Re: [tor-bugs] #33336 [Circumvention/Snowflake]: Trial deployment of Snowflake with Turbo Tunnel

2020-02-26 Thread Tor Bug Tracker & Wiki 
#6: Trial deployment of Snowflake with Turbo Tunnel
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  task | Status:  accepted
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  turbotunnel  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by dcf):

 Replying to [comment:20 arma]:
 > I browsed for a while. It worked fine. I disabled my wireless on the
 laptop,

 You have a knack for thinking of interesting tests :) Killing the wireless
 would not only break the WebRTC connection to the proxy, it would also
 prevent snowflake-client from contacting the broker to get a new one. But
 my guess is that it should handle even this gracefully, attempting every
 10 seconds to contact the broker until it starts working again.

 {{{
 Feb 25 14:36:24.457 [notice] Closing OR conn. Considering blaming guard.
 }}}
 {{{
 2020/02/25 14:36:24 copying WebRTC to SOCKS resulted in error: write tcp
 [scrubbed]->[scrubbed]: write: broken pipe
 2020/02/25 14:36:24 WebRTC: closing DataChannel
 2020/02/25 14:36:24 WebRTC: closing PeerConnection
 2020/02/25 14:36:24 Error writing to SOCKS pipe
 }}}

 What I see here is tor closing its SOCKS connection to snowflake-client,
 and snowflake-client noticing the closed connection and tearing down its
 own proxy connection. That part all looks fine.

 {{{
 Feb 25 14:36:24.458 [warn] Pluggable Transport process terminated with
 status code 512
 }}}

 The weird part is that in the same second the snowflake-client process is
 terminated. It's an abnormal termination; otherwise you would see another
 log line with
 
[https://gitweb.torproject.org/user/dcf/snowflake.git/tree/client/snowflake.go?h=turbotunnel=47312dd1eccc8456652853bd66f8ed396e9ba6ec#n215
 ""snowflake is done""]. Failure to write to the SOCKS connection shouldn't
 cause snowflake-client to exit anyway; its
 
[https://gitweb.torproject.org/user/dcf/snowflake.git/tree/client/snowflake.go?h=turbotunnel=47312dd1eccc8456652853bd66f8ed396e9ba6ec#n48
 socksAcceptLoop] function should keep running and accepting new SOCKS
 connections.

 Two possible explanations for what's happening are
 1. snowflake-client is panicking or crashing in an uncontrolled way.
 2. tor is killing snowflake-client rather than signaling it to exit
 gracefully.

 In case (1), I would expect a stack trace to make its way into the tor log
 via tor's PT stderr handler. Is there anything in the "Closing OR conn"
 code path that would make tor kill the PT process?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Disable downloadable fonts on Safest security level

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Disable downloadable fonts on Safest security level
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam202002  |  Actual Points:
Parent ID:| Points:
 Reviewer:  acat  |Sponsor:
--+--

Comment (by Thorin):

 I don't necessarily agree with this approach. At some stage safest is
 going to become practically useless. Downloadable fonts are often used for
 glyphs/icons (although it's only visual and usually users can intuitively
 tell what the tofu means). This is not something obscure like graphite.

 > What is a malicious font?

 sysrqb: you kinda jested, but I'm asking in earnest. Can you point me at
 any documentation?

 > it might be safest to prevent the parsing of "application" data at the
 CSS level

 This seems like the better approach (and to confirm no other types can be
 downloaded via this method and exploited). Can a downloadable font used by
 this method do anything more than one than isn't?

 I'm not an expert on data URIs, but my understanding is that security
 threats from this are (probably) already mitigated by Mozilla upstream -
 so I'm seriously asking why this needs to be done, or at least some
 discussion / clarity around it

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Disable downloadable fonts on Safest security level

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Disable downloadable fonts on Safest security level
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam202002  |  Actual Points:
Parent ID:| Points:
 Reviewer:  acat  |Sponsor:
--+--

Comment (by dcent):

 Good to see this is being addressed.

 It might be advantageous to determine what Firefox allows as application
 data when parsing urls in CSS. Is it only fonts or are other things that
 can draw to the screen permitted eg. svgs (which are also not permitted in
 Tor), other media etc.

 If so it might be safest to prevent the parsing of "application" data at
 the CSS level?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31984 [Applications/Tor Browser]: TB 9.x partial update: unable to remove directory: tobedeleted

2020-02-26 Thread Tor Bug Tracker & Wiki 
#31984: TB 9.x partial update: unable to remove directory: tobedeleted
-+-
 Reporter:  mcs  |  Owner:  brade
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  not a
 Keywords:  tbb-9.0, tbb-update, |  bug
  TorBrowserTeam202002   |  Actual Points:  0.25
Parent ID:   | Points:  1.0
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Your hack seems to be a little bit dirty ;) But it is a good item for
 upstreaming to make `updater.exe` portable again :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites

2020-02-26 Thread Tor Bug Tracker & Wiki 
#13410: Disable self-signed certificate warnings when visiting .onion sites
+--
 Reporter:  tom |  Owner:  pospeselr
 Type:  defect  | Status:  needs_review
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam202002R  |  Actual Points:
Parent ID:  #30025  | Points:
 Reviewer:  |Sponsor:
|  Sponsor27-must
+--

Comment (by cypherpunks):

 comment:26

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32992 [Applications/Tor Browser]: TBB Project for LZMA

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32992: TBB Project for LZMA
-+-
 Reporter:  sisbell  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:10 boklm]:
 > Replying to [comment:7 sisbell]:
 >
 > >
 > > And then building the project, I get an error
 > >
 > > {{{
 > > Error: v5.2.4 is not a signed tag
 > > }}}
 > >
 > > Any ideas on what is going wrong?
 > >
 >
 > I have no idea what's going wrong. Do you have a branch with the changes
 you tried so I can investigate the issue?
 I created a branch with the key and config that I was using when I
 encountered the errors. I'll do some more testing as well on this

 https://github.com/sisbell/tor-browser-build/commits/bug-32992a

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites

2020-02-26 Thread Tor Bug Tracker & Wiki 
#13410: Disable self-signed certificate warnings when visiting .onion sites
+--
 Reporter:  tom |  Owner:  pospeselr
 Type:  defect  | Status:  needs_review
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam202002R  |  Actual Points:
Parent ID:  #30025  | Points:
 Reviewer:  |Sponsor:
|  Sponsor27-must
+--

Comment (by cypherpunks):

 comment:16

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Disable downloadable fonts on Safest security level

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Disable downloadable fonts on Safest security level
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam202002  |  Actual Points:
Parent ID:| Points:
 Reviewer:  acat  |Sponsor:
--+--

Comment (by cypherpunks):

 `TorBrowserTeam202002R`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32621 [Core Tor/Tor]: Add automated checks to make sure man page options stay in alphabetical order

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32621: Add automated checks to make sure man page options stay in alphabetical
order
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  documentation tor-client manpage |  Actual Points:
  easy 043-can   |
Parent ID:  #4310| Points:  1
 Reviewer:   |Sponsor:
-+-

Comment (by atagar):

 Hi teor. Sorry, unsure I follow - if a stem integ test it would be
 included under tor's stem testing target. Alphabetisation doesn't seem
 critical enough to warrant the hassle of a pre-commit hook but up to you
 folks.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32614 [Core Tor/Tor]: hs-v3: Consider flagging an intro point as bad if rendezvous fails multiple times

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32614: hs-v3: Consider flagging an intro point as bad if rendezvous fails 
multiple
times
-+
 Reporter:  dgoulet  |  Owner:  neel
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-circuit, tor-hs  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:  dgoulet  |Sponsor:  Sponsor27-can
-+

Comment (by neel):

 Also, I did not see your comment

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32614 [Core Tor/Tor]: hs-v3: Consider flagging an intro point as bad if rendezvous fails multiple times

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32614: hs-v3: Consider flagging an intro point as bad if rendezvous fails 
multiple
times
-+
 Reporter:  dgoulet  |  Owner:  neel
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-circuit, tor-hs  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:  dgoulet  |Sponsor:  Sponsor27-can
-+

Comment (by neel):

 Sorry for the delay.

 I have extended the ticket changes writeup in a fixup commit.

 I do not have tests, I don't know of any test that calls
 `hs_client_circuit_cleanup_on_free()`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33464 [Circumvention/Obfs4]: ed25519 has been removed by maintainer, breaking obfs4 builds and go gets

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33464: ed25519 has been removed by maintainer, breaking obfs4 builds and go 
gets
+-
 Reporter:  markness@…  |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Component:  Circumvention/Obfs4
  Version:  |   Severity:  Major
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-
 As of 2020-02-26 the maintainer of https://github.com/agl/ed25519/ has
 removed all their code, their releases, and everything to do with their
 ed25519 project.

 This means building projects that import that module, without having the
 module in an old go `vendor` directory fail.

go get -v git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy
package github.com/agl/ed25519/extra25519: cannot find package
 "github.com/agl/ed25519/extra25519"

 As such this project cannot be built or included by anything that fetches
 it with `go get`

 I'm not sure if this library is imported anywhere else, but it certainly
 is used in obfs4

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24093 [HTTPS Everywhere/HTTPS Everywhere: Chrome]: How To Download Tor Browser?

2020-02-26 Thread Tor Bug Tracker & Wiki 
#24093: How To Download Tor Browser?
-+-
 Reporter:  liamrandall  |  Owner:  jsha
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
 |  Torbutton: 1.4
Component:  HTTPS Everywhere/HTTPS Everywhere:   |Version:  Tor:
  Chrome |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  assignment writing, assignment   |  worksforme
  help, PHP assignment, assignment writing   |  Actual Points:
  service, best assignment writing services  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by jaffaoiskova666):

 Hey im oliver harkimo id like to order 2g best a-php 2g best heroin 2g
 ice(meth)
 My adress is sipoonranta 12, a6
 01120 västerskog

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33463 [Core Tor/Tor]: Correct spacing in dns_launch_correctness_checks()

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33463: Correct spacing in dns_launch_correctness_checks()
--+
 Reporter:  neel  |  Owner:  neel
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by neel):

 * status:  assigned => needs_revision


Comment:

 PR: https://github.com/torproject/tor/pull/1772

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33463 [Core Tor/Tor]: Correct spacing in dns_launch_correctness_checks()

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33463: Correct spacing in dns_launch_correctness_checks()
--+--
 Reporter:  neel  |  Owner:  neel
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  easy
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites

2020-02-26 Thread Tor Bug Tracker & Wiki 
#13410: Disable self-signed certificate warnings when visiting .onion sites
+--
 Reporter:  tom |  Owner:  pospeselr
 Type:  defect  | Status:  needs_review
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam202002R  |  Actual Points:
Parent ID:  #30025  | Points:
 Reviewer:  |Sponsor:
|  Sponsor27-must
+--

Comment (by pospeselr):

 Filed a ticket requesting review:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1618382

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33375 [Core Tor/Tor]: Stop advertising an IPv6 exit policy when DNS is broken for IPv6

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33375: Stop advertising an IPv6 exit policy when DNS is broken for IPv6
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.9.14
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-client, tor-exit, tor-dns  |  Actual Points:
Parent ID:  #24833   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * status:  assigned => needs_review


Comment:

 PR: https://github.com/torproject/tor/pull/1771

 There is no test, but I didn't find tests for the existing "is DNS broken"
 code either.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33043 [Core Tor/Tor]: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33043: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour
-+
 Reporter:  teor |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #33048   | Points:
 Reviewer:   |Sponsor:  Sponsor55-can
-+
Changes (by neel):

 * status:  assigned => new


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33043 [Core Tor/Tor]: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33043: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour
-+
 Reporter:  teor |  Owner:  (none)
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #33048   | Points:
 Reviewer:   |Sponsor:  Sponsor55-can
-+
Changes (by neel):

 * owner:  neel => (none)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33043 [Core Tor/Tor]: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33043: Prop 306: Keep bridge IPv6 behaviour in sync with client behaviour
-+
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:
Parent ID:  #33048   | Points:
 Reviewer:   |Sponsor:  Sponsor55-can
-+
Changes (by neel):

 * status:  new => assigned
 * owner:  (none) => neel


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33375 [Core Tor/Tor]: Stop advertising an IPv6 exit policy when DNS is broken for IPv6

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33375: Stop advertising an IPv6 exit policy when DNS is broken for IPv6
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.9.14
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-client, tor-exit, tor-dns  |  Actual Points:
Parent ID:  #24833   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * owner:  (none) => neel
 * status:  new => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27446 [Core Tor/Tor]: hs: Report configuration error on the control port

2020-02-26 Thread Tor Bug Tracker & Wiki 
#27446: hs: Report configuration error on the control port
--+--
 Reporter:  atagar|  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:
 Keywords:  tor-hs|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by neel):

 * cc: neel (removed)
 * status:  assigned => new


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27446 [Core Tor/Tor]: hs: Report configuration error on the control port

2020-02-26 Thread Tor Bug Tracker & Wiki 
#27446: hs: Report configuration error on the control port
--+--
 Reporter:  atagar|  Owner:  (none)
 Type:  defect| Status:  assigned
 Priority:  Low   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:
 Keywords:  tor-hs|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by neel):

 * owner:  neel => (none)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites

2020-02-26 Thread Tor Bug Tracker & Wiki 
#13410: Disable self-signed certificate warnings when visiting .onion sites
+--
 Reporter:  tom |  Owner:  pospeselr
 Type:  defect  | Status:  needs_review
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam202002R  |  Actual Points:
Parent ID:  #30025  | Points:
 Reviewer:  |Sponsor:
|  Sponsor27-must
+--

Comment (by tom):

 I would be inclined to but this up on bugzilla and ask dkeeler for
 review

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  accepted => closed
 * resolution:   => fixed


Comment:

 after another commit for indexes, seems like all is well. actually open a
 new ticket for next config changes. i think we can consider this VM has
 been properly created now, and the rest is routine service launch fine-
 tuning. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites

2020-02-26 Thread Tor Bug Tracker & Wiki 
#13410: Disable self-signed certificate warnings when visiting .onion sites
+--
 Reporter:  tom |  Owner:  pospeselr
 Type:  defect  | Status:  needs_review
 Priority:  Very High   |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ux-team, TorBrowserTeam202002R  |  Actual Points:
Parent ID:  #30025  | Points:
 Reviewer:  |Sponsor:
|  Sponsor27-must
+--
Changes (by pospeselr):

 * keywords:  ux-team => ux-team, TorBrowserTeam202002R
 * status:  assigned => needs_review


Comment:

 A surprisingly small patch seems to work for the scenarios we care about,
 and does nothing to the existing vanilla HTTPS website handling.

 Scenarios tested:

 || Scenario Name || Result ||
 || HTTP Onion || Onion Icon ||
 || HTTPS Onion Self-Signed || Onion Icon ||
 || HTTPS Onion Unknown CA || Onion Icon ||
 || HTTPS Onion EV || Onion Icon + EV Name ||
 || HTTPS Onion Wrong Domain || Onion Warning Icon, Warning Splash Screen
 ||
 || HTTPS Onion Expired Self-Signed Cert || Onion Warning Icon, Warning
 Splash Screen ||
 || HTTP(S) Onion + HTTP Script || Onion Slash Icon ||
 || HTTP(S) Onion + HTTP Content || Onion Warning Icon ||
 || HTTP(S) Onion + HTTPS Content || Onion Icon ||
 || HTTPS Onion + HTTP Form || Onion Ion + Warning Popup on Form Submit ||

 HTTP Onion + HTTP Form does not give the warning popup and is tracked to
 be fixed in #33298

 tor-browser: https://gitweb.torproject.org/user/richard/tor-
 browser.git/commit/?h=bug_13410_v1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  reopened => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by irl):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Next issues...

 Please install the tor package from deb.torproject.org and keep it up to
 date, but disable the system service (i.e. have the binary available in
 the path but don't run it). I had a reusable ansible role for this so it
 wasn't in the notes when I looked at the host specific setup and I missed
 it.

 The apache vhost has the lists directory under /srv/check, but it needs to
 be under /srv/tordnsel. The scanner service writes it, check just reads
 it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32620 [Core Tor/Tor]: Put man page options in smaller sections

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32620: Put man page options in smaller sections
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  documentation tor-client manpage |  Actual Points:
  043-can|
Parent ID:  #4310| Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 It's fine by me if we think it's done!  If we decide later on that we want
 even smaller sections or something, we can always open a new ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33437 [Core Tor/Tor]: Unsuccessful compilation of tor on FreeBSD system with libssl.so.11

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33437: Unsuccessful compilation of tor on FreeBSD system with libssl.so.11
-+-
 Reporter:  stillicide   |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:  0.4.2.6
 Severity:  Normal   | Resolution:
 Keywords:  FreeBSD, openssl, 043-backport   |  Actual Points:
  042-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 Hi!  To help debug this, some more info could be helpful.

 First off, can we get the result of running "make V=1" so that we see the
 exact command line that is failing?

 Second, can we get the results of "make V=1" and the config.log from the
 case that _succeeds_, so we can see a bit more about what is different
 between the two cases?

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33437 [Core Tor/Tor]: Unsuccessful compilation of tor on FreeBSD system with libssl.so.11

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33437: Unsuccessful compilation of tor on FreeBSD system with libssl.so.11
-+-
 Reporter:  stillicide   |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:  0.4.2.6
 Severity:  Normal   | Resolution:
 Keywords:  FreeBSD, openssl, 043-backport   |  Actual Points:
  042-backport   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  new => needs_information


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24857 [Core Tor/Tor]: Tor uses 100% CPU when accessing the cache directory on Windows

2020-02-26 Thread Tor Bug Tracker & Wiki 
#24857: Tor uses 100% CPU when accessing the cache directory on Windows
-+-
 Reporter:  Eugene646|  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.9
 Severity:  Normal   | Resolution:
 Keywords:  044-should, cpu, windows, linux, |  Actual Points:
  performance, regression, 033-triage-20180326,  |
  033-removed-20180326, 034-deferred-20180602,   |
  035-removed-20180711, 032-unreached-backport,  |
  040-roadmap-proposed, 033-unreached-backport-  |
  maybe, network-health  |
Parent ID:  #25500   | Points:  2
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * priority:  Medium => High
 * status:  needs_revision => new


Comment:

 I'm calling this "new" -- needs_revisions is misleading.  Though there is
 a plausible outline above for what should go into a patch, there is not
 actually a patch for somebody to revise IIUC

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33206 [Metrics/Library]: Parse recently added lines

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33206: Parse recently added lines
-+--
 Reporter:  karsten  |  Owner:  karsten
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:  1
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:
-+--
Changes (by karsten):

 * status:  needs_information => needs_review
 * actualpoints:   => 1


Comment:

 With #33205 out of the way, please review
 [https://gitweb.torproject.org/user/karsten/metrics-
 lib.git/commit/?h=task-33206=81570c4dbc097089f367c104c7ef5a77bee29763
 commit 81570c4 in my task-33206 branch].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33346 [Core Tor/Tor]: Seccomp soft fail (no write) in 0.4.2.6

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33346: Seccomp soft fail (no write) in 0.4.2.6
-+-
 Reporter:  subjectfrosting  |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:  0.4.2.6
 Severity:  Normal   | Resolution:
 Keywords:  easy? 035-backport 041-backport  |  Actual Points:  .1
  042-backport 043-backport  |
Parent ID:   | Points:  .1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  accepted => needs_review
 * actualpoints:   => .1


Comment:

 I've made a patch in `ticket33346_035`, and appropriate merge-forward
 branches.

 The merge forward is clean, so all branches but the first are just for CI.
   * ticket33346_035 PR: https://github.com/torproject/tor/pull/1766
   * ticket33346_041 PR: https://github.com/torproject/tor/pull/1767
   * ticket33346_042 PR: https://github.com/torproject/tor/pull/1768
   * ticket33346_043 PR: https://github.com/torproject/tor/pull/1769
   * ticket33346_master PR: https://github.com/torproject/tor/pull/1770

 subjectfrosting, does the patch in these branches solve the issue for you?
 And if so, does it expose any other issues? :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32437 [Applications/Tor Browser]: Include wasi-libc project into tor-browser-build

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32437: Include wasi-libc project into tor-browser-build
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-security, GeorgKoppen202001, |  Actual Points:
  TorBrowserTeam202002R  |
Parent ID:  #32434   | Points:
 Reviewer:  boklm|Sponsor:
-+-
Changes (by boklm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 The patch in branch `gk/bug_32389_v5` looks good to me. I merged it to
 master as commit e8574bbde076ba917f4d3fd3e71c6c7ee10716c4.

 I also opened #33462 as I see we added one more place where we need a cc
 -> gcc symlink.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33462 [Applications/Tor Browser]: Add cc -> gcc symlink to projects/gcc/build

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33462: Add cc -> gcc symlink to projects/gcc/build
-+-
 Reporter:  boklm|  Owner:  tbb-team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-rbm,
 Severity:  Normal   |  TorBrowserTeam202002
Actual Points:   |  Parent ID:
   Points:  .1   |   Reviewer:
  Sponsor:   |
-+-
 I see that we create a cc -> gcc symlink in different places: nasm, node,
 clang, wasi-sysroot.

 I think we can create the symlink in the build of gcc, so we don't have to
 create it in different places.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33346 [Core Tor/Tor]: Seccomp soft fail (no write) in 0.4.2.6

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33346: Seccomp soft fail (no write) in 0.4.2.6
-+-
 Reporter:  subjectfrosting  |  Owner:  nickm
 Type:  defect   | Status:
 |  accepted
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:  0.4.2.6
 Severity:  Normal   | Resolution:
 Keywords:  easy? 035-backport 041-backport  |  Actual Points:
  042-backport 043-backport  |
Parent ID:   | Points:  .1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:   => easy? 035-backport 041-backport 042-backport 043-backport
 * owner:  (none) => nickm
 * points:   => .1
 * status:  new => accepted
 * milestone:   => Tor: 0.4.4.x-final


Comment:

 Hm. Specifically it looks like the unlinkat() syscall is failing, which
 isn't in our listed syscalls. I guess your libc uses unlinkat() when we
 would have expected unlink().

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  reopened => closed
 * resolution:   => fixed


Comment:

 enabled linger on check as well. also added sudo permissions for both
 users (from groups) and tweaked the home layout to be identical.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33460 [Core Tor/Tor]: confmgt: include variable name in all complaints.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33460: confmgt: include variable name in all complaints.
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ui, ux, ui-regression 043-may??  |  Actual Points:  .1
  043-backport   |
Parent ID:  #33014   | Points:  .1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * status:  assigned => needs_review


Comment:

 See branch `ticket33460_043` with PR at
 https://github.com/torproject/tor/pull/1765 .

 The new error message for the case in the ticket description is `Could not
 parse UseBridges: Unrecognized value 99. Allowed values are 0 and 1.`

 This branch is against 0.4.3 but merges cleanly to master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33460 [Core Tor/Tor]: confmgt: include variable name in all complaints.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33460: confmgt: include variable name in all complaints.
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ui, ux, ui-regression 043-may??  |  Actual Points:  .1
  043-backport   |
Parent ID:  #33014   | Points:  .1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  ui, ux, ui-regression 043-may?? => ui, ux, ui-regression
 043-may?? 043-backport
 * milestone:  Tor: 0.4.3.x-final => Tor: 0.4.4.x-final
 * actualpoints:   => .1


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33460 [Core Tor/Tor]: confmgt: include variable name in all complaints.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33460: confmgt: include variable name in all complaints.
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ui, ux, ui-regression 043-may??  |  Actual Points:
Parent ID:  #33014   | Points:  .1
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * parent:   => #33014


Comment:

 This is needed to avoid a usability regression on #33014.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33461 [Circumvention/Obfs4]: Multiarch docker obfs4 bridge

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33461: Multiarch docker obfs4 bridge
--+
 Reporter:  thymbahutymba |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Component:
  |  Circumvention/Obfs4
  Version:|   Severity:  Normal
 Keywords:  docker, obfs4, multiarch  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
 Having more images enables the bridge operators to directly pull an image
 instead of modifying the Dockerfile and consequently building that image.
 For example, the supported architectures can be x86_64, aarch64 and arm.
 In order to do so we can have multiple {{{Dockerfile.arch}}} where is used
 https://github.com/multiarch/qemu-user-static in order to build such
 image.

 For example in the Dockerfile.arm file the content should be something
 like:
 {{{
 # Base docker image
 FROM multiarch/qemu-user-static:x86_64-arm as qemu
 FROM arm32v7/debian:buster-slim
 COPY --from=qemu /usr/bin/qemu-arm-static /usr/bin

 # Install remaining dependencies.
 RUN apt-get update && apt-get install -y \
 tor \
 tor-geoipdb \
 obfs4proxy  \
 libcap2-bin \
 --no-install-recommends

 # Allow obfs4proxy to bind to ports < 1024.
 RUN setcap cap_net_bind_service=+ep /usr/bin/obfs4proxy
 RUN setcap cap_net_bind_service=+ep /usr/bin/tor

 # Our torrc is generated at run-time by the script start-tor.sh.
 RUN rm /etc/tor/torrc
 RUN chown debian-tor:debian-tor /etc/tor
 RUN chown debian-tor:debian-tor /var/log/tor

 COPY start-tor.sh /usr/local/bin
 RUN chmod 0755 /usr/local/bin/start-tor.sh

 COPY get-bridge-line /usr/local/bin
 RUN chmod 0755 /usr/local/bin/get-bridge-line

 USER debian-tor

 CMD [ "/usr/local/bin/start-tor.sh" ]
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Disable downloadable fonts on Safest security level

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Disable downloadable fonts on Safest security level
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam202002  |  Actual Points:
Parent ID:| Points:
 Reviewer:  acat  |Sponsor:
--+--
Changes (by sysrqb):

 * status:  new => needs_review
 * reviewer:   => acat


Comment:

 While this is still fresh in my mind: `bug33430_00`

 
https://gitweb.torproject.org/user/sysrqb/torbutton.git/commit/?h=bug33430_00=9e18e7e2a9042976e128f96bddd1d38953512d73

 I verified this works by loading the provided example page on Safer
 (before disabling the pref), I opened the webtools Inspector, I selected
 an element on the page (any of them should work), from the panel on the
 right-side I selected the "fonts" tab, at the bottom of the fonts tab
 there is an "All fonts on page" arrow/toggle (at least in English).
 Clicking this shows all fonts used on the page, and indeed it shows the
 `data:` webfonts.

 After disabling the downloadable_fonts pref, I refreshed the page and
 repeated the above steps. It shows only system fonts were used.

 In parallel, I went code-diving and this seems reasonable.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 and also:

 {{{
 08:12:53 <+irl> anarcat: irl is not allowed to run sudo on check-01.  This
 incident will be reported.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Disable downloadable fonts on Safest security level (was: Fonts can be injected into a website via CSS (as base64 encoded application))

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Disable downloadable fonts on Safest security level
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam202002  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by sysrqb):

 * keywords:   => TorBrowserTeam202002


Comment:

 Thanks for reporting this. While I was partially joking about a "malicious
 font", I did take this seriously. This could be a attack vector, so I dug
 into it a bit and it looks like we can flip
 `gfx.downloadable_fonts.enabled` on Safest and it will ignore webfonts.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28765 [Applications/Tor Browser]: LibEvent Build for Android

2020-02-26 Thread Tor Bug Tracker & Wiki 
#28765: LibEvent Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, tbb-parity, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:  0.25
 Reviewer:  sysrqb, boklm|Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:17 sisbell]:
 > >
 > > By the way in ticket:28704#comment:14 I said this:
 > >
 > > > it seems we could have a var/configure_opt for android in `rbm.conf`
 containing something like `CC=clang --host=[% c("var/host") %] [%
 c("var/configure_opt_project") %]`, where `var/configure_opt_project` is
 defined in each project to define options specific to this project
 > > >
 > > I still think that would be a good idea. If you don't think so, then
 please at least explain why instead of just ignoring comments and not
 doing the changes suggested.
 >
 > I didn't ignore the comment. i previously stated the reason I didn't do
 it and requested more discussion around a solution.

 Ah, indeed, I missed that. Sorry.

 >
 > "There was a suggestion to move some of the fields in configure_opt up
 to  rbm.  OpenSSL doesn't use the same configure_host value as other
 projects so this will require some more discussion if we want to move
 forward with this suggestion."

 I think openssl not using `var/configure_opt` is not a reason for not
 using it in other projects. We are in the same situation on other
 platforms, where we define `var/configure_opt`, and use it in some
 projects, and not in others projects expecting different options like
 openssl.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33216 [Applications/Tor Browser]: Add Android Host and ABI Info to RBM.conf

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33216: Add Android Host and ABI Info to RBM.conf
-+-
 Reporter:  sisbell  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:
 Reviewer:  boklm|Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:6 boklm]:
 > Replying to [comment:3 sisbell]:
 > > I added in a soft link link for libtinfo5 the upgrade to debian caused
 a problem. Otheriwse, commit it the same
 > >
 > > {{{
 > > error while loading shared libraries: libtinfo.so.5: cannot open
 shared object file:
 > > }}}
 > >
 > > https://github.com/sisbell/tor-browser-build/commits/bug-33216
 >
 > Where does this error happen exactly? The update to Debian Buster is
 already merged to master, and it seems we don't have the error.
 >
 > Maybe there is a better fix than linking libtinfo.so.6.1 to
 libtinfo.so.5. Anyway this seems unrelated to `Add Android Host and ABI
 Info to RBM.conf` so I think it should be done in a separate
 commit/ticket.
 Ok open another issue for this and add details.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33460 [Core Tor/Tor]: confmgt: include variable name in all complaints.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33460: confmgt: include variable name in all complaints.
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core |Version:
  Tor/Tor|
 Severity:  Normal   |   Keywords:  ui, ux, ui-regression 043-may??
Actual Points:   |  Parent ID:
   Points:  .1   |   Reviewer:
  Sponsor:   |
-+-
 When we give a msg about failing to parse a variable, we should say what
 the variable was, and ideally what was wrong with it.

 Compare the results for running `./src/app/tor UseBridges 99` in 0.3.5 and
 in master.  With 0.3.5 you got: `Boolean 'UseBridges 99' expects 0 or 1.`
 but now you get `Unrecognized value 99.`

 Let's make that better.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33215 [Applications/Tor Browser]: Android Toolchain: Add NDK bin path to system path

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33215: Android Toolchain: Add NDK bin path to system path
-+-
 Reporter:  sisbell  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam202002R  |
Parent ID:  #28704   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:7 boklm]:
 > Replying to [comment:2 sisbell]:
 > > Replying to [comment:1 sysrqb]:
 > > > This is based on commit f5fdff3bf0b9e957ab011f95af9e215cca7aeed6
 from ticket:28704#comment:23.
 > > >
 > > > {{{
 > > > diff --git a/projects/android-toolchain/config b/projects/android-
 toolchain/config
 > > > index 8c9c8222..4c02b2f3 100644
 > > > --- a/projects/android-toolchain/config
 > > > +++ b/projects/android-toolchain/config
 > > > @@ -15,6 +15,7 @@ var:
 > > >  export GRADLE_HOME=/var/tmp/dist/[% project %]/gradle
 > > >  export ANDROID_HOME=$ANDROID_SDK_HOME
 > > >  export GRADLE_USER_HOME=$GRADLE_HOME
 > > > +export PATH=$ANDROID_NDK_HOME/[% c("var/toolchain_arch")
 %]/bin:$PATH
 > > > }}}
 > > > If we put the toolchain at the end, are there situations where a
 system executable is used instead of the Android toolchain?
 > >
 > > I'll need to check old logs, but yes some projects just look for clang
 without the host info so it picks up the system executable for clang.
 >
 > In that case, it seems better to have the Android toolchain first in the
 PATH. Or are there any cases where we want a system executable to be used
 instead of the version from tho Android toolchain?
 Yes, firefox project will use tools like ''make'' from linux. Previously I
 put Android PATH first but then needed to reverse the path back in the
 firefox build. I just needed to make the zstd project to use correct
 variant so everything works with the system path first.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28765 [Applications/Tor Browser]: LibEvent Build for Android

2020-02-26 Thread Tor Bug Tracker & Wiki 
#28765: LibEvent Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, tbb-parity, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:  0.25
 Reviewer:  sysrqb, boklm|Sponsor:
-+-

Comment (by sisbell):

 Replying to [comment:16 boklm]:


 > Replying to [comment:14 sisbell]:
 >
 > > Broke commit into its own branch, otherwise no changes since last
 commit.
 > >
 > > https://github.com/sisbell/tor-browser-build/commits/bug-28765
 > >
 >
 > When looking at commit f73f0125252cdf18596291c45ba3d92cb719b883:
 >
 > You define `var/configure_opt` to `--disable-static` in
 `project/libevent/config` for all platforms except android. I think this
 is wrong as `var/configure_opt` already has some values defined in
 `rbm.conf`, so we override those values which will probably break the
 build on non-android platforms.
 Ok that should be easy to fix.

 >
 >
 > By the way in ticket:28704#comment:14 I said this:
 >
 > > it seems we could have a var/configure_opt for android in `rbm.conf`
 containing something like `CC=clang --host=[% c("var/host") %] [%
 c("var/configure_opt_project") %]`, where `var/configure_opt_project` is
 defined in each project to define options specific to this project
 > >
 > I still think that would be a good idea. If you don't think so, then
 please at least explain why instead of just ignoring comments and not
 doing the changes suggested.

 I didn't ignore the comment. i previously stated the reason I didn't do it
 and requested more discussion around a solution.

 "There was a suggestion to move some of the fields in configure_opt up to
 rbm.  OpenSSL doesn't use the same configure_host value as other  projects
 so this will require some more discussion if we want to move  forward with
 this suggestion."

 https://trac.torproject.org/projects/tor/ticket/28704#comment:23
 >
 > Regarding update to version `2.1.11`, I think it would be a good idea to
 mention it in the commit message. Or maybe do it as a separate commit
 (with #31499 as the bug number) as this is a change that affect all
 platforms.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33436 [Core Tor/Tor]: Remove all non-dirauth usage of dirauth timing options.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33436: Remove all non-dirauth usage of dirauth timing options.
+
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  technical-debt  |  Actual Points:
Parent ID:  #32810  | Points:  .5
 Reviewer:  asn |Sponsor:
+
Changes (by nickm):

 * status:  needs_revision => needs_review


Comment:

 I've made the requested changes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33459 [Internal Services/Services Admin Team]: Please create an account at dip for Dennis Jackson

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33459: Please create an account at dip for Dennis Jackson
-+-
 Reporter:  gk   |  Owner:  hiro
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by hiro):

 * status:  assigned => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33459 [Internal Services/Services Admin Team]: Please create an account at dip for Dennis Jackson

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33459: Please create an account at dip for Dennis Jackson
-+-
 Reporter:  gk   |  Owner:  hiro
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dennis.jackson):

 Email: gitlab.tor (_at_) dennisjj.co.uk

 Thanks gk!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33459 [Internal Services/Services Admin Team]: Please create an account at dip for Dennis Jackson

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33459: Please create an account at dip for Dennis Jackson
-+-
 Reporter:  gk   |  Owner:  hiro
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services Admin |Version:
  Team   |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => assigned
 * owner:  (none) => hiro


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33459 [Internal Services/Services Admin Team]: Please create an account at dip for Dennis Jackson

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33459: Please create an account at dip for Dennis Jackson
-+-
 Reporter:  gk   |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Services   |Version:
  Admin Team |
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Dennis Jackson is helping with performance/scalability related work and
 asked for an account at our Gitlab instance. Please create one.

 Preferred user name: djackson

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Fonts can be injected into a website via CSS (as base64 encoded application)

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Fonts can be injected into a website via CSS (as base64 encoded
application)
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sysrqb):

 Replying to [comment:3 dcent]:
 > Is anyone at Guardian Project able to follow this up with the NoScript
 developer(s) or direct the NoScript developer(s) over here?

 The Guardian Project is not related to NoScript.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Fonts can be injected into a website via CSS (as base64 encoded application)

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Fonts can be injected into a website via CSS (as base64 encoded
application)
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sysrqb):

 Replying to [comment:2 Yeti]:
 > IMHO malicious fonts can be harmful. I didn't check this behaviour but
 if it's true, this is more a NoScript-issue.

 What is a malicious font?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33430 [Applications/Tor Browser]: Fonts can be injected into a website via CSS (as base64 encoded application)

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33430: Fonts can be injected into a website via CSS (as base64 encoded
application)
--+--
 Reporter:  dcent |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Yeti):

 I think you should discuss this better here:
 https://forums.informaction.com/viewforum.php?f=3

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33458 [Core Tor/Tor]: Assertion desc failed in hs_client_close_intro_circuits_from_desc at src/feature/hs/hs_client.c: 2413

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33458: Assertion desc failed in hs_client_close_intro_circuits_from_desc at
src/feature/hs/hs_client.c: 2413
-+-
 Reporter:  asn  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs client-auth assert  043-must  |  Actual Points:  0.3
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by nickm):

 * keywords:  tor-hs client-auth assert => tor-hs client-auth assert
   043-must
 * priority:  Medium => High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33458 [Core Tor/Tor]: Assertion desc failed in hs_client_close_intro_circuits_from_desc at src/feature/hs/hs_client.c: 2413

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33458: Assertion desc failed in hs_client_close_intro_circuits_from_desc at
src/feature/hs/hs_client.c: 2413
--+---
 Reporter:  asn   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-hs client-auth assert
Actual Points:  0.3   |  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 Just got this assert failure in my TBB. I had a v3 onion open, and long
 ago I visited a client-auth onion that  I didn't manage to decrypt so it
 lingered in my cache with `->desc` set to `NULL`.

 {{{
 Feb 26 14:17:31.000 [err] tor_assertion_failed_(): Bug:
 src/feature/hs/hs_client.c:2413: hs_client_close_intro_circuits_from_desc:
 Assertion desc failed; aborting. (on T
 or 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: Tor 0.4.3.2-alpha (git-dcbf6611d9980953):
 Assertion desc failed in hs_client_close_intro_circuits_from_desc at
 src/feature/hs/hs_client.c:
 2413: . Stack trace: (on Tor 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(log_backtrace_impl+0x56) [0x5623c8fe6e96]
 (on Tor 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(tor_assertion_failed_+0x147)
 [0x5623c8fe1f97] (on Tor 0.4.3.2-alpha dcbf6611d9980
 953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(hs_client_close_intro_circuits_from_desc+0xb6)
 [0x5623c8ee7c76] (on Tor 0.4.3.2-a
 lpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(hs_cache_clean_as_client+0xf2)
 [0x5623c8edfbd2] (on Tor 0.4.3.2-alpha dcbf6611d99
 80953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(+0x6ebbc) [0x5623c8e3fbbc] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(+0x73487) [0x5623c8e44487] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug:
 ./TorBrowser/Tor/libevent-2.1.so.6(+0x22565) [0x7f3c28b8a565] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug:
 ./TorBrowser/Tor/libevent-2.1.so.6(event_base_loop+0x517) [0x7f3c28b8af27]
 (on Tor 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(do_main_loop+0xdb) [0x5623c8e4372b] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(tor_run_main+0x10b5) [0x5623c8e309f5] (on
 Tor 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(tor_main+0x3a) [0x5623c8e2e19a] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(main+0x19) [0x5623c8e2dd39] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /lib/x86_64-linux-
 gnu/libc.so.6(__libc_start_main+0xeb) [0x7f3c28207bbb] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 Feb 26 14:17:31.000 [err] Bug: /home/f/tor-browser_en-
 US/Browser/TorBrowser/Tor/tor(+0x5cd89) [0x5623c8e2dd89] (on Tor
 0.4.3.2-alpha dcbf6611d9980953)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33211 [Circumvention/Snowflake]: proxy-go sometimes gets into a 100+% CPU state

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33211: proxy-go sometimes gets into a 100+% CPU state
-+---
 Reporter:  dcf  |  Owner:  cohosh
 Type:  defect   | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by cohosh):

 Ah, this explains why I wasn't able to reproduce it. Looks like this bug
 was fixed in the most recent version:
 https://github.com/pion/sctp/issues/114#issuecomment-591280752

 Which version of sctp were you using?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32550 [Circumvention/Obfs4]: Static tor in docker container

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32550: Static tor in docker container
-+-
 Reporter:  thymbahutymba|  Owner:  phw
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Obfs4  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  docker, s30-o24a2, anti-censorship-  |  Actual Points:
  roadmap-2020Q1 |
Parent ID:  #31281   | Points:  2
 Reviewer:   |Sponsor:
 |  Sponsor30-can
-+-

Comment (by thymbahutymba):

 > Another reservation I have is that this approach requires us to keep
 track of the latest versions of dependencies and their security
 vulnerabilities, which takes time and effort. Every time we're creating a
 new docker image, we need to figure out what the latest version of OpenSSL
 etc. is. A Debian package however takes care of this for us.

 I don't know the smart reply for such problem. However I think that here
 the point is that you are putting your trust in Debian packager but
 different approach can be the rolling-release one, in this case we can
 update every time the tor-static docker version with the latest release of
 each library having somehow the benefit of doubt about vulnerabilities.
 Wheter they are present, after the discover, new version should be
 available and updating it should solve such problem. Hoping I've clarified
 my point of view even if I'm not undred percent sure about it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33457 [Applications/Tor Browser]: Twitter shows "Something went wrong." with a "Try again" button

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33457: Twitter shows "Something went wrong." with a "Try again" button
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability-website, network-  |  Actual Points:
  health |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 I am putting that ticket into the browser component even though there is
 probably nothing we can do from the browser side (but maybe we can, we
 have not talked to Twitter folks yet).

 I am marking this as network-health related problem as sites blocking tor
 nodes is a topic the network-health team should be concerned with.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33457 [Applications/Tor Browser]: Twitter shows "Something went wrong." with a "Try again" button

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33457: Twitter shows "Something went wrong." with a "Try again" button
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-usability-website,
 Severity:  Normal   |  network-health
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 For a while now it often happens that Twitter shows "Something went wrong"
 + an additional "Try again" button. That button does not really work as it
 seems Tor gets blocked by Twitter now.

 If one requests long enough a new circuit one usually comes through the
 block.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33436 [Core Tor/Tor]: Remove all non-dirauth usage of dirauth timing options.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33436: Remove all non-dirauth usage of dirauth timing options.
+
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:  needs_revision
 Priority:  Medium  |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  technical-debt  |  Actual Points:
Parent ID:  #32810  | Points:  .5
 Reviewer:  asn |Sponsor:
+

Comment (by nickm):

 I've added comments to the code and asked some questions on the review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33215 [Applications/Tor Browser]: Android Toolchain: Add NDK bin path to system path

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33215: Android Toolchain: Add NDK bin path to system path
-+-
 Reporter:  sisbell  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam202002R  |
Parent ID:  #28704   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  needs_review => needs_information


Comment:

 Replying to [comment:2 sisbell]:
 > Replying to [comment:1 sysrqb]:
 > > This is based on commit f5fdff3bf0b9e957ab011f95af9e215cca7aeed6 from
 ticket:28704#comment:23.
 > >
 > > {{{
 > > diff --git a/projects/android-toolchain/config b/projects/android-
 toolchain/config
 > > index 8c9c8222..4c02b2f3 100644
 > > --- a/projects/android-toolchain/config
 > > +++ b/projects/android-toolchain/config
 > > @@ -15,6 +15,7 @@ var:
 > >  export GRADLE_HOME=/var/tmp/dist/[% project %]/gradle
 > >  export ANDROID_HOME=$ANDROID_SDK_HOME
 > >  export GRADLE_USER_HOME=$GRADLE_HOME
 > > +export PATH=$ANDROID_NDK_HOME/[% c("var/toolchain_arch")
 %]/bin:$PATH
 > > }}}
 > > If we put the toolchain at the end, are there situations where a
 system executable is used instead of the Android toolchain?
 >
 > I'll need to check old logs, but yes some projects just look for clang
 without the host info so it picks up the system executable for clang.

 In that case, it seems better to have the Android toolchain first in the
 PATH. Or are there any cases where we want a system executable to be used
 instead of the version from tho Android toolchain?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33216 [Applications/Tor Browser]: Add Android Host and ABI Info to RBM.conf

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33216: Add Android Host and ABI Info to RBM.conf
-+-
 Reporter:  sisbell  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:
 Reviewer:  boklm|Sponsor:
-+-
Changes (by boklm):

 * status:  needs_review => needs_revision
 * keywords:  tbb-mobile, tbb-rbm, TorBrowserTeam202002R => tbb-mobile, tbb-
 rbm, TorBrowserTeam202002


Comment:

 Replying to [comment:3 sisbell]:
 > I added in a soft link link for libtinfo5 the upgrade to debian caused a
 problem. Otheriwse, commit it the same
 >
 > {{{
 > error while loading shared libraries: libtinfo.so.5: cannot open shared
 object file:
 > }}}
 >
 > https://github.com/sisbell/tor-browser-build/commits/bug-33216

 Where does this error happen exactly? The update to Debian Buster is
 already merged to master, and it seems we don't have the error.

 Maybe there is a better fix than linking libtinfo.so.6.1 to libtinfo.so.5.
 Anyway this seems unrelated to `Add Android Host and ABI Info to RBM.conf`
 so I think it should be done in a separate commit/ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32672 [Core Tor/Tor]: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32672: Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  task | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  044-should, 043-backport,|  Actual Points:
  041-backport, 042-backport, consider-  |
  backport-after-authority-test, fast-fix,   |
  network-health |
Parent ID:   | Points:  0.5
 Reviewer:  teor |Sponsor:
-+-

Comment (by gk):

 Okay, I am done sending mails. I guess we can collect some stats next week
 and maybe in two weeks to figure out how the mailing went.

 That's just for relays, though. I don't have access to addresses of bridge
 operators.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28766 [Applications/Tor Browser]: Tor Build for Android

2020-02-26 Thread Tor Bug Tracker & Wiki 
#28766: Tor Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, tbb-parity, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by boklm):

 * status:  needs_review => needs_revision


Comment:

 When looking at commit 4f636796fb728ce614e3223780dbdab86892eabf, I see
 that `var/configure_opt` containing options for android is defined in 3
 places: tor, xz, libevent.

 Instead I think we should define it only one time, in rbm.conf, as I said
 in ticket:28704#comment:14:
 > it seems we could have a var/configure_opt for android in `rbm.conf`
 containing something like `CC=clang --host=[% c("var/host") %] [%
 c("var/configure_opt_project") %]`, where `var/configure_opt_project` is
 defined in each project to define options specific to this project

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31069 [Webpages/Support]: Create onion auth entries in portals

2020-02-26 Thread Tor Bug Tracker & Wiki 
#31069: Create onion auth entries in portals
--+---
 Reporter:  antonela  |  Owner:  ggus
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3| Points:
 Reviewer:  antonela, stephw  |Sponsor:  Sponsor27
--+---

Comment (by pili):

 This feature is available in this nightly build:
 http://f4amtbsowhix7rrf.onion/tor-browser-builds/tbb-nightly.2020.02.25

 For an onion service implementing client authorization you can check out:
 http://bosnbcdjbk2c2vs77eynnqk5c2mq3ys5m4znpd7arg67hmjtu3qdypad.onion/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33456 [Webpages/Support]: Update Support Portal Onion Services section to include a question on HSv3 client authorization

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33456: Update Support Portal Onion Services section to include a question on 
HSv3
client authorization
--+
 Reporter:  pili  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #31069
   Points:|   Reviewer:
  Sponsor:|
--+
 We should add a new question in the support portal e.g Why is an onion
 service asking me for client authorization? under
 support.tp.o/onionservices/#client-auth; to include details on the new
 client authorization interface for v3 onion services.

 This section could include a link out to the Tor Browser Manual onion
 services section created in #33454 and a link out to the Community portal
 onion services section created in #33455 for setting up HSv3 client
 authorization

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33454 [Community/Tor Browser Manual]: Update Tor Browser Manual Onion Services Section with HSv3 Client Authorization

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33454: Update Tor Browser Manual Onion Services Section with HSv3 Client
Authorization
--+
 Reporter:  pili  |  Owner:  ggus
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Community/Tor Browser Manual  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #31069
   Points:|   Reviewer:
  Sponsor:|
--+
 We should expand on the "HOW TO ACCESS AN ONION SERVICE" section in the
 [https://tb-manual.torproject.org/onion-services/ Tor Browser Manual] to
 include details on the new client authorization interface for v3 onion
 services.

 This section should include the new features we will have available to
 manage saved client authorization keys.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33455 [Community]: Update Community Portal Onion Services section with details on how to set up HSv3 client authorization

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33455: Update Community Portal Onion Services section with details on how to 
set
up HSv3 client authorization
---+
 Reporter:  pili   |  Owner:  ggus
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:  #31069
   Points: |   Reviewer:
  Sponsor: |
---+
 We should add a new section in the community portal under
 community.tp.o/onionservices/#client-auth; to include details on how to
 set up client authorization for v3 onion services.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28765 [Applications/Tor Browser]: LibEvent Build for Android

2020-02-26 Thread Tor Bug Tracker & Wiki 
#28765: LibEvent Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, tbb-parity, |  Actual Points:
  TorBrowserTeam202002   |
Parent ID:  #28704   | Points:  0.25
 Reviewer:  sysrqb, boklm|Sponsor:
-+-
Changes (by boklm):

 * keywords:  tbb-mobile, tbb-rbm, tbb-parity, TorBrowserTeam202002R => tbb-
 mobile, tbb-rbm, tbb-parity, TorBrowserTeam202002
 * status:  needs_review => needs_revision


Comment:

 Replying to [comment:14 sisbell]:
 > Broke commit into its own branch, otherwise no changes since last
 commit.
 >
 > https://github.com/sisbell/tor-browser-build/commits/bug-28765

 When looking at commit f73f0125252cdf18596291c45ba3d92cb719b883:

 You define `var/configure_opt` to `--disable-static` in
 `project/libevent/config` for all platforms except android. I think this
 is wrong as `var/configure_opt` already has some values defined in
 `rbm.conf`, so we override those values which will probably break the
 build on non-android platforms.

 By the way in ticket:28704#comment:14 I said this:
 > it seems we could have a var/configure_opt for android in `rbm.conf`
 containing something like `CC=clang --host=[% c("var/host") %] [%
 c("var/configure_opt_project") %]`, where `var/configure_opt_project` is
 defined in each project to define options specific to this project
 I still think that would be a good idea. If you don't think so, then
 please at least explain why instead of just ignoring comments and not
 doing the changes suggested.

 Regarding update to version `2.1.11`, I think it would be a good idea to
 mention it in the commit message. Or maybe do it as a separate commit
 (with #31499 as the bug number) as this is a change that affect all
 platforms.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33035 [Applications/Tor Browser]: create strings for onion service error pages

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33035: create strings for onion service error pages
--+
 Reporter:  brade |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:  0.25
Parent ID:  #19251| Points:
 Reviewer:|Sponsor:  Sponsor27-must
--+

Comment (by asn):

 Quick review:

 - What does "disabled" mean? What's the diff from "offline"? I think
 offline is a simpler term and also includes "disabled".

 Other than that, looks great!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33453 [Metrics/Relay Search]: Relay Search does not have an icon for StaleDesc

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33453: Relay Search does not have an icon for StaleDesc
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by karsten):

 Maybe a [https://fontawesome.com/icons/clock?style=solid clock] (not
 necessarily this one)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31069 [Webpages/Support]: Create onion auth entries in portals (was: Create onion auth entry in support.torproject.org)

2020-02-26 Thread Tor Bug Tracker & Wiki 
#31069: Create onion auth entries in portals
--+---
 Reporter:  antonela  |  Owner:  ggus
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3| Points:
 Reviewer:  antonela, stephw  |Sponsor:  Sponsor27
--+---

Old description:

> In #30237, we are working on integrating onion authentication with Tor
> Browser. We need an explainer for users to Learn More when it happens and
> hopefully help them with their doubts.

New description:

 In #30237, we are working on integrating onion authentication with Tor
 Browser. We need an explainer for users to Learn More when it happens and
 hopefully help them with their doubts.

 We should add entries to:

 - support.tp.o/onionservices
 - tb-manual.tp.o/onion-services
 - community.tp.o/onion-services

--

Comment (by pili):

 I have made this issue more general to deal with all relevant portals. We
 can also create children tickets for each different portal

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31069 [Webpages/Support]: Create onion auth entry in support.torproject.org

2020-02-26 Thread Tor Bug Tracker & Wiki 
#31069: Create onion auth entry in support.torproject.org
--+---
 Reporter:  antonela  |  Owner:  ggus
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3| Points:
 Reviewer:  antonela, stephw  |Sponsor:  Sponsor27
--+---
Changes (by pili):

 * cc: PROTechThor (added)


Comment:

 I can actually think of a couple of different places where we need content
 on onion service client authorization:

 - **As a user/client**, I want to know why I'm being asked for an
 authorization key to access an onion service - support.tp.o/onionservices
 /#client-auth e.g Why is an onion service asking me for client
 authorization?

 - **As an onion service operator**, I want to know how to set up client
 authorization for my onion service - community.tp.o/onion-services/client-
 auth

 - **As a Tor Browser user**, I want to find out more about how this new
 feature works - tb-manual.tp.o/onion-services/client-auth

 Maybe, to start with, we just need an entry point/question in support.tp.o
 /onion-services with links to the three locations suggested above? That
 way people can choose their own adventure...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33205 [Metrics/Library]: Avoid invoking overridable methods from constructors

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33205: Avoid invoking overridable methods from constructors
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:  irl  |Sponsor:
-+-
Changes (by karsten):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Agreed! Thanks for checking. Merged to master. Closing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30237 [Applications/Tor Browser]: Tor Browser: Improve TBB UI of hidden service client authorization

2020-02-26 Thread Tor Bug Tracker & Wiki 
#30237: Tor Browser: Improve TBB UI of hidden service client authorization
-+-
 Reporter:  asn  |  Owner:  mcs
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-september,  |  implemented
  TorBrowserTeam202001R network-team-roadmap-|  Actual Points:  16.2
  2020Q1, 9.5a5  |
Parent ID:  #3   | Points:  17
 Reviewer:  pospeselr, sysrqb|Sponsor:
 |  Sponsor27-must
-+-
Changes (by pili):

 * cc: PROTechThor (added)


Comment:

 Replying to [comment:55 sysrqb]:
 > Replying to [comment:51 mcs]:
 > > Kathy and I rebased the patches to the `tor-browser-68.4.1esr-9.5-1`
 branch. The patch is here:
 > > https://gitweb.torproject.org/user/brade/tor-
 browser.git/commit/?h=bug30237-04=6cac185d0c10e4f26ca7eaf000c31fae36d13bfc
 >
 > {{{
 > +let retval = {
 > +  learnMore: getString("torPreferences.learnMore", "Learn More"),
 > +  learnMoreURL: `https://2019.www.torproject.org/docs/tor-manual-
 dev.html.${getLocale()}#_client_authorization`,
 > }}}
 > I know that's waiting on #31069 but :(

 The link used gives a 404. We could use
 https://2019.www.torproject.org/docs/tor-onion-
 service.html.en#CookieAuthentication which is about setting this up but
 it's probably not that useful for an end user.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33436 [Core Tor/Tor]: Remove all non-dirauth usage of dirauth timing options.

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33436: Remove all non-dirauth usage of dirauth timing options.
+
 Reporter:  nickm   |  Owner:  nickm
 Type:  defect  | Status:  needs_revision
 Priority:  Medium  |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  technical-debt  |  Actual Points:
Parent ID:  #32810  | Points:  .5
 Reviewer:  asn |Sponsor:
+
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 This is nice! Did a review as well!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33400 [Core Tor/Tor]: hs-v3: Log why we can't upload a descriptor

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33400: hs-v3: Log why we can't upload a descriptor
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-hs|  Actual Points:  0.2
Parent ID:| Points:  0.2
 Reviewer:  asn   |Sponsor:
--+
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 Review done! Nice feature!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33205 [Metrics/Library]: Avoid invoking overridable methods from constructors

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33205: Avoid invoking overridable methods from constructors
-+-
 Reporter:  karsten  |  Owner:  karsten
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:  irl  |Sponsor:
-+-
Changes (by irl):

 * status:  needs_review => merge_ready


Comment:

 I think I do prefer this approach. ​commit 9ccb934 in task-33205-2 branch
 looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33453 [Metrics/Relay Search]: Relay Search does not have an icon for StaleDesc

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33453: Relay Search does not have an icon for StaleDesc
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by irl):

 * cc: antonela (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32749 [Webpages/Website]: Tor download button on your site does nothing when I click on it

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32749: Tor download button on your site does nothing when I click on it
+---
 Reporter:  get-lead-out.44mag  |  Owner:  hiro
 Type:  defect  | Status:  closed
 Priority:  Very High   |  Milestone:
Component:  Webpages/Website|Version:
 Severity:  Normal  | Resolution:  not a bug
 Keywords:  ux-team |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---

Comment (by cypherpunks):

 hah

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33453 [Metrics/Relay Search]: Relay Search does not have an icon for StaleDesc

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33453: Relay Search does not have an icon for StaleDesc
--+--
 Reporter:  karsten   |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by irl):

 The icons have come from a bunch of places but we have no easy reliable
 source we can just take icons from. Any suggestions on concepts for the
 icon?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33335 [Metrics/Relay Search]: Make it possible to select every existing flag in "Advanced Search"

2020-02-26 Thread Tor Bug Tracker & Wiki 
#5: Make it possible to select every existing flag in "Advanced Search"
--+--
 Reporter:  computer_freak|  Owner:  metrics-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  irl   |Sponsor:
--+--
Changes (by karsten):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:2 irl]:
 > Looks good.

 Great! Pushed to master and deployed.

 > I did wonder if we still have NoEdConsensus, #24103 was the bug for that
 in case you also wondered, and it turns out we do still need it.

 I simply took all known flags from the latest consensus, and to be honest,
 I was more surprised by the StaleDesc flag that I didn't hear about
 before. I think we'll have to do this every year or so, but it's also not
 the end of the world if the list gets out of sync.

 Closing. Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33404 [Applications/Tor Browser]: 'No video with supported format and MIME type found.'

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33404: 'No video with supported format and MIME type found.'
--+--
 Reporter:  Azali |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * owner:  (none) => tbb-team
 * cc: ggus (removed)
 * component:  Webpages => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32749 [Webpages/Website]: Tor download button on your site does nothing when I click on it

2020-02-26 Thread Tor Bug Tracker & Wiki 
#32749: Tor download button on your site does nothing when I click on it
+---
 Reporter:  get-lead-out.44mag  |  Owner:  hiro
 Type:  defect  | Status:  closed
 Priority:  Very High   |  Milestone:
Component:  Webpages/Website|Version:
 Severity:  Normal  | Resolution:  not a bug
 Keywords:  ux-team |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by pili):

 * status:  reopened => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33425 [Applications/Tor Browser]: re :tor security compromise

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33425: re  :tor security compromise
--+---
 Reporter:  chajay|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeamTriaged |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by boklm):

 What do you mean exactly by "https change to un-secure"? Is there some
 error message somewhere?

 What does "tor list of countries disappears and shown as a regular
 browser" mean? What is showing a "regular browser" and what does it mean?

 The "this video no longer available" thing could be a lot of things, but
 most probably it is a problem on the website. Or maybe they are blocking
 access from tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33425 [Applications/Tor Browser]: re :tor security compromise

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33425: re  :tor security compromise
--+---
 Reporter:  chajay|  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeamTriaged |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by pili):

 * owner:  (none) => tbb-team
 * keywords:   => TorBrowserTeamTriaged
 * status:  new => needs_information
 * component:  Webpages => Applications/Tor Browser


Comment:

 Can you confirm which version of Tor Browser you are currently using?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33450 [Webpages/Support]: Create a guide to help web site owners mitigate abuse from Tor without blocking non-abusive Tor users

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33450: Create a guide to help web site owners mitigate abuse from Tor without
blocking non-abusive Tor users
--+--
 Reporter:  jnewsome  |  Owner:  ggus
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * status:  new => assigned
 * owner:  hiro => ggus


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33450 [Webpages/Support]: Create a guide to help web site owners mitigate abuse from Tor without blocking non-abusive Tor users

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33450: Create a guide to help web site owners mitigate abuse from Tor without
blocking non-abusive Tor users
--+--
 Reporter:  jnewsome  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Support  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * component:  Webpages/Website => Webpages/Support


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33362 [Internal Services/Tor Sysadmin Team]: Please provision a VM for the new exit scanner

2020-02-26 Thread Tor Bug Tracker & Wiki 
#33362: Please provision a VM for the new exit scanner
-+-
 Reporter:  irl  |  Owner:  anarcat
 Type:  task | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by irl):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Ah, yes, both users need linger. The separate users are for some (limited)
 priv sep, and each run their own services with systemd.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33335 [Metrics/Relay Search]: Make it possible to select every existing flag in "Advanced Search"

2020-02-26 Thread Tor Bug Tracker & Wiki 
#5: Make it possible to select every existing flag in "Advanced Search"
--+--
 Reporter:  computer_freak|  Owner:  metrics-team
 Type:  defect| Status:  merge_ready
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:  irl   |Sponsor:
--+--
Changes (by irl):

 * status:  needs_review => merge_ready


Comment:

 Looks good.

 I did wonder if we still have NoEdConsensus, #24103 was the bug for that
 in case you also wondered, and it turns out we do still need it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs