wiki]

#22516: tor fails to start with 'Sandbox 1'
-+-
 Reporter:  cypherpunks  |  Owner:  nickm
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  Tor:
 |  0.2.9.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.9.10
 Severity:  Normal   | Resolution:  fixed
 Keywords:  seccomp, Sandbox, 029-backport,  |  Actual Points:  .1
  030-backport, review-group-18  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed
 * milestone:  Tor: 0.3.1.x-final => Tor: 0.2.9.x-final


Comment:

 merged to 0.2.9 and forward!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs