Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by phoul):

 Had another user perform the "BlockONE" test, and they received the same
 incorrect URL
 
(https://atlas.torproject.org/#details/AEF234CB0829EF7048A0BEA3DC93A3C43525725B).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Description changed by phoul:

Old description:

> When searching for relays on Atlas, some searches do not appear to return
> correctly. When searching for the relay "snowfall", Atlas attempts to
> load
> https://atlas.torproject.org/#details/C17358D40BEF8C13F88ACE7D7FF08E8BD5E8296E,
> which is not the correct fingerprint and does not appear to exist.
>
> The correct entry for this search would be
> https://atlas.torproject.org/#details/823AA81E277F366505545522CEDC2F529CE4DC3F.
>
> This also occurs when attempting to search for other relays, such as
> "BlockOne" (currently in the top-10). This returns
> https://atlas.torproject.org/#details/AEF234CB0829EF7048A0BEA3DC93A3C43525725B.
>
> The correct entry should be
> https://atlas.torproject.org/#details/7A5A9DF2FAE2EDDD4EB3BBF2C489BF296F1B2144
>
> Searches that return more than one relay appear to work as expected.
> Searching for "freebogatov" returns a number of relays, as does
> "privacyrepublic".

New description:

 When searching for relays on Atlas, some searches do not appear to return
 correctly. When searching for the relay "snowfall", Atlas attempts to load
 https://atlas.torproject.org/#details/C17358D40BEF8C13F88ACE7D7FF08E8BD5E8296E,
 which is not the correct fingerprint and does not appear to exist.

 The correct entry for this search would be
 https://atlas.torproject.org/#details/823AA81E277F366505545522CEDC2F529CE4DC3F.

 This also occurs when attempting to search for other relays, such as
 "BlockONE" (currently in the top-10). This returns
 https://atlas.torproject.org/#details/AEF234CB0829EF7048A0BEA3DC93A3C43525725B.

 The correct entry should be
 https://atlas.torproject.org/#details/7A5A9DF2FAE2EDDD4EB3BBF2C489BF296F1B2144

 Searches that return more than one relay appear to work as expected.
 Searching for "freebogatov" returns a number of relays, as does
 "privacyrepublic".

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by phoul):

 Similar behavior has been reported on IRC, as well as the blog
 (https://blog.torproject.org/comment/270323#comment-270323)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 When searching for relays on Atlas, some searches do not appear to return
 correctly. When searching for the relay "snowfall", Atlas attempts to load
 https://atlas.torproject.org/#details/C17358D40BEF8C13F88ACE7D7FF08E8BD5E8296E,
 which is not the correct fingerprint and does not appear to exist.

 The correct entry for this search would be
 https://atlas.torproject.org/#details/823AA81E277F366505545522CEDC2F529CE4DC3F.

 This also occurs when attempting to search for other relays, such as
 "BlockOne" (currently in the top-10). This returns
 https://atlas.torproject.org/#details/AEF234CB0829EF7048A0BEA3DC93A3C43525725B.

 The correct entry should be
 https://atlas.torproject.org/#details/7A5A9DF2FAE2EDDD4EB3BBF2C489BF296F1B2144

 Searches that return more than one relay appear to work as expected.
 Searching for "freebogatov" returns a number of relays, as does
 "privacyrepublic".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13398 [Applications/Tor Browser]: at startup, browser gleans user FULL NAME (real name, given name) from O/S

2017-08-08 Thread Tor Bug Tracker & Wiki 
#13398: at startup, browser gleans user FULL NAME (real name, given name) from 
O/S
--+
 Reporter:  zinc  |  Owner:  pospeselr
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by pospeselr):

 Hmm, if I had to guess it's probably the usage of the NS_METHODIMP macro
 rather than just specifying an nsresult return type.  See if I can repro
 tonight and update the patch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23138: TorButton don't let people to change proxy settings
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  needs_information
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Curious, eh? That's good, but it will "eat" a cat :P

 Short answer: Because I want to use HTTP proxy.
 Long answer:
 I know many people who use TBB with HTTP proxy.
 Some of reasons:
 1. To take a complete log of requests.
 2. To filter out certain destination using their DNS servers(e.g., custom
 hosts)
 3. To share Tor access with other software that doesn't support SOCKS but
 HTTP.
 4. More.

 We all understand this might reduce anomity. However, you should know that
 there are many, YES, MANY, people use Tor without Firefox! No, really,
 this
 might bring you heart attack, but it's true.

 I have several legal websites hosting on .onion. According to my access
 log,
 40% of access use non-TBB browser, such as Firefox 64bit, iPhone,
 Chrome(!),
 Safari, etc etc. I've kicked non-TBB user(return 301 )
 after I saw that.

 Back to the primary discussion,
 when will you consider custom proxy? We just want to use our own
 HTTPS/SOCKS4/5/PAC proxy
 to hide IP using Tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:  nickm|Sponsor:  SponsorR-must
-+

Comment (by nickm):

 okay, I've squashed and merged.  Please close this (or leave open) once
 you know what you think about fcdc4be.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23083 [Obfuscation/BridgeDB]: BridgeDB gives the same bridges even to differrent IPs. It worth nothing to block the most of them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23083: BridgeDB gives the same bridges even to differrent IPs. It worth 
nothing to
block the most of them.
--+---
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by isis):

 * status:  reopened => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23083 [Obfuscation/BridgeDB]: BridgeDB gives the same bridges even to differrent IPs. It worth nothing to block the most of them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23083: BridgeDB gives the same bridges even to differrent IPs. It worth 
nothing to
block the most of them.
--+--
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by isis):

 Replying to [comment:2 cypherpunks]:
 > Do you really mean that censorship circumvention tools you have made are
 designed to be censored?

 [http://bit.ly/4kb77v No.]

 
[https://gitweb.torproject.org/bridgedb.git/tree/bridgedb/https/distributor.py?id=62b17e87a199ed0163ef01708f2369389658960b#n112
 It's designed to give out the same bridges to every IP in a /16 in a given
 time period.]

 [https://gitweb.torproject.org/bridgedb.git/commit/?id=ceac2ff7b2c9 The
 bridges are in rotating hashrings.]

 
[https://gitweb.torproject.org/bridgedb.git/tree/bridgedb/https/server.py?id=62b17e87a199ed0163ef01708f2369389658960b#n909
 Only a subset are available in a given period.]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23155 [Core Tor/Tor]: Double free on error in config_process_include

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23155: Double free on error in config_process_include
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  .1
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review
 * actualpoints:   => .1


Comment:

 Fix in branch `bug23155_031`. Found by the clang analyzer.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23155 [Core Tor/Tor]: Double free on error in config_process_include

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23155: Double free on error in config_process_include
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23155 [Core Tor/Tor]: Double free on error in config_process_include

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23155: Double free on error in config_process_include
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * owner:   => nickm
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23139 [Core Tor/Tor]: memory leak in consdiffmgr.c

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23139: memory leak in consdiffmgr.c
--+
 Reporter:  arma  |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 merged; thanks for the review!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23139 [Core Tor/Tor]: memory leak in consdiffmgr.c

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23139: memory leak in consdiffmgr.c
--+
 Reporter:  arma  |  Owner:  nickm
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by arma):

 * status:  needs_review => merge_ready


Comment:

 Patch looks reasonable!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22264 [Core Tor/Tor]: Remove old cached_dir_t code

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22264: Remove old cached_dir_t code
--+--
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nickm):

 * sponsor:  Sponsor4-can =>
 * milestone:  Tor: 0.3.2.x-final => Tor: unspecified


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23154 [Applications/Tor Browser]: TOR BROWSER USER INTERFACE ISSUE

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23154: TOR BROWSER USER INTERFACE ISSUE
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Very Low  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Trivial   |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 all of the tab bar is colored #ebebea, while the outside curves of the
 current tab are colored #f2f2f2
 tbb 7.0.3 on linux

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22671 [Webpages/Blog]: Implement design changes to blog.torproject.org

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22671: Implement design changes to blog.torproject.org
---+--
 Reporter:  linda  |  Owner:  hiro
 Type:  defect | Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 I don't think everything was fixed here, example: the bottom footer.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23153 [Applications/Tor Browser]: TB 7.5a4 - NoScript option: forbid active web content when using a proxy

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23153: TB 7.5a4 - NoScript option: forbid active web content when using a proxy
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 In a fresh installation of Tor Browser 7.5a4 on Windows 7 SP1 x64, the
 NoScript option "Forbid active web content unless it comes from secure
 (HTTPS) connection" (in Advanced-HTTPS-Permissions menu) is set to "Never"
 although NoScript recommends to set it to "When using a proxy (recommended
 with Tor)".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22342 [Core Tor/Tor]: Add a nice append-only stringbuffer, and refactor code to use it

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22342: Add a nice append-only stringbuffer, and refactor code to use it
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 Wait, that branch is silly.

 We already have a nice way to grow strings: buf_t.  I'm going to refactor
 it in #23149 to make the API nicer, then add helper functions in strbuf_v2
 on top of that.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

2017-08-08 Thread Tor Bug Tracker & Wiki 
#21321: .onion HTTP is shown as non-secure in Tor Browser
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Blocker  | Resolution:  fixed
 Keywords:  ff52-esr, tbb-7.0-issues, tbb-   |  Actual Points:
  usability, ux-team, tbb-7.0-frequent,  |
  TorBrowserTeam201708R, GeorgKoppen201708   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:45 gk]:
 > But we might be able to bypass that hassle by using other means provided
 in that spec, in particular treating .onions as potentially trustworthy
 origins (https://w3c.github.io/webappsec-secure-contexts/#is-origin-
 trustworthy):
 Make an encrypted channel between Tor and Tor Browser to get
 > A potentially trustworthy origin is one which a user agent can generally
 trust as delivering data securely.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22227 [Applications/Tor Browser]: Netmonitor Remote Address is always 0.0.0.0 localhost (was: Netmonitor Shows the Wrong Remote Address)

2017-08-08 Thread Tor Bug Tracker & Wiki 
#7: Netmonitor Remote Address is always 0.0.0.0 localhost
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23134 [Applications/Tor Browser]: Unable to connect - bug or not?

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23134: Unable to connect - bug or not?
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  needs_information => new


Comment:

 It is switching circuits with `REASON=TIMEOUT` until connected, but fails
 immediately when meets this one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23149 [Core Tor/Tor]: Refactor buffer.c: split and rename functions.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23149: Refactor buffer.c: split and rename functions.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #22342| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 Please see branch `refactor_buffers_api` in my public repository.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23149 [Core Tor/Tor]: Refactor buffer.c: split and rename functions.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23149: Refactor buffer.c: split and rename functions.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  .2
Parent ID:  #22342| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review
 * actualpoints:   => .2


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16149 [Applications/Tor Browser]: The newChannel() API is deprecated and broken in Tor Browser based on ESR 59 (was: The newChannel() API is deprecated and broken in Tor Browser based

2017-08-08 Thread Tor Bug Tracker & Wiki 
#16149: The newChannel() API is deprecated and broken in Tor Browser based on 
ESR
59
--+--
 Reporter:  gk|  Owner:  gk
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff59-esr, tbb-torbutton   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 > moving to ff59-esr then.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23138: TorButton don't let people to change proxy settings
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  needs_information
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:6 cypherpunks]:
 > > Are you saying this is not working for you?
 >
 > Yes. Tested on 3 PCs(TB), all same result.
 > Again, on Windows. Not Linux.

 I was actually asking about that setup I outlined above, starting with a
 clean, new Tor Browser. Why do you need those HTTP proxy settings anyway?
 Tor is only a SOCKS proxy and it alone should be enough nowadays for
 browsing needs.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23128 [Applications/Tor Browser]: When right clicking on a webm and clicking on open with -> Torbrowser it opens TorBrowser even though it is not set up

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23128: When right clicking on a webm and clicking on open with -> Torbrowser it
opens TorBrowser even though it is not set up
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Hm. Why should that be "won't fix"? Isn't this bug something we should fix
 (eventually) given that it is confusing and is leading to unexpected
 behavior (imagine the user has forgotten that they opened Tor Browser that
 way and is wondering now why normal browsing is not working)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16617 [Applications/Tor Browser]: Potential security hole du to cache policy

2017-08-08 Thread Tor Bug Tracker & Wiki 
#16617: Potential security hole du to cache policy
--+--
 Reporter:  gojul |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  needs_information => closed
 * resolution:   => invalid
 * severity:   => Normal


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23134 [Applications/Tor Browser]: Unable to connect - bug or not?

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23134: Unable to connect - bug or not?
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information


Comment:

 What are you expecting instead of the error page?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22971 [Applications/Tor Browser]: The XPI signing mechanism needs to use different hash functions.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22971: The XPI signing mechanism needs to use different hash functions.
--+--
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-security, ff59-esr|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:  tbb-security => tbb-security, ff59-esr


Comment:

 We need to sign our extensions ourselves anyway when switching to ESR59.
 If we get to it earlier then it can't hurt, though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:  nickm|Sponsor:  SponsorR-must
-+

Comment (by asn):

 Replying to [comment:27 nickm]:
 > {{{
 > 13:03 <+nickm> 1) asn, are you sure you resolved all the open
 discussions on
 >oniongit?  It's down so I can't check for myself, but I
 will
 >believe you if you say "yeah I think so"
 > 13:04 <+nickm> 2) dgoulet and asn: can you tell me a little more about
 >fcdc4bee04dd5baa3fe82bf05e6b1cc1630aa06e ?
 > 13:04 <+nickm> I'm confused about how that patch adds and removes calls
 to
 >rep_hist_note_used_internal!
 > }}}

 Hey Nick!

 1) Yes,  we are done now. I just pushed one final commit (just now) which
 added an XXX to the trunnel definition, and now everything should have
 checkmark!

 2) So yes `fcdc4be` is a weird one and comes straight from #23097. Lots of
 info in that ticket. Unfortunately I'm not very familiar with it either.
 tl;dr David was getting crazy timeouts on his circuits and it was building
 new internal circs every 30 secs, so he asked Mike for advice on how to
 use the rephist system, and that's what Mike suggested in
 comment:3:ticket:23097 . I'll do some double checking tomorrow on the
 correctness of the patch and make sure that it won't influence legacy HSes
 if possible.

 I'll be back in this ticket tomorrow!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23096 [Internal Services/Blog]: Request to investigate solution for permanent link of newsletter letters + archive

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23096: Request to investigate solution for permanent link of newsletter 
letters +
archive
+--
 Reporter:  isabela |  Owner:  hiro
 Type:  defect  | Status:  assigned
 Priority:  Medium  |  Milestone:
Component:  Internal Services/Blog  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by steph):

 We are using Civicrm to set up our newsletters. I will see about getting
 you access.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating!

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cypherpunks):

 > Try e-mail?

 Assume that email, SMS, social networks, messengers, forums, any other
 unencrypted channels are censored too and that people trying to acquire
 bridges using such personalized channels are prosecuted. Bridges must be
 acquired stealthy. Noone must know that you are using a bridge except the
 bridge itself.

 >Second, reality is different. For me only 1/10 bridges from bridges.tpo
 was affected by your "3 firewall rules".

 Maybe.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23151 [Applications/Tor Browser]: Tor Browser toolbar design

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23151: Tor Browser toolbar design
--+--
 Reporter:  linda |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #23150| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * cc: brade, mcs (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23151 [Applications/Tor Browser]: Tor Browser toolbar design

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23151: Tor Browser toolbar design
--+--
 Reporter:  linda |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #23150| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Thanks Linda for putting this to your plate! {{{:^)}}} IMHO:

 > what to do about the noscript and onion buttons

 For NoScript: In FF59esr there's a dropdown menu that lists addons ([https
 ://user-
 
images.githubusercontent.com/522085/28930740-e62f28f6-7841-11e7-94b1-64f08453c480.png
 screenshot], you can test it by downloading latest Firefox Nightly), I
 think it would be OK to have it there along with HTTPS Everywhere if and
 only if the suggestion in #22985 comment:3 is implemented.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22982 [Applications/Tor Browser]: Introduce a single "adjust security" toolbar button for security slider and noscript options

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22982: Introduce a single "adjust security" toolbar button for security slider 
and
noscript options
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 >We could promote it to its own toolbar buttun/popup menu, similar to how
 ninavizz suggested i

 I don't think we should do this. This settings should be adjusted once (to
 the maximum level), not per session. So I think this should be hidden to
 the places where they cannot be changed by a mistake.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22671 [Webpages/Blog]: Implement design changes to blog.torproject.org

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22671: Implement design changes to blog.torproject.org
---+
 Reporter:  linda  |  Owner:  hiro
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  ux-team|  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+
Changes (by hiro):

 * status:  needs_information => closed
 * resolution:   => fixed


Comment:

 This was fixed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22981 [Applications/Tor Browser]: Don't block audio/video on https sites under Medium Security

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22981: Don't block audio/video on https sites under Medium Security
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 >But JavaScript is allowed for https sites. I would suggest also
 unblocking video and audio for https sites but keeping them blocked for
 http sites.

 I suggest to disallow JavaScript for all websites on every level except
 the lowest.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23152 [Internal Services/Service - trac]: Disallow tiff (and other non png non text) uploads

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23152: Disallow tiff (and other non png non text) uploads
--+-
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Tiff is a quite a complicated format. Its implementation can contain
 vulnerabilities.

 Some man creates tickets with tiffs attached:
 #23140, #23085.

 People consider this as an attack. They even ask him in a rude form not to
 post tiffs. Maybe we should protect him from such a rudeness ;) I suggest
 to disallow uploads of non-text formats other than the ones in the
 following whitelist: ["png"].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23142 [Applications/Tor Browser]: HTML elements are broken on goftesh.com in Tor Browsr

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23142: HTML  elements are broken on goftesh.com in Tor Browsr
--+---
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Aha, interesting. I think we should look whether that would enabled some
 platform detection but if not, we should add the URL to the whitelist.
 Surprisingly, your fix does not help with the original bug report (see
 description). But my guess would be that this is another fallout from
 Cloudflare's fuck-up (see #21341).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23150 [Applications/Tor Browser]: Re-evaluating the tor browser toolbar

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23150: Re-evaluating the tor browser toolbar
--+---
 Reporter:  linda |  Owner:  linda
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #20843| Points:
 Reviewer:|Sponsor:
--+---
Changes (by antonela):

 * parent:   => #20843


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23151 [Applications/Tor Browser]: Tor Browser toolbar design

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23151: Tor Browser toolbar design
--+--
 Reporter:  linda |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #23150
   Points:|   Reviewer:
  Sponsor:|
--+--
 If we make the changes suggested by #23150 and child tickets, we'll need
 to:

 * decide how many buttons to have
 * where those buttons go
 * what functionalities each button would have
 * what icons we should use for each button
 * what to do about the noscript and onion buttons

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22980 [Applications/Tor Browser]: Indicate Security Slider Level applies globally

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22980: Indicate Security Slider Level applies globally
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by linda):

 * parent:   => #23150


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22981 [Applications/Tor Browser]: Don't block audio/video on https sites under Medium Security

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22981: Don't block audio/video on https sites under Medium Security
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by linda):

 * parent:   => #23150


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22985 [Applications/Tor Browser]: Can we simplify and clarify click-to-play of audio/video?

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22985: Can we simplify and clarify click-to-play of audio/video?
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security, ux- |  Actual Points:
  team   |
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by linda):

 * parent:   => #23150


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22982 [Applications/Tor Browser]: Introduce a single "adjust security" toolbar button for security slider and noscript options

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22982: Introduce a single "adjust security" toolbar button for security slider 
and
noscript options
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by linda):

 * parent:   => #23150


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23150 [Applications/Tor Browser]: Re-evaluating the tor browser toolbar

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23150: Re-evaluating the tor browser toolbar
--+---
 Reporter:  linda |  Owner:  linda
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 This project is to re-evaluate what buttons we are going to place in the
 toolbar, and what purposes they would serve. We've been having an ongoing
 discussion of it here: https://pad.riseup.net/p/toolbar-torbrowser.

 We're trying to fix the following problems:
 * user confusion with what settings is global and what is for a tab
 * all features are hidden under one icon or under the security preferences
 (which is buried)
 * the settings overlap and need to be used together (security slider +
 noscript), which is hard
 * in general, the buttons at the top (NoScript, torbutton) are confusing
 * the buttons don't have a 1:1 corespondence with what users need

 This project was inspired by Nina's document that proposes changes to the
 Tor Browser toolbar,
 ([https://trac.torproject.org/projects/tor/ticket/21183 ticket]
 [https://share.riseup.net/#a147BiCUXfeCQ3ezzgFkag pdf of suggested
 changes]. Not all the proposed changes are good ideas, but were good to
 spark discussion.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23149 [Core Tor/Tor]: Refactor buffer.c: split and rename functions.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23149: Refactor buffer.c: split and rename functions.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #22342| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * owner:   => nickm
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23149 [Core Tor/Tor]: Refactor buffer.c: split and rename functions.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23149: Refactor buffer.c: split and rename functions.
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #22342
   Points:|   Reviewer:
  Sponsor:|
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22985 [Applications/Tor Browser]: Can we simplify and clarify click-to-play of audio/video?

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22985: Can we simplify and clarify click-to-play of audio/video?
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security, ux- |  Actual Points:
  team   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by linda):

 Replying to [comment:3 cypherpunks]:
 > Thanks Arthur for bringing this important usability issue to note!

 Agreed! I think that we should definitely work on making this one
 intuitive click and one reload.

 > For me, I always use the NoScript icon >> "Blocked Objects" >>
 "Temporarily allow *@https://www.youtube.com;. This requires only 1 click
 and enables both audio+video (whereas with click-to-play one has to
 individually allow video and audio).

 I didn't know that video and audio had to be enabled separately. :(

 > However for non-technical persons this isn't obvious at first sight.
 Fixing this will involve having to change NoScript's UX so that a
 "Temporarily allow videos and audio from www.youtube.com" shows up that
 the user can easily understand and toggle to meet his needs.

 This is a good idea. A "make things work for me" button on a page is what
 people want more than "only allow audio, only allow video." We (the tor
 browser team and the ux team) are thinking of better security toggles to
 give the user, and we'll definitely take this into consideration.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23148 [Applications/TorBirdy]: TorBirdy uses invalid GPG keyserver options in Enigmail

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23148: TorBirdy uses invalid GPG keyserver options in Enigmail
---+-
 Reporter:  jflory7|  Owner:  sukhbir
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/TorBirdy  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 == problem ==

 When refreshing a key in the Enigmail key management pane, TorBirdy uses
 an invalid option when refreshing keys and Enigmail fails to refresh a
 key.

 == explanation ==

 The parameters currently used are:

 {{{
 --keyserver-options=no-try-dns-srv,http-proxy=socks5h://127.0.0.1:9150
 --no-emit-version --no-comments --display-charset utf-8 --keyserver-
 options no-auto-key-retrieve
 }}}

 Whenever I go to refresh a key, I'm given this error:

   Downloading of keys failed
   gpg: keyserver option 'no-try-dns-srv' is unknown
   gpg: keyserver receive failed: Configuration error

 If there's any more helpful info to include, please let me know. I am
 using TorBirdy 0.2.3.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20757 [Applications/Tor Browser]: git-gpg-wrapper is incompatible with git ≥ 2.10.0-rc0

2017-08-08 Thread Tor Bug Tracker & Wiki 
#20757: git-gpg-wrapper is incompatible with git ≥ 2.10.0-rc0
-+-
 Reporter:  dcf  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-gitian, tbb-rbm, |  Actual Points:
  TorBrowserTeam201708R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * cc: tom (added)
 * keywords:  tbb-gitian, tbb-rbm, TorBrowserTeam201708 => tbb-gitian, tbb-
 rbm, TorBrowserTeam201708R
 * status:  new => needs_review


Comment:

 I made a patch for `tor-browser-bundle.git`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 bundle.git/commit/?h=bug_20757

 And one for `tor-browser-build.git`:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_20757_v2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10762 [Applications/TorBirdy]: TorBridy should try both SOCKS port 9050 and 9150

2017-08-08 Thread Tor Bug Tracker & Wiki 
#10762: TorBridy should try both SOCKS port 9050 and 9150
---+--
 Reporter:  mikeperry  |  Owner:  ioerror
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Applications/TorBirdy  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by jflory7):

 * severity:   => Normal


Comment:

 For what it's worth, there seems to be a few places in TorBirdy that
 aren't updated if the Tor port is changed. For example, when refreshing
 keys in Enigmail, the local proxy is hard-coded to 127.0.0.1:9150, which
 will always fail unless changed manually.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21433 [Applications/TorBirdy]: TorBirdy: Respect user preferences for header_type and message body type

2017-08-08 Thread Tor Bug Tracker & Wiki 
#21433: TorBirdy: Respect user preferences for header_type and message body type
---+-
 Reporter:  jflory7|  Owner:  sukhbir
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/TorBirdy  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by jflory7):

 I see this is also similar to #10684.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23142 [Applications/Tor Browser]: HTML elements are broken on goftesh.com in Tor Browsr

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23142: HTML  elements are broken on goftesh.com in Tor Browsr
--+---
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by mcs):

 * status:  new => needs_information


Comment:

 Flipping `extensions.torbutton.resource_and_chrome_uri_fingerprinting` to
 `true` fixes this problem. The root cause is that our content policy
 filter blocks the load of `chrome://xbl-marquee/content/xbl-marquee.xml`
 Should we whitelist that URL?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22671 [Webpages/Blog]: Implement design changes to blog.torproject.org

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22671: Implement design changes to blog.torproject.org
---+---
 Reporter:  linda  |  Owner:  hiro
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by cypherpunks):

 * status:  new => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22063 [Metrics/Metrics website]: Document that only the first qualified search term applies

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22063: Document that only the first qualified search term applies
-+--
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  task | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by iwakeh):

 * milestone:  Onionoo-1.4.0 =>


Comment:

 True.  Milestone removed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22063 [Metrics/Metrics website]: Document that only the first qualified search term applies

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22063: Document that only the first qualified search term applies
-+---
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  task | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Onionoo-1.4.0
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * component:  Metrics/Onionoo => Metrics/Metrics website


Comment:

 Thanks for looking! I can even merge it without waiting for a release,
 because it's now going into metrics-web. I'll do that tomorrow, unless
 there are objections.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21554 [Core Tor/Tor]: Inventory proposals that need merging into specs ; merge them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#21554: Inventory proposals that need merging into specs ; merge them.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  task  | Status:  closed
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  implemented
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => closed
 * resolution:   => implemented


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22276 [Core Tor/Tor]: Merge prop220/prop244 to tor-spec/dir-spec

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22276: Merge prop220/prop244 to tor-spec/dir-spec
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * parent:  #21554 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22275 [Core Tor/Tor]: Update dir-spec.txt to reflect prop278.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22275: Update dir-spec.txt to reflect prop278.
--+
 Reporter:  nickm |  Owner:  ahf
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor4
--+
Changes (by nickm):

 * parent:  #21554 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22250 [Applications/Tor Browser]: create one Tor Theme for Tor browser

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22250: create one Tor Theme for Tor browser
--+---
 Reporter:  nim01 |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  reopened => closed
 * resolution:   => duplicate


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22278 [Core Tor/Tor]: Is anything undocumented from proposals 158, 162?

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22278: Is anything undocumented from proposals 158, 162?
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * parent:  #21554 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22250 [Applications/Tor Browser]: create one Tor Theme for Tor browser

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22250: create one Tor Theme for Tor browser
--+--
 Reporter:  nim01 |  Owner:  tbb-team
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  fixed =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21554 [Core Tor/Tor]: Inventory proposals that need merging into specs ; merge them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#21554: Inventory proposals that need merging into specs ; merge them.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  task  | Status:  accepted
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 I'm going to unparent the children and close this one, since they're
 tracking this issue now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22063 [Metrics/Onionoo]: Document that only the first qualified search term applies

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22063: Document that only the first qualified search term applies
-+---
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  task | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Onionoo-1.4.0
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by iwakeh):

 * status:  needs_review => merge_ready
 * milestone:   => Onionoo-1.4.0


Comment:

 Looks good and can be part of the next milestone.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22209 [Core Tor/Tor]: Channelpadding tests fail on kevent-based systems

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22209: Channelpadding tests fail on kevent-based systems
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 I've looked over this some more, and I don't think that there's more to do
 in 0.3.1.  I think we'll be okay.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22384 [Internal Services/Tor Sysadmin Team]: Duplicate Blog component

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22384: Duplicate Blog component
-+-
 Reporter:  cypherpunks  |  Owner:  hiro
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hiro):

 * status:  assigned => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22752 [Core Tor/Tor]: Assertion failure in consensus_cache_entry_handle_get on Windows

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22752: Assertion failure in consensus_cache_entry_handle_get on Windows
--+
 Reporter:  ahf   |  Owner:
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.3-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor4
--+

Comment (by Vort):

 Looks like in Windows, `unlink` actually deletes file:
 https://msdn.microsoft.com/en-us/library/aa273396(v=vs.60).aspx

 There are something similar to `unlink` from Unix in NTFS:
 https://unix.stackexchange.com/a/49306
 But I'm not sure about it.

 Concerning architecture:
 Tor unlinks file just to free name or its goal is to free disk space?
 What is the reason to have exactly 256 names, but gigabytes of used space?

 Sadly, I don't completely understand what happening here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22384 [Internal Services/Tor Sysadmin Team]: Duplicate Blog component

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22384: Duplicate Blog component
-+-
 Reporter:  cypherpunks  |  Owner:  hiro
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by hiro):

 So the reason there was an internal service/blog component was for the
 server running the blog before. We do not need this anymore and I think
 it's ok to remove the component now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22286 [Core Tor/Tor]: Add coverage markers to LZMA and Zstd compression backend

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22286: Add coverage markers to LZMA and Zstd compression backend
--+
 Reporter:  ahf   |  Owner:
 Type:  enhancement   | Status:  closed
 Priority:  Low   |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:  implemented
 Keywords:|  Actual Points:  0.1
Parent ID:| Points:  0.1
 Reviewer:|Sponsor:  Sponsor4
--+
Changes (by nickm):

 * status:  needs_revision => closed
 * resolution:   => implemented


Comment:

 Reverted the parts I disagreed with and merged, so we can close this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22783 [Webpages/Blog]: Remove fontawsome from the blog template

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22783: Remove fontawsome from the blog template
---+
 Reporter:  hiro   |  Owner:  hiro
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+

Comment (by cypherpunks):

 Replying to [comment:3 hiro]:
 > Now the blog is using only svg.

 > not loaded on high security level in Tor browser.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22783 [Webpages/Blog]: Remove fontawsome from the blog template

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22783: Remove fontawsome from the blog template
---+
 Reporter:  hiro   |  Owner:  hiro
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+
Changes (by hiro):

 * status:  accepted => closed
 * resolution:   => fixed


Old description:

> Glyphicons are not loaded on high security level in Tor browser.

New description:

 Glyphicons are not loaded on high security level in Tor browser.

 The search box now is visible also on high-security mode.

--

Comment:

 Glyphicons and fontsawesome have been removed from css and html. Now the
 blog is using only svg.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23142 [Applications/Tor Browser]: HTML elements are broken on goftesh.com in Tor Browsr

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23142: HTML  elements are broken on goftesh.com in Tor Browsr
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * cc: mcs (added)


Comment:

 Here is a simpler test page: https://pearlcrescent.com/tor/marquee.html

 On OSX it works after I disable Torbutton but I do not know which part of
 Torbutton is interfering with the  tag. Maybe we are doing people
 a favor by breaking it :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22063 [Metrics/Onionoo]: Document that only the first qualified search term applies

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22063: Document that only the first qualified search term applies
-+--
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  task | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  merge_ready => needs_review


Comment:

 Thanks for reviewing, but I'd prefer a non-anonymous member of the metrics
 team to review this patch, too. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23147: prop280: Merge privcount-in-tor data collector backend implementation
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:  SponsorQ  |
--+
 I've got implementations that match the current prop280, but we'll need to
 make some additional fixes, including:

* Whatever changes we make in prop280.
* Actually initializing the privcount subsytem
* Collecting initial statistics.

 The current implementations are in `privcount_nm_v2_032` and
 `privcount_nm_v2_shake_032`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23146 [Core Tor/Tor]: prop280: Finish privcount-in-Tor proposal (280)

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23146: prop280: Finish privcount-in-Tor proposal (280)
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:  3 |   Reviewer:
  Sponsor:  SponsorQ  |
--+
 There are some open discussion issues in prop280.  We should wrap them up
 so we can get an implementation merged.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23145 [Applications/Orbot]: Orfox UserAgent is very old. Please upgrade to modern version (52 or above).

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23145: Orfox UserAgent is very old. Please upgrade to modern version (52 or
above).
+---
 Reporter:  cypherpunks |  Owner:  n8fr8
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Orbot  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+---
 Version 38 is way old, and some websites are blocking Orfox because the
 UserAgent is old. Please consider updating Orfox with latest useragent.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23144 [Applications/Orbot]: Orfox UserAgent is very old. Please upgrade to modern version (52 or above).

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23144: Orfox UserAgent is very old. Please upgrade to modern version (52 or
above).
+---
 Reporter:  cypherpunks |  Owner:  n8fr8
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Orbot  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+---
 Version 38 is way old, and some websites are blocking Orfox because the
 UserAgent is old. Please consider updating Orfox with latest useragent.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23138: TorButton don't let people to change proxy settings
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  needs_information
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 1. Enable Torbutton.
 2. Restart browser.

 3. Go to "about:config".
 Now here's a problem. There is no such values.
 So I added them with boolean-false.

 > extensions.torlauncher.start_tor
 > extensions.torlauncher.prompt_at_startup

 4. Restart browser.

 5. about:preferences#advanced -> Network -> Settings.
 HTTP proxy is already set(of course).

 6. Tried to open webpage - FAIL!

 7. Damn. Disable TorButton.
 8. Restart browser.

 9. WORK LIKE A CHARM.

 --
 > I started to browse using the system tor on my system.

 Well I use HTTP proxy. e.g., 1.2.3.4:5678.
 On my other tor machine, I use privoxy(127.0.0.1:1233).

 > Are you saying this is not working for you?

 Yes. Tested on 3 PCs(TB), all same result.
 Again, on Windows. Not Linux.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16593 [Metrics/ExoneraTor]: Create a more sophisticated layout using Bootstrap

2017-08-08 Thread Tor Bug Tracker & Wiki 
#16593: Create a more sophisticated layout using Bootstrap
+
 Reporter:  karsten |  Owner:
 Type:  enhancement | Status:  closed
 Priority:  Low |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by karsten):

 * status:  new => closed
 * resolution:   => fixed
 * severity:   => Normal


Comment:

 We did re-arrange the ExoneraTor website quite a bit in the second half of
 2015 and switched to a more sophisticated layout using Bootstrap. We just
 didn't update this ticket after doing so. Closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23138: TorButton don't let people to change proxy settings
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  needs_information
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 > 2) After first start I made sure extensions.torlauncher.start_tor and
 > extensions.torlauncher.prompt_at_startup are set to false

 Hey, I didn't know about these values until now! I just disabled them
 because
 these 2 addons won't let me to set my own proxy!

 This should be documented to trac with title: "Q. I want to use my own Tor
 Proxy or other proxy. How can I do it?".

 I'll try your step soon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22752 [Core Tor/Tor]: Assertion failure in consensus_cache_entry_handle_get on Windows

2017-08-08 Thread Tor Bug Tracker & Wiki 
#22752: Assertion failure in consensus_cache_entry_handle_get on Windows
--+
 Reporter:  ahf   |  Owner:
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.3-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor4
--+

Comment (by nickm):

 Replying to [comment:12 Vort]:
 > > I think this bug might be caused by the fact that (I think!) on
 windows, you can't unlink a file that's in use.
 >
 > Yes, adding of `consensus_cache_entry_unmap` call hides "unlink"
 warnings:
 > attachment:unmap_hack.patch
 > But adds other ones, of course.
 >
 > > But our code tries to unlink these files while they are still mapped.
 >
 > Using of deleted file is a strange thing for me.

 It's pretty normal on Unix-derived systems.  Files are reference-counted,
 and not actually deleted until nothing else is using them.  The "unlink()"
 system call doesn't actually delete a file -- it just removes a name from
 from the filesystem. Only when all links and references are gone is the
 actual data deleted.  That's why it's called "unlink()" instead of
 "delete()".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #2476, #2477, #2478, #2492

2017-08-08 Thread Tor Bug Tracker & Wiki 
Batch modification to #2476, #2477, #2478, #2492 by karsten:


Action: resolve

Comment:
No activity in the last six (6) years. Time to close.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23139 [Core Tor/Tor]: memory leak in consdiffmgr.c

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23139: memory leak in consdiffmgr.c
--+
 Reporter:  arma  |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


Comment:

 Bugfix in `bug23139`, to apply to maint-0.3.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21628 [Metrics/Censorship analysis]: Merhabalar

2017-08-08 Thread Tor Bug Tracker & Wiki 
#21628: Merhabalar
-+---
 Reporter:  WolfCyber|  Owner:  WolfCyber
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  not a bug
 Keywords:  turkey obfs4 |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 This is a bug tracker to track issues in the Tor software and related code
 bases. Sorry, we can't handle support requests here. Closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23139 [Core Tor/Tor]: memory leak in consdiffmgr.c

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23139: memory leak in consdiffmgr.c
--+
 Reporter:  arma  |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * owner:   => nickm
 * status:  new => accepted
 * milestone:   => Tor: 0.3.1.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:  nickm|Sponsor:  SponsorR-must
-+

Comment (by nickm):

 {{{
 13:03 <+nickm> 1) asn, are you sure you resolved all the open discussions
 on
oniongit?  It's down so I can't check for myself, but I
 will
believe you if you say "yeah I think so"
 13:04 <+nickm> 2) dgoulet and asn: can you tell me a little more about
fcdc4bee04dd5baa3fe82bf05e6b1cc1630aa06e ?
 13:04 <+nickm> I'm confused about how that patch adds and removes calls to
rep_hist_note_used_internal!
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating!

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cypherpunks):

 > Why? It's easy for everyone to download some bridges' addresses, look at
 them, spot common subnets and create just 3 firewall rules to block most
 of them, even unknown? Its not a bug, its a vuln!

 First:
 > Then other people should step up and run bridges, instead of just
 Torservers. But this isn't a bug, it's more an outreach problem.

 Second, reality is different. For me only 1/10 bridges from bridges.tpo
 was affected by your "3 firewall rules".

 > How can I request a new one if TPO websites are blocked? And what if I
 requested a new one and would be given the new one already blocked?

 Try e-mail?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23143 [Applications/TorBirdy]: latest TorBirdy release 0.2.3 breaks split-gpg in Qubes OS

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23143: latest TorBirdy release 0.2.3 breaks split-gpg in Qubes OS
---+-
 Reporter:  mfc|  Owner:  sukhbir
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/TorBirdy  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 It worked for a couple of days, then I had to disable the Memory Hole
 functionality (because it breaks communications with encrypted ticketing
 systems that do not implement the Memory Hole spec), and things went
 downhill from there.

 TorBirdy's interaction with Enigmail makes it such that Thunderbird cannot
 do any Enigmail-based functionality (decrypting, encrypting emails,
 viewing keyring, etc). Split-gpg continues to work fine outside
 Thunderbird.

 I don't know if 0.2.3 includes assumptions about where gpg is? Or
 disabling Memory Hole doesn't bring Enigmail back to its previous state?
 In split-gpg the default gpg location is replaced with `/usr/bin/qubes-
 gpg-client-wrapper`. You can read more info about split-gpg here:
 https://www.qubes-os.org/doc/split-gpg/

 In addition, on Fedora 25 I am unable to disable TorBirdy successfully, it
 crashes Thunderbird, and on re-starting Thunderbird TorBirdy is again
 enabled (and saying it will disable on re-start). That loop continues
 forever.

 Disabling it in Thunderbird on Debian 9 works fine.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23140 [Applications/Tor Browser]: The plugins tab should be hidden

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23140: The plugins tab should be hidden
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  closed => reopened
 * resolution:  not a bug =>


Comment:

 Replying to [comment:2 cypherpunks]:
 > Fuck off with your tiffs.

 Calm down. Adding tiffs is no reason to close a bug report as `not a bug`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23140 [Applications/Tor Browser]: The plugins tab should be hidden

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23140: The plugins tab should be hidden
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 Fuck off with your tiffs.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19479 [Applications/Tor Browser]: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48

2017-08-08 Thread Tor Bug Tracker & Wiki 
#19479: Document.timeline.currentTime leaks ms-resolution clock in Firefox >=48
--+
 Reporter:  arthuredelstein   |  Owner:  rah
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  ff59-esr, tbb-fingerprinting  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by gk):

 Replying to [comment:9 rah]:
 > Replying to [comment:8 gk]:
 > > I think you should have access to `document.timeline` if you switched
 `dom.animations-api.core.enabled` to `true`
 >
 > That worked, thanks.  I tested my patch in Firefox Nightly and it
 worked; the output of document.timeline.currentTime was clamped to 100ms.
 I then tested the patch in tor-browser and it also worked.  However, when
 I tested tor-browser without my patch, I was surprised to find that I got
 the same behaviour.  I used the same test with a binary download of the
 latest tor browser bundle and again, got the same behaviour.  My patch is
 superfluous and in fact, this bug has already been fixed.
 >
 > The DocumentTimeline Web Animations API interface inherits its
 currentTime property from AnimationTimeline.  The get method for this
 property is bound to
 mozilla::dom::AnimationTimeline::GetCurrentTimeAsDouble().  This method in
 turn calls the virtual method GetCurrentTime(), which is implemented in
 mozilla::dom::DocumentTimeline.  However, GetCurrentTimeAsDouble() uses
 AnimationUtils::TimeDurationToDouble() to convert the value returned by
 GetCurrentTime().  In [https://gitweb.torproject.org/tor-
 browser.git/commit/?h=esr24=167f4e468d8458b6e69f54ba16aef066d3f08160
 commit 167f4e468d8458b6e69f54ba16aef066d3f08160],
 AnimationUtils::TimeDurationToDouble() was modified to clamp the value to
 100ms.  In fact, that commit includes a mochitest test which checks
 document.timeline.currentTime among others.
 >
 > So, this bug was already fixed along with #16337.

 Thanks for this analysis. Nice find!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23142 [Applications/Tor Browser]: HTML elements are broken on goftesh.com in Tor Browsr

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23142: HTML  elements are broken on goftesh.com in Tor Browsr
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-usability-
  |  website
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 It seems Tor Browser is breaking `` elements somehow. This got
 reported on our blog
 (https://blog.torproject.org/comment/270124#comment-270124) the example
 being goftesh.com

 This works in Firefox 52 ESR. I flipped the first-party isolation pref and
 things are still working in Firefox 52 ESR. Disabling NoScript, HTTPS-E
 and Torbutton in Tor Browser does not solve the problem. Looking back in
 history this seems to be a bug already included in old Tor Browser
 versions. I tested Tor Browser 4.0 and there the `` element is
 broken as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23088 [Obfuscation/BridgeDB]: >Please note that you must send the email using an address from one of the following email providers: Riseup, Gmail or Yahoo.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23088: >Please note that you must send the email using an address from one of 
the
following email providers: Riseup, Gmail or Yahoo.
--+--
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  reopened
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  invalid =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23088 [Obfuscation/BridgeDB]: >Please note that you must send the email using an address from one of the following email providers: Riseup, Gmail or Yahoo.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23088: >Please note that you must send the email using an address from one of 
the
following email providers: Riseup, Gmail or Yahoo.
--+---
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  reopened => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating! (was: What if 0.0.0.0/0 got blocked?)

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  invalid =>


Comment:

 > It seems like you disclose some information fetched from bridges.tpo,
 please don't do that.

 Why? It's easy for everyone to download some bridges' addresses, look at
 them, spot common subnets and create just 3 firewall rules to block most
 of them, even unknown? Its not a bug, its a vuln!

 > If bridge got blocked you can to request new one.

 How can I request a new one if TPO websites are blocked? And what if I
 request a new one and would be given the new one already blocked?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23086 [Obfuscation/BridgeDB]: GIMP Captcha uses insecure random number generator

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23086: GIMP Captcha uses insecure random number generator
--+--
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  not a bug =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23083 [Obfuscation/BridgeDB]: BridgeDB gives the same bridges even to differrent IPs. It worth nothing to block the most of them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23083: BridgeDB gives the same bridges even to differrent IPs. It worth 
nothing to
block the most of them.
--+--
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  not a bug =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23083 [Obfuscation/BridgeDB]: BridgeDB gives the same bridges even to differrent IPs. It worth nothing to block the most of them.

2017-08-08 Thread Tor Bug Tracker & Wiki 
#23083: BridgeDB gives the same bridges even to differrent IPs. It worth 
nothing to
block the most of them.
--+---
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  reopened => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

  1   2   >