Re: [tor-bugs] #28896 [Applications/Tor Browser]: Make sure our bundled WebExtensions are running in Private Browsing Mode

[Tor Bug Tracker & Wiki]

#28896: Make sure our bundled WebExtensions are running in Private Browsing Mode
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  ff68-esr TorBrowserTeam201908R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
|  Sponsor44-can
+--

Comment (by cypherpunks):

 https://bugzilla.mozilla.org/show_bug.cgi?id=1566000#c1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31518 [Core Tor/Tor]: HAProxy implementation in TCPProxy option.

[Tor Bug Tracker & Wiki]

#31518: HAProxy implementation in TCPProxy option.
--+--
 Reporter:  haxxpop   |  Owner:  haxxpop
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  proxy tcp |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+--
Changes (by haxxpop):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31518 [Core Tor/Tor]: HAProxy implementation in TCPProxy option.

[Tor Bug Tracker & Wiki]

#31518: HAProxy implementation in TCPProxy option.
--+--
 Reporter:  haxxpop   |  Owner:  haxxpop
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  proxy tcp |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+--

Comment (by haxxpop):

 Replying to [comment:5 nickm]:
 > First question: on your note above, what do you mean by "the proxy has
 to support DNS resolving in HTTP CONNECT"?  We *want* all the DNS
 resolution to happen in Tor. Tor should really only be passing IP
 addresses; does it pass hostnames to HTTP CONNECT proxies?

 Yes Tor will be passing only IP addresses.

 I meant that if I want to deploy my own proxy server and if it's HTTP
 CONNECT, it's supposed to support DNS resolving because it will be
 probably used by some other proxy client (which is not Tor). So it's more
 reasonable for me to deploy a haproxy instead of HTTP CONNECT proxy.



 > Second question: is it actually a problem in practice that SOCKS5 takes
 two round trips?
 I'm not sure. I don't have much experience on this :D. But in theory,
 according to the speed of light, if the server is in the US and the client
 is in Thailand, it will take at least 80ms more if it's two round trips.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos

[Tor Bug Tracker & Wiki]

#26294: attacker can force intro point rotation by ddos
-+-
 Reporter:  arma |  Owner:  asn
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-dos, network-team-   |  Actual Points:  6
  roadmap-august, security, 042-should   |
Parent ID:  #2   | Points:  7
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by arma):

 Replying to [comment:33 arma]:
 > The impact is a bit subtle/indirect, but it would for example allow
 attacks where later you discover which rendezvous point a given
 introduction attempt used.

 For example, you could do this discovery by roving around the network
 looking at relays and seeing if they receive the burst of rendezvous
 attempts. Or you could run some fast inconsistent (i.e. not Guard) relays
 and get chosen sometimes as the hop before the rendezvous cell, and since
 our design doesn't use 'rendezvous guards', over time you become confident
 that the rendezvous point is the one receiving the connections more often
 than baseline.

 If the intro point can guess what onion service it's an intro point for,
 it can look up the descriptor, discover the ephemeral key for its intro
 point, and do introductions itself. So the original goal was that if it
 *doesn't* know what onion service it's introducing to, it can't cause the
 onion service to make any circuits.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31693 [Applications/GetTor]: Have GetTor start automatically when machine reboots

[Tor Bug Tracker & Wiki]

#31693: Have GetTor start automatically when machine reboots
-+
 Reporter:  phw  |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Very High|  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Critical | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+
Changes (by anarcat):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 done, through puppet. `systemd --user` is now running for user gettor on
 getulum:

 {{{
│ └─user-1536.slice
│   └─user@1536.service
│ └─init.scope
│   ├─10304 /lib/systemd/systemd --user
│   └─10305 (sd-pam)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31654 [Core Tor/Tor]: Should --list-torrc-options and GETINFO config/names have more in common?

[Tor Bug Tracker & Wiki]

#31654: Should --list-torrc-options and GETINFO config/names have more in 
common?
--+--
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by nickm):

 (this is not guaranteed, though.  There could be other unsettable options
 in the future. Probably better to give an official mechanism for this)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31654 [Core Tor/Tor]: Should --list-torrc-options and GETINFO config/names have more in common?

[Tor Bug Tracker & Wiki]

#31654: Should --list-torrc-options and GETINFO config/names have more in 
common?
--+--
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by nickm):

 Options are listed along with their types;  any options that are listed as
 Virtual may not be set.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31625 [Core Tor/Tor]: config refactoring: fix hierarchy of configuration variable flags

[Tor Bug Tracker & Wiki]

#31625: config refactoring: fix hierarchy of configuration variable flags
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-august, |  Actual Points:  .9
  042-should, dgoulet-merge  |
Parent ID:  #29211   | Points:  .5
 Reviewer:  teor |Sponsor:
 |  Sponsor31-must
-+-
Changes (by nickm):

 * keywords:  network-team-roadmap-august, 042-should => network-team-
 roadmap-august, 042-should, dgoulet-merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29214 [Core Tor/Tor]: Update 'tor-guts' archictecture documentation to describe current (actual, as-built) architecture.

[Tor Bug Tracker & Wiki]

#29214: Update 'tor-guts' archictecture documentation to describe current 
(actual,
as-built) architecture.
-+-
 Reporter:  nickm|  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-november,   |  Actual Points:
  s31-docs   |
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
 |  Sponsor31-must
-+-
Description changed by nickm:

Old description:



New description:

 The official deliverable here is "Architectural documentation for how Tor
 modules work with one another, covering both the actuality and the
 refactored architecture".  The "refactored architecture" is under #29215.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29216 [Core Tor/Tor]: Document how to make new files/modules in Tor

[Tor Bug Tracker & Wiki]

#29216: Document how to make new files/modules in Tor
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  s31-docs  |  Actual Points:
Parent ID:| Points:  1.5
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * sponsor:  Sponsor31-must => Sponsor31-can


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29215 [Core Tor/Tor]: Document target, modular tor architecture

[Tor Bug Tracker & Wiki]

#29215: Document target, modular tor architecture
-+-
 Reporter:  nickm|  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-september,  |  Actual Points:
  s31-docs   |
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
 |  Sponsor31-must
-+-
Description changed by nickm:

Old description:

> We'll be working during sponsor31 to make sure that we are moving towards
> a nice modular architecture. We should document what we're actually
> trying to achieve, and what our target architecture is, so that we can
> tell people "do it like X, not necessarily like Tor does it now."

New description:

 We'll be working during sponsor31 to make sure that we are moving towards
 a nice modular architecture. We should document what we're actually trying
 to achieve, and what our target architecture is, so that we can tell
 people "do it like X, not necessarily like Tor does it now."

 The official deliverable here is "Architectural documentation for how Tor
 modules work with one another, covering both the actuality and the
 refactored architecture".  The "actuality" is under #29214.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29214 [Core Tor/Tor]: Update 'tor-guts' archictecture documentation to describe current (actual, as-built) architecture.

[Tor Bug Tracker & Wiki]

#29214: Update 'tor-guts' archictecture documentation to describe current 
(actual,
as-built) architecture.
-+-
 Reporter:  nickm|  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-november,   |  Actual Points:
  s31-docs   |
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
 |  Sponsor31-must
-+-
Changes (by nickm):

 * sponsor:  Sponsor31-can => Sponsor31-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29222 [Core Tor/Tor]: Fix biggest violations of coding best-practices

[Tor Bug Tracker & Wiki]

#29222: Fix biggest violations of coding best-practices
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  10
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * keywords:  s31-docs =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29224 [Core Tor/Tor]: Abstractions and best practices for disabled modules

[Tor Bug Tracker & Wiki]

#29224: Abstractions and best practices for disabled modules
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  5
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * keywords:  s31-docs =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29223, #30349

[Tor Bug Tracker & Wiki]

Batch modification to #29223, #30349 by nickm:
sponsor to Sponsor31-can

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29656, #30349, #29219, #29220, ...

[Tor Bug Tracker & Wiki]

Batch modification to #29656, #30349, #29219, #29220, #29222, #29223, #29224, 
#30839, #29214, #29215, #29216 by nickm:


--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31625 [Core Tor/Tor]: config refactoring: fix hierarchy of configuration variable flags

[Tor Bug Tracker & Wiki]

#31625: config refactoring: fix hierarchy of configuration variable flags
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-august, |  Actual Points:  .9
  042-should |
Parent ID:  #29211   | Points:  .5
 Reviewer:  teor |Sponsor:
 |  Sponsor31-must
-+-
Changes (by teor):

 * status:  needs_review => merge_ready
 * sponsor:   => Sponsor31-must
 * actualpoints:  .8 => .9


Comment:

 Replying to [comment:15 nickm]:
 > >The code is mostly ok, but does need a few more comments, and maybe
 some tidying up.
 >
 > Do you have any tidying in mind? I didn't see any requests of this form,
 but I'm happy to give it a try.

 I think I meant "comment tidying up", I can't see anything else that needs
 doing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31654 [Core Tor/Tor]: Should --list-torrc-options and GETINFO config/names have more in common?

[Tor Bug Tracker & Wiki]

#31654: Should --list-torrc-options and GETINFO config/names have more in 
common?
--+--
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by teor):

 Replying to [ticket:31654 nickm]:
 > In practice, this means that they differ when it comes to virtual
 (linelist_v) options like "HiddenServiceOptions" which are listed to the
 controller, but not settable.
 >
 > The controller ''is'' allowed to GETCONF HiddenServiceOptions, but is
 not allowed to set it.  From the command line, there is no way to access
 it.

 Is there any controller command that tells the controller which options it
 is not allowed to set?

 Or does control code that tries to set all options, need to special-case
 HiddenServiceOptions?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31475 [Core Tor/Tor]: config: stop using atof()

[Tor Bug Tracker & Wiki]

#31475: config: stop using atof()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


Comment:

 CI has passed

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31693 [Applications/GetTor]: Have GetTor start automatically when machine reboots

[Tor Bug Tracker & Wiki]

#31693: Have GetTor start automatically when machine reboots
-+
 Reporter:  phw  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Critical | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+
Description changed by phw:

Old description:

> Getulum last rebooted on 2019-09-07 at 20:02:55 UTC. After the machine
> came back online, GetTor didn't start again and it has been offline for
> the last three days. We really need systemd (or whatever) to start the
> service automatically. Let's set this up as a user-level service as
> described here: https://help.torproject.org/tsa/doc/services/
>
> Here's a possible gettor.service file:
> {{{
> [Unit]
> Description=GetTor distributes links to Tor Browser over email.
> Wants=network-online.target
> After=network-online.target
>
> [Service]
> Type=simple
> ExecStart=/home/gettor/gettor/bin/gettor_service start
>
> [Install]
> WantedBy=multi-user.target
> }}}
>
> I believe that we still need a sysadmin to run `loginctl enable-linger
> gettor` to enable lingering services for the gettor user: see the section
> "sysadmin stuff" in https://help.torproject.org/tsa/doc/services/

New description:

 Getulum last rebooted on 2019-09-07 at 20:02:55 UTC. After the machine
 came back online, GetTor didn't start again and it has been offline for
 the last three days. We really need systemd (or whatever) to start the
 service automatically. Let's set this up as a user-level service as
 described here: https://help.torproject.org/tsa/doc/services/

 Here's a possible gettor.service file:
 {{{
 [Unit]
 Description=GetTor distributes links to Tor Browser over email.
 Wants=network-online.target
 After=network-online.target

 [Service]
 Type=simple
 ExecStart=/bin/sh -c 'cd /home/gettor/bin/ && source venv/bin/activate &&
 bin/gettor_service start'

 [Install]
 WantedBy=multi-user.target
 }}}

 I believe that we still need a sysadmin to run `loginctl enable-linger
 gettor` to enable lingering services for the gettor user: see the section
 "sysadmin stuff" in https://help.torproject.org/tsa/doc/services/

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos

[Tor Bug Tracker & Wiki]

#26294: attacker can force intro point rotation by ddos
-+-
 Reporter:  arma |  Owner:  asn
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-dos, network-team-   |  Actual Points:  6
  roadmap-august, security, 042-should   |
Parent ID:  #2   | Points:  7
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by arma):

 Replying to [comment:27 asn]:
 > We actually had not heard that replay caches are there to protect
 against traffic analysis attacks. How does the attack work? I considered
 that identical INTRO2 cells could be used as a signal to the HS guard, but
 since they are end-to-end encrypted the singal should not be visible,
 right?

 The encryption protects the payload, but not the communications metadata
 (timing and volume).

 I worry about two impacts from replays by the intro point:

 * Capture an intro2 cell and later play it repeatedly, to create a pattern
 at the onion service's guard, at a time of our choosing. The replay cache
 at the onion service doesn't completely resolve this concern, because the
 intro point gets to send the cells before the onion service can realize
 they're replays. But if Mike succeeds at removing every side channel from
 the world, then the replayed intro1 cells are "legitimate" (i.e. expected
 and correctly formed) cells so without a replay cache there is no way to
 realize that they're not wanted.

 * Capture an intro2 cell and later play it repeatedly to create a pattern
 at the rendezvous point. This one is directly resolved by a replay cache
 at the onion service side. The impact is a bit subtle/indirect, but it
 would for example allow attacks where later you discover which rendezvous
 point a given introduction attempt used.

 The generalization of that second issue is that you get to induce the
 onion service to interact with the Tor network, at a time and frequency of
 your choosing, when otherwise you shouldn't have that capability. That
 possibility seemed like a good building block to all sorts of traffic
 confirmation attacks, and that's why we put the replay cache in place.

 I think the thinking has gone deeper since this original design, e.g. in
 the Vanguards discussion. So if are are ok with these issues, great. But
 at least now you know the original context. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31693 [Applications/GetTor]: Have GetTor start automatically when machine reboots

[Tor Bug Tracker & Wiki]

#31693: Have GetTor start automatically when machine reboots
-+
 Reporter:  phw  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/GetTor  |Version:
 Severity:  Critical |   Keywords:
Actual Points:   |  Parent ID:
   Points:  0.1  |   Reviewer:
  Sponsor:   |
-+
 Getulum last rebooted on 2019-09-07 at 20:02:55 UTC. After the machine
 came back online, GetTor didn't start again and it has been offline for
 the last three days. We really need systemd (or whatever) to start the
 service automatically. Let's set this up as a user-level service as
 described here: https://help.torproject.org/tsa/doc/services/

 Here's a possible gettor.service file:
 {{{
 [Unit]
 Description=GetTor distributes links to Tor Browser over email.
 Wants=network-online.target
 After=network-online.target

 [Service]
 Type=simple
 ExecStart=/home/gettor/gettor/bin/gettor_service start

 [Install]
 WantedBy=multi-user.target
 }}}

 I believe that we still need a sysadmin to run `loginctl enable-linger
 gettor` to enable lingering services for the gettor user: see the section
 "sysadmin stuff" in https://help.torproject.org/tsa/doc/services/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31475 [Core Tor/Tor]: config: stop using atof()

[Tor Bug Tracker & Wiki]

#31475: config: stop using atof()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * type:  enhancement => defect


Comment:

 See branch `ticket31475` with PR at
 https://github.com/torproject/tor/pull/1316 .

 I suggest no backport, even though this is (arguably) a bug: it's a
 behavior that nobody has noticed.

 I'll put this in needs_review once CI has passed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31653 [Core Tor/Tor]: padding machine sending padding from relay to client closes circuit

[Tor Bug Tracker & Wiki]

#31653: padding machine sending padding from relay to client closes circuit
-+
 Reporter:  pulls|  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor: 0.4.1.5
 Severity:  Normal   | Resolution:
 Keywords:  wtf-pad circpad  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by arma):

 Haven't looked at all the code, but upon reading the bug report, I also
 suspect an out-of-order send. Perhaps the code that is about to send the
 cell triggers the code to check for padding, and the code to check for
 padding sneaks in a padding cell right then, and then it returns and the
 original code sends its cell.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30857 [Internal Services/Services Admin Team]: migrate (some projects? everything?) from trac to gitlab

[Tor Bug Tracker & Wiki]

#30857: migrate (some projects? everything?) from trac to gitlab
-+-
 Reporter:  anarcat  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:  tickets-migration|  Actual Points:
Parent ID:  #29400   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gaba):

 Replying to [comment:41 anarcat]:
 > > 1. ticket number preservation
 >
 > Agreed. I think it would be essential to keep that. Any self-respecting
 migration tool should allow us to "dump" all the trac tickets into a
 (single!) GitLab project, keeping ticket numbers.

 Tickets will be imported by team/project. It will not work for us to have
 ALL trac tickets in one project in gitlab.

 And that brings me the question on where are we going to have sysadmin
 tickets in gitlab? I was thinking as its own group in gitlab but you may
 have other idea for it.


 >
 > > They want to not have collition between trac ticket numbers and gitlab
 issue numbers.
 >
 > This, however, seems to say something else: does it mean that we
 '''don't''' want Trac ticket #1 to be the same ticket as GitLab ticket #1?
 That would be in contradiction with "ticket number preservation" in my
 mind.

 Sorry that I was not clear. Any new ticket in gitlab will have a number
 that has not being assigned in trac yet. We preserve the number for
 tickets that already exist.


 >
 > > That would mean to have new numbers for new tickets when starting to
 use gitlab officially.
 >
 > I interpret this as meaning that, assuming we migrate Trac tickets from
 1 to N when Trac is made readonly (for the migration, it can be turned off
 after), the next ticket in gitlab will be N+1?


 Yes.

 >
 > > 2) add all tickets (including closed ones)
 > >
 > > They want to have ALL tickets from trac in gitlab to preserve the
 history of Tor in one place.
 >
 > Sure, that should be done. Then we have this "legacy" gitlab project
 with a humongous pile of tickets like we have in Trac right now, but we
 can "split" those up as needed by moving tickets around with the API.


 >
 > > 3) get all info from each ticket into an issue (including comments in
 the trac ticket addded as a 'trac user' to the gitlab issue)
 > >
 > > This would mean to have each comment from each trac ticket as a
 comment in the gitlab issue. The possible solution would be to have a
 'trac user' in gitlab that is the one making all the comments that are
 being migrated from trac.
 >
 > That makes sense as well, I'd be happy to see that happen, and I think
 this is all the kind of stuff Tracboat should do.
 >
 > I would still put Trac readonly during and after the migration, then do
 one last archival to the Internet archive. I would then create a
 "redirection site" that would do things like:
 >
 > {{{
 > https://trac.torproject.org/projects/tor/ticket/N ->
 https://dip.tracproject.org/tor/legacy/issues/N
 > https://trac.torproject.org/projects/tor/wiki/PAGE ->
 https://dip.tracproject.org/tor/legacy/wiki/PAGE
 > (...anything else?)
 > }}}
 >
 > And *then* trac can be totally decommissioned (although I would keep
 backups for a while, just to be sure, of course, but that's part of our
 decommissioning procedure anyways.

 Yes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30971 [Core Tor/Fallback Scripts]: Rebuild the fallback list in late 2019 or early 2020

[Tor Bug Tracker & Wiki]

#30971: Rebuild the fallback list in late 2019 or early 2020
---+---
 Reporter:  teor   |  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.3.x-final
Component:  Core Tor/Fallback Scripts  |Version:
 Severity:  Normal | Resolution:
 Keywords:  fallback   |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by nickm):

 * keywords:  042-should-maybe, fallback => fallback


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31571 [Core Tor/Tor]: Add the tor version and a newline to raw_assert()

[Tor Bug Tracker & Wiki]

#31571: Add the tor version and a newline to raw_assert()
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  consider-backport-after-042-stable,  |  Actual Points:  0.3
  BugSmashFund, diagnostics, android, dgoulet-   |
  merge, macos 035-backport 040-backport |
  041-backport   |
Parent ID:  #31570   | Points:  0.1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * keywords:
 consider-backport-after-042-stable, BugSmashFund, diagnostics,
 042-should, android, dgoulet-merge, macos 035-backport 040-backport
 041-backport
 =>
 consider-backport-after-042-stable, BugSmashFund, diagnostics,
 android, dgoulet-merge, macos 035-backport 040-backport 041-backport


Comment:

 Removing 042-should, since this is already merged to 0.4.2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31507 [Core Tor/Tor]: Change the client default to AvoidDiskWrites 1

[Tor Bug Tracker & Wiki]

#31507: Change the client default to AvoidDiskWrites 1
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  security-low  |  Actual Points:
Parent ID:| Points:  0.2
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * keywords:  security-low, 042-should => security-low


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31408 [Core Tor/Tor]: torrc : ClientOnionAuthDir after include directives breaks client to v2 services

[Tor Bug Tracker & Wiki]

#31408: torrc : ClientOnionAuthDir after include directives breaks client to v2
services
+--
 Reporter:  xaho|  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  0.4.2.x-final
Component:  Core Tor/Tor|Version:  Tor: 0.4.0.5
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs regression 042-must  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * keywords:  tor-hs regression => tor-hs regression 042-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31136 [Core Tor/Tor]: tor_bug_occurred_() channel_tls_handle_cell: This line should not have been reached.

[Tor Bug Tracker & Wiki]

#31136: tor_bug_occurred_() channel_tls_handle_cell: This line should not have 
been
reached.
-+-
 Reporter:  fingau   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.5.8
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, tor-channel,  |  Actual Points:
  041-backport 040-backport 035-backport |
  security crash 042-should  |
Parent ID:  #31107   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:
 tor-relay, tor-channel, 041-backport 040-backport 035-backport
 security crash
 =>
 tor-relay, tor-channel, 041-backport 040-backport 035-backport
 security crash 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31221 [Core Tor/Tor]: Line unexpectedly reached at channel_tls_handle_cell at ../src/core/or/channeltls.c:1111

[Tor Bug Tracker & Wiki]

#31221: Line unexpectedly reached at channel_tls_handle_cell at
../src/core/or/channeltls.c:
---+---
 Reporter:  weasel |  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.2.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.5.8
 Severity:  Normal | Resolution:
 Keywords:  security crash 042-should  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by nickm):

 * keywords:  security crash => security crash 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29699 [Core Tor/Tor]: INTRO2 replay warn logs with v3 onions

[Tor Bug Tracker & Wiki]

#29699: INTRO2 replay warn logs with v3 onions
-+-
 Reporter:  mikeperry|  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, security,|  Actual Points:
  041-deferred-20190530 042-should   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-hs, security, 041-deferred-20190530 => tor-hs, security,
 041-deferred-20190530 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29427, #29698, #29911, #30344, ...

[Tor Bug Tracker & Wiki]

Batch modification to #29427, #29698, #29911, #30344, #30916, #31022, #31036, 
#31189, #31466, #31611, #31683, #28970 by nickm:


--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31364 [Core Tor/Tor]: tor_bug_occurred_(): Bug: ../src/feature/nodelist/microdesc.c:494: warn_if_nul_found: Non-fatal assertion !(nul_found) failed. (on Tor 0.4.0.5 )

[Tor Bug Tracker & Wiki]

#31364: tor_bug_occurred_(): Bug: ../src/feature/nodelist/microdesc.c:494:
warn_if_nul_found: Non-fatal assertion !(nul_found) failed. (on Tor 0.4.0.5
)
-+-
 Reporter:  computer_freak   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  microdesc assert 042-should  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  microdesc assert => microdesc assert 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31107 [Core Tor/Tor]: channel: channel_tls_handle_cell() CELL_VERSIONS code reached

[Tor Bug Tracker & Wiki]

#31107: channel: channel_tls_handle_cell() CELL_VERSIONS code reached
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, tor-channel security  |  Actual Points:
  crash 042-must |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-relay, tor-channel security crash => tor-relay, tor-
 channel security crash 042-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31091 [Core Tor/Tor]: Bug stracktrace when pluggable transport cannot bind to port

[Tor Bug Tracker & Wiki]

#31091: Bug stracktrace when pluggable transport cannot bind to port
--+
 Reporter:  s7r   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  042-must  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * keywords:   => 042-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29669 [Core Tor/Tor]: hs: ADD_ONION with NEW:BEST is still pinned on v2

[Tor Bug Tracker & Wiki]

#29669: hs: ADD_ONION with NEW:BEST is still pinned on v2
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.5.1-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-control, hs-v3, tor- |  Actual Points:
  spec, security, 041-deferred-20190530  |
  042-should |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-hs, tor-control, hs-v3, tor-spec, security,
 041-deferred-20190530 =>
 tor-hs, tor-control, hs-v3, tor-spec, security, 041-deferred-20190530
 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #31372, #31482, #31548, #31561, ...

[Tor Bug Tracker & Wiki]

Batch modification to #31372, #31482, #31548, #31561, #31657 by nickm:


Comment:
Mark some needs_revision tickets as 042-should

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30839 [Core Tor/Tor]: Update EndOfLifeTor.md with our latest end of life process

[Tor Bug Tracker & Wiki]

#30839: Update EndOfLifeTor.md with our latest end of life process
-+-
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  041-should network-team-roadmap- |  Actual Points:
  september 042-can  |
Parent ID:  #30835   | Points:  1
 Reviewer:   |Sponsor:
 |  Sponsor31-can
-+-
Changes (by nickm):

 * keywords:  041-should network-team-roadmap-september => 041-should
 network-team-roadmap-september 042-can


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #31625, #31652, #31679

[Tor Bug Tracker & Wiki]

Batch modification to #31625, #31652, #31679 by nickm:


--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30527 [Core Tor/Tor]: Fix coverity warnings in test_parsecommon.c

[Tor Bug Tracker & Wiki]

#30527: Fix coverity warnings in test_parsecommon.c
+--
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:
|  needs_review
 Priority:  Medium  |  Milestone:  Tor:
|  0.4.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  coverity technical-debt 042-should  |  Actual Points:  0
Parent ID:  | Points:  .5
 Reviewer:  teor|Sponsor:
|  Sponsor31-can
+--
Changes (by nickm):

 * keywords:  coverity technical-debt => coverity technical-debt 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31673 [Core Tor/Tor]: Deprecated use of

[Tor Bug Tracker & Wiki]

#31673: Deprecated use of 
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  035-backport 040-backport|  Actual Points:
  041-backport asn-merge 042-must|
Parent ID:   | Points:  0.1
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * keywords:  035-backport 040-backport 041-backport asn-merge =>
 035-backport 040-backport 041-backport asn-merge 042-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #28966, #29220, #29546, #31002, ...

[Tor Bug Tracker & Wiki]

Batch modification to #28966, #29220, #29546, #31002, #31078, #31626 by nickm:


--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29220, #29546, #31002, #31078, ...

[Tor Bug Tracker & Wiki]

Batch modification to #29220, #29546, #31002, #31078, #31626 by nickm:


Comment:
Mark some assigned tickets as 042-should.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #26294, #31354

[Tor Bug Tracker & Wiki]

Batch modification to #26294, #31354 by nickm:


--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #26294, #31354

[Tor Bug Tracker & Wiki]

Batch modification to #26294, #31354 by nickm:


Comment:
Mark some merge_ready tickets as 042-should

--
Tickets URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28966 [Core Tor/Tor]: HSv3 client auth insufficiently documented (was: HiddenServiceAuthorizeClient incompatible)

[Tor Bug Tracker & Wiki]

#28966: HSv3 client auth insufficiently documented (was:
HiddenServiceAuthorizeClient incompatible)
-+-
 Reporter:  roo  |  Owner:  asn
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.5.6-rc
 Severity:  Minor| Resolution:
 Keywords:  tor-hs, client-auth, hsv3,   |  Actual Points:
  postfreeze-ok, network-team-roadmap-october,   |
  042-should |
Parent ID:  #14389   | Points:  0.5
 Reviewer:   |Sponsor:
 |  Sponsor27-must
-+-
Changes (by nickm):

 * keywords:  tor-hs, client-auth, hsv3, postfreeze-ok, network-team-
 roadmap-october =>
 tor-hs, client-auth, hsv3, postfreeze-ok, network-team-roadmap-
 october, 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31682 [Core Tor/Tor]: CID 1453653: Integer handling (NEGATIVE_RETURNS) in build_establish_intro_dos_extension()

[Tor Bug Tracker & Wiki]

#31682: CID 1453653: Integer handling (NEGATIVE_RETURNS) in
build_establish_intro_dos_extension()
-+-
 Reporter:  teor |  Owner:  dgoulet
 Type:  defect   | Status:
 |  accepted
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop305, coverity|  Actual Points:
  042-should |
Parent ID:  #2   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor27-must
-+-
Changes (by nickm):

 * keywords:  tor-hs, prop305, coverity => tor-hs, prop305, coverity
 042-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29209, #29212, #29213, #29214, ...

[Tor Bug Tracker & Wiki]

Batch modification to #29209, #29212, #29213, #29214, #29215, #29216, #29217, 
#29225, #29228, #30971, #31122, #31238, #31507 by nickm:
milestone to Tor: 0.4.3.x-final

Comment:
Defer several enhancements from "new" to 0.4.3.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31692 [Circumvention/Obfs4]: Upgrade obfs4 Docker image to Debian buster

[Tor Bug Tracker & Wiki]

#31692: Upgrade obfs4 Docker image to Debian buster
-+--
 Reporter:  phw  |  Owner:  phw
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Obfs4  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:  cohosh   |Sponsor:
-+--
Changes (by phw):

 * status:  assigned => needs_review
 * reviewer:   => cohosh


Comment:

 Here's my patch: https://dip.torproject.org/torproject/anti-censorship
 /docker-obfs4-bridge/compare/master...enhancement%2F31692

 Let's not forget to update our
 [https://community.torproject.org/relay/setup/bridge/docker/ docker
 installation instructions] once this is merged.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31475 [Core Tor/Tor]: config: stop using atof()

[Tor Bug Tracker & Wiki]

#31475: config: stop using atof()
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  accepted
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => accepted
 * owner:  (none) => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31631 [Core Tor/Tor]: Write a test for round-trip encode/decode operations on configuration objects.

[Tor Bug Tracker & Wiki]

#31631: Write a test for round-trip encode/decode operations on configuration
objects.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #29211| Points:
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * status:  new => accepted
 * owner:  (none) => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31692 [Circumvention/Obfs4]: Upgrade obfs4 Docker image to Debian buster

[Tor Bug Tracker & Wiki]

#31692: Upgrade obfs4 Docker image to Debian buster
-+--
 Reporter:  phw  |  Owner:  phw
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Obfs4  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:  0.5  |   Reviewer:
  Sponsor:   |
-+--
 Version 0.1 of [https://dip.torproject.org/torproject/anti-censorship
 /docker-obfs4-bridge our obfs4 Docker image] is using stretch, which is
 Debian's old stable. Let's upgrade it to Debian buster.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #29211, #30866, #31241

[Tor Bug Tracker & Wiki]

Batch modification to #29211, #30866, #31241 by nickm:
milestone to Tor: 0.4.3.x-final

Comment:
Move some Sponsor31 config refactoring tasks into 0.4.3.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30292 [Core Tor/Tor]: Refactor periodic event system so each subsystem "owns" its own periodic events

[Tor Bug Tracker & Wiki]

#30292: Refactor periodic event system so each subsystem "owns" its own periodic
events
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  implemented
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => implemented


Comment:

 Child tickets are closed; this redesign is complete.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #27908, #29004, #29005, #29010, ...

[Tor Bug Tracker & Wiki]

Batch modification to #27908, #29004, #29005, #29010, #29009, #29129, #29264, 
#29265, #29266, #29268, #29271 by nickm:
milestone to Tor: unspecified

Action: new

Comment:
Move privcount tickets from 0.4.2 to "Unspecified"; mark as new.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31675 [Core Tor/Tor]: Split microdescs_parse_from_string() into smaller functions

[Tor Bug Tracker & Wiki]

#31675: Split microdescs_parse_from_string() into smaller functions
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  task  | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0
 Reviewer:|Sponsor:  Sponsor31-can
--+

Comment (by nickm):

 (I've added tests, and gotten them passing)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30831 [Core Tor/Tor]: Separate front-end and back-end of handle implementation.

[Tor Bug Tracker & Wiki]

#30831: Separate front-end and back-end of handle implementation.
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:  #29218| Points:  0.5
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => wontfix


Comment:

 see parent

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29218 [Core Tor/Tor]: Revise "handles" to be opaque, safe. Document standard usage

[Tor Bug Tracker & Wiki]

#29218: Revise "handles" to be opaque, safe.  Document standard usage
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:  3
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => wontfix


Comment:

 This turned out to be less of a good idea than I had originally thought,
 so we dropped it from our roadmap.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31675 [Core Tor/Tor]: Split microdescs_parse_from_string() into smaller functions

[Tor Bug Tracker & Wiki]

#31675: Split microdescs_parse_from_string() into smaller functions
--+
 Reporter:  nickm |  Owner:  nickm
 Type:  task  | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  0
 Reviewer:|Sponsor:  Sponsor31-can
--+
Changes (by nickm):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201909  |  Actual Points:
Parent ID:  | Points:  2
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Replying to [comment:51 mcs]:
 > But I just realized there is a much bigger difference between what you
 are doing and our earlier experiments: because we did not have ESR68 macOS
 builds at that time, Kathy and I used an ESR60-based nightly build. We
 will try to re-create our experiment using a current nightly build.

 I did the ESR68-based experiment using browser bits that I extracted from
 your comment:48 build. My notarized and stapled `Tor Browser.app` opens
 correctly on macOS 10.15.  I used the entitlements file from
 https://gitweb.torproject.org/tor-
 browser.git/plain/security/mac/hardenedruntime/production.entitlements.xml?h
 =tor-browser-68.1.0esr-9.0-2-build2

 In detail, here are the steps I followed (all on a macOS 10.14.6
 computer):

 Opened your .dmg in Finder and copied Tor Browser.app to a new folder.

 Removed your signatures:
 {{{
 rm -rf Tor\ Browser.app/Contents/CodeResources Tor\
 Browser.app/Contents/_CodeSignature
 }}}

 Signed it and created `tb.zip` which contains `Tor Browser.app` at the top
 level:
 {{{
 CERT="Developer ID Application: Pearl Crescent LLC (Z4N9W47D2U)"
 ENTITLEMENTS=entitlements/production.entitlements.xml
 codesign -vvv --deep -o runtime --entitlements "$ENTITLEMENTS" \
 --timestamp -f -s "$CERT" "Tor Browser.app/"
 zip -qr tb.zip "Tor Browser.app"
 }}}

 Submitted the zip file for notarization:
 {{{
 BUNDLEID="org.torproject.torbrowser"
 xcrun altool --notarize-app -t osx -f tb.zip --primary-bundle-id
 "$BUNDLEID" \
 -u REDACTED -p @env:PW --output-format xml
 }}}

 Checked status until it was done:
 {{{
 xcrun altool --notarization-info GUID \
 -u REDACTED -p @env:PW --output-format xml
 }}}

 Stapled the notarization ticket to the app bundle and created a new zip
 file:
 {{{
 xcrun stapler staple Tor\ Browser.app
 zip -r tb-stapled.zip Tor\ Browser.app
 }}}

 Then I put `tb-stapled.zip` on an HTTP server and downloaded it to macOS
 for testing.

 There were three things that surprised me on macOS 10.15:
 1. The "Tor Browser is an app downloaded from the Internet. Are you sure
 you want to open it?" prompt did not mention that the app had been checked
 by Apple for malicious software. But that message does not appear for
 Firefox 68.1.0 ESR either
 2. Even though I had the app on the desktop, wjen I clicked `Open` and
 allowed Tor Browser to start up, it placed its `TorBrowser-Data` folder
 under `~/Library/Application Support/TorBrowser-Data/` instead of next to
 the app. Apparently notarized applications do not have access to the
 desktop by default, because this problem occurs on macOS 10.14.6 as well.
 3. A more serious problem is that on macOS 10.15 but not on 10.14.6, all
 tabs seem to crash (content process crash). This problem and 2. both
 disappear if I run `./Tor Browser.app/Contents/MacOS/firefox` from bash.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30020 [Internal Services/Tor Sysadmin Team]: switch from our custom YAML implementation to Hiera

[Tor Bug Tracker & Wiki]

#30020: switch from our custom YAML implementation to Hiera
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29387   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 awesome. so we're at step 6:

  6. create a new YAML variable that gives us a IP range -> hoster mapping
  7. create a function that looks through those to guess the hoster for a
 given IP address (probably just fixing `whohosts`?)
  8. use that function to create a fact (through a template, but with a
 variable defined in the base class) that defines the $hoster variable that
 hiera will use to load the right YAML (DONE, right?)
  9. remove hoster.yaml

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31622 [Internal Services/Tor Sysadmin Team]: puppet: a static_mirror should not include static_mirror_source

[Tor Bug Tracker & Wiki]

#31622: puppet: a static_mirror should not include static_mirror_source
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by weasel):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 I split the staticsync base things back into the base class, so the
 mirrors no longer need to include the static_source class.

 I'm not quite happy with it yet, but this ticket at least is resolved.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30020 [Internal Services/Tor Sysadmin Team]: switch from our custom YAML implementation to Hiera

[Tor Bug Tracker & Wiki]

#30020: switch from our custom YAML implementation to Hiera
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29387   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 hoster.yaml now only has the networks that define which hoster a node is
 at.  It's still used for the whohosts function~~ and for ferm to make up
 what we consider tor networks~~.

 We ship the hoster name as a fact to the node, and then include hieradata
 based on that fact, defining things like the debian mirror.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30857 [Internal Services/Services Admin Team]: migrate (some projects? everything?) from trac to gitlab

[Tor Bug Tracker & Wiki]

#30857: migrate (some projects? everything?) from trac to gitlab
-+-
 Reporter:  anarcat  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:  tickets-migration|  Actual Points:
Parent ID:  #29400   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 > 1. ticket number preservation

 Agreed. I think it would be essential to keep that. Any self-respecting
 migration tool should allow us to "dump" all the trac tickets into a
 (single!) GitLab project, keeping ticket numbers.

 > They want to not have collition between trac ticket numbers and gitlab
 issue numbers.

 This, however, seems to say something else: does it mean that we
 '''don't''' want Trac ticket #1 to be the same ticket as GitLab ticket #1?
 That would be in contradiction with "ticket number preservation" in my
 mind.

 > That would mean to have new numbers for new tickets when starting to use
 gitlab officially.

 I interpret this as meaning that, assuming we migrate Trac tickets from 1
 to N when Trac is made readonly (for the migration, it can be turned off
 after), the next ticket in gitlab will be N+1?

 > 2) add all tickets (including closed ones)
 >
 > They want to have ALL tickets from trac in gitlab to preserve the
 history of Tor in one place.

 Sure, that should be done. Then we have this "legacy" gitlab project with
 a humongous pile of tickets like we have in Trac right now, but we can
 "split" those up as needed by moving tickets around with the API.

 > 3) get all info from each ticket into an issue (including comments in
 the trac ticket addded as a 'trac user' to the gitlab issue)
 >
 > This would mean to have each comment from each trac ticket as a comment
 in the gitlab issue. The possible solution would be to have a 'trac user'
 in gitlab that is the one making all the comments that are being migrated
 from trac.

 That makes sense as well, I'd be happy to see that happen, and I think
 this is all the kind of stuff Tracboat should do.

 I would still put Trac readonly during and after the migration, then do
 one last archival to the Internet archive. I would then create a
 "redirection site" that would do things like:

 {{{
 https://trac.torproject.org/projects/tor/ticket/N ->
 https://dip.tracproject.org/tor/legacy/issues/N
 https://trac.torproject.org/projects/tor/wiki/PAGE ->
 https://dip.tracproject.org/tor/legacy/wiki/PAGE
 (...anything else?)
 }}}

 And *then* trac can be totally decommissioned (although I would keep
 backups for a while, just to be sure, of course, but that's part of our
 decommissioning procedure anyways.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28488 [Webpages/Support]: Fix absolute paths on lektor-staging.torproject.org

[Tor Bug Tracker & Wiki]

#28488: Fix absolute paths on lektor-staging.torproject.org
--+-
 Reporter:  traumschule   |  Owner:  phoul
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:  #24129| Points:
 Reviewer:|Sponsor:
--+-
Changes (by antonela):

 * status:  needs_review => closed
 * resolution:   => invalid


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18243 [Webpages/Website]: Website redesign - Phase 1

[Tor Bug Tracker & Wiki]

#18243: Website redesign - Phase 1
---+---
 Reporter:  isabela|  Owner:  isabela
 Type:  project| Status:  closed
 Priority:  Medium |  Milestone:  WebsiteV3
Component:  Webpages/Website   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  defer-new-website  |  Actual Points:
Parent ID:  #21222 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by antonela):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Closing this ticket. This work happened at #24131.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18245 [Webpages/Website]: Collect different mocks for new site

[Tor Bug Tracker & Wiki]

#18245: Collect different mocks for new site
---+---
 Reporter:  isabela|  Owner:  isabela
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:  WebsiteV3
Component:  Webpages/Website   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  defer-new-website  |  Actual Points:
Parent ID:  #18243 | Points:
 Reviewer: |Sponsor:
---+---
Changes (by antonela):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Closing this ticket. This work happened at #24131.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:10 eighthave]:
 > How about making the control port be a UNIX domain socket?

 That's also a good idea, its more secure. There is an issue tracking it in
 TOPL but no current movement on it

 https://github.com/thaliproject/Tor_Onion_Proxy_Library/issues/101

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by eighthave):

 How about making the control port be a UNIX domain socket?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31684 [Core Tor/Tor]: Add control port GETINFO support for dumping the local consensus

[Tor Bug Tracker & Wiki]

#31684: Add control port GETINFO support for dumping the local consensus
---+
 Reporter:  asn|  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  control-port easy  |  Actual Points:
Parent ID: | Points:  1
 Reviewer: |Sponsor:
---+
Changes (by nickm):

 * status:  needs_information => new


Comment:

 Whoops!  `dir/status-vote/current/consensus` works for an NS consensus,
 but not for a microdesc consensus.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31684 [Core Tor/Tor]: Add control port GETINFO support for dumping the local consensus

[Tor Bug Tracker & Wiki]

#31684: Add control port GETINFO support for dumping the local consensus
---+
 Reporter:  asn|  Owner:  (none)
 Type:  task   | Status:  needs_information
 Priority:  Medium |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  control-port easy  |  Actual Points:
Parent ID: | Points:  1
 Reviewer: |Sponsor:
---+
Changes (by nickm):

 * status:  new => needs_information


Comment:

 I think this is already implemented as `GETINFO dir/status-
 vote/current/consensus`?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31652 [Core Tor/Tor]: hs-v3: Service circuit retry limit should not close a valid circuit

[Tor Bug Tracker & Wiki]

#31652: hs-v3: Service circuit retry limit should not close a valid circuit
+
 Reporter:  dgoulet |  Owner:  neel
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs tor-circuit  |  Actual Points:
Parent ID:  #30200  | Points:  0.1
 Reviewer:  dgoulet |Sponsor:  Sponsor27-must
+
Changes (by neel):

 * status:  needs_revision => needs_review


Comment:

 New PR: https://github.com/torproject/tor/pull/1315

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26505 [Applications/Tor Browser]: "Prevent accessibility services from accessing your browser" should = true

[Tor Bug Tracker & Wiki]

#26505: "Prevent accessibility services from accessing your browser" should = 
true
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:  ff60-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by pospeselr):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 Yeah preventing visually impaired people from using Tor Browser seems like
 a bad choice. As cypherpunks suggested, better to file a UX bug with
 Mozilla so they can work out how to do this properly.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31450 [Applications/Tor Browser]: Still use GCC for 64bit Linux debug builds after switch to 68 ESR

[Tor Bug Tracker & Wiki]

#31450: Still use GCC for 64bit Linux debug builds after switch to 68 ESR
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-rbm, ff68-esr,   |  Actual Points:  0.25
  TorBrowserTeam201909R  |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by boklm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 This looks good to me. I pushed the `tor-browser` commit to branch `tor-
 browser-68.1.0esr-9.0-2` as commit
 `56be840ce8e2c852bb040b39640db812a714a73b`, and merged the `tor-browser-
 commit` to master with commit `71eb0d2431d59ec06e4c1832df595fcd4a30cbf8`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 We'd also need to get back a message from the service as to the control
 port to connect to.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:7 eighthave]:
 > Tthe basic idea is to make an Android-native TorService, which is a
 subclass of android.app.Service and loads tor daemon as a shared library,
 and starts it via JNI methods.  This should be pretty close to how iOS
 apps use tor.  Then that TorService should then plug into Orbot, Tor
 Browser, Briar, etc.  Then based on that,  I'll make a standalone, dead
 simple "TorServices" app that only provides Tor.  No PTs, HSs, etc., just
 a tor daemon linked in as a shared library, providing a SOCKS and HTTP
 CONNECT proxy via tor.  So I won't really be working on the control port
 stuff at all.
 >
 > Then I'll be working on the apps choosing which tor provider to use,
 since we'll have a new TorServices, super minimal app, so apps that don't
 include Tor will have to figure out how to use Orbot and/or TorServices.
 Then that work will hopefully be extended into sharing tor between apps,
 e.g. letting Briar, Tor Browser, etc share the tor SOCKS proxy to other
 apps that want to use it.  That would happen via Android mechanisms like
 Intents to manage the discovery of SOCKS ports.

 Thanks. This makes it clearer. Some basic ideas for discussion and further
 consideration: I think the method that a TorService replaces is the

 ''OnionProxyManager.start'' method. This method takes three steps. It
 spawns tor, it waits for the control connection to start up and then it
 sends some tor control commands. TorService would replace these first two
 steps (from my understanding).

 ''OnionProxyManager.spawnTorProcess'' method (currently private). This
 basically starts up tor from the command line.

 ''OnionProxyManager.waitForControlPortFileCreation'' would be the other
 potential method that TorService replaces, since I assume that that will
 be part of the bootstrap.

 We can make the OnionProxyManager.start method abstract, with different
 implementations for desktop and for Android. I'm sure there is more that
 would going on here since TorService is an AndroidService, with commands
 and/or broadcast it needs to receive. But that's the basic idea.

 
https://github.com/thaliproject/Tor_Onion_Proxy_Library/blob/master/universal/src/main/java/com/msopentech/thali/toronionproxy/OnionProxyManager.java

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29400 [Internal Services/Services Admin Team]: Set up a Gitlab instance

[Tor Bug Tracker & Wiki]

#29400: Set up a Gitlab instance
-+-
 Reporter:  ln5  |  Owner:  tpa
 Type:  project  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:  tickets-migration|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tickets-migration


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30857 [Internal Services/Services Admin Team]: migrate (some projects? everything?) from trac to gitlab

[Tor Bug Tracker & Wiki]

#30857: migrate (some projects? everything?) from trac to gitlab
-+-
 Reporter:  anarcat  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:  tickets-migration|  Actual Points:
Parent ID:  #29400   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tickets-migration


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31690 [Internal Services/Service - trac]: study trac.torproject.org archival possibilities

[Tor Bug Tracker & Wiki]

#31690: study trac.torproject.org archival possibilities
--+-
 Reporter:  anarcat   |  Owner:  qbi
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tickets-migration |  Actual Points:
Parent ID:  #30857| Points:
 Reviewer:|Sponsor:
--+-
Changes (by gaba):

 * keywords:   => tickets-migration


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30857 [Internal Services/Services Admin Team]: migrate (some projects? everything?) from trac to gitlab

[Tor Bug Tracker & Wiki]

#30857: migrate (some projects? everything?) from trac to gitlab
-+-
 Reporter:  anarcat  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29400   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gaba):

 thanks!

 There are a few blockers (from network team people) about this migration:

 1) ticket number preservation

 They want to not have collition between trac ticket numbers and gitlab
 issue numbers. That would mean to have new numbers for new tickets when
 starting to use gitlab officially.

 2) add all tickets (including closed ones)

 They want to have ALL tickets from trac in gitlab to preserve the history
 of Tor in one place.

 3) get all info from each ticket into an issue (including comments in the
 trac ticket addded as a 'trac user' to the gitlab issue)

 This would mean to have each comment from each trac ticket as a comment in
 the gitlab issue. The possible solution would be to have a 'trac user' in
 gitlab that is the one making all the comments that are being migrated
 from trac.



 If we are including this 3 points in the migration then we do not need to
 archive trac and it could be decomission once the migration is complete.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31065 [Applications/Tor Browser]: Set network.proxy.allow_hijacking_localhost to true

[Tor Bug Tracker & Wiki]

#31065: Set network.proxy.allow_hijacking_localhost to true
-+-
 Reporter:  acat |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff68-esr, tbb-9.0-must-alpha,|  Actual Points:  0.05
  TorBrowserTeam201909R  |
Parent ID:   | Points:  0.25
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by acat):

 * actualpoints:   => 0.05


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31598 [Applications/Tor Browser]: Properly enable letterboxing (again)

[Tor Bug Tracker & Wiki]

#31598: Properly enable letterboxing (again)
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  TorBrowserTeam201909R, tbb-9.0   |  Actual Points:  0.2
  -must-alpha|
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
-+-
Changes (by acat):

 * actualpoints:   => 0.2


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31562 [Applications/Tor Browser]: The circuit display is not visible on error pages in Tor Browser based on ESR68

[Tor Bug Tracker & Wiki]

#31562: The circuit display is not visible on error pages in Tor Browser based 
on
ESR68
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff68-esr, TorBrowserTeam201909R, |  Actual Points:  0.5
  tbb-9.0-must-alpha |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by acat):

 * actualpoints:   => 0.5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28822 [Applications/Tor Browser]: re-implement desktop onboarding for ESR 68

[Tor Bug Tracker & Wiki]

#28822: re-implement desktop onboarding for ESR 68
-+-
 Reporter:  mcs  |  Owner:  tbb-team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff68-esr, TorBrowserTeam201909R  |  Actual Points:  5
Parent ID:  #30429   | Points:  4
 Reviewer:   |Sponsor:
 |  Sponsor44-can
-+-
Changes (by acat):

 * actualpoints:   => 5


Comment:

 I don't remember exactly, since the first patch was done 3 months ago. If
 we include the regressions and addressing the review comments that had to
 be done later I would say something like 5.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by eighthave):

 Tthe basic idea is to make an Android-native TorService, which is a
 subclass of android.app.Service and loads tor daemon as a shared library,
 and starts it via JNI methods.  This should be pretty close to how iOS
 apps use tor.  Then that TorService should then plug into Orbot, Tor
 Browser, Briar, etc.  Then based on that,  I'll make a standalone, dead
 simple "TorServices" app that only provides Tor.  No PTs, HSs, etc., just
 a tor daemon linked in as a shared library, providing a SOCKS and HTTP
 CONNECT proxy via tor.  So I won't really be working on the control port
 stuff at all.

 Then I'll be working on the apps choosing which tor provider to use, since
 we'll have a new TorServices, super minimal app, so apps that don't
 include Tor will have to figure out how to use Orbot and/or TorServices.
 Then that work will hopefully be extended into sharing tor between apps,
 e.g. letting Briar, Tor Browser, etc share the tor SOCKS proxy to other
 apps that want to use it.  That would happen via Android mechanisms like
 Intents to manage the discovery of SOCKS ports.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201909  |  Actual Points:
Parent ID:  | Points:  2
 Reviewer:  |Sponsor:
+--

Comment (by mcs):

 Replying to [comment:50 gk]:
 > Okay, here comes the zipped up .app dir:
 >
 > https://people.torproject.org/~gk/testbuilds/tbb-30126.zip
 > https://people.torproject.org/~gk/testbuilds/tbb-30126.zip.asc

 Using this results in the same behavior (works fine on macOS 10.14.6,
 Gatekeeper error on 10.15 beta).

 > When I unzip the archive after doing all the codesigning things I just
 end up with a `Contents` folder. I need to (re-)create `Tor Browser.app`
 and move that one into it. Not sure whether that's expected. Another thing
 I probably did differently: I looked at the `codesign.bash` file in
 security/mac/hardenedruntime and used an adapted
 > `ditto -c -k "${BUNDLE}" "${OUTPUT_ZIP_FILE}"` for zipping the bundle up
 after signing but before notarization.

 What did you submit to Apple? As described in comment:11, Kathy and I ran
 the codesign command on `Tor Browser.app` and then we created a .zip that
 contained `Tor Browser.app`, which we then submitted via the `xcrun altool
 --notarize-app ...` command.

 But I just realized there is a much bigger difference between what you are
 doing and our earlier experiments: because we did not have ESR68 macOS
 builds at that time, Kathy and I used an ESR60-based nightly build. We
 will try to re-create our experiment using a current nightly build.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24653 [Applications/Tor Browser]: Apply security slider improvements made on desktop back to mobile

[Tor Bug Tracker & Wiki]

#24653: Apply security slider improvements made on desktop back to mobile
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-torbutton, tbb-  |  Actual Points:
  security-slider, tbb-parity,   |
  TorBrowserTeam201909, TorBrowserTeam201909R|
Parent ID:  #10760   | Points:  0.25
 Reviewer:   |Sponsor:
-+-
Changes (by acat):

 * keywords:
 tbb-mobile, tbb-torbutton, tbb-security-slider, tbb-parity,
 TorBrowserTeam201909, TorBrowserTeam201909
 =>
 tbb-mobile, tbb-torbutton, tbb-security-slider, tbb-parity,
 TorBrowserTeam201909, TorBrowserTeam201909R
 * status:  needs_revision => needs_review


Comment:

 Revised torbutton patch in
 https://github.com/acatarineu/torbutton/commits/24653+1 (last two
 commits). Besides the requested changes, I updated strings again and
 rebased to current master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30169 [Applications/Tor Browser]: Create repos on our infrastructure for TOPL related code

[Tor Bug Tracker & Wiki]

#30169: Create repos on our infrastructure for TOPL related code
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-8.5, |  Actual Points:
  TorBrowserTeam201905   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:5 eighthave]:
 > Is TOPL used in Tor Browser at all?  Or is the idea to make official Tor
 releases of TOPL?  I'm wondering how much effort I should put into getting
 this new `TorService` integrated into TOPL.  I don't think @n8fr8 has
 plans to integrate TOPL into Orbot.  (`TorService` is the new Android
 `Service` that I'm working on for Orbot and ''tor-android-service'').

 tor-android-service uses TOPL so yes its included in the Android version
 of Tor Browser, not the desktop version. TOPL contains code that is common
 to desktop (JAVA) and Android, with abstractions that can be extended for
 each platform.

 I'm unsure on what the scope of the TorService you are working on. Is it
 bootstrap of tor? Installation? Configuration of torrc?  Does it include
 tor control connection management?

 There is not a strict requirement to use TOPL for Android. TOPL does
 contain a fair amount of code that an Android service needs to use and
 manage tor. So I guess it depends on the scope of TorService as to what it
 can replace.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201909  |  Actual Points:
Parent ID:  | Points:  2
 Reviewer:  |Sponsor:
+--

Comment (by gk):

 Okay, here comes the zipped up .app dir:

 https://people.torproject.org/~gk/testbuilds/tbb-30126.zip
 https://people.torproject.org/~gk/testbuilds/tbb-30126.zip.asc

 When I unzip the archive after doing all the codesigning things I just end
 up with a `Contents` folder. I need to (re-)create `Tor Browser.app` and
 move that one into it. Not sure whether that's expected. Another thing I
 probably did differently: I looked at the `codesign.bash` file in
 security/mac/hardenedruntime and used an adapted
 `ditto -c -k "${BUNDLE}" "${OUTPUT_ZIP_FILE}"` for zipping the bundle up
 after signing but before notarization.

 Other than that I don't know.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31691 [Applications/Tor Browser]: Go ldflags should set static build ID

[Tor Bug Tracker & Wiki]

#31691: Go ldflags should set static build ID
--+--
 Reporter:  JeremyRand|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by JeremyRand):

 Let me know if you'd like me to code up a patch for this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31691 [Applications/Tor Browser]: Go ldflags should set static build ID

[Tor Bug Tracker & Wiki]

#31691: Go ldflags should set static build ID
+--
 Reporter:  JeremyRand  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Component:  Applications/Tor Browser
  Version:  |   Severity:  Normal
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
 The Go linker includes a build ID by default, which is sometimes
 nonreproducible.  This should be fixed by changing the value of `ldflags`
 in `tor-browser-build` from the current `'-s'` to `'-s -buildid='` (which
 sets the build ID to an empty string).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31552 [Core Tor/Tor]: --disable-module-dirauth broken (missing symbols)

[Tor Bug Tracker & Wiki]

#31552: --disable-module-dirauth broken (missing symbols)
-+-
 Reporter:  LarryBitcoin |  Owner:  nickm
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.4.1.5
 Severity:  Normal   | Resolution:
 Keywords:  build, configure, features,  |  Actual Points:  .1
  modules, regression, 041-should, dgoulet-  |
  merge  |
Parent ID:   | Points:
 Reviewer:  catalyst |Sponsor:
 |  Sponsor31-can
-+-
Changes (by nickm):

 * keywords:  build, configure, features, modules, regression, 041-should =>
 build, configure, features, modules, regression, 041-should, dgoulet-
 merge


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30857 [Internal Services/Services Admin Team]: migrate (some projects? everything?) from trac to gitlab

[Tor Bug Tracker & Wiki]

#30857: migrate (some projects? everything?) from trac to gitlab
-+-
 Reporter:  anarcat  |  Owner:  (none)
 Type:  project  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:  #29400   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 FWIW, I created a subticket for the trac archival questions, which are
 relevant regardless of whether we switch to gitlab or not, see #31690.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31689 [Applications/Tor Browser]: Upgrade go to 1.13+

[Tor Bug Tracker & Wiki]

#31689: Upgrade go to 1.13+
--+--
 Reporter:  JeremyRand|  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by JeremyRand):

 Are there any expected compatibility issues from upgrading to Go 1.13, or
 should it just be as simple as bumping the version number in the `go`
 project config?  If the latter, I'm happy to code up a patch for this one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31690 [Internal Services/Service - trac]: study trac.torproject.org archival possibilities

[Tor Bug Tracker & Wiki]

#31690: study trac.torproject.org archival possibilities
--+
 Reporter:  anarcat   |  Owner:  qbi
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #30857
   Points:|   Reviewer:
  Sponsor:|
--+
 this is a split out of #30857 to discuss specifically the question of
 if/how to archive trac.torproject.org.

 As mentioned in that ticket, there are a few options on how to deal with
 trac, provided we have another system we want to use:

  1. '''the golden redirect set''': every migrated ticket and wiki page has
 a corresponding ticket/wiki page in GitLab and a gigantic set of
 redirection rules makes sure they are mapped correctly. probably
 impractical, but solves the maintenance problem possibly forever.

  2. '''read-only Trac''': user creation is disabled and existing users are
 locked from making any change to the site. only a temporary or
 intermediate measure.

  3. '''fossilization''': Trac is turned into a static HTML site that can
 be mirrored like any other site. can be a long term solution and a good
 compromise with a possibly impossible to design and therefore failing
 (because incomplete) set of redirection rules.

  4. '''destruction''': we hate the web and pretend link rot is not a
 problem and just get rid of the old site, assuming everything is migrated
 and people will find their stuff eventually. probably not an option.

 == Archive team work

 With my archive team hat, I was able to coordinate a first archival of the
 website during the summer of 2019, as documented in #30857. This is an
 attempt at doing "3. '''fossilization'''".

 All those jobs end up populating the wayback machine at web.archive.org,
 but are also available as WARC files, an archival format for web pages.

 A first archival of all tickets up to #30856 has been performed here:

 https://archive.fart.website/archivebot/viewer/job/5vytc

 It's about 600MB of compressed HTML (more or less).

 Then a full archival job of the entire site was performed here:

 https://archive.fart.website/archivebot/viewer/job/bpu6j

 It created about 10GB of WARC files, crawled over 730,000 links (including
 external sites linked from Trac) and 105.34GiB of data. It took over 5
 days:

 {{{
 2019-06-17 01:49:02,514 - wpull.application.tasks.stats - INFO - Duration:
 5 days, 7:32:55. Speed: 0.0 B/s.
 2019-06-17 01:49:02,514 - wpull.application.tasks.stats - INFO -
 Downloaded: 732488 files, 105.4 GiB.
 }}}

 == Other statistics

 Archiving the server itself means dealing with:

  * ~1GB of attachments
  * 4GB PostgreSQL database

 The actual server uses around 25GB of disk space because of random junk
 here and there but that's the very minimum it can be trimmed down to.
 naturally, we can keep *that* data forever, the problem is keeping the app
 running on top of that... That would be some incarnation of "4.
 '''destruction'''".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31689 [Applications/Tor Browser]: Upgrade go to 1.13+

[Tor Bug Tracker & Wiki]

#31689: Upgrade go to 1.13+
+--
 Reporter:  JeremyRand  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Medium  |  Component:  Applications/Tor Browser
  Version:  |   Severity:  Normal
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
 Go should be upgraded to 1.13 or higher; this is a prerequisite to
 http://ea5faa5po25cf7fb.onion/projects/tor/ticket/31688 .

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31688 [Applications/Tor Browser]: go build/install should pass -trimpath flag

[Tor Bug Tracker & Wiki]

#31688: go build/install should pass -trimpath flag
+--
 Reporter:  JeremyRand  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Component:  Applications/Tor Browser
  Version:  |   Severity:  Normal
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
 Go 1.13 added a `-trimpath` flag to `go build` and `go install`, which
 removes all filesystem paths from the compiled executable.  This fixes
 some reproducible build issues.  To ensure optimal build reproducibility,
 `tor-browser-build` should pass `-trimpath` when building Go projects.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31264 [Applications/rbm]: tar.gz output files contain nonreproducible timestamps

[Tor Bug Tracker & Wiki]

#31264: tar.gz output files contain nonreproducible timestamps
---+--
 Reporter:  JeremyRand |  Owner:  boklm
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Applications/rbm   |Version:
 Severity:  Normal | Resolution:
 Keywords:  TorBrowserTeam201909R  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by JeremyRand):

 >  Probably a not very common use-case, but maybe some day someone will
 want to set gzip options this way, so that might be useful. Please update
 the patch with this change if you think that's useful.

 Done; updated patch at https://notabug.org/JeremyRand/rbm/src/gzip-
 timestamps , Git commit hash `5a41aae4a0d745f74b675d3c9c142b3d5fb3ca09`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

[Tor Bug Tracker & Wiki]

#30126: Make Tor Browser on macOS compatible with Apple's notarization
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  task| Status:  new
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201909  |  Actual Points:
Parent ID:  | Points:  2
 Reviewer:  |Sponsor:
+--
Changes (by mcs):

 * Attachment "GatekeeperError.png" added.

 macOS 10.15 Gatekeeper error alert

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs