Re: [tor-bugs] #28686 [Internal Services/Service - lists]: Please create a tor-employees@ list

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28686: Please create a tor-employees@ list
---+-
 Reporter:  atagar |  Owner:  qbi
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by arma):

 Looks like this list exists now. Can the ticket be closed?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29960 [Core Tor/Tor]: Actually check for errors in digest256_to_base64() and callers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29960: Actually check for errors in digest256_to_base64() and callers
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.2.6-alpha
 Severity:  Normal   | Resolution:
 Keywords:  asn-merge, technical-debt, fast-fix  |  Actual Points:  0.4
Parent ID:   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor31-can
-+-
Changes (by teor):

 * keywords:  technical-debt, fast-fix => asn-merge, technical-debt, fast-
   fix


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29960 [Core Tor/Tor]: Actually check for errors in digest256_to_base64() and callers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29960: Actually check for errors in digest256_to_base64() and callers
--+
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  merge_ready
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.2.6-alpha
 Severity:  Normal| Resolution:
 Keywords:  technical-debt, fast-fix  |  Actual Points:  0.4
Parent ID:| Points:  0.2
 Reviewer:  nickm |Sponsor:  Sponsor31-can
--+
Changes (by teor):

 * status:  needs_revision => merge_ready


Comment:

 I agree, added a commit to remove it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30058 [Core Tor/Chutney]: Chutney bootstrap-network script uses the wrong network flavour

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30058: Chutney bootstrap-network script uses the wrong network flavour
-+-
 Reporter:  opara|  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Low  |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  fast-fix, chutney-ci, network-team-  |  Actual Points:  0.1
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-
Changes (by teor):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:3 nickm]:
 > Looks mostly okay but I think it will fail shellcheck.  Maybe we should
 fix that before we merge?
 >
 > (If it doesn't fail shellcheck, then it's fine to go ahead and merge
 anyway)

 shellcheck seems fine: it only warns on `export VAR="$(command)"`.

 Merged to master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30063 [Core Tor/Chutney]: Add unit tests to chutney, and run them in Travis

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30063: Add unit tests to chutney, and run them in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  chutney-ci, network-team-|  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-
Changes (by teor):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged to master.

 I merged #30059, #30063, #30064, and #30065, then pushed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30064 [Core Tor/Chutney]: Chutney often fails because Tor hasn't bootstrapped yet

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30064: Chutney often fails because Tor hasn't bootstrapped yet
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  chutney-ci, network-team-|  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.5
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-

Comment (by teor):

 Merged to master, then added a commit to update the README.

 I merged #30059, #30063, #30064, and #30065, then pushed.

 Leaving this ticket open, in case I need
 ​https://github.com/torproject/chutney/pull/20.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30065 [Core Tor/Chutney]: Add shellcheck tests to chutney

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30065: Add shellcheck tests to chutney
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  chutney-ci, network-team-|  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-
Changes (by teor):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:3 nickm]:
 > This LGTM, modulo rl1987's comment.

 I replied to rl1987's comment. I think it's good practice to explicitly
 list our dependencies, and insulate ourselves from future travis changes.

 Merged to master.
 Put the shellcheck tests before the unit tests when resolving a conflict.

 I merged #30059, #30063, #30064, and #30065, then pushed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30154 [Core Tor/Chutney]: Use the built-in unittest module for chutney's unit tests

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30154: Use the built-in unittest module for chutney's unit tests
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  chutney-ci, refactor, network-team-  |  Actual Points:
  roadmap-2019-Q1Q2-maybe|
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor19-can
-+-
Changes (by teor):

 * parent:  #30063 =>


Comment:

 Un-parenting, so parent can close.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30059 [Core Tor/Chutney]: Update chutney's README

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30059: Update chutney's README
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  doc, chutney-ci, network-team-   |  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-
Changes (by teor):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged to master.

 I merged #30059, #30063, #30064, and #30065, then pushed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27503 [Applications/Tor Browser]: Disabling accessibility on Windows breaks screen readers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#27503: Disabling accessibility on Windows breaks screen readers
-+-
 Reporter:  gk   |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-8.0-issues, tbb-regression,  |  Actual Points:
  GeorgKoppen201903, tbb-8.5-must,   |
  TorBrowserTeam201904   |
Parent ID:   | Points:
 Reviewer:  boklm|Sponsor:
-+-

Comment (by cypherpunks):

 If you say https://gitweb.torproject.org/tor-
 browser.git/diff/toolkit/library/moz.build?h=tor-
 browser-60.6.1esr-8.5-1=f5f845f5fe14b5085f919ba46ec092b14c7fcb11,
 shouldn't you say https://gitweb.torproject.org/tor-
 browser.git/tree/toolkit/library/moz.build?h=tor-
 browser-60.6.1esr-8.5-1=477af8c709134b57b530b4b94ce6b4c82cb46fce#n111

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30156 [Internal Services/Service - trac]: Copy the sponsor field to child tickets in trac.ini

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30156: Copy the sponsor field to child tickets in trac.ini
--+-
 Reporter:  teor  |  Owner:  qbi
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Like #22988, we want the sponsor field to be copied to child tickets
 created using the "New Child Ticket" button.

 So we'd like trac.ini to have:
 {{{
 parent.enhancement.inherit = cc, version, keywords, component, milestone,
 sponsor
 parent.task.inherit= cc, version, keywords, component, milestone, sponsor
 parent.project.inherit = cc, version, keywords, component, milestone,
 sponsor
 parent.defect.inherit = cc, version, keywords, component, milestone,
 sponsor
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30064 [Core Tor/Chutney]: Chutney often fails because Tor hasn't bootstrapped yet

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30064: Chutney often fails because Tor hasn't bootstrapped yet
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  chutney-ci, network-team-|  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.5
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-

Comment (by teor):

 I'm going to merge https://github.com/torproject/chutney/pull/19 and
 update the README.

 If we're still having issues, I might merge
 ​https://github.com/torproject/chutney/pull/20.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30063 [Core Tor/Chutney]: Add unit tests to chutney, and run them in Travis

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30063: Add unit tests to chutney, and run them in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  chutney-ci, network-team-|  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-

Comment (by teor):

 Replying to [comment:4 nickm]:
 > I'm okay merging this as-is, but in the future we should probably use a
 real unit-testing framework (e.g. the builtin `unittest` module).  If we
 want to keep using the shell to launch certain tests, we should probably
 have a separate script for each nontrivial test.
 >
 > Let's open a ticket for those if we merge this as-is.

 Opened #30154 and #30155 for these issues.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30154 [Core Tor/Chutney]: Use the built-in unittest module for chutney's unit tests

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30154: Use the built-in unittest module for chutney's unit tests
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  chutney-ci, refactor, network-team-  |  Actual Points:
  roadmap-2019-Q1Q2-maybe|
Parent ID:  #30063   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor19-can
-+-
Changes (by teor):

 * keywords:  chutney-ci, network-team-roadmap-2019-Q1Q2-maybe => chutney-
 ci, refactor, network-team-roadmap-2019-Q1Q2-maybe


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30155 [Core Tor/Chutney]: If we are still using the shell to launch tests, have a separate script for each test

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30155: If we are still using the shell to launch tests, have a separate script 
for
each test
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Core |Version:
  Tor/Chutney|   Keywords:  chutney-ci, refactor, network-team-
 Severity:  Normal   |  roadmap-2019-Q1Q2-maybe
Actual Points:   |  Parent ID:  #30154
   Points:   |   Reviewer:
  Sponsor:   |
  Sponsor19-can  |
-+-
 Follow up for #30063 and #30154.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30154 [Core Tor/Chutney]: Use the built-in unittest module for chutney's unit tests

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30154: Use the built-in unittest module for chutney's unit tests
-+-
 Reporter:  teor |  Owner:  (none)
 Type:   | Status:  new
  enhancement|
 Priority:  Medium   |  Milestone:
Component:  Core |Version:
  Tor/Chutney|   Keywords:  chutney-ci, network-team-
 Severity:  Normal   |  roadmap-2019-Q1Q2-maybe
Actual Points:   |  Parent ID:  #30063
   Points:  1|   Reviewer:
  Sponsor:   |
  Sponsor19-can  |
-+-
 Follow-up to #30063.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30059 [Core Tor/Chutney]: Update chutney's README

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30059: Update chutney's README
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  doc, chutney-ci, network-team-   |  Actual Points:  0.2
  roadmap-2019-Q1Q2  |
Parent ID:  #29729   | Points:  0.2
 Reviewer:  nickm|Sponsor:
 |  Sponsor19
-+-

Comment (by teor):

 Replying to [comment:2 nickm]:
 > LGTM though I think another branch I just reviewed changes
 CHUTNEY_START_TIME to 120.

 You're right, I'll fix the docs when I merge that branch.

 > Maybe we should stop mentioning default values inline, and instead have
 their documentation be automagically generated somehow.  We seem to change
 them a lot.  (That could be another ticket though.)

 I opened #30153 for this change: I think we need to be able to print the
 defaults using a chutney command. Then we can stop mentioning the defaults
 inline (or autogenerate the docs).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30153 [Core Tor/Chutney]: Add a command to chutney and test-network.sh that prints the default option values

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30153: Add a command to chutney and test-network.sh that prints the default 
option
values
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal|   Keywords:  refactor, easy
Actual Points:|  Parent ID:
   Points:  1 |   Reviewer:
  Sponsor:  Sponsor19-can |
--+
 Follow up to #30059.

 We should make a chutney command and a test-network.sh command that prints
 their default option values.

 Maybe we could even import the defaults from chutney into test-network.sh.

 Then we can update the README to say:
 "For the default values of these options, run..."

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24490 [Core Tor/Tor]: Stop setting bridges running in networkstatus_getinfo_by_purpose()

2019-04-11 Thread Tor Bug Tracker & Wiki 
#24490: Stop setting bridges running in networkstatus_getinfo_by_purpose()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy, intro, refactor, code- |  Actual Points:
  correctness|
Parent ID:   | Points:  1
 Reviewer:  ahf  |Sponsor:
-+-

Comment (by neel):

 I have made the changes.

 The torspec PR is here: https://github.com/torproject/torspec/pull/76

 I believe the changes had to be made in control-spec, not dir-spec.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30117 [Core Tor/Tor]: Support stem's backtrace signals in Travis

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30117: Support stem's backtrace signals in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.8-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci-fail-sometimes,   |  Actual Points:  0.4
  035-backport, 040-backport |
Parent ID:  #29437   | Points:  0.2
 Reviewer:  nickm|Sponsor:
-+-
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:5 nickm]:
 > Is it possible that this is an issue where we've installed mock for
 python3 but not python2, or something like that?

 python3 includes mock, it's an optional package in python2.
 I pushed a fixup.

 Related: from next week, "python" will mean python3 in Travis:
 https://changelog.travis-ci.com/upcoming-python-default-version-
 update-96873

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29612 [Core Tor/Tor]: Update the documentation for ExitRelay

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29612: Update the documentation for ExitRelay
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.5.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-after-0404-alpha,  |  Actual Points:  0.1
  fast-fix, doc, 035-backport, 040-backport  |
Parent ID:   | Points:  0.1
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by teor):

 * keywords:  fast-fix, doc, 035-backport, 040-backport =>
 consider-backport-after-0404-alpha, fast-fix, doc, 035-backport,
 040-backport
 * actualpoints:   => 0.1


Comment:

 I'll do this merge in the post-0.4.0.4-alpha batch next week.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29640 [Core Tor/Tor]: Improve the monotonic time documentation in compat_time.c

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29640: Improve the monotonic time documentation in compat_time.c
-+
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor: 0.2.9.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-time, asn-merge  |  Actual Points:  0.1
Parent ID:   | Points:  0.1
 Reviewer:  nickm|Sponsor:
-+
Changes (by teor):

 * keywords:  tor-time, 040-backport, asn-merge => tor-time, asn-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30121 [Applications/Tor Browser]: Create authoritative, parseable list of Tor Browser's default bridges

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30121: Create authoritative, parseable list of Tor Browser's default bridges
--+--
 Reporter:  phw   |  Owner:  phw
 Type:  task  | Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-bridges   |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+--

Comment (by phw):

 Replying to [comment:4 gk]:
 > I don't really understand why "Having the authoritative list in tor-
 browser-build.git is error-prone" while this does not hold for repository
 $foo (e.g. `tor-browser-default-bridges.git`). The issue is _not_ in which
 repo the bridges are stored but how to get the manually syncing out of the
 way.

 My understanding was that the file is not trivial to parse.
 [https://trac.torproject.org/projects/tor/ticket/30006#comment:3 Anarcat
 wasn't particularly happy with it.] I wasn't aware, however, that this
 file format is meant to be easy to parse, as dcf pointed out above.

 If parsing is indeed not an issue, then I don't mind keeping the list in
 tor-browser-build.git. However, we should then add comments that explain
 who runs these bridges, and provide a link to the trac ticket in which
 these bridge were added to the file.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21378 [Metrics/CollecTor]: Archive bwauth bandwidth files

2019-04-11 Thread Tor Bug Tracker & Wiki 
#21378: Archive bwauth bandwidth files
-+-
 Reporter:  tom  |  Owner:  irl
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Metrics/CollecTor|Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bwauth,tor-dirauth,metrics-  |  Actual Points:
  roadmap-2019-q2|
Parent ID:   | Points:  8
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 Replying to [comment:29 teor]:
 > Hi, we merged #21377 to 0.4.0 and later, it will be available in
 0.4.0.4-alpha.
 >
 > It has been deployed to moria1:
 > http://128.31.0.34:9131/tor/status-vote/next/bandwidth

 moria1 is running Torflow, so you'll see a versionless (version 1.0.0)
 bandwidth file.

 longclaw has also deployed 0.4.1.0-alpha-dev with this change:
 http://199.58.81.140/tor/status-vote/next/bandwidth

 longclaw is running sbws 1.1.0, so you'll see a version 1.4.0 bandwidth
 file.

 Replying to [comment:30 irl]:
 > I'm also planning to verify that the files being produced actually
 comply with the specification before starting to archive them to avoid
 more surprises like #30105 or #28415.

 Seems reasonable.

 We've already been through a round of review with atagar and stem, but
 more review is always useful.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30105 [Core Tor/Tor]: "pr" lines in consensus can have trailing whitespace

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30105: "pr" lines in consensus can have trailing whitespace
--+
 Reporter:  irl   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  dir-spec  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 These trailing spaces seem like a pretty widespread issue.

 After the fix, we should check all the directory lines tor creates for
 trailing spaces, and log a BUG() if we find any.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29277 [Obfuscation/Pluggable transport]: Look into getting default Tor bridges scanned by external reachability tests

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29277: Look into getting default Tor bridges scanned by external reachability
tests
-+---
 Reporter:  cohosh   |  Owner:  phw
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  augur, measurement   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:  Sponsor19
-+---

Comment (by phw):

 At [http://meetbot.debian.net/tor-meeting/2019/tor-
 meeting.2019-04-11-20.00.html today's anti-censorship meeting] we briefly
 discussed this project. We decided to move forward with our
 [https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/DefaultBridges
 list of default bridges]. These are public and we don't need to worry
 about sanitising scan results.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24490 [Core Tor/Tor]: Stop setting bridges running in networkstatus_getinfo_by_purpose()

2019-04-11 Thread Tor Bug Tracker & Wiki 
#24490: Stop setting bridges running in networkstatus_getinfo_by_purpose()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy, intro, refactor, code- |  Actual Points:
  correctness|
Parent ID:   | Points:  1
 Reviewer:  ahf  |Sponsor:
-+-

Comment (by teor):

 Hi neel, thanks, but I wasn't finished with my review.

 I have numbered the changes that we need to make.

 Replying to [comment:6 ahf]:
 > I think the code looks good, but I'm not marking it as ready for merge
 yet. I've just asked the other network team members about how we should
 review the exceptions file for practracker.

 1. I think we can put most of the new flag-setting code in voteflags.c:
 https://github.com/torproject/tor/pull/889/files#r274725520

 In fact, we might not even need a new callback:

 > I've also asked the current bridge auth administrator how they handle
 this currently.

 I bet it just works for them, and they don't know how it works :-)

 v3 (non-bridge) directory authorities update the Running flag when they
 vote.

 But for bridges, the Running flag gets updated in the getinfo function.

 2. For consistency, let's update the bridge Running flag in
 networkstatus_dump_bridge_status_to_file(), before calling
 networkstatus_getinfo_by_purpose().

 Authorities also update the running flag in list_server_status_v1(),
 another control port function.

 3. For consistency, let's stop updating the Running flag in
 list_server_status_v1(), and just let it be updated when the vote/bridge-
 status is written.

 4. For each function we modify, let's update the function documentation.

 5. Let's also update the dir-spec, to document the old and new behaviour.
 The first version with the new behaviour will be 0.4.1.1-alpha, let's put
 that in the spec.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30107 [Applications/Tor Browser]: Self-sign .onion certificate (not CA) does not have padlock icon

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30107: Self-sign .onion certificate (not CA) does not have padlock icon
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  not a bug =>


Comment:

 > one with a proper CA cert.

 I disagree. I've tested.

 1. Create self-sign CA authority.
 2. Create self-sign cert signed by #1 CA.
 3. Install certificate.

 Result: onion + padlock.


 Besides, any kind of https:// is padlock.
 Why you can't display padlock for https://onion?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24490 [Core Tor/Tor]: Stop setting bridges running in networkstatus_getinfo_by_purpose()

2019-04-11 Thread Tor Bug Tracker & Wiki 
#24490: Stop setting bridges running in networkstatus_getinfo_by_purpose()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  easy, intro, refactor, code- |  Actual Points:
  correctness|
Parent ID:   | Points:  1
 Reviewer:  ahf  |Sponsor:
-+-

Comment (by neel):

 I noticed that teor gave reviews to my PR. I have pushed the revisions.
 Still needs to pass CI, however.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29863 [Obfuscation/Snowflake]: Add disk space monitoring for snowflake infrastructure

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29863: Add disk space monitoring for snowflake infrastructure
---+--
 Reporter:  cohosh |  Owner:  (none)
 Type:  task   | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords:  snowflake  |  Actual Points:
Parent ID:  #30152 | Points:
 Reviewer: |Sponsor:  Sponsor19
---+--
Changes (by phw):

 * parent:   => #30152


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12802 [Obfuscation/BridgeDB]: BridgeDB needs Nagios checks for the Email Distributor

2019-04-11 Thread Tor Bug Tracker & Wiki 
#12802: BridgeDB needs Nagios checks for the Email Distributor
+---
 Reporter:  isis|  Owner:  dgoulet
 Type:  enhancement | Status:  assigned
 Priority:  High|  Milestone:
Component:  Obfuscation/BridgeDB|Version:
 Severity:  Normal  | Resolution:
 Keywords:  bridgedb-email, nagios  |  Actual Points:
Parent ID:  #30152  | Points:  5
 Reviewer:  |Sponsor:  Sponsor19
+---
Changes (by phw):

 * parent:   => #30152


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29229 [Obfuscation/BridgeDB]: Does anybody notice if the bridge auth goes away?

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29229: Does anybody notice if the bridge auth goes away?
-+-
 Reporter:  gaba |  Owner:  dgoulet
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Obfuscation/BridgeDB |Version:
 Severity:  Normal   | Resolution:
 Keywords:  bridgedb, network-team-  |  Actual Points:
  roadmap-2019-Q1Q2  |
Parent ID:  #30152   | Points:  2
 Reviewer:   |Sponsor:
 |  Sponsor19
-+-
Changes (by phw):

 * parent:   => #30152


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29432 [Core Tor/Tor]: QuotedString and CString in control-spec.txt technically require escaping ascii 32 (space)

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29432: QuotedString and CString in control-spec.txt technically require 
escaping
ascii 32 (space)
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-spec 041-proposed  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by catalyst):

 * cc: catalyst (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30006 [Applications/Quality Assurance and Testing]: Monitor "aliveness" of default bridges in Tor Browser

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30006: Monitor "aliveness" of default bridges in Tor Browser
-+-
 Reporter:  phw  |  Owner:  phw
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Quality Assurance and   |Version:
  Testing|
 Severity:  Normal   | Resolution:
 Keywords:  default bridge tbb-bridges   |  Actual Points:
Parent ID:  #30152   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor19-can
-+-
Changes (by phw):

 * parent:   => #30152


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30152 [Obfuscation]: Monitor anti-censorship infrastructure

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30152: Monitor anti-censorship infrastructure
-+
 Reporter:  phw  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Obfuscation  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:  Sponsor19|
-+
 The anti-censorship team is responsible for keeping several services and
 machines alive:

 * BridgeDB including its distribution modules (e.g., BridgeDB may be alive
 but its email distribution module may not)
 * GetTor
 * Snowflake
 * Bridge authority
 * Tor Browser's default bridges (we don't run these but we want to know
 when any of them disappears)

 We need to get better at noticing when any of these components break. This
 is a meta ticket that tracks progress towards this goal.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24929 [Core Tor/Tor]: Maybe load balance pinned middles?

2019-04-11 Thread Tor Bug Tracker & Wiki 
#24929: Maybe load balance pinned middles?
-+
 Reporter:  mikeperry|  Owner:  (none)
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  implemented
 Keywords:  guard-discovery  |  Actual Points:
Parent ID:  #9001| Points:
 Reviewer:   |Sponsor:  SponsorV-can
-+
Changes (by teor):

 * milestone:   => Tor: 0.3.3.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30144 [Internal Services/Service - git]: Please give phw in the bridgedb git group

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30144: Please give phw in the bridgedb git group
-+
 Reporter:  sysrqb   |  Owner:  tor-gitadm
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by irl):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 {{{
 @bridgedb= aagbsn karsten nickm arma
 asn isis sysrqb dgoulet phw
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30143 [Internal Services/Service - git]: Please add phw as a member of the bridgedb-admin git group

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30143: Please add phw as a member of the bridgedb-admin git group
-+
 Reporter:  sysrqb   |  Owner:  tor-gitadm
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by irl):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 {{{
 @service-bridgedb= isis sysrqb dgoulet phw
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30151 [Core Tor/Tor]: Fix memory leak in tor-resolve

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30151: Fix memory leak in tor-resolve
+
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  040-backport??  |  Actual Points:
Parent ID:  #30146  | Points:
 Reviewer:  |Sponsor:
+
Changes (by nickm):

 * keywords:   => 040-backport??
 * status:  assigned => needs_review


Comment:

 See branch `bug30151_040` with PR at
 https://github.com/torproject/tor/pull/939 .

 I don't actually know whether we should backport this; a memory leak here
 is totally harmless.  Then again, so is the fix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30151 [Core Tor/Tor]: Fix memory leak in tor-resolve

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30151: Fix memory leak in tor-resolve
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30146
   Points:|   Reviewer:
  Sponsor:|
--+
 Coverity found a memory leak in tor-resolve. There's no actual problem
 here, since the program exits anyway, but we try to fix coverity warnings
 on principle.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30150 [Core Tor/Tor]: Fix coverity warnings in tests

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30150: Fix coverity warnings in tests
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30146
   Points:|   Reviewer:
  Sponsor:|
--+
 It's not really a problem if the unit tests could potentially leak memory
 or something, but in the interest of code quality, we should fix all the
 coverity warnings here too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30149 [Core Tor/Tor]: Fix "medium" and "low" impact coverity false positives outside of tests.

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30149: Fix "medium" and "low" impact coverity false positives outside of tests.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #30146| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => needs_review


Comment:

 https://github.com/torproject/tor/pull/938 is the PR here; the branch is
 `ticket30149`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30007 [Core Tor/Tor]: refactor control.c output to be more abstract

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30007: refactor control.c output to be more abstract
+--
 Reporter:  catalyst|  Owner:  catalyst
 Type:  task| Status:  assigned
 Priority:  Medium  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  technical-debt  |  Actual Points:
Parent ID:  #29210  | Points:  3
 Reviewer:  |Sponsor:  Sponsor31-can
+--

Comment (by catalyst):

 The WIP branch at https://github.com/tlyu/tor/tree/ticket30007 now has a
 Coccinelle script that I ran to migrate existing code to using the new
 abstractions.  It's almost ready to review.  Once Nick rebases the #30091
 branch I based it on, I'll probably make a WIP pull request to check
 Coveralls.

 There are a few places that still explicitly use
 `connection_write_str_to_buf()` and `connection_buf_add()` to send replies
 to the control port, but they're somewhat more difficult to change.  I'm
 tempted to defer them to a later ticket.

 In particular, these could benefit from additional refactoring that
 includes helper functions that collect a list of strings (or key-value
 pairs, etc.) to write and automatically takes care of the `250-some_text`
 vs `250 some_text`, etc. distinction.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30149 [Core Tor/Tor]: Fix "medium" and "low" impact coverity false positives outside of tests. (was: Fix "medium" and "low" impact coverity false positives)

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30149: Fix "medium" and "low" impact coverity false positives outside of tests.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #30146| Points:
 Reviewer:|Sponsor:
--+

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30149 [Core Tor/Tor]: Fix "medium" and "low" impact coverity false positives

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30149: Fix "medium" and "low" impact coverity false positives
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30146
   Points:|   Reviewer:
  Sponsor:|
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30148 [Core Tor/Tor]: Fix infrequent, unlikely memory leak on failure to create keys directory

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30148: Fix infrequent, unlikely memory leak on failure to create keys directory
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  034-backport 035-backport|  Actual Points:
  040-backport   |
Parent ID:  #30146   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review
 * keywords:   => 034-backport 035-backport 040-backport


Comment:

 See branch `ticket30148_034` with PR at
 https://github.com/torproject/tor/pull/937.

 I don't recommend backporting this any farther than 0.3.5; it is trivial
 and 0.3.4 is approaching end of life.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30125 [Obfuscation/Snowflake]: Port server's log sanitization to client, broker, and proxy-go

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30125: Port server's log sanitization to client, broker, and proxy-go
---+--
 Reporter:  dcf|  Owner:  cohosh
 Type:  enhancement| Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor19
---+--

Comment (by dcf):

 The refactoring looks good. I have a few ideas about deployment to save us
 some trouble later. My main goal is that there should be a clean break
 between the old unsanitized logs and the new sanitized logs, so that we
 don't later have to trawl through a log file and figure out where the
 change happened. This is because I'd like us to extract what we need from
 the old logs and then delete them.

 For the bridge, those logs are being rotated and not saved long-term, so
 we don't need to do anything special.

 For the broker, it will be something like this:
 {{{
 sv stop snowflake-broker
 cd /var/log/snowflake-broker
 tar cf unsanitized.tar *.s current.20190322.xz current
 shred -n 1 -v -u *.s current.20190322.xz current
 # install the new /usr/local/bin/broker
 sv start snowflake-broker
 }}}

 For proxy-go, it will be similar, except that there are several /home
 /snowflake-proxy/*.log.d log directories. Also /home/snowflake-proxy
 /snowflake-proxy-*.log{,.xz} are unsanitized logs from before we started
 using runit log directories (happened in #28390).

 For the client, we'll need a Tor Browser ticket to pick up the upgrade. A
 sample ticket and patch that can serve as a template is #26795. I know you
 are interested in the reproducible build and this would be a good
 introduction to
 [[doc/TorBrowser/Hacking#BuildingOfficialTorBrowserReleaseBinaries|rbm]]
 if you haven't used it yet. Basically, you just need to edit
 projects/snowflake/config and update `git_hash`, then run `make testbuild`
 to make sure it still builds, then open a ticket in the Applications/Tor
 Browser component.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28269 [Core Tor/Tor]: Repeated HSFETCH queries fail with QUERY_NO_HSDIR

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28269: Repeated HSFETCH queries fail with QUERY_NO_HSDIR
-+--
 Reporter:  atagar   |  Owner:  neel
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-control  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by neel):

 I totally forgot about the version numbers.

 I have pushed the changes to the torspec PR.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30148 [Core Tor/Tor]: Fix infrequent, unlikely memory leak on failure to create keys directory

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30148: Fix infrequent, unlikely memory leak on failure to create keys directory
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30146
   Points:|   Reviewer:
  Sponsor:|
--+
 In load_ed_keys(), if we can't create the key directory, we leak some
 memory.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30147 [Core Tor/Tor]: Fix "high-impact" coverity false-positive warnings outside of tests.

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30147: Fix "high-impact" coverity false-positive warnings outside of tests.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  .1
Parent ID:  #30146| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => needs_review
 * actualpoints:   => .1


Comment:

 See `ticket30147`; PR at https://github.com/torproject/tor/pull/936

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30147 [Core Tor/Tor]: Fix "high-impact" coverity false-positive warnings outside of tests.

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30147: Fix "high-impact" coverity false-positive warnings outside of tests.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30146
   Points:|   Reviewer:
  Sponsor:|
--+
 Let's fix all the current "high impact" coverity issues that are outside
 of the unit tests.  (For other issues, see siblings of this ticket.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30146 [Core Tor/Tor]: Fix coverity failures as of 04-11-2019

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30146: Fix coverity failures as of 04-11-2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 We have 44 coverity warnings right now.  They seem like harmless
 stuff/false positives, but that's still far too many.  Since I'm on this
 rotation this week, I'm going to try to solve them all.

 I'll open subtickets as appropriate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30145 [Internal Services/Tor Sysadmin Team]: Please give phw 'bridgedb' group membership

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30145: Please give phw 'bridgedb' group membership
-+-
 Reporter:  sysrqb   |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Similar to #29300

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512


 Hi!

 Please add phw as a member of the bridgedb ldap group.

 This request was signed for trac on Thu Apr 11 21:29:12 UTC 2019

 Thanks!
 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEEmQpn3DVLpEMbqGYohK8DqE7aGAAFAlyvtJkACgkQhK8DqE7a
 GAClJQ/8CRoHrELS+boiz3e4vTFJ3tSC2mtP8ibN+ECPMDFAJ03vnRAgMgdncQxb
 acPcm5bhO5RPmyJoYAz6bmn3i+BkwUqkyqVE1zU/RvIRz+uQp62wD6M2IFvbLljA
 38zUxQk5DnmZ2gasRMciZPwCYS7bKRGJsM8lpo3wyTwwQcgOP8Rtja5HHAjQzSXu
 gYkQBIRuVw3t7GoJxfA7Rp0/OVH9sgWl9RkqHX5jdApzxOwkxxgUriXbEAM9xAX/
 m2Dc7I0rv+qFdosHAv2LJRPt32GWYxk/IujJPDLtf7lMidZW5etjL7dXFCPsogrY
 6H1un8VhukZYIQt2f24zda4XnFD8jUI9tcdwJC5Q7xpqGHZlSIF2+IVx+/vu7mz4
 IRwqPaK/34QkLv8vE3oLCxR9w5kL3OHZ5fRi7RXaRDWBT8tb5j5jy2wGzq3k14jd
 td9R4odZt3YF/fefQ1Bu2poiI7xttQlzJ4H7BORwt1IMrqEAV2akUYq1+Zcw9UBR
 fBJDjNfgyZWjqFtIn0oCarVBSNLeOUldLtJlARvITDccTX1uPzr4nGRjxWVG7ESL
 2yQK2r4SqKzlhq0Zflswkr70HgQlquYUhgrgxFUvjpVZGrk6i61KTG7SeBtxTwYE
 YJBis2FWEqX0CyoMHmbPUy0Jnd61wr6zI+UkHxwkmpaLi1Zwp8U=
 =bWnS
 -END PGP SIGNATURE-
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30144 [Internal Services/Service - git]: Please give phw in the bridgedb git group

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30144: Please give phw in the bridgedb git group
-+
 Reporter:  sysrqb   |  Owner:  tor-gitadm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Similar to #29301

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Hi!

 Please give phw write access on the bridgedb.git repo.

 This request was signed for trac on Thu Apr 11 21:29:11 UTC 2019

 Thanks!
 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEEmQpn3DVLpEMbqGYohK8DqE7aGAAFAlyvsrkACgkQhK8DqE7a
 GACKdg//XsKHm56peNkbK6S3Hxho2h/nIJqDDHpTpqs0NhVBdVu/cAwjDskaP1m/
 njBPJOE8M43yQK7Pf1x6BXrRKBYWOX52h5CijDyBpcO+PyN/OVBQAKfdSrPdDV/c
 AMGNQF5RufgNf7t7Jlv54GZ46m6n7Z1KMUQG0gqB+U/U67Rljtq9udmVXIf73DlI
 HwCj9yt6vCt2/RLj+NgfMEhDqPUfvGppaBwCPcYd89S8QseguP8tHHLyVyCD4cMT
 ngZa4FIg2oEXY/3BnnY3yvdafthG+vFfKO/LmDoOQ/7nBAk/774alwtLIqnAWWdo
 NbueII7ObeCfeDFnhixWfEMd2Fv3uAEWpxSijNoK4weqVhrQIWmHVTJNN8fupKpx
 7cx0Oh7FuTr+nDyAxr2vGOCujELDRAXNJLVG/HK4g3pis2lRnL0tCrssSeDLDo2I
 CvMSPX18tONRA5K00NbsCISyzX3pNoWj7OmbIXMmkMEOA/2dy87/U1hFqiKP394S
 dszAMtLz8BPxxovAxmO7KWOr/AJdJUUmzTwChhVU60BYscrONfwCcmjfhtm448Cl
 /fQCQ8Ky9jONoZABqpwuhPkdajdxNOs8gV8cXZJ6RDD7oG4F9I0RgQDPLX/+sGKT
 vYRQrzSZdExjOvae+FSrGPEOtoEE8+aYTVFZnKvrmb7OHrkxvcU=
 =amqB
 -END PGP SIGNATURE-
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30143 [Internal Services/Service - git]: Please add phw as a member of the bridgedb-admin git group

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30143: Please add phw as a member of the bridgedb-admin git group
-+
 Reporter:  sysrqb   |  Owner:  tor-gitadm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 Similar to #29595

 {{{
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Hi!

 Please give phw write access on the bridgedb-admin.git repo.

 This request was signed for trac on Thu Apr 11 21:29:11 UTC 2019

 Thanks!
 -BEGIN PGP SIGNATURE-

 iQIzBAEBCgAdFiEEmQpn3DVLpEMbqGYohK8DqE7aGAAFAlyvsuIACgkQhK8DqE7a
 GAC+TBAAxm79fOWK9DLjDCq5Xm5JJFx1CuHJZfUoyhjW6P8Oso2CF2NJV7avfQIO
 FIutqa+XE/wbTJH8TfBRme7N57AnReaJMHkzN4oFlLDOUwR/iK1/AbVOnnRzCUIF
 qekitvRHLDYLp1PlaF2QVuYURw4q3Hgjt79foljiWm8pnow5esMZkgznJ/IlKc2J
 mq9MWvQgt0iW8tWY+cFaDcG/Fc7YsBFHooLL3xU9CPq/6F0+zS9Z+8KwbDQbR/Sy
 a9tywUubCO2qBfCSYtsODblW7ox+Dtn973p7r3GflapJKJMagSD691G0r1pz4z20
 a3ra3hFnRSl/jJWvhtOSxtoBJBfrvIjD9ez95yd2zuevfhH3hlwX9Ssj/3UD8puu
 xaDBREmOkyQ1Zd3Uf4Tj3FphijaThQfz489cxdj/M9G3rIJkADrxGuAaGjMv3XTw
 /VaMB4hgFGcxO5V9H8WBbll7+1gY5C00DjI3cYPtUTH0fO3aJj7Jr5LLPhAY8W7w
 Djh340CfLJJRJO16HrbPsxfRg2J5bcZzaGhwUlPw4tprhb/MJ+MxrXG7lf4nrplF
 91HW1xK7EFI8YXh3Ha8rY+Iv1pCaxVV/4b0Mi/AxW9h1BnDmyhAQyFnW7SKXOWQ6
 ld27i8/o/1dLGuzdbh/UXSDfBbs0tLfywforcT3fkuFSleSF7XQ=
 =WBlX
 -END PGP SIGNATURE-
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30142 [Obfuscation/Snowflake]: Remove serene from snowflake.git commit access?

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30142: Remove serene from snowflake.git commit access?
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 The current set of users able to commit to /pluggable-
 transports/snowflake.git is (according to comment:2:ticket:30044):
 {{{
 serene arlo dcf ahf cohosh phw
 }}}

 serene hasn't committed since March 2017 (`git log --author serene`).
 Should we remove that account's access?

 I'm making this ticket for possible discussion before opening a "Services
 - git" ticket.

 Related ticket regarding bridge admin access: #30138.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27609 [Applications/Tor Browser]: TBA: Evaluate Tor Onion Proxy Library

2019-04-11 Thread Tor Bug Tracker & Wiki 
#27609: TBA: Evaluate Tor Onion Proxy Library
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, TBA-a3, tbb-8.5-must-|  Actual Points:
  alpha, TorBrowserTeam201904|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-

Comment (by gk):

 Looking over the code of your `0411` branch and the essentially same
 changes in `android-0318` I realized I forgot to mention two issues in
 addition to those raised in comment:35:

 1) please check the respective `gradle_dependencies_version` declarations
 in the changed/added `config` files, they should either get incremented by
 1 or start with 1 (the one for `tor_android_service` starts with 3 it
 seems)

 2) On a branch for review, could you please only put the commits on top of
 `master` that are actually needed/intended to get reviewed? I am sure the
 patch for #28764 is not, but am not so sure about the one for #28803.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21315 [Obfuscation/Snowflake]: publish some realtime stats from the broker?

2019-04-11 Thread Tor Bug Tracker & Wiki 
#21315: publish some realtime stats from the broker?
---+---
 Reporter:  arma   |  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #29461 | Points:
 Reviewer: |Sponsor:  Sponsor19
---+---

Comment (by irl):

 Replying to [comment:5 cohosh]:
 > It sounds like we have a few things we want to achieve/learn from
 collected metrics:
 > - Detect censorship events
 > - Allow current or potential proxies to see if they are needed
 > - Allow clients to see whether their connection issues are due to
 censorship or proxy availability
 > - Help us figure out whether we should be doing something different in
 distributing proxies to clients

 These all seem like good goals.

 > We current collect and "publish" information on:
 > - how many snowflake are currently available along with their SIDs
 (available at broker /debug handler). This is good for more detailed
 monitoring of censorship events. Even though we collect bridge usage
 metrics, collecting broker usage metrics will narrow down where the
 censorship is happening.
 > - country stats of domain-fronted client connections (logged, most
 recent snapshot at broker /debug)
 > - the roundtrip time it takes for a client to connect to get a snowflake
 proxy answer (available at broker /debug)

 Should we be already archiving this data?

 > Some of the metrics mentioned above will be easier to implement than
 others. The best place to collect statistics is at the broker, but some of
 the data mentioned would require proxies to report metrics to the broker
 for collection. We have to be a bit careful with this since anyone can run
 a proxy. It will also impact the decisions we make for #29207.

 We collect a lot of statistics at relays and bridges, which anyone can
 run. We are working on methods of improving robustness against these
 statistics being manipulated, but so far have not detected anyone
 reporting values that are not normal. It is good to have criteria for
 determining, based on stats others report, what you would be expecting so
 that anomalies can be detected. For example, we would expect relay
 bandwidth usage among relays to be proportional to consensus weight.

 > > I would also be interested in stats about users and usage (including
 e.g. number of users being handled divided by number of snowflakes
 handling them)
 >
 > This is a bit tricky. The broker knows which proxies it hands out the
 users but doesn't know the state of the clients' connections to those
 proxies (e.g., when they have been closed). It's also worth noting that
 different "types" of proxies (standalone vs. browser-based) can handle a
 different amount of users at once. Perhaps a more useful metric would be
 for snowflake proxies to advertize to the broker how many available
 "slots/tokens" they have when they poll for clients. This could be added
 to the broker--proxy WebSocket protocol. It would also avoid collecting
 more data on clients which is generally safer

 This sounds like a reasonable approach. You might want to take a look at:

 * https://research.torproject.org/techreports/countingusers-2010-11-30.pdf
 * https://research.torproject.org/techreports/counting-daily-bridge-
 users-2012-10-24.pdf

 This will give you an idea of how we do this for other parts of Tor.

 > > how many times are you giving snowflakes out? How many times did you
 stop giving a snowflake out because you've given it out so many times
 already? These questions tie into the address distribution algorithm
 question

 Can this also be an indirect measurement of number of users?

 > The above comment addresses this as well. The broker doesn't really
 decide whether or not they've given a snowflake out too many times. I
 think more important to deciding whether we are giving out proxies in a
 good way is to try to measure how "reliable" individual proxies have been
 in the past. This is related to setting up persistent identifiers
 (#29260).

 For relays, directory authorities track the mean time between failures,
 and we track this in Tor Metrics too.

 > It might also be interesting to have some kind of proxy diversity metric
 (e.g., whether 90% of all connections are handled by the same proxy). We
 can get some idea with persistent identifiers (#29260), but of course
 using a persistent identifier will always be optional. We can also do
 collection of geoip country stats of proxies.

 We don't really have this metric for relays yet, so if you have ideas that
 would be applicable to relays too then that would be great. We know about
 country/AS distribution, but we

[tor-bugs] #30141 [Applications/Tor Browser]: Double-check exoplayer library for vulnerabilities

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30141: Double-check exoplayer library for vulnerabilities
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-mobile
Actual Points:|  Parent ID:  #30139
   Points:|   Reviewer:
  Sponsor:|
--+
 The exoplayer library currently used (r2.4.0) is rather old (latest stable
 is r2.9.6) and Mozilla has already found some defects with the help of
 coverity that should get fixed (see:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1371247). There are potential
 security bugs that got fixed between r2.4.0 and r2.9.6 that we should pick
 up as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30140 [Applications/Tor Browser]: Make sure HLS related requests obey the specified proxy

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30140: Make sure HLS related requests obey the specified proxy
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-mobile
Actual Points:|  Parent ID:  #30139
   Points:|   Reviewer:
  Sponsor:|
--+
 In #28125 we disabled HLS as the resulting DNS requests are sent without a
 proxy on some Android systems. We should find a better solution making
 sure those requests are actually using the proxy specified.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29859 [Applications/Tor Browser]: Playing videos on Twitter is not working and freezing the mobile browser

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29859: Playing videos on Twitter is not working and freezing the mobile browser
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-mobile, GeorgKoppen201904,   |  Actual Points:
  TorBrowserTeam201904R, tbb-8.5-must|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks. Cherry-picked onto `tor-browser-60.6.1esr-8.5-1` (commit
 477af8c709134b57b530b4b94ce6b4c82cb46fce).

 I opened #30139 for reenabling HLS support (with child tickets for the
 issues we have found so far (that is proxy bypass of DNS requests and old
 exoplayer library)).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30139 [Applications/Tor Browser]: Reenable HLS support on mobile

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30139: Reenable HLS support on mobile
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-mobile
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 We needed to disable HLS support in #29859 due to crashes. Those were
 caused by the patch for #28125 which was preventing direct DNS request
 from Android. This ticket is tracking the work to reenable HLS support.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21315 [Obfuscation/Snowflake]: publish some realtime stats from the broker?

2019-04-11 Thread Tor Bug Tracker & Wiki 
#21315: publish some realtime stats from the broker?
---+---
 Reporter:  arma   |  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #29461 | Points:
 Reviewer: |Sponsor:  Sponsor19
---+---

Comment (by cohosh):

 Replying to [comment:6 karsten]:
 > I noticed that metrics-team is cc'ed, but from reading the comments it
 seems like you're still at design discussions like the slots/tokens idea.
 When is a good time for the metrics team to get involved? Should we wait
 until you have a better idea what you want? Or should we help with the
 bikeshedding right now? :)
 >
 I think we've still got a bit of work to do before we will know enough
 about where we want to go to include the metrics team. We have a few other
 tickets we need to cover first before we will even have the data we need
 at the broker for some of these metrics.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29223 [Core Tor/Tor]: List canonical abbreviations to use in Tor functions and identifiers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29223: List canonical abbreviations to use in Tor functions and identifiers
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:  Sponsor31-must
--+

Comment (by nickm):

 I've attached a file documenting all the abbreviations that are currently
 in use in function names.  Some of them collide; some are ambiguous; some
 long terms in frequent use are missing abbreviations.

 Next steps here are to identify preferred versions (or not) for all
 ambiguous abbreviations; decide what to rectify and what to grandfather
 in; and make a (proposed) canonical list.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29223 [Core Tor/Tor]: List canonical abbreviations to use in Tor functions and identifiers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29223: List canonical abbreviations to use in Tor functions and identifiers
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:  Sponsor31-must
--+
Changes (by nickm):

 * Attachment "abbrevs-today.txt" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30028 [Internal Services/Tor Sysadmin Team]: additional prometheus/grafana exporters/dashboards

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30028: additional prometheus/grafana exporters/dashboards
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #29681   | Points:
 Reviewer:   |Sponsor:
-+-
Description changed by anarcat:

Old description:

> our munin replacement is not entirely complete, as there are key parts of
> the infrastructure that are not monitored. here's a short inventory of
> what I found in #29681:
>
> '''email servers monitoring (eugeni, etc? postfix)'''
>
> * [https://github.com/kumina/postfix_exporter in debian],
> [https://github.com/kumina/postfix_exporter/issues/21 possible dashboard]
> * another approach: [https://github.com/cherti/mailexporter email
> delivery tests]
>
> '''mailman monitoring'''
>
> no known exporter or dashboard
>
> '''databases'''
>
> * [https://github.com/wrouesnel/postgres_exporter/ postgres exporter in
> debian], [https://github.com/wrouesnel/postgres_exporter/issues/218 no
> offocial dashboard], but
> [https://grafana.com/dashboards?dataSource=prometheus=postgres
> many possible dashboards]
> * [https://github.com/prometheus/mysqld_exporter mysqld exporter in
> debian] - [https://grafana.com/dashboards/625 possible dashboard]
> [https://github.com/percona/grafana-dashboards another from  percona],
> [https://github.com/prometheus/mysqld_exporter/issues/286 not officially
> documented]
> * [https://github.com/free/sql_exporter generic sql exporter], in debian
> - [https://github.com/credativ/elephant-shed/tree/master/sql-exporter
> credativ config] and [https://github.com/credativ/elephant-
> shed/tree/master/grafana dashboard]
>
> '''DNS / bind'''
>
> - [https://github.com/digitalocean/bind_exporter/ in debian],
> [https://grafana.com/dashboards/1666 official dashboard]
>
> '''GitLab'''
>
> there is
> [https://docs.gitlab.com/ee/administration/monitoring/prometheus/ builtin
> support for prometheus] that has to be
> [https://docs.gitlab.com/ee/administration/monitoring/prometheus/gitlab_metrics.html
> configured]
>
> those are the other missing things I found during the audit performed
> while removing Munin:
>
>  * '''spamassassin''': ham/spam/total counts, looks for `spamd:
> ((processing|checking) message|identified spam|clean message)` in
> mail.log, could be replaced with [https://github.com/google/mtail ​mtail]
>  * '''postgres-wal-traffic_''': should be covered by the
> postgres_exporter mentioned above, otherwise hook `psql -p "$port" --no-
> align --command 'SELECT * FROM pg_current_xlog_insert_location()'
> --tuples-only --quiet | tr -d /,` into the node_exporter
>  * '''ksm stats''': extra memory statistics, might not be very important
>  * '''haproxy''': https://github.com/prometheus/haproxy_exporter
>  * '''per VM disk usage''': see  #29816
>  * '''vsftpd''': custom mtail plugin, no known exporter or dashboard
>
> See the full review in #29682 for details on those.
>
> There were also demands from other teams for monitoring, see #29863 and
> #30006 for now.

New description:

 our munin replacement is not entirely complete, as there are key parts of
 the infrastructure that are not monitored. here's a short inventory of
 what I found in #29681:

 '''email servers monitoring (eugeni, etc? postfix)'''

 * [https://github.com/kumina/postfix_exporter in debian],
 [https://github.com/kumina/postfix_exporter/issues/21 possible dashboard]
 * another approach: [https://github.com/cherti/mailexporter email delivery
 tests]

 '''mailman monitoring'''

 no known exporter or dashboard

 '''databases'''

 * [https://github.com/wrouesnel/postgres_exporter/ postgres exporter], in
 debian, [https://github.com/wrouesnel/postgres_exporter/issues/218 no
 offocial dashboard], but
 [https://grafana.com/dashboards?dataSource=prometheus=postgres many
 possible dashboards]
 * [https://github.com/prometheus/mysqld_exporter mysqld exporter], in
 debian - [https://grafana.com/dashboards/625 possible dashboard]
 [https://github.com/percona/grafana-dashboards another from  percona],
 [https://github.com/prometheus/mysqld_exporter/issues/286 not officially
 documented]
 * [https://github.com/free/sql_exporter generic sql exporter], in debian -
 [https://github.com/credativ/elephant-shed/tree/master/sql-exporter
 credativ config] and [https://github.com/credativ/elephant-
 shed/tree/master/grafana dashboard]

 '''DNS / bind'''

 - [https://github.com/digitalocean/bind_exporter/ in debian],

Re: [tor-bugs] #30028 [Internal Services/Tor Sysadmin Team]: additional prometheus/grafana exporters/dashboards

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30028: additional prometheus/grafana exporters/dashboards
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #29681   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  reopened => closed
 * resolution:   => fixed


Old description:

> our munin replacement is not entirely complete, as there are key parts of
> the infrastructure that are not monitored. here's a short inventory of
> what I found in #29681:
>
> '''email servers monitoring (eugeni, etc? postfix)'''
>
> * [https://github.com/kumina/postfix_exporter in debian],
> [https://github.com/kumina/postfix_exporter/issues/21 possible dashboard]
> * another approach: [https://github.com/cherti/mailexporter email
> delivery tests]
>
> '''mailman monitoring'''
>
> no known exporter or dashboard
>
> '''databases'''
>
> * [https://github.com/wrouesnel/postgres_exporter/ postgres exporter in
> debian], [https://github.com/wrouesnel/postgres_exporter/issues/218 no
> offocial dashboard], but
> [https://grafana.com/dashboards?dataSource=prometheus=postgres
> many possible dashboards]
> * [https://github.com/prometheus/mysqld_exporter mysqld exporter in
> debian] - [https://grafana.com/dashboards/625 possible dashboard]
> [https://github.com/percona/grafana-dashboards another from  percona],
> [https://github.com/prometheus/mysqld_exporter/issues/286 not officially
> documented]
>
> '''DNS / bind'''
>
> - [https://github.com/digitalocean/bind_exporter/ in debian],
> [https://grafana.com/dashboards/1666 official dashboard]
>
> '''GitLab'''
>
> there is
> [https://docs.gitlab.com/ee/administration/monitoring/prometheus/ builtin
> support for prometheus] that has to be
> [https://docs.gitlab.com/ee/administration/monitoring/prometheus/gitlab_metrics.html
> configured]
>
> those are the other missing things I found during the audit performed
> while removing Munin:
>
>  * '''spamassassin''': ham/spam/total counts, looks for `spamd:
> ((processing|checking) message|identified spam|clean message)` in
> mail.log, could be replaced with [https://github.com/google/mtail ​mtail]
>  * '''postgres-wal-traffic_''': should be covered by the
> postgres_exporter mentioned above, otherwise hook `psql -p "$port" --no-
> align --command 'SELECT * FROM pg_current_xlog_insert_location()'
> --tuples-only --quiet | tr -d /,` into the node_exporter
>  * '''ksm stats''': extra memory statistics, might not be very important
>  * '''haproxy''': https://github.com/prometheus/haproxy_exporter
>  * '''per VM disk usage''': see  #29816
>  * '''vsftpd''': custom mtail plugin, no known exporter or dashboard
>
> See the full review in #29682 for details on those.
>
> There were also demands from other teams for monitoring, see #29863 and
> #30006 for now.

New description:

 our munin replacement is not entirely complete, as there are key parts of
 the infrastructure that are not monitored. here's a short inventory of
 what I found in #29681:

 '''email servers monitoring (eugeni, etc? postfix)'''

 * [https://github.com/kumina/postfix_exporter in debian],
 [https://github.com/kumina/postfix_exporter/issues/21 possible dashboard]
 * another approach: [https://github.com/cherti/mailexporter email delivery
 tests]

 '''mailman monitoring'''

 no known exporter or dashboard

 '''databases'''

 * [https://github.com/wrouesnel/postgres_exporter/ postgres exporter in
 debian], [https://github.com/wrouesnel/postgres_exporter/issues/218 no
 offocial dashboard], but
 [https://grafana.com/dashboards?dataSource=prometheus=postgres many
 possible dashboards]
 * [https://github.com/prometheus/mysqld_exporter mysqld exporter in
 debian] - [https://grafana.com/dashboards/625 possible dashboard]
 [https://github.com/percona/grafana-dashboards another from  percona],
 [https://github.com/prometheus/mysqld_exporter/issues/286 not officially
 documented]
 * [https://github.com/free/sql_exporter generic sql exporter], in debian -
 [https://github.com/credativ/elephant-shed/tree/master/sql-exporter
 credativ config] and [https://github.com/credativ/elephant-
 shed/tree/master/grafana dashboard]

 '''DNS / bind'''

 - [https://github.com/digitalocean/bind_exporter/ in debian],
 [https://grafana.com/dashboards/1666 official dashboard]

 '''GitLab'''

 there is [https://docs.gitlab.com/ee/administration/monitoring/prometheus/
 builtin support for prometheus] that has to be

Re: [tor-bugs] #28269 [Core Tor/Tor]: Repeated HSFETCH queries fail with QUERY_NO_HSDIR

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28269: Repeated HSFETCH queries fail with QUERY_NO_HSDIR
-+--
 Reporter:  atagar   |  Owner:  neel
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-control  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by irl):

 The changelog for the tor PR looks good, I did not look at the code.

 The torspec PR does not mention which version of tor implements the new
 response, and seems to imply it appeared at the same time as the NO_HSDIR
 response, which is incorrect.

 I'm not a network team person, but I'd suggest that the spec PR needs
 revision.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28269 [Core Tor/Tor]: Repeated HSFETCH queries fail with QUERY_NO_HSDIR

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28269: Repeated HSFETCH queries fail with QUERY_NO_HSDIR
-+--
 Reporter:  atagar   |  Owner:  neel
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-control  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by neel):

 * status:  assigned => needs_review


Comment:

 PR is here: https://github.com/torproject/tor/pull/935

 Torspec PR is here: https://github.com/torproject/torspec/pull/75

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28521 [Obfuscation/FTE]: fte is not working using default tor browser bridges

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28521: fte is not working using default tor browser bridges
-+---
 Reporter:  boklm|  Owner:  kpdyer
 Type:  defect   | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/FTE  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by kpdyer):

 Unfortunately, I don't have the time to manage these bridges anymore.

 Maybe it's best to remove them from the Tor Browser? That is unless
 someone else is willing to assume ownership.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30138 [Obfuscation/Snowflake]: Remove serene from snowflake bridge admin

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30138: Remove serene from snowflake bridge admin
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  task   | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by arlolra):

 Sure, we can always add them back if they show up again

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30125 [Obfuscation/Snowflake]: Port server's log sanitization to client, broker, and proxy-go

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30125: Port server's log sanitization to client, broker, and proxy-go
---+--
 Reporter:  dcf|  Owner:  cohosh
 Type:  enhancement| Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor19
---+--

Comment (by dcf):

 Should it also be used in client?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30138 [Obfuscation/Snowflake]: Remove serene from snowflake bridge admin

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30138: Remove serene from snowflake bridge admin
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  task   | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by dcf):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30138 [Obfuscation/Snowflake]: Remove serene from snowflake bridge admin

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30138: Remove serene from snowflake bridge admin
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 The current set of users with access to admin accounts on the bridge is
 {{{
 AllowUsers dcf serene arlolra cohosh phw
 }}}

 It looks like serene has not used her account since it was created in
 January 2017. I propose that we remove the account.

 I just checked, and there was never a serene account on the broker, so
 nothing to do there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30028 [Internal Services/Tor Sysadmin Team]: additional prometheus/grafana exporters/dashboards

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30028: additional prometheus/grafana exporters/dashboards
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29681   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 i'm looking at the psql exporter again because of a recent trac crash
 which i suspect might be related.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29985 [Obfuscation/Snowflake]: Give phw access to Snowflake infrastructure hosts

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29985: Give phw access to Snowflake infrastructure hosts
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  task   | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by dcf):

 I set up accounts on the bridge and broker for phw. Philipp, do you want
 to close this ticket after verifying that the logins work?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30137 [Core Tor/Stem]: Update PyPI links

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30137: Update PyPI links
-+---
 Reporter:  illia-v  |  Owner:  atagar
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Component:  Core Tor/Stem
  Version:   |   Severity:  Minor
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  atagar   |Sponsor:
-+---
 pypi.org replaced pypi.python.org some time ago. All requests to
 pypi.python.org are redirected to pypi.org.

 https://packaging.python.org/guides/migrating-to-pypi-org/

 
[https://github.com/illia-v/stem/commit/5aa0e5a318e6daca243f6ff96cbfdb1df6ed3199
 This commit] updates all links in the Stem project.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28622 [Applications/Tor Browser]: Update Tor Browser Icon for Android

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28622: Update Tor Browser Icon for Android
-+-
 Reporter:  pili |  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ux-team, tbb-mobile, TBA-a3, tbb-|  Actual Points:
  parity, tbb-8.5-must-alpha,|
  TorBrowserTeam201904R, GeorgKoppen201904   |
Parent ID:  #27399   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks. I've cherry-picked the patches onto `tor-browser-60.6.1esr-8.5-1`
 (commit 099b6fcae28c60e96e7c24fd54ca7da14b00510f and
 80e82b14804f677dd89a63a79d42f420ab9ccb7d). And opened a ticket for the
 "Tor Browser" vs. "Tor Browser for Android" question for 8.5 (#30136).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30136 [Applications/Tor Browser]: Decide whether to use "Tor Browser" or "Tor Browser for Android" for mobile stable

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30136: Decide whether to use "Tor Browser" or "Tor Browser for Android" for 
mobile
stable
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-mobile, tbb-parity,
 Severity:  Normal   |  TorBrowserTeam201904, tbb-8.5-must
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 In #28622 the question came up whether we should use "Tor Browser" or "Tor
 Browser for Android" for mobile. I think the former as Android is yet
 another platform besides Windows, macOS, and Linux. We only have one
 browser that serves all the platforms.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30135 [Applications/Tor Browser]: Make all TBB users not stand out from each other

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30135: Make all TBB users not stand out from each other
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Minor| Resolution:  wontfix
 Keywords:  TBB Useragent FireFox Mobile os  |  Actual Points:
  tbb-fingerprint-os fingerprint |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 We won't ship the same User Agent for any Tor Browser version possible.
 We'll adapt it from major to major Firefox versions. There are no plans
 either to allow user agent overriding. That's not implemented in Firefox
 (anymore) and does not serve any fingerprinting protection. If you have a
 bad guard that is able to control the exit you are using as well, you have
 essentially lost. There is no need to play tricks with TCP fingerprinting
 and User Agent matching.

 Thus, I think this ticket is essentially a wontfix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30123 [Core Tor/Tor]: MAPADDRESS result can mix status codes

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30123: MAPADDRESS result can mix status codes
---+
 Reporter:  catalyst   |  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:  Tor: 0.4.0.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  tor-control, tor-spec  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by nickm):

 Hm.  My first thought is that it is indeed possible for this to succeed in
 part but fail in part.  Let's amend the specification so that it says
 "unless documented otherwise", and then document that MAPADDRESS does
 this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30125 [Obfuscation/Snowflake]: Port server's log sanitization to client, broker, and proxy-go

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30125: Port server's log sanitization to client, broker, and proxy-go
---+--
 Reporter:  dcf|  Owner:  cohosh
 Type:  enhancement| Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor19
---+--
Changes (by cohosh):

 * status:  assigned => needs_review


Comment:

 See https://github.com/cohosh/snowflake/compare/ticket30125

 I put the safelog package inside the top-level directory common/ because I
 think we will have more factored out code later, specifically for the
 websocket pieces that the proxy-go instances and the clients will use to
 talk to the broker.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #11949 [Applications/Tor Browser]: Randomize Tor Browser Fingerprint

2019-04-11 Thread Tor Bug Tracker & Wiki 
#11949: Randomize Tor Browser Fingerprint
--+--
 Reporter:  mt2014|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-firefox-patch |  Actual Points:
Parent ID:| Points:
--+--

Comment (by cypherpunks):

 we do suggest the opposite. Don't Randomize Tor Browser Fingerprint. Make
 all user look identical. Only gives you ability to be a needle in a
 haystack.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30135 [Applications/Tor Browser]: Make all TBB users not stand out from each other

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30135: Make all TBB users not stand out from each other
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Component:  Applications/Tor
 |  Browser
  Version:   |   Severity:  Minor
 Keywords:  TBB Useragent FireFox|  Actual Points:
  Mobile os tbb-fingerprint-os   |
  fingerprint|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
 1. Useragent MUST be same for every platform, no OS differences.
 2. Useragent MUST NOT leak version of TB, use same for any version. Let
 non-updated version also use a newer Useragent string without upgrade. To
 not stand out from already updated users. For not making attractive for
 version targeted exploits. By simply not reporting it but mask it.
 3. Useragent SHOULD look more common to regular FireFox. Avoid block
 ability by fingerprint. Make access logs not stand out as TB user.
 ?. For 1. the Useragent MAY differ only reason is on Mobile platform for
 Ability of telling website mobile version is proffered delivered... or is
 there a better way to receive  websites mobile version?
 May implement Useragent overriding string. Whatever OS or version they
 actually use. May fetching by startup from http://rqef5a5mebgq46y5.onion/
 to make sure all users use the same. Independed of any other case.
 All requests coming out of Exit or going to HS should look as could be
 from same person. Not differentiation by OS of user. For example, Bad
 guard or watched guard nodes could look in TCP fingerprinting OS in entry
 connection and match it with Service/exit used in useragent. making to
 find a needle in a haystack to a more little haystack actually.

 Current situation: For what reason hs needs to know os? Not!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28940 [Obfuscation/Pluggable transport]: Add support for LOG to goptlib

2019-04-11 Thread Tor Bug Tracker & Wiki 
#28940: Add support for LOG to goptlib
-+-
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:  implemented
 Keywords:  goptlib  |  Actual Points:
Parent ID:   | Points:  0.3
 Reviewer:   |Sponsor:  Sponsor19
-+-
Changes (by dcf):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 Merged in [https://gitweb.torproject.org/pluggable-
 
transports/goptlib.git/commit/?h=v1.1.0=350ea810838a99d9fc9bf7e3523fcc5635691eed
 350ea810838a99d9fc9bf7e3523fcc5635691eed] and tagged
 [https://gitweb.torproject.org/pluggable-
 transports/goptlib.git/tag/?h=v1.1.0 v1.1.0].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30117 [Core Tor/Tor]: Support stem's backtrace signals in Travis

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30117: Support stem's backtrace signals in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.8-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci-fail-sometimes,   |  Actual Points:  0.4
  035-backport, 040-backport |
Parent ID:  #29437   | Points:  0.2
 Reviewer:  nickm|Sponsor:
-+-

Comment (by nickm):

 Is it possible that this is an issue where we've installed mock for
 python3 but not python2, or something like that?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30117 [Core Tor/Tor]: Support stem's backtrace signals in Travis

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30117: Support stem's backtrace signals in Travis
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.8-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-ci-fail-sometimes,   |  Actual Points:  0.4
  035-backport, 040-backport |
Parent ID:  #29437   | Points:  0.2
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 The patches here look plausible, but the CI is failing:
 {{{
 To run stem's tests you'll need mock...
 https://pypi.python.org/pypi/mock/
 You can get it by running 'sudo pip install mock'.
 The command "if [[ "$TEST_STEM" != "" ]]; then make src/app/tor; timelimit
 -p -t 540 -s USR1 -T 30 -S ABRT python "$STEM_SOURCE_DIR"/run_tests.py
 --tor src/app/tor --integ --log notice --target RUN_ALL; fi" exited with
 1.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30079 [Core Tor/Tor]: shellcheck: src/test/fuzz/minimize.sh issue

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30079: shellcheck: src/test/fuzz/minimize.sh issue
--+
 Reporter:  rl1987|  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  cohosh|Sponsor:
--+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30002 [Core Tor/Tor]: shellcheck: test_key_expiration.sh issues

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30002: shellcheck: test_key_expiration.sh issues
--+
 Reporter:  rl1987|  Owner:  rl1987
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  cohosh|Sponsor:
--+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 merged to master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27503 [Applications/Tor Browser]: Disabling accessibility on Windows breaks screen readers

2019-04-11 Thread Tor Bug Tracker & Wiki 
#27503: Disabling accessibility on Windows breaks screen readers
-+-
 Reporter:  gk   |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-8.0-issues, tbb-regression,  |  Actual Points:
  GeorgKoppen201903, tbb-8.5-must,   |
  TorBrowserTeam201904   |
Parent ID:   | Points:
 Reviewer:  boklm|Sponsor:
-+-

Comment (by gk):

 Replying to [comment:58 gk]:
 > Replying to [comment:57 pospeselr]:
 > > I've built and tested 64 bit as well and see the same behavior as
 described above in 64-bit Windows 10 with (ie able to read page contents
 via mouse-over using NVDA)
 > >
 > > Here's the current changeset used to build the above nightlies
 (literally just the current patch from the Mozilla bug)
 > >
 > > https://gitweb.torproject.org/user/richard/tor-
 browser.git/commit/?h=bug_27503_v2
 >
 > Okay, I looked at the history of where I left dealing with the bug
 figuring out why this seems to work better now.
 >
 > So, in ESR 60.5.0 all the patches done by Jacek in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 landed. The still
 relevant comments then start with comment:36. I _think_ I built the bundle
 there with the patch in your `bug_27503_v2` applied. While I did not
 expect the bundle closer it asserts at the same place as Tom's
 
https://treeherder.mozilla.org/#/jobs?repo=try=c5ef984f2726adce22144c7a0d843ae761b94c6e
 (see Jacek's comment in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1520177#c15 and the attached
 debuglog.txt to this bug). I think my
 https://bugzilla.mozilla.org/show_bug.cgi?id=1520177#c19 is referring to
 that.
 >
 > All those builds are *debug* builds, however, while yours are none it
 seems. Thus, one thing we could test is whether you see the same problem
 compiling with `--enable-debug`.

 Yes, that's been it: we are hitting the assert on the debug builds which
 result in a broken experience. The non-debug builds (i.e. those we ship)
 are less affected: there is accessibility support even though it's not
 fully on par with that offered by vanilla Firefox). I'll take the patch
 from pospeselr's `bug_27503_v2` for the upcoming alpha to give it wider
 testing. That's commit f5f845f5fe14b5085f919ba46ec092b14c7fcb11 on `tor-
 browser-60.6.1esr-8.5-1` and will hopefully be available in 8.5a11.

 Leaving this ticket open to investigate and fix the remaining issues.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29612 [Core Tor/Tor]: Update the documentation for ExitRelay

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29612: Update the documentation for ExitRelay
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.5.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  fast-fix, doc, 035-backport, |  Actual Points:
  040-backport   |
Parent ID:   | Points:  0.1
 Reviewer:  ahf  |Sponsor:
-+-
Changes (by nickm):

 * milestone:  Tor: 0.4.1.x-final => Tor: 0.4.0.x-final


Comment:

 Merged to master.  Possible to backport to 0.4.0 and beyond.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29640 [Core Tor/Tor]: Improve the monotonic time documentation in compat_time.c

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29640: Improve the monotonic time documentation in compat_time.c
---+---
 Reporter:  teor   |  Owner:  teor
 Type:  defect | Status:
   |  merge_ready
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.1.x-final
Component:  Core Tor/Tor   |Version:  Tor:
   |  0.2.9.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  tor-time, 040-backport, asn-merge  |  Actual Points:  0.1
Parent ID: | Points:  0.1
 Reviewer:  nickm  |Sponsor:
---+---
Changes (by nickm):

 * keywords:  tor-time, 040-backport => tor-time, 040-backport, asn-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23731 [Community/Outreach]: some websites block requests by HTTP User-Agent

2019-04-11 Thread Tor Bug Tracker & Wiki 
#23731: some websites block requests by HTTP User-Agent
--+---
 Reporter:  cypherpunks   |  Owner:  mrphs, alison
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Outreach|Version:
 Severity:  Normal| Resolution:
 Keywords:  User-Agent, blocking  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 websites that reject Firefox is internet vandalism. wontfix
 1. no, makes you stand out.
 2. we have a list of sites blocking tor
 3. if they block Firefox, website is wrong anyway. however, tbb might look
 more equal to Firefox in detail by useragent

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30129 [Applications/Tor Browser]: Add a spinning onion as animation during bootstrap

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30129: Add a spinning onion as animation during bootstrap
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-8.5, TorBrowserTeam201904, tbb-  |  Actual Points:
  mobile |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 wasn't the old behaviour to have it spinning if NEWNYM changing to new
 identity also?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29566 [Applications/Tor Browser]: math.cos reveals OS

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29566: math.cos reveals OS
--+---
 Reporter:  Thorin|  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:  tbb-fingerprinting-os |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 nice find neat.  please remember tbb android too

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30086 [Applications/Tor Browser]: Tor Browser for Android: Sync Sign-In Button crashes

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30086: Tor Browser for Android: Sync Sign-In Button crashes
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-crash, tbb.mobile,   |  Actual Points:
  TorBrowserTeam201904, tbb-8.5-must |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 i can confirm to reproduce this on multiple android versions.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27284 [Core Tor/Tor]: Check IPv6 exit policies on microdescs

2019-04-11 Thread Tor Bug Tracker & Wiki 
#27284: Check IPv6 exit policies on microdescs
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, 040-deferred-20190220, teor-   |  Actual Points:
  unreached-2019-03-08   |
Parent ID:  #27248   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:9 cypherpunks]:
 > if this is the case with md only, is the journey until fix to go with:
 > {{{
 > UseMicrodescriptors 0
 > }}}
 > ?
 This is a question not a fix? But the question is, it is the fix? Who
 knows?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30121 [Applications/Tor Browser]: Create authoritative, parseable list of Tor Browser's default bridges

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30121: Create authoritative, parseable list of Tor Browser's default bridges
--+--
 Reporter:  phw   |  Owner:  phw
 Type:  task  | Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-bridges   |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+--

Comment (by dcf):

 Replying to [comment:6 irl]:
 > If we wanted to scrape out of the tor-browser-build.git, we could define
 a subset of JavaScript with strict formatting

 The bridge_prefs.js file already is that. It's not actually JavaScript
 code, but a configuration file with syntax that resembles JavaScript. Here
 is the grammar, from Firefox's parser:
   https://dxr.mozilla.org/mozilla-
 
central/rev/e152590056cc434823f354f149706d28b6127c66/modules/libpref/parser/src/lib.rs#11-33
 https://dxr.mozilla.org/firefox/source/modules/libpref/src/prefread.cpp#184-202
 (C++ parser, [https://bugzilla.mozilla.org/show_bug.cgi?id=1423840 no
 longer used])

 This is the reason why the bridge line for cymrubridge33 in #21917 is only
 lightly obfuscated. We initially wanted to try JS-based obfuscation to
 confuse a censor's scraper like
 `"extensions.torlau"+"ncher.default_br"+"idge"`, but the prefs file syntax
 doesn't allow it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #30134 [Applications/Orbot]: reEnable IPv6 routing by Orbot add back Route to handle IPv6

2019-04-11 Thread Tor Bug Tracker & Wiki 
#30134: reEnable IPv6 routing by Orbot add back Route to handle IPv6
-+
 Reporter:  cypherpunks  |  Owner:  n8fr8
 Type:  defect   | Status:  new
 Priority:  High |  Component:  Applications/Orbot
  Version:   |   Severity:  Minor
 Keywords:  Orbot IPv6   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
 I wondered why Orbot does not use IPv6 routing but Tor Browser access IPv6
 sites fine, while both android and badvpn support it very well.

 After looking into code i found the line at:

 
https://github.com/n8fr8/orbot/blob/56917567cd21a734a35f3bee0e56ba23793b6887/orbotservice/src/main/java/org/torproject/android/service/vpn/OrbotVpnManager.java#L327

  commented out :( :
 {{{
 //handle ipv6
 //builder.addAddress("fdfe:dcba:9876::1",
 126);
 //builder.addRoute("::", 0);
 }}}

 Tor Browser speaks directly to socks5 of tor with IPv6 and not over
 tun2socks vpn translation. That's why you can actually access IPv6
 Websites but not for tunneling any other application connection to IPv6.

 tun2socks just requires argument:


 {{{
 --netif-ip6addr fdfe:dcba:9876::2
 }}}

 if
 {{{
 fdfe:dcba:9876::1
 }}}
  will be address of virtual interface

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29787 [Metrics/Onionperf]: Enumerate possible failure cases and include failure information in .tpf output

2019-04-11 Thread Tor Bug Tracker & Wiki 
#29787: Enumerate possible failure cases and include failure information in .tpf
output
---+--
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by acute):

 The script only showed errors where it was correlated with a circuit id
 (an inner join in other words). I've updated it so it outputs all errors
 in the csv (eg I find a total of 123 errors between 10/01 and 10/04).
 Thanks for spotting this, the updated version is on git!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

  1   2   3   >