Re: [tor-bugs] #31245 [Core Tor/Tor]: Coverity: multiple defects in btrack tests

[Tor Bug Tracker & Wiki]

#31245: Coverity: multiple defects in btrack tests
+--
 Reporter:  catalyst|  Owner:  catalyst
 Type:  defect  | Status:  closed
 Priority:  Low |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  bootstrap, coverity, tor-tests  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
|  Sponsor28-can
+--
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Ah, never mind!  I was looking at an old query.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31461 [Core Tor/Tor]: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog

[Tor Bug Tracker & Wiki]

#31461: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  041-must  |  Actual Points:  0.2
Parent ID:| Points:  0.1
 Reviewer:  nickm |Sponsor:  Sponsor2
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Thanks; I've merged these to release-0.4.1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
--+
 Reporter:  nickm |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  git-scripts   |  Actual Points:  0.1
Parent ID:| Points:  0.1
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by teor):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
--+
 Reporter:  nickm |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.1.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  git-scripts   |  Actual Points:  0.1
Parent ID:| Points:  0.1
 Reviewer:  dgoulet   |Sponsor:
--+
Changes (by teor):

 * status:  reopened => assigned
 * version:   => Tor: 0.4.1.1-alpha
 * keywords:  git-scripts asn-merge => git-scripts
 * points:   => 0.1
 * actualpoints:  0 => 0.1
 * owner:  nickm => teor


Comment:

 See my PR which fixes this issue, I opened #31462 to get a different bug
 number, but updated both changes files:
 * master: https://github.com/torproject/tor/pull/1241

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31462 [Core Tor/Tor]: Remove duplicate call to practracker in pre-commit hook

[Tor Bug Tracker & Wiki]

#31462: Remove duplicate call to practracker in pre-commit hook
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.1.1-alpha
 Severity:  Normal| Resolution:  fixed
 Keywords:  git-scripts   |  Actual Points:  0.2
Parent ID:  #30979| Points:  0.2
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by teor):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Let's deal with this in #30979.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31461 [Core Tor/Tor]: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog

[Tor Bug Tracker & Wiki]

#31461: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  041-must  |  Actual Points:  0.2
Parent ID:| Points:  0.1
 Reviewer:  nickm |Sponsor:  Sponsor2
--+
Changes (by teor):

 * cc: gaba, nickm (added)
 * status:  assigned => needs_review
 * reviewer:   => nickm
 * actualpoints:  0.1 => 0.2


Comment:

 See my PR on release 0.4.1:
 * https://github.com/torproject/tor/pull/1240

 gaba, this ticket belongs in sponsor 2, because some of the typos were
 from sponsor 2.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31462 [Core Tor/Tor]: Remove duplicate call to practracker in pre-commit hook

[Tor Bug Tracker & Wiki]

#31462: Remove duplicate call to practracker in pre-commit hook
---+
 Reporter:  teor   |  Owner:  teor
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.4.1.1-alpha
 Severity:  Normal |   Keywords:  git-scripts
Actual Points:  0.2|  Parent ID:  #30979
   Points:  0.2|   Reviewer:
  Sponsor:  Sponsor31-can  |
---+
 #30051 added practracker to the pre-push and pre-commit hooks, but the
 pre-push hook already calls the pre-commit hook.

 I'm just opening this ticket for the bug number, the fix PR is in #30979.

 gaba, I think tooling can be part of sponsor 31?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
---+
 Reporter:  nickm  |  Owner:  nickm
 Type:  defect | Status:  reopened
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  git-scripts asn-merge  |  Actual Points:  0
Parent ID: | Points:
 Reviewer:  dgoulet|Sponsor:
---+
Changes (by teor):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 This ticket does not fix this issue:
 * the pre-commit hook still calls practracker unconditionally
 * the pre-push hook should never have added a duplicate call to
 practracker in #30051, because it already calls the pre-commit hook, which
 calls practracker

 I'll create another PR that fixes these bugs.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17626 [Circumvention/BridgeDB]: BridgeDB's email distributor doesn't work if the "get help" text is quoted

[Tor Bug Tracker & Wiki]

#17626: BridgeDB's email distributor doesn't work if the "get help" text is 
quoted
-+-
 Reporter:  isis |  Owner:  phw
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/BridgeDB   |Version:
 Severity:  Normal   | Resolution:
 Keywords:  bridgedb-email, ux, bridgedb-ux, |  Actual Points:
  anti-censorship-roadmap-august |
Parent ID:  #31279   | Points:  3
 Reviewer:  cohosh   |Sponsor:
 |  Sponsor30-must
-+-
Changes (by phw):

 * status:  assigned => needs_review
 * reviewer:   => cohosh


Comment:

 I took a stab at problem 2 by
 
[https://github.com/NullHypothesis/bridgedb/commit/7720839f95c1661320573ebf15ead5c624696a39
 making BridgeDB ignore commands if they're quoted]. Is this a reasonable
 fix?

 I'm not sure how to address problem 1. It may be worth taking a look at
 recent logs to get an idea of how much of a UX obstacle this is.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25885 [Core Tor/Tor]: count_acceptable_nodes() would be more accurate using node_has_preferred_descriptor()

[Tor Bug Tracker & Wiki]

#25885: count_acceptable_nodes() would be more accurate using
node_has_preferred_descriptor()
--+
 Reporter:  nickm |  Owner:  neel
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.3.1-alpha
 Severity:  Normal| Resolution:  implemented
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by teor):

 * version:   => Tor: 0.2.3.1-alpha


Comment:

 The changes file for this release said "bugfix on 0.3.6.1-alpha", which
 does not exist. I fixed it in the ChangeLog and ReleaseNotes in #31461.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17357 [Core Tor/Tor]: rend_service_relaunch_rendezvous() ignores hs_service_requires_uptime_circ()

[Tor Bug Tracker & Wiki]

#17357: rend_service_relaunch_rendezvous() ignores
hs_service_requires_uptime_circ()
---+
 Reporter:  teor   |  Owner:  neel
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: unspecified
 Severity:  Normal | Resolution:  fixed
 Keywords:  tor-hs, asn-merge  |  Actual Points:  0.1
Parent ID: | Points:  0.5
 Reviewer:  dgoulet|Sponsor:
---+
Changes (by teor):

 * version:   => Tor: unspecified
 * actualpoints:   => 0.1


Comment:

 The changes file for this release said "bugfix on 0.4.0.2-alpha", but this
 is actually a bug on 0.1.0.1-rc. I fixed it in the ChangeLog and
 ReleaseNotes in #31461.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24338 [Core Tor/Tor]: DirAuths that have IPv6 addresses don't include them in their vote on themself

[Tor Bug Tracker & Wiki]

#24338: DirAuths that have IPv6 addresses don't include them in their vote on
themself
-+-
 Reporter:  tom  |  Owner:  neel
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.4.1-alpha
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-dirauth, easy, intro,|  Actual Points:
  034-triage-20180328, 034-removed-20180328, |
  asn-merge  |
Parent ID:  #24403   | Points:  1
 Reviewer:  nickm|Sponsor:
 |  SponsorV-can
-+-
Changes (by teor):

 * version:   => Tor: 0.2.4.1-alpha


Comment:

 The changes file for this release said "bugfix on 0.4.0.1-alpha". I fixed
 it in the ChangeLog and ReleaseNotes in #31461.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31212 [Webpages/Website]: Document known long-term issues of Tor Browser

[Tor Bug Tracker & Wiki]

#31212: Document known long-term issues of Tor Browser
--+--
 Reporter:  szabo |  Owner:  hiro
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by szabo):

 Sorry for the delay(vacation), and yes, I'm still interested for sure.

 Thanks for providing the proper channel, I'll look into it. Also thanks
 for being welcoming and offering your help here, it's highly appreciated.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31461 [Core Tor/Tor]: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog

[Tor Bug Tracker & Wiki]

#31461: Fix some typos in the 0.4.1 ReleaseNotes and ChangeLog
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  041-must
Actual Points:  0.1   |  Parent ID:
   Points:  0.1   |   Reviewer:
  Sponsor:  Sponsor2  |
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31460 [Circumvention/Snowflake]: Can attackers disable proxies by using their ID?

[Tor Bug Tracker & Wiki]

#31460: Can attackers disable proxies by using their ID?
-+
 Reporter:  phw  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 We just had the following discussion on IRC.

 {{{
 serna> If there are two proxies with the same sessionID
 serna> When the broker does the proxyAnswers it does the idToSnowflake
 which proxy would it return?
 serna> Suppose I'm an attacker, I would go to the broker's /debug page,
 scrape all the IDs and start sending requests to /proxy with those IDs
 continuously
   phw> cohosh, dcf1: ^
   phw> that's an interesting point. i'm not familiar enough with the code
 to answer this question but i'll forward it to snowflake's maintainers
 serna> phw: I did a little PoC with two proxies sending the same id and
 the broker didnt care, but the dangerous part is when an offer is accepted
 by the proxy and it sends the answer
 [...]
   phw> serna: this would effectively be a DoS issue, right? it may allow
 you to disable a given proxy.
 serna> phw: yes I believe it would be. If it works like I think it could
 disable every proxy connected to the broker
 }}}

 Is this an issue in our broker implementation?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31356 [Core Tor/Tor]: 0.4.1 relays should list Padding=2

[Tor Bug Tracker & Wiki]

#31356: 0.4.1 relays should list Padding=2
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.5
 Severity:  Normal   | Resolution:  fixed
 Keywords:  wtf-pad, 041-must, 041-backport, |  Actual Points:
  dgoulet-merge, nickm-merge |
Parent ID:   | Points:  1
 Reviewer:  asn  |Sponsor:
 |  Sponsor2
-+-

Comment (by teor):

 Replying to [comment:19 dgoulet]:
 > Replying to [comment:17 asn]:
 > > Let me know how this works. I made a branch that merges on master and
 resolved conflicts while on it:
 https://github.com/torproject/tor/pull/1235
 >
 > Again, travis exploded... Not sure what is up here :S...

 The PR CI builds were cancelled when the PR was merged and closed. It was
 slightly naughty to merge before CI finished :-)

 The merged branch had a temporary deb mirror network error in one CI job.
 The next build worked fine.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31459 [Applications/GetTor]: Almost impossible to get the links via GetTor email service

[Tor Bug Tracker & Wiki]

#31459: Almost impossible to get the links via GetTor email service
-+
 Reporter:  mrphs|  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Blocker  | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by mrphs):

 Additionally I noticed two more issues:

 - The help message is only in English with no indication whether the user
 can send a request or see the help message in another language. I think it
 would be useful to include examples in the email so if there's a chance
 that a user knows a little bit of English they can still understand what
 `Example: windows en` means.

 - The links that are being sent out are hosted on GitHub and GitLab, both
 of the sites have recently banned Iranian users and this might not be the
 best mirror link for them.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31459 [Applications/GetTor]: Almost impossible to get the links via GetTor email service

[Tor Bug Tracker & Wiki]

#31459: Almost impossible to get the links via GetTor email service
-+
 Reporter:  mrphs|  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Blocker  |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 I was trying to help some folks inside Iran to download the Tor Browser,
 so naturally I tried to give gettor a try...

 At first, I sent an empty email to get...@torproject.org which apparently
 got lost in the void. Then I tried sending an email only with "help" in
 subject and body of the email. I immediately got the help message emailed
 back to me:

 {{{

 This is how you can request a tor browser bundle link.

  Send an email to: get...@torproject.org

 In the body of the email only write:  .

 We only support windows, osx and linux as operating systems.

 At the moment please only use en as language.
 }}}

 Then I removed the entire body of the email and typed:

 {{{
 Windows English
 }}}

 Again I got the help message. Then I noticed the last line that says
 currently only 'en' is supported for English. A line I had totally missed
 (I'm guessing I'm not the only one). So I tried again this time with
 `windows en` and yet again what I got in response was the help message. At
 the end, I had to download the Tor Browser and upload it elsewhere for
 those users to download them.

 After some more trial and error I realized ''the only way'' to get the
 links is if I compose a new email as opposed to replying to the gettor
 email. This is counter intuitive and makes it almost impossible for
 everyday users to actually get a working link.

 Being censored already sucks, and spending a considerable amount of time
 to wrestle with a bot to send you the download links to an application so
 you can finally bypass censorship makes it a lot worse.

 I suggest every time gettor fails to understand an email, it should fail
 back to sending Windows_en links which I'm assuming is the most popular
 request.

 I don't know if anyone is currently working on GetTor but I'd consider
 this a blocker for a censored user to download Tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31085 [Circumvention/Snowflake]: Publish the Snowflake WebExtension on AMO for Android

[Tor Bug Tracker & Wiki]

#31085: Publish the Snowflake WebExtension on AMO for Android
+
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Circumvention/Snowflake |Version:
 Severity:  Normal  | Resolution:
 Keywords:  snowflake-webextension android  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+

Comment (by cypherpunks):

 This ticket should be renamed given that the plans have changed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17626 [Circumvention/BridgeDB]: BridgeDB's email distributor doesn't work if the "get help" text is quoted

[Tor Bug Tracker & Wiki]

#17626: BridgeDB's email distributor doesn't work if the "get help" text is 
quoted
-+-
 Reporter:  isis |  Owner:  phw
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/BridgeDB   |Version:
 Severity:  Normal   | Resolution:
 Keywords:  bridgedb-email, ux, bridgedb-ux, |  Actual Points:
  anti-censorship-roadmap-august |
Parent ID:  #31279   | Points:  3
 Reviewer:   |Sponsor:
 |  Sponsor30-must
-+-
Changes (by phw):

 * owner:  (none) => phw


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31317 [Core Tor/Stem]: Stop reading ~/.torrc during stem's test_hush_argument

[Tor Bug Tracker & Wiki]

#31317: Stop reading ~/.torrc during stem's test_hush_argument
---+
 Reporter:  teor   |  Owner:  atagar
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Core Tor/Stem  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by atagar):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Thanks teor! Fixed...

 https://gitweb.torproject.org/stem.git/commit/?id=967f766

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31252 [Circumvention/BridgeDB]: Equip BridgeDB with anti-bot mechanism

[Tor Bug Tracker & Wiki]

#31252: Equip BridgeDB with anti-bot mechanism
+-
 Reporter:  phw |  Owner:  phw
 Type:  enhancement | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:  implemented
 Keywords:  |  Actual Points:  2
Parent ID:  | Points:  4
 Reviewer:  cohosh  |Sponsor:
+-
Changes (by phw):

 * status:  merge_ready => closed
 * resolution:   => implemented
 * actualpoints:   => 2


Comment:

 Merged and deployed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

[Tor Bug Tracker & Wiki]

#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 the workaround I've found is to set this in puppet-git-
 hooks/commit_hooks/config.cfg:

 {{{
 CHECK_PUPPET_LINT="permissive" # enabled, permissive or disabled
 (permissive runs but return code is ignored)
 CHECK_PUPPET_DOCS="permissive" # enabled, permissive or disabled
 (permissive runs but return code is ignored)
 }}}

 That keeps the warnings, but makes them "soft".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

[Tor Bug Tracker & Wiki]

#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 The following packages are used by the check:

 * librarian-puppet
 * puppet-strings
 * ruby-rspec
 * r10k

 ... and probably more, those were just the ones missing on my machine.

 one big downside with such a check is that it will fail if the modified
 file has *any* linting error, even if it wasn't introduced by the commit.
 this means deploying this will lead to significant churn in the codebase
 as we'll need to lint each file we touch in the future...

 kind of annoying, but i can't think of a way around that without disabling
 linting. but maybe it's a good way to start: even without linting, we
 would catch other syntax errors, run tests, etc...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31458 [Applications/Tor Browser]: Facilitate getting the widl fixes from wine into mingw and update the mingw-w64 project in tor-browser-build once they are in

[Tor Bug Tracker & Wiki]

#31458: Facilitate getting the widl fixes from wine into mingw and update the
mingw-w64 project in tor-browser-build once they are in
--+---
 Reporter:  pospeselr |  Owner:  pospeselr
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Description changed by pospeselr:

Old description:

> The patchset should be landing in wine by the end of August 2019. We will
> need to bug the mingw folks to pull in the latest wine version (or just
> the widl) and then update mingw-w64's {{{projects}}} file in tor-browser-
> build

New description:

 The patchset should be landing in wine by the end of August 2019. We will
 need to bug the mingw folks to pull in the latest wine version (or just
 the widl) and then update mingw-w64's {{{projects}}} file in tor-browser-
 build. I will also need to verify the final built IA2 bits match between
 our current build and this future build.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31226 [Internal Services/Tor Sysadmin Team]: add validation checks in puppet

[Tor Bug Tracker & Wiki]

#31226: add validation checks in puppet
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 after reviewing koumbit's hook, i figured i would give drwahl's hooks a
 try. they are similar, but the latter is better designed and module. I've
 audited the source and cloned it on pauli, stopping just shy of hooking it
 into the normal git hooks.

 instead, i've configured it locally, as a pre-commit hook, to see how it
 behaves. when I'm satisfied by that, i'll deploy it in production.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31458 [Applications/Tor Browser]: Facilitate getting the widl fixes from wine into mingw and update the mingw-w64 project in tor-browser-build once they are in

[Tor Bug Tracker & Wiki]

#31458: Facilitate getting the widl fixes from wine into mingw and update the
mingw-w64 project in tor-browser-build once they are in
--+---
 Reporter:  pospeselr |  Owner:  pospeselr
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 The patchset should be landing in wine by the end of August 2019. We will
 need to bug the mingw folks to pull in the latest wine version (or just
 the widl) and then update mingw-w64's {{{projects}}} file in tor-browser-
 build

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201908  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Replying to [comment:37 mcs]:
 > I don't think we tested 9.0a4 + meek on macOS 10.9.x but we can do so.

 As you predicted, TB 9.0a4 has the same issue: `meek-client-torbrowser`
 expects to find`_unlinkat`, but that entry point does not exist on macOS
 10.9.x.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30880 [Internal Services/Tor Sysadmin Team]: document backup/restore procedures

[Tor Bug Tracker & Wiki]

#30880: document backup/restore procedures
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 directory server failure is now partly documented, but untested.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29888 [Internal Services/Tor Sysadmin Team]: retire nova

[Tor Bug Tracker & Wiki]

#29888: retire nova
-+-
 Reporter:  weasel   |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 i also retired the ns2 record from the torproject.com zone and whois
 delegation as well.

 i'll retire it from torproject.org and glue records tomorrow and start the
 host retirement procedure on wednesday.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29888 [Internal Services/Tor Sysadmin Team]: retire nova

[Tor Bug Tracker & Wiki]

#29888: retire nova
-+-
 Reporter:  weasel   |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 i removed ns2.torproject.org from the torproject.net zone, both in git (so
 on the primary) and in joker (so in the delegation). i don't believe there
 are glue records there. the TTL is 12h on there, so I'll wait at least
 that time before making any further changes to see if anything breaks (i
 doubt so, but still a good precaution).

 there are two domains I'm unsure what to do about:

 * onion-router.net - I don't have access to the registrar (Network
 Solutions?) for this one
 * torsolutionscorp.com - it's in joker, but not in our DNS configuration -
 ignore? it doesn't resolve anyways

 Finally, i'm not sure how to "zero the disk" - i don't, as far as I know,
 have a remote management interface on this machine, so I don't know how I
 could do that step. i'll be happy to perform all other steps of course,
 once the DNS changes are complete.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31452 [Core Tor/Tor]: Fix coverity failures in unit tests as of 19 August 2019

[Tor Bug Tracker & Wiki]

#31452: Fix coverity failures in unit tests as of 19 August 2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0.1
Parent ID:| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => needs_review
 * actualpoints:   => 0.1


Comment:

 See branch `bug31452` with PR at
 https://github.com/torproject/tor/pull/1239 .

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:24 sysrqb]:
 > Replying to [comment:23 gk]:
 > > Hm, what am I supposed to look at? The Torbutton branch is at the same
 commit as `master`. 0e282a0db815beb07fee8354294a7cf597b6e9e5 in the `tor-
 browser` repo maybe?
 >
 > I didn't push the commit :( It is now there on the torbutton repo.

 Is that affecting an esr60-based Fennec and an esr68-one equally or only
 an issue for the former?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31452 [Core Tor/Tor]: Fix coverity failures in unit tests as of 19 August 2019

[Tor Bug Tracker & Wiki]

#31452: Fix coverity failures in unit tests as of 19 August 2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * points:  0.5 => 0.1


Comment:

 It turns out there is only one of these: CID 1447292

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31245 [Core Tor/Tor]: Coverity: multiple defects in btrack tests

[Tor Bug Tracker & Wiki]

#31245: Coverity: multiple defects in btrack tests
+--
 Reporter:  catalyst|  Owner:  catalyst
 Type:  defect  | Status:  assigned
 Priority:  Low |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  bootstrap, coverity, tor-tests  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
|  Sponsor28-can
+--

Comment (by nickm):

 These _appear_ to be fixed in master, but coverity is not reporting them
 as fixed. I wonder what's up.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31453 [Circumvention/Snowflake]: Are the @2x and @3x graphics doing anything?

[Tor Bug Tracker & Wiki]

#31453: Are the @2x and @3x graphics doing anything?
-+
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by dcf):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged.

 https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/?id=0ef7c6f1fa6abc5ffeff455be0143efce0adb207

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29397 [Internal Services/Tor Sysadmin Team]: Make use of some donated hardware

[Tor Bug Tracker & Wiki]

#29397: Make use of some donated hardware
-+-
 Reporter:  ln5  |  Owner:  isabela
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ln5):

 * owner:  isa => isabela


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29397 [Internal Services/Tor Sysadmin Team]: Make use of some donated hardware

[Tor Bug Tracker & Wiki]

#29397: Make use of some donated hardware
-+-
 Reporter:  ln5  |  Owner:  isa
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by ln5):

 * owner:  ln5 => isa


Comment:

 Reassigning to isa who is taking over this task.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31457 [Applications/Tor Browser]: disable per-installation profiles

[Tor Bug Tracker & Wiki]

#31457: disable per-installation profiles
+--
 Reporter:  mcs |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff68-esr, tbb-9.0-must-nightly  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Here is a sample profiles.ini file from macOS (notice the `.default-
 default` profile):
 {{{
 [Profile1]
 Name=default
 IsRelative=1
 Path=h4qs0l4w.default
 Default=1

 [Profile0]
 Name=default-default
 IsRelative=1
 Path=xkngrdjb.default-default

 [General]
 StartWithLastProfile=1
 Version=2

 [Install5A04EA4A1373107B]
 Default=xkngrdjb.default-default
 Locked=1
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31457 [Applications/Tor Browser]: disable per-installation profiles

[Tor Bug Tracker & Wiki]

#31457: disable per-installation profiles
-+-
 Reporter:  mcs  |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  ff68-esr, tbb-9.0-must-
 Severity:  Normal   |  nightly
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Firefox ESR68 includes installation-specific profiles. See:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1474285

 With our current nightly builds, this causes an extra profile directory to
 be created and used (and probably our bundled browser profile is not be
 used on Linux and Windows).

 We should figure out how to disable this feature or modify it to be
 compatible with the way we crate and use browser profiles).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31356 [Core Tor/Tor]: 0.4.1 relays should list Padding=2

[Tor Bug Tracker & Wiki]

#31356: 0.4.1 relays should list Padding=2
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.5
 Severity:  Normal   | Resolution:  fixed
 Keywords:  wtf-pad, 041-must, 041-backport, |  Actual Points:
  dgoulet-merge, nickm-merge |
Parent ID:   | Points:  1
 Reviewer:  asn  |Sponsor:
 |  Sponsor2
-+-

Comment (by dgoulet):

 Replying to [comment:17 asn]:
 > Let me know how this works. I made a branch that merges on master and
 resolved conflicts while on it:
 https://github.com/torproject/tor/pull/1235

 Again, travis exploded... Not sure what is up here :S...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31453 [Circumvention/Snowflake]: Are the @2x and @3x graphics doing anything?

[Tor Bug Tracker & Wiki]

#31453: Are the @2x and @3x graphics doing anything?
-+-
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arlolra):

 * status:  needs_review => merge_ready


Comment:

 > But the @2x and @3x filenames are not referred to anywhere. I suspect
 they were intended to be included in a ​resolution @media query, but they
 are not.

 Yeah, they were from the initial bulk import and we haven't gotten around
 to using them,
 https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/?id=5b18729e77d7e69df8b91801e13fc123050acd8c

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31149 [Core Tor/Tor]: Tor is stuck at "Loading Network Status"

[Tor Bug Tracker & Wiki]

#31149: Tor is stuck at "Loading Network Status"
--+
 Reporter:  bornadx   |  Owner:  (none)
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  meek  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by dcf):

 * status:  new => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31446 [Applications/Tor Browser]: Assembling WebRTC sources for snowflake hangs

[Tor Bug Tracker & Wiki]

#31446: Assembling WebRTC sources for snowflake hangs
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm snowflake |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dcf):

 * keywords:  tbb-rbm => tbb-rbm snowflake


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29480 [Circumvention/BridgeDB]: Expose bridge pool assignments again

[Tor Bug Tracker & Wiki]

#29480: Expose bridge pool assignments again
+---
 Reporter:  irl |  Owner:  phw
 Type:  defect  | Status:  needs_information
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---

Comment (by phw):

 I just noticed an error message in the logs:
 {{{
 1566241638:descriptors:<36>Aug 19 19:07:18 collector-ssh-wrap[23644]: The
 SSH_ORIGINAL_COMMAND ('rsync --server -logDtpre.iLsfxC .
 /srv/collector.torproject.org/collector/in/bridge-pool-
 assignments/polyanthum/') is not on the whitelist
 }}}
 This seems like an issue on colchicifolium's side. Do we need an update in
 its SSH configuration?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30895 [Circumvention/meek]: meek-cloudflare: Tunnel via Cloudflare Argo.

[Tor Bug Tracker & Wiki]

#30895: meek-cloudflare: Tunnel via Cloudflare Argo.
+-
 Reporter:  cypherpunks |  Owner:  dcf
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Circumvention/meek  |Version:
 Severity:  Normal  | Resolution:  wontfix
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-
Changes (by dcf):

 * status:  new => closed
 * resolution:   => wontfix


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31456 [Applications/Tor Browser]: Upgrade go to 1.12.8+

[Tor Bug Tracker & Wiki]

#31456: Upgrade go to 1.12.8+
--+--
 Reporter:  dcf   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 1.12.8 is a security release. (As of filing this ticket, 1.12.9 is
 available.)

 https://groups.google.com/d/msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ
 > We have just released Go 1.12.8 and Go 1.11.13 to address recently
 reported security issues. We recommend that all users update to one of
 these releases (if you’re not sure which, choose Go 1.12.8).
 > * net/http: Denial of Service vulnerabilities in the HTTP/2
 implementation
 >
 >   net/http and golang.org/x/net/http2 servers that accept direct
 connections from untrusted clients could be remotely made to allocate an
 unlimited amount of memory, until the program crashes. Servers will now
 close connections if the send queue accumulates too many control messages.
 >
 >   The issues are CVE-2019-9512 and CVE-2019-9514, and Go issue
 [https://golang.org/issue/33606 golang.org/issue/33606].
 >
 >   This is also fixed in version v0.0.0-20190813141303-74dc4d7220e7 of
 golang.org/x/net/http2.
 >
 > * net/url: parsing validation issue
 >
 >   url.Parse would accept URLs with malformed hosts, such that the Host
 field could have arbitrary suffixes that would appear in neither
 Hostname() nor Port(), allowing authorization bypasses in certain
 applications. Note that URLs with invalid, not numeric ports will now
 return an error from url.Parse.
 >
 >   The issue is CVE-2019-14809 and Go issue
 [https://golang.org/issue/29098 golang.org/issue/29098].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31455 [Circumvention/meek]: Redeploy meek-server instances using Go 1.11.13+ / 1.12.8+

[Tor Bug Tracker & Wiki]

#31455: Redeploy meek-server instances using Go 1.11.13+ / 1.12.8+
+--
 Reporter:  dcf |  Owner:  dcf
 Type:  defect  | Status:  assigned
 Priority:  High|  Milestone:
Component:  Circumvention/meek  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+--
 These versions fix a denial-of-service vulnerability in the HTTP/2 server
 code.

 https://groups.google.com/d/msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ
 > We have just released Go 1.12.8 and Go 1.11.13 to address recently
 reported security issues. We recommend that all users update to one of
 these releases (if you’re not sure which, choose Go 1.12.8).
 > * net/http: Denial of Service vulnerabilities in the HTTP/2
 implementation
 >
 >   net/http and golang.org/x/net/http2 servers that accept direct
 connections from untrusted clients could be remotely made to allocate an
 unlimited amount of memory, until the program crashes. Servers will now
 close connections if the send queue accumulates too many control messages.
 >
 >   The issues are CVE-2019-9512 and CVE-2019-9514, and Go issue
 [https://golang.org/issue/33606 golang.org/issue/33606].
 >
 >   This is also fixed in version v0.0.0-20190813141303-74dc4d7220e7 of
 golang.org/x/net/http2.
 >
 > * net/url: parsing validation issue
 >
 >   url.Parse would accept URLs with malformed hosts, such that the Host
 field could have arbitrary suffixes that would appear in neither
 Hostname() nor Port(), allowing authorization bypasses in certain
 applications. Note that URLs with invalid, not numeric ports will now
 return an error from url.Parse.
 >
 >   The issue is CVE-2019-14809 and Go issue
 [https://golang.org/issue/29098 golang.org/issue/29098].

 We need to redeploy the following servers:
  * cymrubridge02 (backend for meek-azure, run by inf0)
  * BridgeDB Moat (run by sysrqb, phw)
  * starman (throttled meek.bamsoftware.com, run by dcf)
  * maenad (unthrottled meek.bamsoftware.com, run by dcf)
  * GAEuploader (gaeuploader.meek.bamsoftware.com, run by dcf)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29871 [Circumvention/meek]: Meek-Azure Pluggable Transport Not working

[Tor Bug Tracker & Wiki]

#29871: Meek-Azure Pluggable Transport Not working
+--
 Reporter:  bakertaylor28   |  Owner:  dcf
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Circumvention/meek  |Version:
 Severity:  Normal  | Resolution:  user disappeared
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by dcf):

 * status:  needs_information => closed
 * resolution:   => user disappeared


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31454 [Circumvention/Snowflake]: Rebuild and redeploy broker and bridge using Go 1.11.13+ / 1.12.8+

[Tor Bug Tracker & Wiki]

#31454: Rebuild and redeploy broker and bridge using Go 1.11.13+ / 1.12.8+
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 These versions fix a denial-of-service vulnerability in the HTTP/2 server
 code.

 https://groups.google.com/d/msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ
 > We have just released Go 1.12.8 and Go 1.11.13 to address recently
 reported security issues. We recommend that all users update to one of
 these releases (if you’re not sure which, choose Go 1.12.8).
 > * net/http: Denial of Service vulnerabilities in the HTTP/2
 implementation
 >
 >   net/http and golang.org/x/net/http2 servers that accept direct
 connections from untrusted clients could be remotely made to allocate an
 unlimited amount of memory, until the program crashes. Servers will now
 close connections if the send queue accumulates too many control messages.
 >
 >   The issues are CVE-2019-9512 and CVE-2019-9514, and Go issue
 [https://golang.org/issue/33606 golang.org/issue/33606].
 >
 >   This is also fixed in version v0.0.0-20190813141303-74dc4d7220e7 of
 golang.org/x/net/http2.
 >
 > * net/url: parsing validation issue
 >
 >   url.Parse would accept URLs with malformed hosts, such that the Host
 field could have arbitrary suffixes that would appear in neither
 Hostname() nor Port(), allowing authorization bypasses in certain
 applications. Note that URLs with invalid, not numeric ports will now
 return an error from url.Parse.
 >
 >   The issue is CVE-2019-14809 and Go issue
 [https://golang.org/issue/29098 golang.org/issue/29098].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29480 [Circumvention/BridgeDB]: Expose bridge pool assignments again

[Tor Bug Tracker & Wiki]

#29480: Expose bridge pool assignments again
+---
 Reporter:  irl |  Owner:  phw
 Type:  defect  | Status:  needs_information
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---

Comment (by phw):

 Replying to [comment:8 karsten]:
 > We can include bridge pool assignments in CollecTor again. Yes, please
 set up an rsync to copy files to colchicifolium to a directory
 `/srv/collector.torproject.org/collector/in/bridge-pool-
 assignments/polyanthum/`. I'll take care of the CollecTor side of things
 then which includes reverting an earlier commit and refreshing that enough
 to run again. Thanks!
 [[br]]
 I [https://gitweb.torproject.org/project/bridges/bridgedb-
 admin.git/commit/?id=fc7881b70826147356fcabd9d191dbcefb42 just
 updated] our script sync-to-colchicifolium to make this happen. You should
 see assignments.log files in this directory in less than two hours. Please
 let me know if that's not the case, or if anything else went wrong.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31453 [Circumvention/Snowflake]: Are the @2x and @3x graphics doing anything?

[Tor Bug Tracker & Wiki]

#31453: Are the @2x and @3x graphics doing anything?
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by dcf):

 * status:  assigned => needs_review


Comment:

 This is what I mean:

 
https://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=bug31453=0ef7c6f1fa6abc5ffeff455be0143efce0adb207

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31453 [Circumvention/Snowflake]: Are the @2x and @3x graphics doing anything?

[Tor Bug Tracker & Wiki]

#31453: Are the @2x and @3x graphics doing anything?
-+-
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:  snowflake-
 |  webextension
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 The [https://gitweb.torproject.org/pluggable-
 
transports/snowflake.git/tree/proxy/static/assets?id=f9173f61a2c90fbc2979f8f73ab79a1a5bc90eee
 proxy/static/assets] directory contains @2x and @3x hi-res versions of the
 status-off, status-on, and status-running icons.

 But the @2x and @3x filenames are not referred to anywhere. I suspect they
 were intended to be included in a [https://developer.mozilla.org/en-
 US/docs/Web/CSS/@media/resolution resolution @media query], but they are
 not.

 Rather than adding the @media queries, could we just delete all the PNGs
 and use only SVGs in the popup? In the toolbar icon we cannot use SVG, but
 those graphics are separate from the popup ones.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30323 [Applications/Tor Browser]: Adapt macOS toolchain for Firefox 68 ESR

[Tor Bug Tracker & Wiki]

#30323: Adapt macOS toolchain for Firefox 68 ESR
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, ff68-esr, tbb-9.0-must- |  Actual Points:
  nightly, TorBrowserTeam201908R,|
  GeorgKoppen201908  |
Parent ID:  #30320   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by gk):

 * keywords:
 tbb-rbm, ff68-esr, tbb-9.0-must-nightly, TorBrowserTeam201908,
 GeorgKoppen201908
 =>
 tbb-rbm, ff68-esr, tbb-9.0-must-nightly, TorBrowserTeam201908R,
 GeorgKoppen201908
 * status:  new => needs_review


Comment:

 `bug_30323_v2` (https://gitweb.torproject.org/user/gk/tor-browser-
 build.git/log/?h=bug_30323_v2) is a thing now and contains two patches for
 review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31170 [Circumvention/Snowflake]: Implement a dark mode for the Snowflake proxy interface

[Tor Bug Tracker & Wiki]

#31170: Implement a dark mode for the Snowflake proxy interface
-+
 Reporter:  knowguy  |  Owner:  dcf
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  snowflake-webextension   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by dcf):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged in [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/log/?id=f9173f61a2c90fbc2979f8f73ab79a1a5bc90eee
 f9173f61a2c90fbc2979f8f73ab79a1a5bc90eee]. In addition to the changes
 already mentioned, I changed the color of the "running" icon to !#68B030
 as mentioned in comment:13, and made a dark-mode version of the arrowhead
 icon as mentioned in comment:14.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31053 [Internal Services/Services Admin Team]: styleguide.tpo missing from infrastructure page?

[Tor Bug Tracker & Wiki]

#31053: styleguide.tpo missing from infrastructure page?
-+-
 Reporter:  arma |  Owner:  anarcat
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 i see the page has been updated (marking hiro as maintainer). while i can
 appreciate we might need to shift stuff around in terms of
 responsabilities, this ticket is about documenting the service, which is
 kind of done now. so i'll just close this ticket. :)

 thanks everyone!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31053 [Internal Services/Services Admin Team]: styleguide.tpo missing from infrastructure page?

[Tor Bug Tracker & Wiki]

#31053: styleguide.tpo missing from infrastructure page?
-+-
 Reporter:  arma |  Owner:  anarcat
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  needs_information => assigned
 * owner:  (none) => anarcat


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31452 [Core Tor/Tor]: Fix coverity failures in unit tests as of 19 August 2019

[Tor Bug Tracker & Wiki]

#31452: Fix coverity failures in unit tests as of 19 August 2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * points:   => 0.5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31452 [Core Tor/Tor]: Fix coverity failures in unit tests as of 19 August 2019

[Tor Bug Tracker & Wiki]

#31452: Fix coverity failures in unit tests as of 19 August 2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Other than #31451 and a deadcode issue in trunnel, our current "new" and
 "triaged" issues are all in the unit tests.

 Let's fix them all, to keep our code quality up.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31442 [Core Tor/Tor]: Raise rustc minimum version

[Tor Bug Tracker & Wiki]

#31442: Raise rustc minimum version
-+
 Reporter:  Sebastian|  Owner:  Sebastian
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:
 Keywords:  042-should, no-backport  |  Actual Points:
Parent ID:  #31238   | Points:
 Reviewer:  nickm|Sponsor:  Sponsor31-can
-+

Comment (by Sebastian):

 See
 
https://gitweb.torproject.org/tor.git/tree/doc/HACKING/CodingStandardsRust.md#n79
 for the comment about requiring latest stable rust.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19332 [Metrics/CollecTor]: Add a BridgeDB module

[Tor Bug Tracker & Wiki]

#19332: Add a BridgeDB module
-+-
 Reporter:  mrphs|  Owner:
 |  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/CollecTor|Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics-roadmap-2019-q2, ex- |  Actual Points:
  sponsor-19 |
Parent ID:   | Points:  8
 Reviewer:   |Sponsor:
 |  Sponsor30-must
-+-

Comment (by phw):

 Replying to [comment:10 karsten]:
 > #9316 has been resolved recently which unblocks this ticket, AIUI.
 [[br]]
 Yes. How would you like me to expose the metrics file on BridgeDB's host?
 Should it be available over HTTPS? Or do you want me to rsync it to
 another host?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31451 [Core Tor/Tor]: CID 1452041: Use 64-bit literal in parse_log_domain()

[Tor Bug Tracker & Wiki]

#31451: CID 1452041: Use 64-bit literal in parse_log_domain()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => needs_review
 * actualpoints:   => 0


Comment:

 Branch is `bug31451`; pr in https://github.com/torproject/tor/pull/1237

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30146 [Core Tor/Tor]: Fix coverity failures as of 04-11-2019

[Tor Bug Tracker & Wiki]

#30146: Fix coverity failures as of 04-11-2019
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  regression?   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 All child tickets here are fixed; no remaining coverity issues in this
 date range are open.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31383 [Applications/Tor Browser]: OpenSSL CVE-2019-1552

[Tor Bug Tracker & Wiki]

#31383: OpenSSL CVE-2019-1552
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 "The one with a vulnerable-on-Windows *nix path"?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31451 [Core Tor/Tor]: CID 1452041: Use 64-bit literal in parse_log_domain()

[Tor Bug Tracker & Wiki]

#31451: CID 1452041: Use 64-bit literal in parse_log_domain()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * points:   => 0


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31451 [Core Tor/Tor]: CID 1452041: Use 64-bit literal in parse_log_domain()

[Tor Bug Tracker & Wiki]

#31451: CID 1452041: Use 64-bit literal in parse_log_domain()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 We use `(1u
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31442 [Core Tor/Tor]: Raise rustc minimum version

[Tor Bug Tracker & Wiki]

#31442: Raise rustc minimum version
-+
 Reporter:  Sebastian|  Owner:  Sebastian
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor: unspecified
 Severity:  Normal   | Resolution:
 Keywords:  042-should, no-backport  |  Actual Points:
Parent ID:  #31238   | Points:
 Reviewer:  nickm|Sponsor:  Sponsor31-can
-+

Comment (by Sebastian):

 PR at https://github.com/torproject/tor/pull/1236

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31293 [Applications/Tor Browser]: tor-android-service gradle failure when probing network interfaces

[Tor Bug Tracker & Wiki]

#31293: tor-android-service gradle failure when probing network interfaces
---+--
 Reporter:  sysrqb |  Owner:  tbb-team
 Type:  defect | Status:  new
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201908  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by boklm):

 Replying to [comment:12 sisbell]:
 > May be caused by this issue: #25623 . Try enabling network and see if it
 fixes the problem.

 If I remember correctly, when #25623 was merged, I did a full build and
 did not get this issue. So I'm wondering if we changed anything related to
 gradle after #25623 that could cause this.

 If you want to test enabling network in the build of `tor-android-
 service`, you can use this change:
 {{{
 diff --git a/projects/tor-android-service/config b/projects/tor-android-
 service/config
 index e269704..6771a13 100644
 --- a/projects/tor-android-service/config
 +++ b/projects/tor-android-service/config
 @@ -10,6 +10,8 @@ var:
  - build-essential
container:
  use_container: 1
 +disable_network:
 +  build: 0
# this should be updated when the list of gradle dependencies is
 changed
gradle_dependencies_version: 2

 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31447 [Applications/Tor Browser]: Don't install python just for mach

[Tor Bug Tracker & Wiki]

#31447: Don't install python just for mach
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-rbm, ff68-esr,   |  Actual Points:
  TorBrowserTeam201908R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-rbm, ff68-esr => tbb-rbm, ff68-esr, TorBrowserTeam201908R
 * status:  new => needs_review


Comment:

 The python we are building is version 3.6.8. However, the page about
 `mach` says:
   Mach also requires Python 2.7. Mach itself is Python 3 compliant, but
 modules used by mach likely are not Python 3 compliant - so stick to
 Python 2.7.
 https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/mach

 So unless this page is outdated, it looks correct to install two different
 versions of python.

 In branch `bug_31447_v2` I added a patch updating the comment about the
 python package:
 https://gitweb.torproject.org/user/boklm/tor-browser-
 build.git/commit/?h=bug_31447_v2=ace69bc2a6abb9bc5aaba625eb9a693ae2e2a5c7

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load

[Tor Bug Tracker & Wiki]

#15516: Consider rate-limiting INTRODUCE2 cells when under load
-+-
 Reporter:  special  |  Owner:  dgoulet
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dos, tor-hs, network-team-   |  implemented
  roadmap-july, nickm-merge  |  Actual Points:
Parent ID:  #2   | Points:  10
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by asn):

 Replying to [comment:54 cypherpunks]:
 > I have deep concerns about this. It may not help against DoS at all, and
 NACKing in reply rather than dropping may make it worse. Although there
 are many of of them, the bandwidth consumed by INTRODUCE2 cells is not the
 main problem. The best defense in practice would likely be as described in
 https://lists.torproject.org/pipermail/tor-dev/2019-May/013849.html, or
 that, but modified so it's the service that drops them rather than the
 intro point. That would allow current unmodified relays to be used as
 intro points.

 Hello,

 as you say, we doubt that this attack will help restore availability to
 DoSed onion services. More about this on this old thread:
 https://lists.torproject.org/pipermail/tor-dev/2019-April/013790.html

 I also doubt that the NACK will make things worse for the health of the
 network since intro points were already sending an ACK anyway. And it will
 have no impact on the availability of the service either.

 Please see ticket #31223 for approaches that will improve availability of
 the service. Personally, while I'm cautiously open to PoW approaches, I
 doubt that they will help against a motivated adversary with a couple of
 GPUs, except if you also want only GPU clients to be able to visit the
 service. People who are experts on PoW have told me that they pretty
 inelegant when it comes to DoS resistance. If you feel the opposite feel
 free to run the numbers and let us know how it would work. Please use the
 mailing list for such discussions.

 In any case if you don't believe in this defence you can still disable it
 using #30924.

 Thanks! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load

[Tor Bug Tracker & Wiki]

#15516: Consider rate-limiting INTRODUCE2 cells when under load
-+-
 Reporter:  special  |  Owner:  dgoulet
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dos, tor-hs, network-team-   |  implemented
  roadmap-july, nickm-merge  |  Actual Points:
Parent ID:  #2   | Points:  10
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by cypherpunks):

 My concerns about this i got concerns about this so deep, PoW can't be the
 golden solution of it all. Wasting Resources is not.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31001 [Core Tor/Tor]: Undefined behavior in tor_vasprintf()

[Tor Bug Tracker & Wiki]

#31001: Undefined behavior in tor_vasprintf()
-+-
 Reporter:  asn  |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.0.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-after-0416 |  Actual Points:  .1
  hackerone bug-bounty security-low unlikely-|
  crash 029-backport 035-backport 040-backport   |
  041-backport dgoulet-merge |
Parent ID:   | Points:  0.5
 Reviewer:  catalyst |Sponsor:
-+-
Changes (by nickm):

 * keywords:
 consider-backport-after-0416 041-must hackerone bug-bounty security-
 low unlikely-crash 029-backport 035-backport 040-backport 041-backport
 dgoulet-merge
 =>
 consider-backport-after-0416 hackerone bug-bounty security-low
 unlikely-crash 029-backport 035-backport 040-backport 041-backport
 dgoulet-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31390 [Core Tor/Tor]: --enable-rust with pre-downloaded Rust dependencies fails: no .cargo-checksum.json files

[Tor Bug Tracker & Wiki]

#31390: --enable-rust with pre-downloaded Rust dependencies fails: no .cargo-
checksum.json files
-+-
 Reporter:  yurivict271  |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.5
 Severity:  Normal   | Resolution:
 Keywords:  rust, 041-backport, 040-backport?,   |  Actual Points:
  035-backport?  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  rust, 041-should => rust, 041-backport, 040-backport?,
 035-backport?


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201908  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Replying to [comment:36 gk]:
 > Okay, I am not convinced yet this is caused by the potential changes
 making notarization possible. mcs/brade: If I am reading your comments
 right, you did _not_ test whether `meek` as we ship it in 9.0a4 works on
 your 10.9 system? If so, could you do that just to be sure whether the
 above problem is actually a new bug caused by my patch?
 >
 > I suspect the underlying problem is a change in Go 1.12 where Go is
 starting to use `libSystem.dylib` etc. for syscalls:
 https://github.com/golang/go/issues/17490. But in that case we should hit
 the issue in our already existing bundles. (The mac-ports folks had to
 work around that e.g. in https://trac.macports.org/ticket/58138).

 I don't think we tested 9.0a4 + meek on macOS 10.9.x but we can do so.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31428 [Applications/Tor Browser]: NoScript doesn't work again on Windows 7

[Tor Bug Tracker & Wiki]

#31428: NoScript doesn't work again on Windows 7
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  noscript  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Replying to [comment:4 ma1]:
 > Replying to [comment:3 cypherpunks]:
 > > Replying to [comment:1 ma1]:
 > > > What does not work exactly (e.g. the file is played but is not
 expected to / is blocked while it should play / you get no
 placeholder...)?
 > > The latter.
 >
 > You get no placeholder. And it plays, right? Because it's what it should
 do by default in a fresh Tor Browser 8.5.4 installation.
 No. Nothing after enabling the video. And it's not the default security
 level, because it's what you should change first to test NoScript.
 > > > Which Tor Browser / NoScript versions are you using?
 > > Strange question. 8.5.4 / 11.0.2.
 >
 > Not so strange: you could be using a Tor Browser alpha and/or have
 installed a different NoScript version (not the one shipping with the
 browser). But you're standard, it seems.
 Those options are incompatible with anonymity, so they should be
 explicitly specified.
 > > > Which Security level?
 > > On which level have you tested NoScript before shipping?
 >
 > My answer is irrelevant, because even if I develop NoScript, I do not
 ship in the Tor Browser neither decide its configuration presets. On the
 other hand, you actually answering my question would have been helpful, as
 the security level determines what you can expect to be the "normal"
 behavior.
 Updates land automatically on the stable TBB, bringing a lot of pain
 sometimes...
 > However I've just tried to reproduce any anomaly on a fresh Tor Browser
 8.5.4 installation w/ default NoScript 11.0.2, both on Linux (Ubuntu
 18.0.4.3 LTS), macOS Mojave **and Windows 10**. I obtained the following
 expected behaviors for each of the three security levels, upon opening
 https://www.sample-
 videos.com/video123/mp4/720/big_buck_bunny_720p_10mb.mp4:
 >
 > 1. STANDARD: the video plays as soon as the page loads
 > 2. SAFER: I get a window-sized placeholder, which if clicked opens a
 prompt to let me decide whether letting the video play. If I authorize it,
 the video plays as expected
 > 3. SAFEST: like n.2 (SAFER)
 >
 > I cannot test on other platforms, but a Windows 7-specific bug of this
 kind would be extremely weird.
 Yes, Windows 7 is specified in the summary of this ticket.
 > Can you actually observe anything different?
 > If you can, what is that?
 {{{
 Loading failed for the 

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sysrqb):

 Replying to [comment:23 gk]:
 > Hm, what am I supposed to look at? The Torbutton branch is at the same
 commit as `master`. 0e282a0db815beb07fee8354294a7cf597b6e9e5 in the `tor-
 browser` repo maybe?

 I didn't push the commit :( It is now there on the torbutton repo.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Hm, what am I supposed to look at? The Torbutton branch is at the same
 commit as `master`. 0e282a0db815beb07fee8354294a7cf597b6e9e5 in the `tor-
 browser` repo maybe?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15516 [Core Tor/Tor]: Consider rate-limiting INTRODUCE2 cells when under load

[Tor Bug Tracker & Wiki]

#15516: Consider rate-limiting INTRODUCE2 cells when under load
-+-
 Reporter:  special  |  Owner:  dgoulet
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dos, tor-hs, network-team-   |  implemented
  roadmap-july, nickm-merge  |  Actual Points:
Parent ID:  #2   | Points:  10
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by cypherpunks):

 I have deep concerns about this. It may not help against DoS at all, and
 NACKing in reply rather than dropping may make it worse. Although there
 are many of of them, the bandwidth consumed by INTRODUCE2 cells is not the
 main problem. The best defense in practice would likely be as described in
 https://lists.torproject.org/pipermail/tor-dev/2019-May/013849.html, or
 that, but modified so it's the service that drops them rather than the
 intro point. That would allow current unmodified relays to be used as
 intro points.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31010 [Applications/Tor Browser]: Rebase Tor Browser mobile/ patches for Firefox ESR 68

[Tor Bug Tracker & Wiki]

#31010: Rebase Tor Browser mobile/ patches for Firefox ESR 68
-+-
 Reporter:  sysrqb   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-9.0-must-nightly,|  Actual Points:
  TorBrowserTeam201908   |
Parent ID:  #30429   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sysrqb):

 Replying to [comment:10 mcs]:
 > Replying to [comment:9 sysrqb]:
 > > Bisecting leads to [https://github.com/acatarineu/tor-
 browser/commit/d03d360bd773c8d8a97ef1f69e565afcc19796e5 this commit]
 (commit `d03d360bd773c8d8a97ef1f69e565afcc19796e5` on acat's `30429+5`
 branch). This'll require some digging. mcs/brade, if you have any
 suggestions about where I should look, they'll be very much appreciated.
 > > ...
 >
 > Without knowing a lot about the Android-specific code, my guess is that
 the #9173 patch is just not correct by itself for Android. What is missing
 from acat's 30429+5 branch is a patch for #13252, which Kathy and I have
 been working on along with the updater patches. The #13252 patch adds the
 "side-by-side" TorBrowser-Data magic for macOS and also changes how the
 app data directory is determined on all platforms. As of yesterday, we
 have a "hot off the press" patch for #13252 which we plan to get to acat
 soon. I will attach a copy to this ticket so you can try it now.
 >
 > One caveat: the ESR68 #13252 patch is intended to be inserted into the
 commit stream immediately after the #11641 patch
 (69c8b59f9cdc792ee533187723286fdd75dbabd0 on acat's 30429+5 branch). You
 may get conflicts if you tack it on the end.

 Thanks, that patch did help.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31440 [Applications/Tor Browser]: consider using Hardened Malloc for better security in TBB

[Tor Bug Tracker & Wiki]

#31440: consider using Hardened Malloc for better security in TBB
--+--
 Reporter:  adrelanos |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by tom):

 https://lists.torproject.org/pipermail/tor-dev/2019-August/013982.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sysrqb):

 To be clear, I don't think we should backport the patch from Bug 1455709 -
 68esr is coming soon enough.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos

[Tor Bug Tracker & Wiki]

#26294: attacker can force intro point rotation by ddos
-+-
 Reporter:  arma |  Owner:  asn
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-dos, network-team-   |  Actual Points:  6
  roadmap-august |
Parent ID:  #2   | Points:  7
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by asn):

 Replying to [comment:28 nickm]:
 > IIRC, the problem would be if an attacker found an introduce cell that
 they were very interested in, and replayed it a lot in order to see which
 rendezvous point got a bunch of retries.

 Hm, I'd like some more help with understanding this attack. The replay
 cache refactored by this ticket is the one that protects against replays
 from the intro point. So assuming that a malicious intro can now do
 replays, how does it also have visibility on which rendezvous point gets
 the retries? And how does the knowledge of retry help the attacker get
 information about the client or the service?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sysrqb):

 Okay, onto github it is.

 https://github.com/sysrqb/torbutton.git
 branch `bug31140_0`

 I'm building a testbuild now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30942 [Core Tor/Tor]: [warn] Unexpected INTRODUCE_ACK on circuit 3944288021.

[Tor Bug Tracker & Wiki]

#30942: [warn] Unexpected INTRODUCE_ACK on circuit 3944288021.
-+
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs, tor-padding  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:  dgoulet  |Sponsor:
-+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30942 [Core Tor/Tor]: [warn] Unexpected INTRODUCE_ACK on circuit 3944288021.

[Tor Bug Tracker & Wiki]

#30942: [warn] Unexpected INTRODUCE_ACK on circuit 3944288021.
-+
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-padding  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:  dgoulet  |Sponsor:
-+

Comment (by nickm):

 merged to master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31366 [Core Tor/Tor]: Move the connection_edge_process_relay_cell() assignment out of the if statement in circuit_receive_relay_cell()

[Tor Bug Tracker & Wiki]

#31366: Move the connection_edge_process_relay_cell() assignment out of the if
statement in circuit_receive_relay_cell()
--+
 Reporter:  neel  |  Owner:  neel
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  technical-debt, fast-fix  |  Actual Points:
Parent ID:| Points:
 Reviewer:  asn   |Sponsor:
--+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28804 [Core Tor/Tor]: Add circuit padding to padding-spec.txt and write a doc for researchers

[Tor Bug Tracker & Wiki]

#28804: Add circuit padding to padding-spec.txt and write a doc for researchers
-+-
 Reporter:  asn  |  Owner:
 |  mikeperry
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  wtf-pad, tor-relay, tor-cell,|  Actual Points:
  padding, tor-spec, 041-proposed, network-  |
  team-roadmap-august, scalability-roadmap   |
Parent ID:   | Points:  2
 Reviewer:  asn  |Sponsor:
 |  Sponsor2
-+-

Comment (by asn):

 Oops I thought this was needs_review so I took a look, but it seems like
 it's not.

 Anyhow, spec patch looks good.

 And also some high-level comments on the developer doc:
 - Let's make it markdown since both github and gitlab support md files
 these days and it seems to be the norm? I doubt researchers appreciate
 text files that much.
 - Let's add a "High-level system overview" section before the "Header
 walkthrough" that explains how this whole system works in two paragraphs
 or so.
 - On the `2. What to consider when creating a new machine`, I'd also like
 an explanation of how machine numbers should work, and how to choose your
 machine number to avoid conflicts with other tor versions etc.
 - Other than that, looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31027 [Core Tor/Tor]: Coverity: circpadding: dead code in circpad_machine_remove_token

[Tor Bug Tracker & Wiki]

#31027: Coverity: circpadding: dead code in  circpad_machine_remove_token
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  coverity  |  Actual Points:
Parent ID:| Points:
 Reviewer:  mikeperry |Sponsor:
--+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Branch merged.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31392 [Core Tor/Tor]: Explain Padding 1 and 2 in tor-spec.txt

[Tor Bug Tracker & Wiki]

#31392: Explain Padding 1 and 2 in tor-spec.txt
-+
 Reporter:  teor |  Owner:  (none)
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  wtf-pad, 041-should  |  Actual Points:
Parent ID:  #31356   | Points:  0.1
 Reviewer:  mikeperry|Sponsor:  Sponsor2
-+
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 merged

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31356 [Core Tor/Tor]: 0.4.1 relays should list Padding=2

[Tor Bug Tracker & Wiki]

#31356: 0.4.1 relays should list Padding=2
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.0.5
 Severity:  Normal   | Resolution:  fixed
 Keywords:  wtf-pad, 041-must, 041-backport, |  Actual Points:
  dgoulet-merge, nickm-merge |
Parent ID:   | Points:  1
 Reviewer:  asn  |Sponsor:
 |  Sponsor2
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31088 [Core Tor/Tor]: Check IPv4 and IPv6 private addresses in descriptors, first hops, and extends

[Tor Bug Tracker & Wiki]

#31088: Check IPv4 and IPv6 private addresses in descriptors, first hops, and
extends
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.3.21-rc
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, tor-client, tor-|  Actual Points:
  dirauth|
Parent ID:  #24403   | Points:
 Reviewer:  nickm, teor  |Sponsor:
-+-
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 I removed the unnecessary changes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31089 [Core Tor/Tor]: Consider using data-URI to embed how_tor_works_thumb.png image into tor-exit-notice.html

[Tor Bug Tracker & Wiki]

#31089: Consider using data-URI to embed how_tor_works_thumb.png image into tor-
exit-notice.html
-+-
 Reporter:  rl1987   |  Owner:  (none)
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Low  |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Trivial  | Resolution:
 Keywords:  security-low, consider-backport- |  Actual Points:  0.2
  after-0416, 029-backport, 035-backport,|
  040-backport, 041-backport |
Parent ID:   | Points:  0.2
 Reviewer:  teor |Sponsor:
-+-
Changes (by nickm):

 * milestone:  Tor: 0.4.2.x-final => Tor: 0.4.1.x-final


Comment:

 marked for possible backport

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31375 [Core Tor/Tor]: hs: Crash in token_bucket_ctr_refill() of the INTRO2 DoS defense

[Tor Bug Tracker & Wiki]

#31375: hs: Crash in token_bucket_ctr_refill() of the INTRO2 DoS defense
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs, crash, regression, nickm-|  Actual Points:
  merge  |
Parent ID:   | Points:
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31089 [Core Tor/Tor]: Consider using data-URI to embed how_tor_works_thumb.png image into tor-exit-notice.html

[Tor Bug Tracker & Wiki]

#31089: Consider using data-URI to embed how_tor_works_thumb.png image into tor-
exit-notice.html
-+-
 Reporter:  rl1987   |  Owner:  (none)
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Low  |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Trivial  | Resolution:
 Keywords:  security-low, consider-backport- |  Actual Points:  0.2
  after-0416, 029-backport, 035-backport,|
  040-backport, 041-backport |
Parent ID:   | Points:  0.2
 Reviewer:  teor |Sponsor:
-+-
Changes (by asn):

 * keywords:
 security-low, consider-backport-after-0416, 029-backport,
 035-backport, 040-backport, 041-backport, asn-merge
 =>
 security-low, consider-backport-after-0416, 029-backport,
 035-backport, 040-backport, 041-backport


Comment:

 Merged to master. Did not merge to 041 because of comment:6.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir

[Tor Bug Tracker & Wiki]

#24964: dos: Block single hop client at the HSDir
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  nickm-merge, asn-merge, tor-dos, |  Actual Points:  0.4
  tor2web, tor-hs, network-team-roadmap-july |
Parent ID:  #24962   | Points:  0.1
 Reviewer:  teor |Sponsor:
 |  Sponsor27-must
-+-
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31418 [Core Tor/Tor]: Fix some typos in the man page

[Tor Bug Tracker & Wiki]

#31418: Fix some typos in the man page
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  doc, no-backport, fast-fix, tor-hs,  |  Actual Points:
  nickm-merge asn-merge  |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31353 [Core Tor/Tor]: Jenkins failure on windows: Overflow in implicit constant conversion

[Tor Bug Tracker & Wiki]

#31353: Jenkins failure on windows: Overflow in implicit constant conversion
---+
 Reporter:  nickm  |  Owner:  nickm
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  compilation asn-merge  |  Actual Points:  0.1
Parent ID: | Points:
 Reviewer:  dgoulet|Sponsor:
---+
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31030 [Core Tor/Tor]: Coverity: Several warnings from test code

[Tor Bug Tracker & Wiki]

#31030: Coverity: Several warnings from test code
+
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  coverity asn-merge  |  Actual Points:  .1
Parent ID:  | Points:
 Reviewer:  dgoulet |Sponsor:
+
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30979 [Core Tor/Tor]: pre-push hook runs practracker unconditionally

[Tor Bug Tracker & Wiki]

#30979: pre-push hook runs practracker unconditionally
---+
 Reporter:  nickm  |  Owner:  nickm
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  git-scripts asn-merge  |  Actual Points:  0
Parent ID: | Points:
 Reviewer:  dgoulet|Sponsor:
---+
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31140 [Applications/Tor Browser]: Tor Browser for Android 60.8.0 crash on aarch64

[Tor Bug Tracker & Wiki]

#31140: Tor Browser for Android 60.8.0 crash on aarch64
-+-
 Reporter:  j3tracey |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-crash,   |  Actual Points:
  TorBrowserTeam201908   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sysrqb):

 Okay, I have a patch that (I believe) solves this. The cause? Ionmonkey.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs