Re: [tor-bugs] #23783 [Core Tor/Tor]: Can't build Tor 0.3.2.2-alpha with mingw32 on Windows 7

[Tor Bug Tracker & Wiki]

#23783: Can't build Tor 0.3.2.2-alpha with mingw32 on Windows 7
--+
 Reporter:  Bizarre™  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.2.2-alpha
 Severity:  Normal| Resolution:
 Keywords:  0.3.2.2-alpha-blogpost-bugreport  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by Bizarre™):

 * priority:  Medium => High
 * version:   => Tor: 0.3.2.2-alpha


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23853 [Webpages]: Document the value of onion sites

[Tor Bug Tracker & Wiki]

#23853: Document the value of onion sites
-+
 Reporter:  arthuredelstein  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Why are onion services (aka hidden services) useful? Let's write a
 document explaining the value to website creators, explaining why they
 should set up a hidden site alternative to their website.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23852 [Webpages]: Document the value of embedding Tor in third-party products (was: Document the value of embedding Tor in)

[Tor Bug Tracker & Wiki]

#23852: Document the value of embedding Tor in third-party products
-+
 Reporter:  arthuredelstein  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23852 [Webpages]: Document the value of embedding Tor in

[Tor Bug Tracker & Wiki]

#23852: Document the value of embedding Tor in
-+
 Reporter:  arthuredelstein  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Third party app or device creators may want to embed Tor into their app or
 device. What sort of value proposition can convince managers or customers
 that embedding Tor is a good thing to do? Let's develop a web page laying
 out the benefits. Suggested in
 
[https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Montreal/Notes/EncouragingThirdPartyIntegrationAndOnionServicesEverywhere
 Montreal meeting.]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23851 [Webpages]: Write a "Tor Integration Guide"

[Tor Bug Tracker & Wiki]

#23851: Write a "Tor Integration Guide"
-+
 Reporter:  arthuredelstein  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 The website should have a page specifically explaining how to integrate
 Tor into your third-party app or product. Suggested in
 
[https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Montreal/Notes/EncouragingThirdPartyIntegrationAndOnionServicesEverywhere
 the Montreal meeting].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23850 [Webpages]: Webpage for Tor ecosystem: List of, and links to, success stories

[Tor Bug Tracker & Wiki]

#23850: Webpage for Tor ecosystem: List of, and links to, success stories
-+
 Reporter:  arthuredelstein  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Let's make a page that highlights many success stories for projects and
 products in the world that use Tor. (Suggested in the
 
[https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Montreal/Notes/EncouragingThirdPartyIntegrationAndOnionServicesEverywhere
 Montreal meeting.])

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23847 [Core Tor/Tor]: Add shutdown command to Tor control port

[Tor Bug Tracker & Wiki]

#23847: Add shutdown command to Tor control port
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-mobile|  Actual Points:
Parent ID:  #23684| Points:
 Reviewer:|Sponsor:
--+
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19926 [Core Tor/Tor]: BUG warning in connection_ap_attach_pending: waiting for rendezvous desc :*

[Tor Bug Tracker & Wiki]

#19926: BUG warning in connection_ap_attach_pending: waiting for rendezvous 
desc :*
-+
 Reporter:  cypherpunks  |  Owner:  (none)
 Type:  defect   | Status:  reopened
 Priority:  High |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor: 0.2.9.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  bug, regression, tor-hs  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by cypherpunks):

 Just got it again recently. That HS was ddosed and not accessible during
 many minutes for me. When I had reloaded the tabs I immediately got this:

 [warn] connection_ap_attach_pending(): Bug: 0x561db4544e70 is no longer in
 circuit_wait. Its current state is waiting for rendezvous desc. Why is it
 on pending_entry_connections? (on Tor 0.3.1.7 )

 The same day from the same HS I got many messages of the form:

 [warn] Query '[scrubbed]' didn't have valid rend desc in cache. Failing.

 May it be HS admins doing some type of attack against their users?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22212 [Core Tor/Tor]: [warn] channelpadding_compute_time_until_pad_for_netflow(): Bug: Channel padding timeout scheduled 164729ms in the past. Did the monotonic clock just jump?

[Tor Bug Tracker & Wiki]

#22212: [warn] channelpadding_compute_time_until_pad_for_netflow(): Bug: Channel
padding timeout scheduled 164729ms in the past. Did the monotonic clock
just jump?
--+
 Reporter:  arma  |  Owner:  mikeperry
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Logforme):

 My non-exit relay (855BC2DABE24C861CD887DB9B2E950424B49FC34) logs a lot of
 these messages since I upgraded to 3.1.7:

 {{{
 Oct 13 22:22:23.000 [notice] Channel padding timeout scheduled 171606ms in
 the past.
 Oct 13 22:22:32.000 [notice] Channel padding timeout scheduled 145225ms in
 the past.
 Oct 13 22:22:36.000 [notice] Channel padding timeout scheduled 178832ms in
 the past.
 Oct 13 22:22:47.000 [notice] Channel padding timeout scheduled 183913ms in
 the past.
 Oct 13 22:22:47.000 [notice] Channel padding timeout scheduled 169665ms in
 the past.
 Oct 13 22:23:10.000 [notice] Channel padding timeout scheduled 159677ms in
 the past.
 Oct 13 22:23:11.000 [notice] Channel padding timeout scheduled 193190ms in
 the past.
 Oct 13 22:23:11.000 [notice] Channel padding timeout scheduled 195678ms in
 the past.
 Oct 13 22:23:12.000 [notice] Channel padding timeout scheduled 172014ms in
 the past.
 Oct 13 22:23:14.000 [notice] Channel padding timeout scheduled 226954ms in
 the past.
 Oct 13 22:23:17.000 [notice] Channel padding timeout scheduled 173160ms in
 the past.
 Oct 13 22:23:17.000 [notice] Channel padding timeout scheduled 212215ms in
 the past.
 Oct 13 22:23:19.000 [notice] Channel padding timeout scheduled 203001ms in
 the past.
 Oct 13 22:23:19.000 [notice] Channel padding timeout scheduled 160855ms in
 the past.
 Oct 13 22:23:19.000 [notice] Channel padding timeout scheduled 237575ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 200659ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 213746ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 218091ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 181264ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 173220ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 185291ms in
 the past.
 Oct 13 22:23:20.000 [notice] Channel padding timeout scheduled 221698ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 211148ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 238334ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 255031ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 165644ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 208372ms in
 the past.
 Oct 13 22:23:21.000 [notice] Channel padding timeout scheduled 185413ms in
 the past.
 Oct 13 22:23:22.000 [notice] Channel padding timeout scheduled 248112ms in
 the past.
 Oct 13 22:23:22.000 [notice] Channel padding timeout scheduled 231464ms in
 the past.
 Oct 13 22:23:23.000 [notice] Channel padding timeout scheduled 216373ms in
 the past.
 Oct 13 22:23:23.000 [notice] Channel padding timeout scheduled 158121ms in
 the past.
 Oct 13 22:23:23.000 [notice] Channel padding timeout scheduled 222485ms in
 the past.
 Oct 13 22:23:24.000 [notice] Channel padding timeout scheduled 206899ms in
 the past.
 Oct 13 22:23:24.000 [notice] Channel padding timeout scheduled 196966ms in
 the past.
 Oct 13 22:23:24.000 [notice] Channel padding timeout scheduled 182872ms in
 the past.
 Oct 13 22:23:25.000 [notice] Channel padding timeout scheduled 204818ms in
 the past.
 Oct 13 22:23:25.000 [notice] Channel padding timeout scheduled 212764ms in
 the past.
 Oct 13 22:23:25.000 [notice] Channel padding timeout scheduled 146586ms in
 the past.
 Oct 13 22:23:25.000 [notice] Channel padding timeout scheduled 200461ms in
 the past.
 Oct 13 22:23:25.000 [notice] Channel padding timeout scheduled 227628ms in
 the past.
 Oct 13 22:23:26.000 [notice] Channel padding timeout scheduled 203696ms in
 the past.
 Oct 13 22:23:26.000 [notice] Channel padding timeout scheduled 197219ms in
 the past.
 Oct 13 22:23:27.000 [notice] Channel padding timeout scheduled 214081ms in
 the past.
 Oct 13 22:23:27.000 [notice] Channel padding timeout scheduled 204242ms in
 the past.
 Oct 13 22:23:27.000 [notice] Channel padding timeout scheduled 205723ms in
 the past.
 Oct 13 22:23:28.000 [notice] Channel padding timeout scheduled 214406ms in
 the past.
 Oct 13 22:23:28.000 [notice] Channel padding timeout 

Re: [tor-bugs] #23847 [Core Tor/Tor]: Add shutdown command to Tor control port

[Tor Bug Tracker & Wiki]

#23847: Add shutdown command to Tor control port
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-mobile|  Actual Points:
Parent ID:  #23684| Points:
 Reviewer:|Sponsor:
--+
Changes (by mtigas):

 * cc: mike@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23848 [Core Tor/Tor]: Replace all exit() calls with return code style

[Tor Bug Tracker & Wiki]

#23848: Replace all exit() calls with return code style
-+-
 Reporter:  hellais  |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile,0.3.5-deferrable  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mtigas):

 * cc: mike@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23845 [Core Tor/Tor]: Document a stable tor main function

[Tor Bug Tracker & Wiki]

#23845: Document a stable tor main function
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-mobile|  Actual Points:
Parent ID:  #23684| Points:
 Reviewer:|Sponsor:
--+
Changes (by mtigas):

 * cc: mike@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23822 [Core Tor/Tor]: tor router not working

[Tor Bug Tracker & Wiki]

#23822: tor router not working
--+---
 Reporter:  y.net |  Owner:  (none)
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.2.5.12
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by y.net):

 Replying to [comment:9 y.net]:


 > '''this is tor service status '''
 >
 > ---
 >
 > sudo service  tor status
 >
 > ● tor.service - LSB: Starts The Onion Router daemon processes
 >Loaded: loaded (/etc/init.d/tor)
 >Active: active (running) since Thu 2017-10-12 23:00:42 +03; 24h ago
 >   Process: 6714 !ExecReload=/etc/init.d/tor reload (code=exited,
 status=0/SUCCESS)
 >   Process: 648 !ExecStart=/etc/init.d/tor start (code=exited,
 status=0/SUCCESS)
 >CGroup: /system.slice/tor.service
 >└─769 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-
 service-defaults-torrc --hush
 >
 > Oct 12 23:00:41 Pi-do systemd![1]: Starting LSB: Starts The Onion Router
 daemon processes...
 > Oct 12 23:00:42 Pi-do tor![648]: Starting tor daemon...done.
 > Oct 12 23:00:42 Pi-do systemd![1]: Started LSB: Starts The Onion Router
 daemon processes.
 > Oct 13 06:25:06 Pi-do systemd![1]: Reloading LSB: Starts The Onion
 Router daemon processes.
 > Oct 13 06:25:06 Pi-do tor![6714]: Reloading tor daemon
 configuration...done.
 > Oct 13 06:25:06 Pi-do systemd![1]: Reloaded LSB: Starts The Onion Router
 daemon processes.
 > ---
 > this is torrc modfication file
 >
 > Log notice file /var/log/tor/notices.log
 > !VirtualAddrNetwork 10.192.0.0/10
 > !AutomapHostsSuffixes .onion,.exit
 > !AutomapHostsOnResolve 1
 > !TransPort 9040
 > !TransListenAddress 192.168.42.1
 > DNSPort 53
 > DNSListenAddress 192.168.42.1
 >
 >
 > Bridge obfs3 169.229.59.74:31493
 AF9F66B7B04F8FF6F32D455F05135250A16543C9
 > Bridge obfs3 83.212.101.3:80 A09D536DD1752D542E1FBB3C9CE4449D51298239
 > Bridge obfs3 169.229.59.75:46328
 AF9F66B7B04F8FF6F32D455F05135250A16543C9
 > Bridge obfs3 109.105.109.163:47779
 4C331FA9B3D1D6D8FB0D8FBBF0C259C360D97E6A
 > Bridge obfs3 109.105.109.163:38980
 1E05F577A0EC0213F971D81BF4D86A9E4E8229ED
 > Bridge obfs3 77.81.109.121:56202
 E4ABF756CFC241AFC3AED9E94ACACB58B503A31A
 > Bridge obfs3 192.36.31.111:48064
 866F273EC86EF2E2D0463E8D3E6124775139CC6E
 > Bridge obfs3 68.45.52.117:36125 3C89FB56CDEE23F0F16FDF86086866E33EAB24D8
 > !ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy --managed
 >
 >
 > ---
 > '''how can configure your distribution's package manager to use a source
 that has a more recent version?'''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23849 [Applications/Quality Assurance and Testing]: Publish tor.real artifact as part of the TBB build process

[Tor Bug Tracker & Wiki]

#23849: Publish tor.real artifact as part of the TBB build process
-+-
 Reporter:  hellais  |  Owner:  cypherpunks
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance   |Version:
  and Testing|
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 It would be very useful for people that need a pre-compiled (verifiable)
 binary on multiple architectures/platforms, if instead of having to
 download the whole TBB packages, I could instead just download the
 tor.real signed.

 It should be possible to add this as part of the TBB build process so that
 this artifact is published and signed separately.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23848 [Core Tor/Tor]: Replace all exit() calls with return code style

[Tor Bug Tracker & Wiki]

#23848: Replace all exit() calls with return code style
-+-
 Reporter:  hellais  |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile,0.3.5-deferrable  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hellais):

 * type:  defect => enhancement


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23848 [Core Tor/Tor]: Replace all exit() calls with return code style

[Tor Bug Tracker & Wiki]

#23848: Replace all exit() calls with return code style
--+-
 Reporter:  hellais   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-mobile,0.3.5-deferrable
Actual Points:|  Parent ID:  #23684
   Points:|   Reviewer:
  Sponsor:|
--+-
 Currently tor uses inside of various places the `exit()` call, but this is
 not nice when you are using it as a library as it leads to the whole app
 crashing, while we would rather just get an exception or a proper error
 code.

 This involves grepping tor for `exit()` calls and replacing them with
 instead return code style returns.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23845 [Core Tor/Tor]: Document a stable tor main function

[Tor Bug Tracker & Wiki]

#23845: Document a stable tor main function
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-mobile|  Actual Points:
Parent ID:  #23684| Points:
 Reviewer:|Sponsor:
--+
Changes (by hellais):

 * type:  defect => enhancement


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23847 [Core Tor/Tor]: Add shutdown command to Tor control port

[Tor Bug Tracker & Wiki]

#23847: Add shutdown command to Tor control port
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-mobile
Actual Points:|  Parent ID:  #23684
   Points:|   Reviewer:
  Sponsor:|
--+
 In order to stop tor and restart it cleanly, we would need a tor control
 port command to tell it to stop and cleanup all it's state so we can call
 the tor main again.

 This involves ensuring that all static variables are properly reset and
 cleanup is done correctly.

 Having good integration tests can go a long ways in ensuring that nothing
 breaks here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23822 [Core Tor/Tor]: tor router not working

[Tor Bug Tracker & Wiki]

#23822: tor router not working
--+---
 Reporter:  y.net |  Owner:  (none)
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.2.5.12
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by y.net):

 '''this is tor service status '''

 ---

  sudo service  tor status

 ● tor.service - LSB: Starts The Onion Router daemon processes[[BR]]
 Loaded: loaded (/etc/init.d/tor)[[BR]]   Active: active (running) since
 Thu 2017-10-12 23:00:42 +03; 24h ago[[BR]]  Process: 6714
 !ExecReload=/etc/init.d/tor reload (code=exited, status=0/SUCCESS)[[BR]]
 Process: 648 !ExecStart=/etc/init.d/tor start (code=exited,
 status=0/SUCCESS)[[BR]]   CGroup: /system.slice/tor.service[[BR]]
 └─769 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-
 torrc --hush[[BR]][[BR]]Oct 12 23:00:41 Pi-do systemd![1]: Starting LSB:
 Starts The Onion Router daemon processes...[[BR]]Oct 12 23:00:42 Pi-do
 tor![648]: Starting tor daemon...done.[[BR]]Oct 12 23:00:42 Pi-do
 systemd![1]: Started LSB: Starts The Onion Router daemon
 processes.[[BR]]Oct 13 06:25:06 Pi-do systemd![1]: Reloading LSB: Starts
 The Onion Router daemon processes.[[BR]]Oct 13 06:25:06 Pi-do tor![6714]:
 Reloading tor daemon configuration...done.[[BR]]Oct 13 06:25:06 Pi-do
 systemd![1]: Reloaded LSB: Starts The Onion Router daemon
 processes.[[BR]]---

 '''how can configure your distribution's package manager to use a source
 that has a more recent version?'''

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23846 [Core Tor/Tor]: Use libtool for building shared library

[Tor Bug Tracker & Wiki]

#23846: Use libtool for building shared library
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-mobile
Actual Points:|  Parent ID:  #23684
   Points:|   Reviewer:
  Sponsor:|
--+
 It seems like it's ideal to use libtool for generating a shared library.
 Simone made some progress on getting this working here:
 https://github.com/bassosimone/mkok-onion-event/pull/2/files.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23845 [Core Tor/Tor]: Document a stable tor main function

[Tor Bug Tracker & Wiki]

#23845: Document a stable tor main function
--+
 Reporter:  hellais   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-mobile
Actual Points:|  Parent ID:  #23684
   Points:|   Reviewer:
  Sponsor:|
--+
 For the usage in the mobile context it's useful to have a documented tor
 main function to call to start it and exposed as C headers.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23684 [Core Tor/Tor]: Make it easier for mobile app developers to embed tor

[Tor Bug Tracker & Wiki]

#23684: Make it easier for mobile app developers to embed tor
--+--
 Reporter:  hellais   |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by hellais):

 Here is the branch simone worked on for fixing the libtool issues:
 https://github.com/bassosimone/mkok-onion-event/pull/2/files

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23803 [Internal Services/Tor Sysadmin Team]: Please create an ldap account for stefani

[Tor Bug Tracker & Wiki]

#23803: Please create an ldap account for stefani
-+-
 Reporter:  micah|  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Ack. Good idea!  Thank you, Micah!  And thank you, Stefani!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23832 [Internal Services/Tor Sysadmin Team]: Please make ldap account for kat

[Tor Bug Tracker & Wiki]

#23832: Please make ldap account for kat
-+-
 Reporter:  arma |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Ack. Good idea!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23819 [Core Tor/Tor]: Support IPv6 link-local interface addresses

[Tor Bug Tracker & Wiki]

#23819: Support IPv6 link-local interface addresses
-+--
 Reporter:  Zakhar   |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:
 Keywords:  ipv6 link-local  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by Zakhar):

 Ok, I have checked that it is unchanged in the last version, and I am
 proposing a "patch" against version 0.2.9.11

 But before that, for the record, I'll detail the "rationale" of this
 '''"enhancement request"'''

 
 = Rationale =
 == Use cases and addressing ==
 Tor can be used in different way on the client machine.

 Most commonly, people would use software bundles as "Tor Browser". For
 this kind of use, the Tor daemon needs only listen on the loopback
 interface since we are using it only from a single host.

 Although less common, tor can be configured on a machine so that this
 machine behaves as a router redirecting traffic to tor for other machines
 on the LAN or even for VMs on the router itself.

 For this usage, we need to make the tor daemon listen some ports on the
 relevant local interface of our router.

 When using IPV4, the daemon would typically bind to addresses like
 192.168.0.17 or 172.30.20.10 or the like. Those are "reserved" in the V4
 addressing space and cannot be routed to the Internet.

 When using IPV6, the "best practice" for routing inside a local network is
 to use "link-local" addresses. This is a new concept that comes with IPV6.
 These addresses are local and unique in the scope of a link. What this
 means, is that since we are configuring a router, this router has several
 interface, and you can validly assign the same "link local" address, for
 example ![fe80::1] to all your interfaces in your router. Thus, for
 routing purpose, you must add the interface to the address for
 disambiguation.

 For an easy reading you can look at [https://en.wikipedia.org/wiki/Link-
 local_address Wikipedia Link Local]

 This complete norm: [https://tools.ietf.org/search/rfc4007#section-4
 RFC4007 section 4]

 The RFC clearly says (last sentence first paragraph of section 4)

 '''`The scope of an address is encoded as part of the address`'''

 The tor daemon is also used for tor nodes: entry, relay, exit, etc... I
 won't go into that use case here.

 Now, of course, the tor daemon running on the client/router machine also
 uses other addresses, it is the addresses of the sites you are visiting.
 Those addresses should normally be "on the internet" meaning outside of
 your local machine (unless you are performing tests a locally installed
 tor network which is probably a super rare use case).

 For ipV6 we call that "global" scope. "Global" scope addresses don't need
 the "zone index"... well since there are global as they name says, there
 is no ambiguity. You then transparently use "default zone index"
 (precisely you don't need to specify it as it is explained later in
 RFC4007).

 == Summary of what tor daemon supports ==
 Let's forget the ultra rare case of testing a local tor network with
 relays, entry guards, etc... and focus of what the tor daemon can do on
 your local machine apart from routing packets to the Internet on global
 addresses (which is the main purpose and work well!)

 '''IPV4'''

  * localhost (main usage: Tor Browser)

  * local "reserved" address (LAN router)

  * "global" address (nodes: entry, relay, exit, etc..)

 '''IPV6'''

  * localhost (main usage: Tor Browser)

  * "global" address? (not tested but should work since there are some
 entry/exits having ipV6!)

 So basically, you '''CANNOT''' (in the respect of good practice) build an
 ipv6 "tor router" at the moment.

 This is an acknowledged fact and a limitation.

 Some might argue that it is indeed a "bug" to be not compliant with
 RFC4007, limiting the ipv6 address to 16 bytes and omitting the "zone
 index"... but I'm fine with "acknowledged limitation"!

 == (NOT RECOMMENDED) Workaround ==
 Since ipv6 is much more easy than ipv4, one could also assign a global
 scope address to the interface and work with that.

 But in doing so, you are opening a lot of other issues. First you would
 have to advertise this address as the route for SLAAC configured machines
 on you "tor router" LAN, which is not the default behaviour as you are
 supposed to use link local addresses.

 Link local addresses are best practice, because should you have
 misconfigured some parts of your router, there is always a risk that your
 global addressable ipv6 be leaked. That is your "real" address and in a
 "tor" situation you absolutely do NOT want that!

 You could try with ULA (Unique Local Address) 

Re: [tor-bugs] #23819 [Core Tor/Tor]: Support IPv6 link-local interface addresses

[Tor Bug Tracker & Wiki]

#23819: Support IPv6 link-local interface addresses
-+--
 Reporter:  Zakhar   |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:
 Keywords:  ipv6 link-local  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by Zakhar):

 * Attachment "address.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23724 [Applications/Tor Browser]: NoScript restartless update breaks Security Slider and its icon disappears

[Tor Bug Tracker & Wiki]

#23724: NoScript restartless update breaks Security Slider and its icon 
disappears
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  needs_revision
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Let's assume NoScript was updated to 5.1.2 on gk's Tor Browser, and he
 will come to say some words here :)

 Replying to ma1:
 > > > Update: it seems `[System+Principal]` doesn't work.
 > >
 > > Work at what? The message about [System Principal] just takes note
 that there was a window where scripts could not be blocked because it had
 chrome privileges. It's normal, and nothing that needs to be "fixed".
 > That whitelist item doesn't suppress those messages.
 `this.mandatorySites.sitesString = this.getPref("mandatory", "chrome:
 about: resource: [System Principal]");` in Main.js seems to use " " as the
 pref does, so it works in the default NS config, but doesn't work if added
 manually with "+" sign.
 Also shouldn't it contain `moz-extension:`? Maybe, it could fix #23322.
 Candidate for whitelisting is #23736.

 As for restartless updates, the correct documentation seems to be
 https://dxr.mozilla.org/mozilla-
 
esr52/rev/efa03deffad75f19fc598a757239e99b22a8bceb/toolkit/mozapps/extensions/internal/XPIProvider.jsm#4865
 as usual :( But some links from https://developer.mozilla.org/en-US/Add-
 ons/Bootstrapped_extensions are also useful and could be used for
 bootstrapped part refactoring in order to get the dialog box when
 disabling NoScript working, for example.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21952 [Webpages]: .Onion everywhere?: increasing the use of onion services through automatic redirects and aliasing

[Tor Bug Tracker & Wiki]

#21952: .Onion everywhere?: increasing the use of onion services through 
automatic
redirects and aliasing
--+--
 Reporter:  linda |  Owner:  linda
 Type:  project   | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Webpages  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by phw):

 * cc: phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23771 [Internal Services/Service - trac]: Certain Trac accounts are vulnerable to social engineering hologram impersonation

[Tor Bug Tracker & Wiki]

#23771: Certain Trac accounts are vulnerable to social engineering hologram
impersonation
--+-
 Reporter:  arthuredeIstein   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by cypherpunks):

 Replying to [comment:4 arthuredelstein]:
 > Ouch.
 Relax. It's just a [https://blogs.msdn.microsoft.com/shawnste/2005/03/03
 /idn-homographs/ homograph].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account

[Tor Bug Tracker & Wiki]

#23841: Some asshole deleted cypherpunks account
--+
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => worksforme


Comment:

 Well the account still exists

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23844 [Metrics/ExoneraTor]: Fix NullPointerException thrown by providing invalid parameters

[Tor Bug Tracker & Wiki]

#23844: Fix NullPointerException thrown by providing invalid parameters
+--
 Reporter:  karsten |  Owner:  metrics-team
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by iwakeh):

 This
 
[https://gitweb.torproject.org/exonerator.git/diff/src/main/java/org/torproject/exonerator/ExoneraTorServlet.java?id=2df185357b580cfda302e4679637a33e9083895d=3=0=1
 side-by-side diff] makes the problematic change better visible; focus on
 old line 191, which is erased.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23771 [Internal Services/Service - trac]: Certain Trac accounts are vulnerable to social engineering hologram impersonation

[Tor Bug Tracker & Wiki]

#23771: Certain Trac accounts are vulnerable to social engineering hologram
impersonation
--+-
 Reporter:  arthuredeIstein   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


Comment:

 Ouch.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23844 [Metrics/ExoneraTor]: Fix NullPointerException thrown by providing invalid parameters

[Tor Bug Tracker & Wiki]

#23844: Fix NullPointerException thrown by providing invalid parameters
+--
 Reporter:  karsten |  Owner:  metrics-team
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by iwakeh):

 * status:  new => needs_review


Comment:

 The problem got introduced in
 
[https://gitweb.torproject.org/exonerator.git/tree/src/main/java/org/torproject/exonerator/ExoneraTorServlet.java?id=0d79dbd211e7e7d06e1435cf7d78f1abc3bf4365#n184
 this commit], where the NPE happens when writing
 
[https://gitweb.torproject.org/exonerator.git/tree/src/main/java/org/torproject/exonerator/ExoneraTorServlet.java?id=0d79dbd211e7e7d06e1435cf7d78f1abc3bf4365#n228
 the permanent link].

 Please review this
 [https://gitweb.torproject.org/user/iwakeh/exonerator.git/commit/?h=task-23488
 patch], which avoids providing the permanent link when there was invalid
 user input.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23540 [Applications/Tor Messenger]: When I have have "Perfer tabs when opening documents" set to "Always " the app will open with a large back Abr at the top of the app

[Tor Bug Tracker & Wiki]

#23540: When I have  have "Perfer tabs when opening documents" set to "Always " 
the
app will open with a large back Abr at the top of the app
+
 Reporter:  Dbryrtfbcbhgf   |  Owner:  (none)
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Messenger  |Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by arlolra):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Thanks for reporting.  I was able to reproduce the issue and verified that
 it is fixed in 0.5.0b1. Please upgrade.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23747 [Applications/Tor Browser]: "Temporarily allow all this page" breaks JS on all other tabs

[Tor Bug Tracker & Wiki]

#23747: "Temporarily allow all this page" breaks JS on all other tabs
--+
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_revision
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by cypherpunks):

 Replying to [comment:9 ma1]:
 > Replying to [comment:8 cypherpunks]:
 >
 >
 >
 > > > No. It turns out temporarily allowed page wasn't reloaded at that
 moment (a bug too), and this is critical for testing this issue. Reloading
 of the allowed page leads to JS breakage on other tabs with rc7 and after
 restart too.
 >
 > It's not what I can see here (BTW, please switch to
 [https://noscript.net/getit#devel rc8], just released with more lifecycle-
 related fixes).
 Another STR = another results (BTW, public repo can't be updated so
 quickly ;)
 > My test, meant to exclude "confounding factors":
 Hmm...
 >  1. Install NoScript 5.1.2rc8 over a "stock" Tor Browser, set the
 Security Slider to "High" and restart the browser
 "stock" Tor Browser has "bundled" NoScript. Do you mean to replace it
 before the first run? There are many scenarios to get rc8, but let's
 assume that it's enough to update any previous version with it, restart
 and then set the Security Slider to "Medium" (to ensure it updates rc8
 settings).
 >  1. Open https://maone.net/ in a new tab
 >  1. Open https://noscript.net/ in a new tab, then on this tab use
 "Temporarily allow all this page"
 >  1. With this tab still active, open a Scratchpad (shift+F4) and run the
 following scriptlet:
 > {{{
 >  document.body.innerHTML=`test`
 > }}}
 > This will make a [Test] button appear on the noscript.net page: if you
 click, a "JS Active" alert should be shown as long as Javascript is
 enabled there
 > 5. Go back to the maone.net tab, and use "Temporarily allow all". Watch
 the page autoreload. You can also "Forbid maone.net" and repeat as many
 time as you want.
 That's the reason why it works: JS breaks on non-temporarily allowed sites
 only.
 > 6. Switch to the noscript.net tab and hit the button to verify
 Javascript is still enabled
 Confirmed.

 FWIW: `about:debugging#addons` has a great feature "Load Temporarily Add-
 on" for on-the-fly patching/debugging of bootstrapped extensions.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23747 [Applications/Tor Browser]: "Temporarily allow all this page" breaks JS on all other tabs

[Tor Bug Tracker & Wiki]

#23747: "Temporarily allow all this page" breaks JS on all other tabs
--+
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_revision
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by ma1):

 Replying to [comment:8 cypherpunks]:



 > > No. It turns out temporarily allowed page wasn't reloaded at that
 moment (a bug too), and this is critical for testing this issue. Reloading
 of the allowed page leads to JS breakage on other tabs with rc7 and after
 restart too.

 It's not what I can see here (BTW, please switch to
 [https://noscript.net/getit#devel rc8], just released with more lifecycle-
 related fixes).

 My test, meant to exclude "confounding factors":

  1. Install NoScript 5.1.2rc8 over a "stock" Tor Browser, set the Security
 Slider to "High" and restart the browser
  1. Open https://maone.net/ in a new tab
  1. Open https://noscript.net/ in a new tab, then on this tab use
 "Temporarily allow all this page"
  1. With this tab still active, open a Scratchpad (shift+F4) and run the
 following scriptlet:
 {{{
  document.body.innerHTML=`test`
 }}}
 This will make a [Test] button appear on the noscript.net page: if you
 click, a "JS Active" alert should be shown as long as Javascript is
 enabled there
 5. Go back to the maone.net tab, and use "Temporarily allow all". Watch
 the page autoreload. You can also "Forbid maone.net" and repeat as many
 time as you want.
 6. Switch to the noscript.net tab and hit the button to verify Javascript
 is still enabled

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23747 [Applications/Tor Browser]: "Temporarily allow all this page" breaks JS on all other tabs

[Tor Bug Tracker & Wiki]

#23747: "Temporarily allow all this page" breaks JS on all other tabs
--+
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_revision
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * status:  new => needs_revision


Comment:

 Replying to [comment:7 ma1]:
 > Replying to [comment:6 cypherpunks]:
 >
 > > Seems it doesn't work until restart.
 >
 > You mean installing over a "broken" version doesn't fix its behavior
 until restart, don't you?
 Correct.
 > But a new installation or installing over rc7 itself just works as
 expected, correct?
 No. It turns out temporarily allowed page wasn't reloaded at that moment
 (a bug too), and this is critical for testing this issue. Reloading of the
 allowed page leads to JS breakage on other tabs with rc7 and after restart
 too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23716 [Metrics/Website]: Rename Operation section to Services

[Tor Bug Tracker & Wiki]

#23716: Rename Operation section to Services
-+---
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * keywords:   => ux-team


Comment:

 Adding the ux-team keyword after talking to Linda who agreed that this is
 something where the UX team might help us with.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23844 [Metrics/ExoneraTor]: Fix NullPointerException thrown by providing invalid parameters

[Tor Bug Tracker & Wiki]

#23844: Fix NullPointerException thrown by providing invalid parameters
+--
 Reporter:  karsten |  Owner:  metrics-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+--
 Looks like our recent changes from a few weeks ago introduced a
 `NullPointerException` when the user provides invalid paramters. For
 example,
 [https://exonerator.torproject.org/?ip=86.59.21.3k=2017-10-13=en
 this request for IP address 86.59.21.3k] throws such an exception. Should
 be relatively easy to resolve. Reported by ln5.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23747 [Applications/Tor Browser]: "Temporarily allow all this page" breaks JS on all other tabs

[Tor Bug Tracker & Wiki]

#23747: "Temporarily allow all this page" breaks JS on all other tabs
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ma1):

 Replying to [comment:6 cypherpunks]:


 > Seems it doesn't work until restart.

 Do you mean installing over a "broken" version doesn't fix its behavior
 until restart, right? But a new installation or installing over rc7 itself
 just works as expected, correct?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23747 [Applications/Tor Browser]: "Temporarily allow all this page" breaks JS on all other tabs

[Tor Bug Tracker & Wiki]

#23747: "Temporarily allow all this page" breaks JS on all other tabs
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Seems it doesn't work until restart. "Forbid example.com" to revert
 allowed site breaks JS on all other tabs too. Subsequent allow/revert
 switching breaks them too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10498 [Applications/Tor Browser]: Noscript. Path of trust.

[Tor Bug Tracker & Wiki]

#10498: Noscript. Path of trust.
--+--
 Reporter:  cypherpunks   |  Owner:  erinn
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Replying to [comment:3 cypherpunks]:
 > Maone actions seem to be malicious.
 Proof? Otherwise that's just FUD.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21071 [Internal Services/Tor Sysadmin Team]: [onion] blog.torproject.org

[Tor Bug Tracker & Wiki]

#21071: [onion] blog.torproject.org
-+-
 Reporter:  righnaw  |  Owner:  tpa
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:  #19805   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:6 cypherpunks]:
 > Can you trust that person? Can you state that Tor users can trust that
 person?
 He's part of the core Tor Project members, so yeah.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23843 [Internal Services]: Use https on all internal .onion services.

[Tor Bug Tracker & Wiki]

#23843: Use https on all internal .onion services.
---+-
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Internal Services  |Version:
 Severity:  Normal | Resolution:  invalid
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 > A crypto axiom says "Don't invent own cryptography".
 > You have violated it inventing HSs.

 That's not true, they know use SHA3/ed25519/curve25519 for v3 OSs which
 isn't their "own invented crypto" by any stretch of imagination.

 Also https for OSs only shows you that you're talking to the right OS and
 not that it gets another layer of encryption.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23843 [Internal Services]: Use https on all internal .onion services.

[Tor Bug Tracker & Wiki]

#23843: Use https on all internal .onion services.
---+
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 A crypto axiom says "Don't invent own cryptography".
 You have violated it inventing HSs.

 But can we really be sure that the confidentiality and integrity they
 provide are real and that they don't contain vulnerabilities?

 I think that you should reinforce own services with state of the art TLS
 which is far more better reviewed and audited.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21071 [Internal Services/Tor Sysadmin Team]: [onion] blog.torproject.org

[Tor Bug Tracker & Wiki]

#21071: [onion] blog.torproject.org
-+-
 Reporter:  righnaw  |  Owner:  tpa
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:  #19805   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 >Whereas we know a nice person who hosts drupal blogs and will host ours
 for cheap, and keep it up to date and so on. Win!

 Can you trust that person? Can you state that Tor users can trust that
 person?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23840 [Applications/Tor Browser]: Cloudflare and Google Captcha failed 100%

[Tor Bug Tracker & Wiki]

#23840: Cloudflare and Google Captcha failed 100%
--+---
 Reporter:  cypherpunks   |  Owner:  hiro
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Replying to [comment:1 cypherpunks]:
 > And this TRAC system sometimes ask google captcha(older one, not current
 "Im not a robot" one).
 >
 > Please consider switching it to [1], or make one and host it on this
 website(no 3P).
 >
 > [1] https://coinhive.com/#captcha
 No, it takes me +30min and it's still not finished.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23842 [Internal Services]: Automatic check of ListOfServicesBlockingTor

[Tor Bug Tracker & Wiki]

#23842: Automatic check of ListOfServicesBlockingTor
---+
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 There is a page in Wiki for ListOfServicesBlockingTor.
 It is to be reported by isers about Tor blocks. It has drawbacks

 1 It can contain obsolete information.
 2 It has a lot of websites actually blocking Tor missing.

 We need a better approach. We need an automated service, doing the
 following:
 1 It has a DB
 2 It has a table of services (domain/ip and port) blocking Tor
 3 It recrawls this services and checks if Tor is still blocked every
 day/hour/minute/second. When it crawls it connects either using TLS or
 using netcat, and checks the downloaded text for signs of blocking and
 similarity to the text of the previous crawl.
 4 It has a table of services not blocking Tor and new services to be
 checked.
 5 It has a web spider discovering new services (the services not present
 in either table) and adding them to the table to be checked.
 6 It has a form to add a service manually with free-form description in
 markdown.
 7 It generates the daily report and posts it into the Wiki.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10498 [Applications/Tor Browser]: Noscript. Path of trust.

[Tor Bug Tracker & Wiki]

#10498: Noscript. Path of trust.
--+--
 Reporter:  cypherpunks   |  Owner:  erinn
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Maone actions seem to be malicious.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account

[Tor Bug Tracker & Wiki]

#23841: Some asshole deleted cypherpunks account
--+-
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21487 [Applications/Tor Browser]: Users cannot log into SeekingAlpha.com

[Tor Bug Tracker & Wiki]

#21487: Users cannot log into SeekingAlpha.com
--+--
 Reporter:  Halcyon_Days  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  tbb-usability-website |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by Halcyon_Days):

 * status:  needs_information => closed
 * resolution:   => wontfix


Comment:

 Yes, the workaround mentioned in
 https://trac.torproject.org/projects/tor/ticket/11295#comment:5 works and
 completely resolves this issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18222 [Applications/Tor Browser]: Tor Browser sets different Guard for one of the tabs when goes crazy

[Tor Bug Tracker & Wiki]

#18222: Tor Browser sets different Guard for one of the tabs when goes crazy
--+--
 Reporter:  bugzilla  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by grace54):

 As a qualified developer and designer at UK based agency, I consider that
 Tor Browser sets different trends, I am a writer & provide
 [https://www.assignmenthelponweb.co.uk/ College Assignment Help] and I am
 currently using this browser on my laptop and it has nice features.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs