Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
+--
 Reporter:  sukhbir |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  #26203  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by sukhbir):

 OK, the above was an easy fix (copying libwinpthread-1.dll) but the issue
 still persists. I will resume later but for anyone reading, I feel this is
 related to `xvfb` not starting, or not starting properly. Because when I
 hit the debug shell and run the command, it completes successfully and so
 does wine.

 (If you see #comment:4, you will notice that the docker script says, "Up
 to 5 attempts will be made to start xvfb with a short delay # between
 retries", so clearly something is going on here.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26320 [Applications/Tor Browser]: Orfox 52.8.0esr-7.5-1 Crash

[Tor Bug Tracker & Wiki]

#26320: Orfox 52.8.0esr-7.5-1 Crash
--+---
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by sysrqb):

 I think we'll need to use the non-optimized build. The short explanation
 is fennec still crashes using -O1 (different from the default optimization
 -Os).

 The slightly longer answer is I tried compiling with the -O1 optimization
 flag, but I experienced a compile-time errors, so one (or more) of the
 optimizations enabled by `-Os` enforces the inlining requirement:

 {{{
  4:34.47 In file included from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/system_wrappers/string:3:0,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/stl_wrappers/string:44,
  4:34.47  from /home/sysrqb/Orfox/external/tor-
 browser/ipc/chromium/src/base/platform_file.h:15,
  4:34.47  from /home/sysrqb/Orfox/external/tor-
 browser/ipc/chromium/src/base/platform_file_posix.cc:7,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/ipc/chromium/Unified_cpp_ipc_chromium1.cpp:2:
  4:34.47 /home/sysrqb/.mozbuild/android-ndk-r11b//sources/cxx-stl/llvm-
 libc++/libcxx/include/string: In member function 'bool
 base::SharedMemory::FilenameForMemoryName(const wstring&,
 std::__ndk1::wstring*)':
  4:34.47 /home/sysrqb/.mozbuild/android-ndk-r11b//sources/cxx-stl/llvm-
 libc++/libcxx/include/string:700:35: error: inlining failed in call to
 always_inline 'static constexpr bool std::__ndk1::char_traits::eq(std::__ndk1::char_traits::char_type,
 std::__ndk1::char_traits::char_type) throw ()': indirect function
 call with a yet undetermined callee
  4:34.47  static _LIBCPP_CONSTEXPR bool eq(char_type __c1, char_type
 __c2) _NOEXCEPT
  4:34.47
 [...]
  4:34.47 In file included from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/system_wrappers/algorithm:3:0,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/stl_wrappers/algorithm:44,
  4:34.47  from /home/sysrqb/.mozbuild/android-ndk-
 r11b//sources/cxx-stl/llvm-libc++/libcxx/include/string:439,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/system_wrappers/string:3,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/dist/stl_wrappers/string:44,
  4:34.47  from /home/sysrqb/Orfox/external/tor-
 browser/ipc/chromium/src/base/platform_file.h:15,
  4:34.47  from /home/sysrqb/Orfox/external/tor-
 browser/ipc/chromium/src/base/platform_file_posix.cc:7,
  4:34.47  from /home/sysrqb/Orfox/external/tor-browser
 /obj-arm-linux-androideabi/ipc/chromium/Unified_cpp_ipc_chromium1.cpp:2:
  4:34.47 /home/sysrqb/.mozbuild/android-ndk-r11b//sources/cxx-stl/llvm-
 libc++/libcxx/include/algorithm:1050:13: error: called from here
  4:34.47  if (__pred(*__first1, *__j))
 }}}

 I added `-findirect-inlining` (the name was a good hint), and that solved
 the compile-time error - so it seems like Android NDK 11b requires this,
 at least. Unfortunately, the app still crashes on the test webpage.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26311 [Core Tor/Tor]: Error in `/usr/bin/tor': free(): invalid next size (normal): 0x000055ed468598d0

[Tor Bug Tracker & Wiki]

#26311: Error in `/usr/bin/tor': free(): invalid next size (normal):
0x55ed468598d0
--+-
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.3.5-rc
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by starlight):

 check for library file corruption:  rpm -Va or debsums

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26311 [Core Tor/Tor]: Error in `/usr/bin/tor': free(): invalid next size (normal): 0x000055ed468598d0

[Tor Bug Tracker & Wiki]

#26311: Error in `/usr/bin/tor': free(): invalid next size (normal):
0x55ed468598d0
--+-
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.3.5-rc
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by starlight):

 try using smartctl to check raw hard-drive temperatures, remote server
 management if you have access to check cystem temperatures and fan speeds;
 perhaps a fan or two seized, filters clogged with dust or the data center
 has a chiller problem

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26152 [Core Tor/Tor]: Improve errors on crypto/openssl_version badness

[Tor Bug Tracker & Wiki]

#26152: Improve errors on crypto/openssl_version badness
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:   | Points:
 Reviewer:  isis |Sponsor:
-+-
Changes (by isis):

 * status:  needs_review => needs_revision


Comment:

 I left a review [https://github.com/torproject/tor/pull/117 on the PR].
 One tiny change needed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26244 [Core Tor/Nyx]: The ability to jump to the bottom or top of the connection list in Nyx

[Tor Bug Tracker & Wiki]

#26244: The ability to jump to the bottom or top of the connection list in Nyx
---+---
 Reporter:  Dbryrtfbcbhgf  |  Owner:  atagar
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:
Component:  Core Tor/Nyx   |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by atagar):

 * status:  new => needs_information


Comment:

 Hi Dbryrtfbcbhgf. I'm presently at work so I can't check with a live
 instance but as I recall the 'end' key should do the trick. From a quick
 peek at the code seems it does...

 https://gitweb.torproject.org/nyx.git/tree/nyx/curses.py#n1029

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #1849 [Core Tor/Tor]: Optimistic Data for Tor

[Tor Bug Tracker & Wiki]

#1849: Optimistic Data for Tor
--+
 Reporter:  arma  |  Owner:  (none)
 Type:  project   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.2.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:| Resolution:  implemented
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Description changed by arthuredelstein:

Old description:

> Ian has a design in mind where Tor clients can send the HTTP GET part of
> their request right after the RELAY BEGIN request, to save a round-trip
> during web browsing. That sounds like a great idea.
> https://thunk.cs.uwaterloo.ca/optimistic-data-pets2010-rump.pdf
>
> As I understand it, there are three components that need doing:
>
> A) Tor exit relays need to be able to queue up data cells that arrive
> right after begin cells, and then process them once the exit stream is
> established.
>
> B) Tor clients need to learn a new version of socks, or some other way to
> recognize when the application is trying to play the optimistic game.
> Then they need to send the data cells after the begin cells, but still
> remember them if they decide later to move to a different circuit (e.g.
> if their begin cell times out or fails).
>
> C) The application side of things needs to learn to signal that it wants
> optimistic data. Maybe we can modify polipo or shim to do this. Or maybe
> we can find a way to not need this piece, since it would be a shame to
> add a new http proxy dependency when we're trying to cut the http proxy
> out of the loop.
>
> D) Set up a Torperf variant that uses optimistic data, and compare
> performance results for various web browsing patterns.

New description:

 Ian has a design in mind where Tor clients can send the HTTP GET part of
 their request right after the RELAY BEGIN request, to save a round-trip
 during web browsing. That sounds like a great idea.
 [https://web.archive.org/web/20170515183058/https://thunk.cs.uwaterloo.ca
 /optimistic-data-pets2010-rump.pdf https://thunk.cs.uwaterloo.ca
 /optimistic-data-pets2010-rump.pdf]

 As I understand it, there are three components that need doing:

 A) Tor exit relays need to be able to queue up data cells that arrive
 right after begin cells, and then process them once the exit stream is
 established.

 B) Tor clients need to learn a new version of socks, or some other way to
 recognize when the application is trying to play the optimistic game. Then
 they need to send the data cells after the begin cells, but still remember
 them if they decide later to move to a different circuit (e.g. if their
 begin cell times out or fails).

 C) The application side of things needs to learn to signal that it wants
 optimistic data. Maybe we can modify polipo or shim to do this. Or maybe
 we can find a way to not need this piece, since it would be a shame to add
 a new http proxy dependency when we're trying to cut the http proxy out of
 the loop.

 D) Set up a Torperf variant that uses optimistic data, and compare
 performance results for various web browsing patterns.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
+--
 Reporter:  sukhbir |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  #26203  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by sukhbir):

 On further debugging, some progress:

 {{{
 export WINEDEBUG=+error
 err:module:import_dll Library libwinpthread-1.dll (which is needed by
 L"Z:\\var\\tmp\\dist\\fxc2\\bin\\fxc2.exe") not found
 err:module:LdrInitializeThunk Main exe initialization for
 L"Z:\\var\\tmp\\dist\\fxc2\\bin\\fxc2.exe" failed, status c135
 }}}

 I will update after fixing this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pospeselr):

 Turns out localization here was way simpler than what Arthur had to do for
 his patch.  We can simply stick the strings in torbutton.properties, which
 is the same format as where I had them before, just in separate file that
 we control.

 I've also attached a patch for torbutton which adds the new strings (in
 English) to all of our locales for future translation.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * status:  needs_revision => needs_review
 * keywords:  ux-team, tor-hs, TorBrowserTeam201806 => ux-team, tor-hs,
 TorBrowserTeam201806R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-PATCH-Bug-23247-Communicating-security-expectations
 -(tor-browser).patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * Attachment "0001-PATCH-Bug-23247-Communicating-security-
 expectations-(torbutton).patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26152 [Core Tor/Tor]: Improve errors on crypto/openssl_version badness

[Tor Bug Tracker & Wiki]

#26152: Improve errors on crypto/openssl_version badness
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:   | Points:
 Reviewer:  isis |Sponsor:
-+-

Comment (by isis):

 Replying to [comment:4 isis]:
 > [https://github.com/saper saper] had a suggestion
 [https://github.com/torproject/tor/pull/117#issuecomment-390818893 on
 github]:
 > >
 > > Would that be possible to add something to
 
[https://github.com/torproject/tor/blob/943291d7ae3d246c50fa55caa96c9bb04ee577eb/configure.ac#L833
 autoconf tests]? It was quite annoying to wait for a long time for the
 build to finish only to find out in the end. Maybe we could even loop in
 
[https://github.com/torproject/tor/blob/943291d7ae3d246c50fa55caa96c9bb04ee577eb/configure.ac#L818
 TOR_SEARCH_LIBRARY] to reject non-compliant combinations right away and
 try other ones.

 I think this is probably a good idea, as long as the autoconf test also
 printed out the version mismatch. Also I think we would want a new ticket
 for this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
+--
 Reporter:  sukhbir |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  #26203  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by tom):

 I did not; but probably because we have some 'thing' that does display
 stuff for me so I never had to learn about xvfb or linux display stuff. =/
 https://searchfox.org/mozilla-
 central/source/taskcluster/docker/recipes/xvfb.sh#55

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
+--
 Reporter:  sukhbir |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  #26203  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by boklm):

 Did you try running the wine command that fails manually in the debug
 shell to see if that gives move details about the error?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
+--
 Reporter:  sukhbir |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_information
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  #26203  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * cc: tom (added)
 * status:  new => needs_information
 * keywords:  ff60-esr => ff60-esr, TorBrowserTeam201806
 * priority:  Medium => Very High


Comment:

 So, Tom got that working on Mozilla infra which I guess looks not that
 different. Tom, did you run into this when integrating the `fxc2` hack?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
--+--
 Reporter:  sukhbir   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr  |  Actual Points:
Parent ID:  #26203| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sukhbir):

 We needed to run wine in headless mode, so I tried using `xvfb`:

 {{{
 +  Xvfb :1 &
 +  export DISPLAY=:1
 }}}

 The only effect it seems to have is that it delays for a while and returns
 the same error:

 {{{
  0:04.00 TelemetryHistogramData.inc
  0:04.07 TelemetryHistogramEnums.h
  0:04.11 TelemetryProcessData.h
  0:04.11 TelemetryProcessEnums.h
  0:04.11 TelemetryScalarData.h
  0:04.11 TelemetryScalarEnums.h
  5:01.26 /usr/bin/wine /var/tmp/dist/fxc2/bin/fxc2.exe -nologo -Tvs_4_0
 /var/tmp/build/firefox-30544586f8a9/gfx/layers/d3d11/mlgshaders/textured-
 vs.hlsl -ETexturedQuadVS -VnTexturedQuadVS -Vi -DVERTEX_SHADER
 -Fh/tmp/tmpEDeKFL
  5:01.26 /usr/bin/wine /var/tmp/dist/fxc2/bin/fxc2.exe -nologo
 -Tvs_4_0_level_9_3 /var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/CompositorD3D11.hlsl -ELayerQuadVS
 -VnLayerQuadVS -Vi -DVERTEX_SHADER -Fh/tmp/tmpD35IoP
 }}}

 (Notice the gap between timestamps)

 I tried with `wine wineboot -i` as well and that didn't work.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26326 [Applications/Tor Browser]: wine error when building Firefox ESR60 Windows x86_64

[Tor Bug Tracker & Wiki]

#26326: wine error when building Firefox ESR60 Windows x86_64
--+--
 Reporter:  sukhbir   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff60-esr
Actual Points:|  Parent ID:  #26203
   Points:|   Reviewer:
  Sponsor:|
--+--
 When building Firefox ESR60 for Windows x86_64 (with
 https://github.com/azadi/tor-browser-build-1/tree/bug-26204 applied for
 the `fxc2` project), we get the following error:

 {{{
  0:03.48 Application tried to create a window, but no driver could be
 loaded.
  0:04.23 TelemetryHistogramData.inc
  0:04.23 nsSTSPreloadList.h
  0:04.36 TelemetryHistogramEnums.h
  0:04.36 TelemetryProcessData.h
  0:04.36 TelemetryProcessEnums.h
  0:04.37 TelemetryScalarData.h
  0:04.37 TelemetryScalarEnums.h
  0:04.46 wine: configuration in '/var/tmp/tmp.VbPk8hyCBs/.wine64' has been
 updated.
  0:04.48 /usr/bin/wine /var/tmp/dist/fxc2/bin/fxc2.exe -nologo -Tvs_4_0
 /var/tmp/build/firefox-30544586f8a9/gfx/layers/d3d11/mlgshaders/textured-
 vs.hlsl -ETexturedQuadVS -VnTexturedQuadVS -Vi -DVERTEX_SHADER
 -Fh/tmp/tmpF6j9gD
  0:04.48 Traceback (most recent call last):
  0:04.48   File "/usr/lib/python2.7/runpy.py", line 162, in
 _run_module_as_main
  0:04.48 "__main__", fname, loader, pkg_name)
  0:04.48   File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
  0:04.48 exec code in run_globals
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/python/mozbuild/mozbuild/action/file_generate.py", line 117,
 in 
  0:04.48 sys.exit(main(sys.argv[1:]))
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/python/mozbuild/mozbuild/action/file_generate.py", line 68,
 in main
  0:04.48 ret = module.__dict__[method](output,
 *args.additional_arguments, **kwargs)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 27, in main
  0:04.48 return process_manifest(output_fp, input_filename)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 64, in process_manifest
  0:04.48 output_fp = output_fp)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 97, in run_fxc
  0:04.48 proc_stdout = subprocess.check_output(argv)
  0:04.48   File "/usr/lib/python2.7/subprocess.py", line 573, in
 check_output
  0:04.48 raise CalledProcessError(retcode, cmd, output=output)
  0:04.48 subprocess.CalledProcessError: Command '[u'/usr/bin/wine',
 u'/var/tmp/dist/fxc2/bin/fxc2.exe', '-nologo', '-Tvs_4_0', '/var/tmp/build
 /firefox-30544586f8a9/gfx/layers/d3d11/mlgshaders/textured-vs.hlsl',
 '-ETexturedQuadVS', '-VnTexturedQuadVS', '-Vi', '-DVERTEX_SHADER',
 '-Fh/tmp/tmpF6j9gD']' returned non-zero exit status 53
  0:04.48 /usr/bin/wine /var/tmp/dist/fxc2/bin/fxc2.exe -nologo
 -Tvs_4_0_level_9_3 /var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/CompositorD3D11.hlsl -ELayerQuadVS
 -VnLayerQuadVS -Vi -DVERTEX_SHADER -Fh/tmp/tmpwbm6Wj
  0:04.48 Traceback (most recent call last):
  0:04.48   File "/usr/lib/python2.7/runpy.py", line 162, in
 _run_module_as_main
  0:04.48 "__main__", fname, loader, pkg_name)
  0:04.48   File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
  0:04.48 exec code in run_globals
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/python/mozbuild/mozbuild/action/file_generate.py", line 117,
 in 
  0:04.48 sys.exit(main(sys.argv[1:]))
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/python/mozbuild/mozbuild/action/file_generate.py", line 68,
 in main
  0:04.48 ret = module.__dict__[method](output,
 *args.additional_arguments, **kwargs)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 27, in main
  0:04.48 return process_manifest(output_fp, input_filename)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 64, in process_manifest
  0:04.48 output_fp = output_fp)
  0:04.48   File "/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/genshaders.py", line 97, in run_fxc
  0:04.48 proc_stdout = subprocess.check_output(argv)
  0:04.48   File "/usr/lib/python2.7/subprocess.py", line 573, in
 check_output
  0:04.48 raise CalledProcessError(retcode, cmd, output=output)
  0:04.48 subprocess.CalledProcessError: Command '[u'/usr/bin/wine',
 u'/var/tmp/dist/fxc2/bin/fxc2.exe', '-nologo', '-Tvs_4_0_level_9_3',
 '/var/tmp/build/firefox-
 30544586f8a9/gfx/layers/d3d11/CompositorD3D11.hlsl', '-ELayerQuadVS',
 '-VnLayerQuadVS', '-Vi', '-DVERTEX_SHADER', '-Fh/tmp/tmpwbm6Wj']' returned
 non-zero exit status 53

Re: [tor-bugs] #22981 [Applications/Tor Browser]: Don't block audio/video on https sites under Medium Security

[Tor Bug Tracker & Wiki]

#22981: Don't block audio/video on https sites under Medium Security
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:9 cypherpunks]:
 > It's worth considering that we're now just a few years before HTTPS
 usage gets to more than 90% by default, under this proposal this means
 that there would be only two security settings: Standard-Safe (basically
 indistinguishable for the average user) and Safest.

 Agreed -- that step would further improve simplicity and provide better
 security at the default (lower security) setting.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26325 [Webpages/Website]: Please modify the Fundraising Director job posting on website

[Tor Bug Tracker & Wiki]

#26325: Please modify the Fundraising Director job posting on website
--+
 Reporter:  ewyatt|  Owner:  (none)
 Type:  task  | Status:  closed
 Priority:  High  |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by arma):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Looks like the website updated.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22981 [Applications/Tor Browser]: Don't block audio/video on https sites under Medium Security

[Tor Bug Tracker & Wiki]

#22981: Don't block audio/video on https sites under Medium Security
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-security-slider,  |  Actual Points:
  ux-team|
Parent ID:  #23150   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 It's worth considering that we're now just a few years before HTTPS usage
 gets to more than 90% by default, under this proposal this means that
 there would be only two security settings: Standard-Safe (basically
 indistinguishable for the average user) and Safest.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26325 [Webpages/Website]: Please modify the Fundraising Director job posting on website

[Tor Bug Tracker & Wiki]

#26325: Please modify the Fundraising Director job posting on website
--+
 Reporter:  ewyatt|  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by arma):

 Done! (Website should update in a bit.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_information
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * status:  needs_revision => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:5 mcs]:

 > * Do we have any kind of commitment from the NoScript author (Giorgio)
 that the IPC message we are using will continue to work with future
 releases of NoScript?

 Giorgio, what do you think? My impression is that the message listener and
 the Settings objects are central to NoScript's architecture. But it would
 be better if we could define the protocol more formally. And what do you
 think about idea of NoScript accepting diffs to Settings (see comment:7)?
 Is that already possible in some way or could we add this capability to
 NoScript?

 Also, I used a hack to treat http and https domain differently (using a
 "site" whose "domain" is the string "http:". Is there a cleaner way to do
 this?

 Thanks in advance!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * cc: ma1 (added)


Comment:

 Replying to [comment:5 mcs]:
 > Kathy and I reviewed these changes. Awesome work! Of course we have a
 few comments:

 Thanks for the review! My revised branch is at:
 https://github.com/arthuredelstein/torbutton/commit/26128+1

 > * There is a comma missing after the second array within untrusted_caps
 (before the `// medium: http` comment).

 Fixed.

 > * Please add some details to the check in comment, e.g., some of the
 things you mentioned in comment:3.

 Done.

 > * To match the slider UI, please use Standard/Safer/Safest within
 comments (rather than Low/Medium/High).

 Done.

 > * If the user adds an exception (e.g., adding a site to the Trusted
 list), the changes will be lost at startup and each time the slider is
 adjusted. That will surprise people; we should decide what behavior we
 want and try to implement it.

 That's true. In principle we can also listen to the settings objects
 broadcast by NoScript. As a demonstration, this code prints all Settings
 changes from NoScript.

 {{{
 const { LegacyExtensionContext } =
   Cu.import("resource://gre/modules/LegacyExtensionsUtils.jsm", {});
 const noscriptID = "{73a6fe31-595d-460b-a920-fcc0f8843232}";
 let extensionContext = new LegacyExtensionContext({ id : noscriptID });
 extensionContext.api.browser.runtime.onMessage.addListener((a,b,c) =>
 console.log(a,b,c))
 }}}

 To preserve user custom settings, we would need to use these messages to
 maintain a mirror of the NoScript's Settings object and pass back a
 modified version of the mirrored Settings whenever the Security Slider is
 altered.

 A simpler approach could be to patch NoScript to accept diffs rather than
 the entire Settings object.

 However, I'm not sure we want to permanently preserve custom user settings
 in NoScript at all. Such a feature might be a privacy footgun for users.

 [Snipped IPC question for a separate comment, below.]

 > * Kathy and I think the capability groupings you selected make sense,
 but we will probably need to adjust some of the wording within the
 security slider window (i.e., the text which describes the levels).

 Good point. I'm still inclined to consider the possibility of simplifying
 the capability groupings -- the different treatment of media, fonts, and
 scripts seems somewhat arbitrary to me and I think it would be useful to
 come up with a more systematic rationale for the settings we have chosen
 for the "Safer" (medium) level. It's kind of a separate issue (#22981),
 but worth considering now given that in transitioning to the new NoScript,
 some behaviors are going to change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26152 [Core Tor/Tor]: Improve errors on crypto/openssl_version badness

[Tor Bug Tracker & Wiki]

#26152: Improve errors on crypto/openssl_version badness
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci, tor-testing, 034-roadmap-|  Actual Points:
  subtask, 034-triage-20180328,  |
  034-included-20180328  |
Parent ID:   | Points:
 Reviewer:  isis |Sponsor:
-+-

Comment (by isis):

 [https://github.com/saper saper] had a suggestion
 [https://github.com/torproject/tor/pull/117#issuecomment-390818893 on
 github]:
 >
 > Would that be possible to add something to
 
[https://github.com/torproject/tor/blob/943291d7ae3d246c50fa55caa96c9bb04ee577eb/configure.ac#L833
 autoconf tests]? It was quite annoying to wait for a long time for the
 build to finish only to find out in the end. Maybe we could even loop in
 
[https://github.com/torproject/tor/blob/943291d7ae3d246c50fa55caa96c9bb04ee577eb/configure.ac#L818
 TOR_SEARCH_LIBRARY] to reject non-compliant combinations right away and
 try other ones.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26325 [Webpages/Website]: Please modify the Fundraising Director job posting on website

[Tor Bug Tracker & Wiki]

#26325: Please modify the Fundraising Director job posting on website
--+
 Reporter:  ewyatt|  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512


 Please modify the Fundraising Director job posting in the following two
 ways:

 1) Replace
 "The Tor Project, Inc., a 501(c)(3) nonprofit organization that provides
 technical infrastructure for privacy protection over the internet, is
 seeking..."
 with
 "The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human
 rights and freedoms by creating and deploying free and open source
 anonymity and privacy technologies, is seeking.. "

 2) Add “a” in the first paragraph:
 "The ideal candidate will have at least five years of leadership
 experience working in the fundraising department of [a] nonprofit
 organization."

 Thank you!! :)

 -BEGIN PGP SIGNATURE-
 Comment: GPGTools - https://gpgtools.org

 iQIzBAEBCgAdFiEENecqn2ZVRfkstmYkugyUAPgPkc4FAlsZdsEACgkQugyUAPgP
 kc4Tjw/+JtD8to6vYIKXYU+edrh/ppCluqFsXW2NApOFkecyGlTUiJK6fBFKFOs/
 UvnbydX4EGw9f10cJrOBtl/38AQeG1Myv7hR3k/TxOgiqYtzXWV+1XU3eDq3V64P
 y588FqS/B9MrzdCCxIUi8/+P5T/llDw05t4fMZJgZxjSvnU1nSXf47XkMJEvKnGe
 t60yCEGT1GM1aA/p9bRyF1OVH+W02QY+9zV+e3T/L+vwpMrNAHf2bcKimd8m0xvN
 V4GWq/STP72FxY57JeiMt+tW1bFTNBeJZLptND+xeVOzD6ZKgHnGP3ZKlRSDnZcB
 ywidE9VbspqN0KdTZQVPVrgqrmJjPfVQ/1zZm4beCr/Kihouvtevvyk47QCUrGjg
 jS6Nr3z5qpCPkrscKNfcnVNtbmuRHHgRKgDw7lk39C5DDtJIiPzeJ2QjHN95a29H
 CjP/M9j3RMFuIeaIDmhX3mC01L5GBPx6XK6HJLZoE2YynDtF9Fhe6rJJwTSoz2Ec
 SqmG3NeY32cUFAA1awpb0bEPOQrb4OLcn5kVkhGkFzpXmUyAnePFWg60tQhGHp6+
 2eD9UBB06jL/TGRFSvZ1B0Zx0COpRgGgyiCBY1+JdCHCOY9WvwCf4fuUsb7dzjR5
 3Clu0vnxa8ghlg0M2jYSukJXYGeWgtFPcnD14CM76S/Q0D85DSY=
 =Mwli
 -END PGP SIGNATURE-
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25304 [Applications/Tor Browser]: Update gcc to 6.4.0 (Linux)

[Tor Bug Tracker & Wiki]

#25304: Update gcc to 6.4.0 (Linux)
-+-
 Reporter:  boklm|  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, TorBrowserTeam201804R,  |  Actual Points:
  boklm201804|
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 https://bugzilla.mozilla.org/show_bug.cgi?id=1460777

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24891 [Core Tor/Tor]: build system --disable-unittests has no effect

[Tor Bug Tracker & Wiki]

#24891: build system --disable-unittests has no effect
-+-
 Reporter:  starlight|  Owner:  rl1987
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.5.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  034-triage-20180328, |  Actual Points:
  034-removed-20180328, 029-backport |
Parent ID:   | Points:  1
 Reviewer:  isis |Sponsor:
 |  Sponsor8-can
-+-
Changes (by isis):

 * version:  Tor: 0.3.2.9 => Tor: 0.2.5.1-alpha
 * points:   => 1
 * sponsor:   => Sponsor8-can
 * milestone:  Tor: unspecified => Tor: 0.3.4.x-final
 * keywords:  034-triage-20180328, 034-removed-20180328 =>
 034-triage-20180328, 034-removed-20180328, 029-backport
 * reviewer:  mikeperry => isis


Comment:

 LGTM! Thanks rl1987!

 It seems Mike and I both got assigned this ticket for review this week,
 which I'm assuming was a typo on the assignment spreadsheet.  Since I
 already got to it, I'm removing Mike and adding myself, but Mike you
 should feel free to add yourself back in if you want to review as well.

 I'm nominating this for backport to 0.2.9.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * status:  needs_review => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 Kathy and I reviewed these changes. Awesome work! Of course we have a few
 comments:
 * There is a comma missing after the second array within untrusted_caps
 (before the `// medium: http` comment).
 * Please add some details to the check in comment, e.g., some of the
 things you mentioned in comment:3.
 * To match the slider UI, please use Standard/Safer/Safest within comments
 (rather than Low/Medium/High).
 * If the user adds an exception (e.g., adding a site to the Trusted list),
 the changes will be lost at startup and each time the slider is adjusted.
 That will surprise people; we should decide what behavior we want and try
 to implement it.
 * Do we have any kind of commitment from the NoScript author (Giorgio)
 that the IPC message we are using will continue to work with future
 releases of NoScript?
 * Kathy and I think the capability groupings you selected make sense, but
 we will probably need to adjust some of the wording within the security
 slider window (i.e., the text which describes the levels).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26259 [Core Tor/Tor]: Don't count 0-length RELAY_DATA cell as valid

[Tor Bug Tracker & Wiki]

#26259: Don't count 0-length RELAY_DATA cell as valid
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay-layer, tor-metrics, tor-   |  Actual Points:
  circuit|
Parent ID:   | Points:  1
 Reviewer:  isis |Sponsor:
 |  Sponsor8-can
-+-
Changes (by isis):

 * keywords:   => tor-relay-layer, tor-metrics, tor-circuit
 * status:  needs_review => merge_ready
 * points:   => 1
 * sponsor:   => Sponsor8-can


Comment:

 LGTM!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26259 [Core Tor/Tor]: Don't count 0-length RELAY_DATA cell as valid

[Tor Bug Tracker & Wiki]

#26259: Don't count 0-length RELAY_DATA cell as valid
--+
 Reporter:  mikeperry |  Owner:  mikeperry
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  isis  |Sponsor:
--+

Comment (by isis):

 Replying to [comment:3 mikeperry]:
 > Possibly. Do we feel comfortable forbidding these cells completely in
 0.3.4.x? I would prefer to have this branch merged into 0.3.4, since it is
 just a control port field accounting fix.
 >
 > If we're nervous about actually closing the circuit right away in these
 instances, then we should make a different ticket + different patch for
 that change.

 Different ticket and patch please! This one is clearly a bug; disallowing
 0-length data cells entirely seems more contentious, possible requires a
 spec change, and has a higher possibility of breaking things.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by antonela):

 > Could you explain how you arrived at the different colors for the
 nightly/alpha/stable? There is not much purple as we know it and no green
 as we know it anymore. What's e.g. the reasoning for that?

 >

 Thanks, GeKo! I'm trying to start a conversation. The method we can use to
 build a new brand could take multiple ways. The process is very similar if
 we think about product icons. For example, Mozilla did their last rebrand
 with community's ideas[1]. But just one designer and an outsourced studio
 made it at Wikipedia[2]. I really believe that we should involve our
 community to work on it. To facilitate this collab, we are working to have
 a design sprint in Mexico to work on it. We are going to have a bunch of
 designers and will be useful and fun to outline the first ideas about it
 together. Our exploration has some time under the hoods; you can sneak
 peek at #25763.

 That said and since we have to release before it, we could 1) keep the
 same icon we have right now; or 2) try to use the same onion shape
 everywhere, so the brand starts to take consistency.

 Running for 2), I started to try some containers using the onion icon we
 already have. It works pretty bad on small sizes but at big sizes is quite
 recognizable. Also, this container idea is part of the current Brand
 Assets[3].

 The violet color is becoming a default to talk about privacy and is our
 brand color [4]. I think we can explore different quality (hue/saturation)
 of purples and the gradients were an experiment for that. You mentioned
 the greens, do you think it worth to explore some options with the green
 color? I'd love to try it.

 I hope it helps to get a better idea of the principal aim here and gets
 more people involved :)

 [1] https://blog.mozilla.org/opendesign/progress-in-the-making/
 [2] https://medium.com/freely-sharing-the-sum-of-all-knowledge/refining-
 logos-of-wikimedia-projects-a-brand-exercise-190ae689f6aa
 [3] https://github.com/TheTorProject/tor-
 media/blob/master/Onion%20Icon/Onion_Negative_Black_Background_Icon.svg
 [4] https://design.firefox.com/photon/visuals/color.html#purple

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by gk):

 Replying to [comment:6 antonela]:
 > Hi! I have been working on this activity. The comment above includes
 some different deliverables which I'm trying to achieve here:
 >
 > - Tor Browser Icon - Brand Update
 >
 >
 
[https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser
 
Icon.png](https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser%20Icon.png)
 >
 > I made some options for the new icon. This is the first idea and for
 sure could change based on your feedback. I used the same onion icon we
 have now. What do you think?
 >
 > - Tor Browser Installer + Launcher - Brand Update
 >
 >
 
[https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser
 
UI.png](https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser%20UI.png)
 >
 > Here I just updated the TorBrowser logos. Could we replace them? Which
 format do you need the assets? .svg/.png?

 I think .png works definitely but I have to check how it looks like with
 .svg. But my assumption would be that that's okay as well.

 > - Tor Browser - Tor Button Icon
 >
 >
 
[https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser
 
UI.png](https://trac.torproject.org/projects/tor/attachment/ticket/25693/25693-TorBrowser%20UI.png)
 >
 > This is a proposal to update the outdated onion we have right now as a
 Tor Button.
 >
 > I'm aware of the problem we have with the onion icon working pretty bad
 at small sizes. And how it looks like a bomb too. We don't want it. The
 Community and the UX team are working together to promote a design sprint
 during Mexico Dev Meeting, so we can have a reliable option for using in
 all the places Tor's icon should live! ^^
 >
 > Feel free to comment, I'd like to iterate this ticket this week and
 next. Thanks!

 Could you explain who you arrived at the different colors for the
 nightly/alpha/stable? There is not much purple as we know it and no green
 as we know it anymore. What's e.g. the reasoning for that?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by cypherpunks):

 Replying to [comment:11 gk]:
 > B) seems good to me. If we want to discourage users clicking on the
 onion button and change settings behind it we should do A), though. I am
 fine with either, I think.
 I agree as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26320 [Applications/Tor Browser]: Orfox 52.8.0esr-7.5-1 Crash

[Tor Bug Tracker & Wiki]

#26320: Orfox 52.8.0esr-7.5-1 Crash
--+---
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by sysrqb):

 OKay, we have a non-optimized build available. I tested it and it does not
 crash, but it is slow. Specifically Gecko's rendering is very slow, but
 releasing this:

 1. is important for patching some security holes
 2. is the last release before the first TBA-alpha
 3. will incentivize users switch to TBA because it'll be faster
   a. I suppose this is a side effect of using unmaintained/unsupported
 code

 APK: https://people.torproject.org/~sysrqb/non_optimized_fennec-52.8.0.en-
 US.android-arm.apk

 igt0, thanks for the apk. Let's test this for today, and if we don't find
 any more problems then can you give me an unsigned/unaligned build and we
 can give it to n8fr8 for signing and upload.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by gk):

 Replying to [comment:10 antonela]:
 > We just briefly discussed how other icons should be placed at the top
 nav during Rome Dev Meeting. I didn't forget the reload icon; we have by
 FF60 default a bunch of other icons, and I didn't want to make noise
 discussing other topics at this ticket.
 >
 > But, since you mentioned it, maybe now is a good time to talk about
 them. I made two mocks, A and B.
 >
 >
 https://trac.torproject.org/projects/tor/attachment/ticket/25693/TBB8-UI.png
 >
 > A moves all the menu icons to the right side, leaving the left side for
 browsing control icons. B keeps the Tor Button at the left side, while the
 security indicator and the hamburger menu keeps at the right side.
 >
 > What do you think?

 B) seems good to me. If we want to discourage users clicking on the onion
 button and change settings behind it we should do A), though. I am fine
 with either, I think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19009 [Core Tor/Tor]: bandwidth testing circuits should be allowed to use our guards

[Tor Bug Tracker & Wiki]

#19009: bandwidth testing circuits should be allowed to use our guards
-+-
 Reporter:  arma |  Owner:  juga
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bandwidth torflow measurement|  Actual Points:
  metrics, tor-bwauth|
Parent ID:  #25925   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pastly):

 This seems to be all about bandwidth self tests (see
 `router_perform_bandwidth_test` in src/or/router.c for where the self test
 is performed).

 Regarding sbws: it currently uses consensus weights (unfortunately) and
 will soon use relays' RelayBandwidthRate/MaxAdvertisedBandwidth (AKA:
 whatever ends up as the first number on the bandwidth line in server
 descriptors). It doesn't care about self test results.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by antonela):

 Thank you Ali!

 Replying to [comment:11 alison]:
 > Thanks for this copy Anto. Suggested edits below:
 >
 > Replying to [comment:10 antonela]:
 > > Suggested copy for this step through feature onboarding:
 > >
 > > Step 1
 > > Title: How circuits works?
 >
 > How do circuits work?
 >
 > > Description: Tor periodically creates virtual circuits through the Tor
 network. Once inside a Tor network, circuits allow you to browse
 encrypted.
 >
 > Should we give a little bit more of an explanation here, after "through
 the Tor network" say "Circuits are made up of randomly-assigned relays,
 which are computers configured to forward Tor traffic" might be a little
 too wordy, but that sentence right there answers a good portion of user
 questions about relays/circuits.
 >
 >
 > Also it should be "inside the Tor network" in the second sentence.
 >
 > >
 > > Step 2
 > > Title: Circuit Display
 > > Description: This diagram shows you how the circuit is running. If you
 have any trouble trying to reach a website, then you can load a new
 circuit.
 > >
 > > Step 3
 > > Title: Do you need a new circuit?
 > > Description: If the exit relay you are using is unable to connect to
 the website you require, or is not loading it properly, then you can load
 a new circuit.
 >
 > I would remove the part about "if the exit relay you are using is" and
 replace it with "If you are not able to connect to the website you're
 trying to visit, or is not loading properly, then you should try loading a
 new circuit" because the user might be like "how do I know if it's my exit
 that's the problem?"
 >
 >
 > Thanks for all your work on this!!
 >
 > Alison
 >
 >
 >
 > >
 > >
 > > Is there anything else missing in this ticket that blocks us to move
 it to development?
 > >

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by antonela):

 Hi! The prototype accepts clicks here :)

 https://marvelapp.com/3djhfhh/screen/41642983

 As we discussed before, this is based on

 https://www.mozilla.org/en-US/firefox/59.0.2/tracking-
 protection/start/?step=1


 Replying to [comment:12 mcs]:
 > I am trying to understand how the pieces of this fit together. Are "Step
 1" "Step 2" and "Step 3" included in one of the Marvel mockups? (Maybe I
 just don't know how to get to those steps).
 >
 > Also, did we decide which of the three about:tor banner approaches we
 are going to use (large banner at top, small banner at top, banner at
 bottom)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19009 [Core Tor/Tor]: bandwidth testing circuits should be allowed to use our guards

[Tor Bug Tracker & Wiki]

#19009: bandwidth testing circuits should be allowed to use our guards
-+-
 Reporter:  arma |  Owner:  juga
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bandwidth torflow measurement|  Actual Points:
  metrics, tor-bwauth|
Parent ID:  #25925   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by juga):

 * status:  new => assigned
 * keywords:  tor-bandwidth torflow measurement metrics => tor-bandwidth
 torflow measurement metrics, tor-bwauth
 * owner:  (none) => juga
 * cc: juga (removed)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19009 [Core Tor/Tor]: bandwidth testing circuits should be allowed to use our guards

[Tor Bug Tracker & Wiki]

#19009: bandwidth testing circuits should be allowed to use our guards
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bandwidth torflow measurement|  Actual Points:
  metrics|
Parent ID:  #25925   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by juga):

 It is not anymore the case where the code "avoid our guards if all the
 nodes in the consensus are on our guard list" [0]

 > teor fixed that in commit 22a1e9cac by making us not avoid our guards if
 testingtornetwork, and not avoid our guards if all the nodes in the
 consensus are on our guard list. It turns out that latter check isn't
 quite good enough, because we're picking two hops, so having at least one
 relay in the network that isn't in our guard list isn't enough to complete
 a circuit.

 The 2nd hop can be in the guard list right?

 The 2nd hop seems to be picked by `choose_good_middle_server`, called by
 `choose_good_entry_server`

 I can find the code where 2 hops are being picked.

 Running chutney, circuits build 3 hops. There's also no test for this.

 > I hope this is eventually obsoleted by torflow or some successor
 thereof.

 hmm, i think this does not have to do with a bandwidth scanner, but with
 Tor self-test.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26324 [Applications/Tor Browser]: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS Tor Browser based on ESR60?

[Tor Bug Tracker & Wiki]

#26324: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS 
Tor
Browser based on ESR60?
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Replying to [comment:1 boklm]:
 > I see that the `mac-sandbox` contains a few references to
 `TorBrowser.app`, in `projects/tor-browser/Bundle-Data/mac-sandbox/`.

 The Mac sandbox has been non-functional since the first ESR52-based
 release (due to the addition of content sandboxing on macOS). We should
 remove it until we can devote engineering time to application sandboxing.

 Regarding the general question of "Tor Browser.app" vs. "TorBrowser.app",
 I think we should add the space. This should not affect updates, since the
 .app can already be renamed by users to anything they like. The only thing
 that worries me is that Mozilla encountered some issues (but possibly
 unrelated) after they added a space to "Firefox Nightly". See
 https://bugzilla.mozilla.org/show_bug.cgi?id=1427000

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by mcs):

 I am trying to understand how the pieces of this fit together. Are "Step
 1" "Step 2" and "Step 3" included in one of the Marvel mockups? (Maybe I
 just don't know how to get to those steps).

 Also, did we decide which of the three about:tor banner approaches we are
 going to use (large banner at top, small banner at top, banner at bottom)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by alison):

 Thanks for this copy Anto. Suggested edits below:

 Replying to [comment:10 antonela]:
 > Suggested copy for this step through feature onboarding:
 >
 > Step 1
 > Title: How circuits works?

 How do circuits work?

 > Description: Tor periodically creates virtual circuits through the Tor
 network. Once inside a Tor network, circuits allow you to browse
 encrypted.

 Should we give a little bit more of an explanation here, after "through
 the Tor network" say "Circuits are made up of randomly-assigned relays,
 which are computers configured to forward Tor traffic" might be a little
 too wordy, but that sentence right there answers a good portion of user
 questions about relays/circuits.


 Also it should be "inside the Tor network" in the second sentence.

 >
 > Step 2
 > Title: Circuit Display
 > Description: This diagram shows you how the circuit is running. If you
 have any trouble trying to reach a website, then you can load a new
 circuit.
 >
 > Step 3
 > Title: Do you need a new circuit?
 > Description: If the exit relay you are using is unable to connect to the
 website you require, or is not loading it properly, then you can load a
 new circuit.

 I would remove the part about "if the exit relay you are using is" and
 replace it with "If you are not able to connect to the website you're
 trying to visit, or is not loading properly, then you should try loading a
 new circuit" because the user might be like "how do I know if it's my exit
 that's the problem?"


 Thanks for all your work on this!!

 Alison



 >
 >
 > Is there anything else missing in this ticket that blocks us to move it
 to development?
 >

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by antonela):

 We just briefly discussed how other icons should be placed at the top nav
 during Rome Dev Meeting. I didn't forget the reload icon; we have by FF60
 default a bunch of other icons, and I didn't want to make noise discussing
 other topics at this ticket.

 But, since you mentioned it, maybe now is a good time to talk about them.
 I made two mocks, A and B.

 https://trac.torproject.org/projects/tor/attachment/ticket/25693/TBB8-UI.png

 A moves all the menu icons to the right side, leaving the left side for
 browsing control icons. B keeps the Tor Button at the left side, while the
 security indicator and the hamburger menu keeps at the right side.

 What do you think?

 Replying to [comment:9 cypherpunks]:
 > Replying to [comment:7 antonela]:
 > > Is a great ticket! Thanks! We could keep the URL Bar centered and
 flexible, with a minimum width of 550px. It has room for a long
 certificate name and a V3.
 >
 > It's not just about the cert but also about subdomains and room for the
 rest. Here's my example test (using the default flexible space, the
 "compact" density, and placing HTTPS Everywhere near the menu in place of
 the SecuritySlider in your design, all using Menu>Customize): [By the way
 you forgot to add the reload button in the design ;-]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-
Changes (by antonela):

 * Attachment "TBB8-UI.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-
Changes (by cypherpunks):

 * Attachment "torbrowser-esr60-without.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-
Changes (by cypherpunks):

 * Attachment "torbrowser-esr60-with.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-

Comment (by cypherpunks):

 Replying to [comment:7 antonela]:
 > Is a great ticket! Thanks! We could keep the URL Bar centered and
 flexible, with a minimum width of 550px. It has room for a long
 certificate name and a V3.

 It's not just about the cert but also about subdomains and room for the
 rest. Here's my example test (using the default flexible space, the
 "compact" density, and placing HTTPS Everywhere near the menu in place of
 the SecuritySlider in your design, all using Menu>Customize): [By the way
 you forgot to add the reload button in the design ;-]

 [[Image(torbrowser-esr60-with.png)]]

 [[Image(torbrowser-esr60-without.png)]]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26284 [Core Tor/Tor]: Out-of-bounds smartlist access in protover_compute_vote()

[Tor Bug Tracker & Wiki]

#26284: Out-of-bounds smartlist access in protover_compute_vote()
--+
 Reporter:  rl1987|  Owner:  rl1987
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  fast-fix  |  Actual Points:
Parent ID:  #26196| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 Cool find rl1987! How did you repro this?

 Do you think this needs to be backported? The way I understand it this can
 only trigger if all authorities don't participate in the protover
 protocol, which seems pretty unlikely.

 Also I made some notes in the PR! Let me know how you like them!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26320 [Applications/Tor Browser]: Orfox 52.8.0esr-7.5-1 Crash

[Tor Bug Tracker & Wiki]

#26320: Orfox 52.8.0esr-7.5-1 Crash
--+---
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by sysrqb):

 Replying to [comment:9 gk]:
 > Replying to [comment:6 igt0]:
 > > And when I have the following flag in the .mozconfig file:
 > >
 > > {{{
 > > ac_add_options --disable-optimize
 > > }}}
 > >
 > > The code doesn't crash. So it is why I suspect of the toolchain.
 >
 > So, we have a workaround for this issue? Why don't we release a new
 Orfox ASAP with that one to pick up critical security fixes and then think
 about ways to track the issue down and whether it is worth our time at all
 given that the switch away from ESR 52 for Android is in about a month?

 Good idea. igt0, do you have a non-optimized build available we can smoke-
 test and then release?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by antonela):

 Suggested copy for this step through feature onboarding:

 Step 1
 Title: How circuits works?
 Description: Tor periodically creates virtual circuits through the Tor
 network. Once inside a Tor network, circuits allow you to browse
 encrypted.

 Step 2
 Title: Circuit Display
 Description: This diagram shows you how the circuit is running. If you
 have any trouble trying to reach a website, then you can load a new
 circuit.

 Step 3
 Title: Do you need a new circuit?
 Description: If the exit relay you are using is unable to connect to the
 website you require, or is not loading it properly, then you can load a
 new circuit.


 Is there anything else missing in this ticket that blocks us to move it to
 development?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26238 [Applications/Tor Browser]: Move from Debian Wheezy to Debian Jessie for our Linux builds

[Tor Bug Tracker & Wiki]

#26238: Move from Debian Wheezy to Debian Jessie for our Linux builds
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  task   | Status:  new
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by boklm):

 Debian Jessie includes glibc version 2.19, while Centos 7 has version
 2.17.

 This page has some information about glibc abi compatibility: https://abi-
 laboratory.pro/tracker/timeline/glibc/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26324 [Applications/Tor Browser]: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS Tor Browser based on ESR60?

[Tor Bug Tracker & Wiki]

#26324: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS 
Tor
Browser based on ESR60?
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by boklm):

 I see that the `mac-sandbox` contains a few references to
 `TorBrowser.app`, in `projects/tor-browser/Bundle-Data/mac-sandbox/`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26324 [Applications/Tor Browser]: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS Tor Browser based on ESR60?

[Tor Bug Tracker & Wiki]

#26324: Should we switch to "Tor Browser.app" from "TorBrowser.app" for macOS 
Tor
Browser based on ESR60?
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  ff60-esr,
 Severity:  Normal   |  TorBrowserTeam201806
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 We should think about whether we want to follow Mozilla's "suggestion" to
 switch from "TorBrowser.app" to "Tor Browser.app" and what that would
 entail from an update perspective etc.

 The nightlies made this transition and I tried to fix all relevant
 "TorBrowser.app" occurrences in the build script at least (but I might
 have missed some there and elsewhere).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24632 [Applications/Tor Browser]: Update macOS toolchain for ESR 60

[Tor Bug Tracker & Wiki]

#24632: Update macOS toolchain for ESR 60
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, ff60-esr,   |  Actual Points:
  TorBrowserTeam201806R, GeorgKoppen201805   |
Parent ID:  #24631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 We needed two small fixups here:

 commit aabed936170b9ea88df2037e8d452dc5d9915f20 which installs `xz-utils`
 which we now need for MAR file generation and commit
 fcb2a3707af71bcd564bf0dd8a563835eeea6b9b which fixed a missing
 "TorBrowser.app" -> "Tor Browser.app" transition.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26261 [Applications/Tor Browser]: Error building openssl for macOS

[Tor Bug Tracker & Wiki]

#26261: Error building openssl for macOS
---+--
 Reporter:  boklm  |  Owner:  tbb-team
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  TorBrowserTeam201805, tbb-rbm  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 That's fixed after all the patches landed related to #24632.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25693 [Applications/Tor Browser]: Activity 1.2: Make sure Firefox Photon UI works with our style guidelines

[Tor Bug Tracker & Wiki]

#25693: Activity 1.2: Make sure Firefox Photon UI works with our style 
guidelines
-+-
 Reporter:  isabela  |  Owner:
 |  antonela
 Type:  defect   | Status:
 |  assigned
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806,   |  Actual Points:
  ff60-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor17
-+-
Changes (by gk):

 * priority:  High => Very High
 * keywords:  ux-team => ux-team, TorBrowserTeam201806, ff60-esr


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24918 [Applications/Tor Browser]: Help users finding the new circuit display

[Tor Bug Tracker & Wiki]

#24918: Help users finding the new circuit display
---+--
 Reporter:  gk |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201806  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * priority:  High => Very High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22451 [Applications/Tor Browser]: about:cache is not useful anymore in ESR52-based Tor Browser (only wyciwyg-URIs if at all any)

[Tor Bug Tracker & Wiki]

#22451: about:cache is not useful anymore in ESR52-based Tor Browser (only 
wyciwyg-
URIs if at all any)
-+-
 Reporter:  gk   |  Owner:  gk
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, tbb-7.0-issues, tbb-   |  Actual Points:
  regression, TorBrowserTeam201805,  |
  GeorgKoppen201805  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:
 ff52-esr, tbb-7.0-issues, tbb-regression, TorBrowserTeam201805,
 GeorgKoppen201806
 =>
 ff52-esr, tbb-7.0-issues, tbb-regression, TorBrowserTeam201805,
 GeorgKoppen201805


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25013 [Applications/Tor Browser]: Move TorButton code to the tor browser repository

[Tor Bug Tracker & Wiki]

#25013: Move TorButton code to the tor browser repository
-+-
 Reporter:  igt0 |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  TorBrowserTeam201806, ff60-esr,  |  Actual Points:
  tbb-mobile |
Parent ID:  #10760   | Points:
 Reviewer:  gk, sysrqb, mcs, |Sponsor:
-+-
Changes (by gk):

 * keywords:  TorBrowserTeam201805, ff60-esr, tbb-mobile =>
 TorBrowserTeam201806, ff60-esr, tbb-mobile


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22070 [Applications/Tor Browser]: Check whether we need to update our font whitelist for ESR60 (was: Check whether we need to update our font whitelist for ESR52)

[Tor Bug Tracker & Wiki]

#22070: Check whether we need to update our font whitelist for ESR60
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, tbb-7.0-must, tbb- |  Actual Points:
  fingerprinting-fonts, TorBrowserTeam201806 |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  ff52-esr, tbb-7.0-must, tbb-fingerprinting-fonts,
 TorBrowserTeam201806 => ff60-esr, tbb-7.0-must, tbb-fingerprinting-
 fonts, TorBrowserTeam201806


Old description:

> While looking over the diff of `all.js` between esr45 and esr52 I notes
> that the font settings changed quite a bit between those two ESR
> versions. We should check whether we need to update our font whitelist.

New description:

 While looking over the diff of `all.js` between esr45 and esr52 I notes
 that the font settings changed quite a bit between those two ESR versions.
 We should check whether we need to update our font whitelist. In
 particular now, that we are about to switch to ESR60.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21863, #24855, #25695, #25703, ...

[Tor Bug Tracker & Wiki]

Batch modification to #21863, #24855, #25695, #25703, #25540 by gk:
priority to Very High

Comment:
Upping prio.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #14952, #22074, #22176, #25555, ...

[Tor Bug Tracker & Wiki]

Batch modification to #14952, #22074, #22176, #2, #25741, #25837, #26039, 
#26045, #26050, #26203, #26204, #26205, #26206, #26239, #18867, #21404, #21863, 
#22170, #22854, #23386, #23657, #24331, #24332, #24855, #24856, #24918, #25164, 
#25695, #25703, #26216, #26238, #17252, #18925, #20254, #20648, #22070, #22343, 
#23231, #23561, #24196, #24197, #24465, #24622, #25030, #25247, #25509, #25540, 
#25835, #26149, #26234 by gk:


Comment:
Moving our tickets to June 2018

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_revision
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  ux-team, tor-hs, TorBrowserTeam201806R => ux-team, tor-hs,
 TorBrowserTeam201806
 * status:  needs_review => needs_revision


Comment:

 Marking this as `needs_revision` for the missing localization parts.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #8323 [Core Tor/Tor]: Missing 'GETINFO md/all'

[Tor Bug Tracker & Wiki]

#8323: Missing 'GETINFO md/all'
--+
 Reporter:  atagar|  Owner:  rl1987
 Type:  enhancement   | Status:
  |  needs_revision
 Priority:  High  |  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-client tor-control microdesc  |  Actual Points:
Parent ID:| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 Thanks for the code!

 I did an initial review on your PR! Some small changes will be needed, but
 you are pretty much there.

 Also, perhaps we should have some unittests for this new control command.
 SEe `src/test/test_controller.c` for some examples of other getinfo
 unittests.

 Cheers!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

[Tor Bug Tracker & Wiki]

#23247: Communicating security expectations for .onion: what to say about 
different
padlock states for .onion services
-+-
 Reporter:  isabela  |  Owner:
 |  pospeselr
 Type:  project  | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tor-hs, |  Actual Points:
  TorBrowserTeam201806R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by antonela):

 Thanks, pospeselr; yes, we need to discuss all the scenarios before going
 to implementation.

 gk, gotcha. I'll save it for the short future.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26317 [Applications/Tor Browser]: Orfox App is not allowing the users to save images

[Tor Bug Tracker & Wiki]

#26317: Orfox App is not allowing the users to save images
--+--
 Reporter:  fabiola.mauriceh@…|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => tbb-mobile


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26322 [Applications/Tor Browser]: Circuit display - UI bug - Long v3 name

[Tor Bug Tracker & Wiki]

#26322: Circuit display - UI bug - Long v3 name
+--
 Reporter:  antonela|  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-torbutton, tbb-circuit-display  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by antonela):

 Thanks Arthur! V3 are so long. What do you think about the two lines? Is
 it doable?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: mcs, brade (added)


Comment:

 mcs/brade: can you have a look at that patch?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26153 [Applications/Tor Browser]: Selfrando builds broken for Firefox 60 ESR

[Tor Bug Tracker & Wiki]

#26153: Selfrando builds broken for Firefox 60 ESR
-+--
 Reporter:  sukhbir  |  Owner:  tbb-team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by gk):

 This breaks our 32bit builds as the linker is running out of address
 space, so I pushed a fixup commit
 (8b30ee00debb11a1c165435d304a406c8408f216) to `master` to just have
 selfrando for 64bit for now. I opened #26323 to move our 32bit Linux
 builds to 64bit hosts.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26323 [Applications/Tor Browser]: Build 32bit Linux bundles on 64bit systems

[Tor Bug Tracker & Wiki]

#26323: Build 32bit Linux bundles on 64bit systems
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-rbm
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 As indicated in comment:2:ticket:25220 we might run into memory
 limitations when building 32bit Linux bundles on 32bit Linux systems.
 While this does not seem to be the case for a vanilla Tor Browser build
 yet, adding selfrando to the mix triggers this problem:
 {{{
 40:59.43 collect2: fatal error: ld terminated with signal 6 [Aborted]
 40:59.43 compilation terminated.
 40:59.43 /var/tmp/dist/binutils/bin/ld.gold.real: fatal error: libxul.so:
 mmap: failed to allocate 1457011852 bytes for output file: Cannot allocate
 memory
 40:59.43 Linker execution failed, status: 1
 }}}
 We should move our compilation for 32bit Linux to a 64bit host.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26320 [Applications/Tor Browser]: Orfox 52.8.0esr-7.5-1 Crash

[Tor Bug Tracker & Wiki]

#26320: Orfox 52.8.0esr-7.5-1 Crash
--+---
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:6 igt0]:
 > And when I have the following flag in the .mozconfig file:
 >
 > {{{
 > ac_add_options --disable-optimize
 > }}}
 >
 > The code doesn't crash. So it is why I suspect of the toolchain.

 So, we have a workaround for this issue? Why don't we release a new Orfox
 ASAP with that one to pick up critical security fixes and then think about
 ways to track the issue down and whether it is worth our time at all given
 that the switch away from ESR 52 for Android is in about a month?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

[Tor Bug Tracker & Wiki]

#26128: Make security slider work with NoScript for ESR60
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * keywords:  ff60-esr, TorBrowserTeam201805 => ff60-esr,
 TorBrowserTeam201806R
 * status:  new => needs_review


Comment:

 Here's a patch for torbutton that talks to the WebExtensions version of
 NoScript:

 https://github.com/arthuredelstein/torbutton/commit/26128
 (7656b587d13aa6b0f90f0149d884aafa1cc65570)

 This patch uses three tricks:
  1. Using a LegacyExtensionContext (defined in [https://dxr.mozilla.org
 /mozilla-
 esr60/source/toolkit/components/extensions/LegacyExtensionsUtils.jsm
 LegacyExtensionsUtils.jsm]) to send JSON objects to NoScript via
 `sendMessage`.
  2. Taking advantage of an existing invocation of
 `browser.runtime.onMessage.addListener(...)` in NoScript's code that
 accepts a JSON object for updating NoScript's settings.
  3. Providing NoScript with settings for a "site" whose "domain" is
 "http:", which causes NoScript to match non-https sites.

 We may decide to tweak the capabilities for each security slider level; I
 tried to make them as close to the previous behavior as possible, but not
 sure if they're exactly as we want.

 One problem I ran into is that, even if I set NoScript 10.1.8.2 only
 "script" and "fetch" content while disallowing "object", "media", "frame",
 "font", "webgl", and "other", I can still watch videos on YouTube. So I
 think this is a NoScript bug rather than a problem with this patch.

 (Thanks to Sukhbir for help with this!)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs