[tor-bugs] #23169 [Metrics/Metrics website]: metrics site should explain why metrics are important and what we do to make sure they're safe

[Tor Bug Tracker & Wiki]

#23169: metrics site should explain why metrics are important and what we do to
make sure they're safe
-+--
 Reporter:  arma |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 In trying to answer the comments on https://blog.torproject.org/blog/we-
 enhanced-security-and-integrity-tor-metrics-supported-moss, I realized
 that our metrics site is just a bunch of graphs and stuff, with no easy-
 to-find explanation of *why* we collect stuff, what our goals are and why
 collecting these things will get us there, what our constraints are (e.g.
 which things we won't ever do even if they would also help us achieve our
 goals), etc.

 I see a little sentence under 'Philosophy' on the about page. That's a
 nice start.

 But explaining why metrics are worthwhile, when we're a privacy project,
 seems like something we should address directly rather than leave
 implicit.

 It might be that some of the safety board principles could be useful to
 articulate here:
 https://research.torproject.org/safetyboard.html#guidelines

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23168 [Core Tor/Tor]: Guard sample calls relay descriptors a "consensus"

[Tor Bug Tracker & Wiki]

#23168: Guard sample calls relay descriptors a "consensus"
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.0.9
 Severity:  Normal | Resolution:
 Keywords:  tor-log, easy  |  Actual Points:
Parent ID: | Points:  0.5
 Reviewer: |Sponsor:
---+
Description changed by teor:

Old description:

> `
> [info] router_load_routers_from_string: 96 elements to add
> [info] sampled_guards_update_from_consensus: Updating sampled guard
> status based on received consensus.
> `
>
> The message should either say "received directory document(s)", or
> actually describe the directory document it just received.

New description:

 [info] router_load_routers_from_string: 96 elements to add
 [info] sampled_guards_update_from_consensus: Updating sampled guard status
 based on received consensus.

 The message should either say "received directory document(s)", or
 actually describe the directory document it just received.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23168 [Core Tor/Tor]: Guard sample calls relay descriptors a "consensus"

[Tor Bug Tracker & Wiki]

#23168: Guard sample calls relay descriptors a "consensus"
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.9
 Severity:  Normal|   Keywords:  tor-log, easy
Actual Points:|  Parent ID:
   Points:  0.5   |   Reviewer:
  Sponsor:|
--+
 `
 [info] router_load_routers_from_string: 96 elements to add
 [info] sampled_guards_update_from_consensus: Updating sampled guard status
 based on received consensus.
 `

 The message should either say "received directory document(s)", or
 actually describe the directory document it just received.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23163 [Core Tor/Tor]: Wrong name for new tor config options

[Tor Bug Tracker & Wiki]

#23163: Wrong name for new tor config options
--+-
 Reporter:  atagar|  Owner:
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Description changed by arma:

Old description:

> Hi Nick, tor has three new config options where the double unscore should
> be at the start rather than end...
>
> {{{
> SchedulerHighWaterMark__  101 MB
> SchedulerLowWaterMark__   100 MB
> SchedulerMaxFlushCells__  1000
> }}}
>
> Lacking this causes applications (like Nyx) to present these as user-
> facing options rather than a hidden option like '__ReloadTorrcOnSIGHUP'.
>
> Cheers! -Damian

New description:

 Hi Nick, tor has three new config options where the double unscore should
 be at the start rather than end...

 {{{
 SchedulerHighWaterMark__  101 MB
 SchedulerLowWaterMark__   100 MB
 SchedulerMaxFlushCells__  1000
 }}}

 Lacking this causes applications (like Nyx) to present these as user-
 facing options rather than a hidden option like
 {{{__ReloadTorrcOnSIGHUP}}}.

 Cheers! -Damian

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23163 [Core Tor/Tor]: Wrong name for new tor config options

[Tor Bug Tracker & Wiki]

#23163: Wrong name for new tor config options
--+-
 Reporter:  atagar|  Owner:
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by arma):

 Not disputing the rest, but, are you sure they're new? :) Looks like they
 went into git commit b1e1b439 which went into Tor 0.2.6.2-alpha.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22806 [Webpages/Blog]: http://blog.torproject.org/ should redirect to https

[Tor Bug Tracker & Wiki]

#22806: http://blog.torproject.org/ should redirect to https
---+--
 Reporter:  arma   |  Owner:  hiro
 Type:  defect | Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by arma):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 This has now become unfixed. http://blog.torproject.org/ is pleased to
 serve me our blog content, albeit with some sort of css breakage. (When
 you're testing it, be sure not to get tricked by your https-everywhere
 doing the redirect for you.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21312 [Obfuscation/Snowflake]: snowflake-client is pegged at 100% cpu

[Tor Bug Tracker & Wiki]

#21312: snowflake-client is pegged at 100% cpu
---+-
 Reporter:  arlolra|  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by yawning):

 I mean, the bindings still appears to leak OS threads like a sieve, and
 still use cgo, so it's not like anything has changed since arma
 encountered this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23166 [Applications/Tor Browser]: Add Felix's obfs4 bridges to Tor Browser's defaults

[Tor Bug Tracker & Wiki]

#23166: Add Felix's obfs4 bridges to Tor Browser's defaults
--+--
 Reporter:  isis  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-bridges   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorM-can
--+--
Changes (by yawning):

 * cc: yawning (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23167 [Applications/Tor Browser]: support for sandbox on macOS

[Tor Bug Tracker & Wiki]

#23167: support for sandbox on macOS
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Is there any progress on a sandboxed browser for macOS? The Q and A with
 Yawning Angel last year said that the Tor browser team is looking at OSX.

 https://blog.torproject.org/blog/q-and-yawning-angel
 Which operating system will the sandbox support?

 We need a sandbox for Linux, OSX, and Windows. I’m working on the Linux
 one. The Tor browser team is looking at OSX.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21312 [Obfuscation/Snowflake]: snowflake-client is pegged at 100% cpu

[Tor Bug Tracker & Wiki]

#21312: snowflake-client is pegged at 100% cpu
---+-
 Reporter:  arlolra|  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by dcf):

 I encountered this lockup for the first time today. snowflake-client was
 using 200% CPU. I had been browsing and my requests started timing out.
 Here is the end of snowflake.log; it must have been around 17:00:00 when I
 noticed the hang.
 {{{
 2017/08/09 16:58:43  Handler: snowflake assigned 
 2017/08/09 16:58:43 Buffered 201 bytes --> WebRTC
 2017/08/09 16:58:43 WebRTC: DataChannel.OnOpen
 2017/08/09 16:58:43 Flushed 201 bytes.
 2017/08/09 16:58:45 Traffic Bytes (in|out): 743 | 201 -- (1 OnMessages, 1
 Sends)
 2017/08/09 16:58:51 Traffic Bytes (in|out): 51 | 166 -- (1 OnMessages, 2
 Sends)
 2017/08/09 16:58:53 WebRTC: At capacity [1/1]  Retrying in 10 seconds...
 2017/08/09 16:59:03 WebRTC: At capacity [1/1]  Retrying in 10 seconds...
 2017/08/09 16:59:13 WebRTC: At capacity [1/1]  Retrying in 10 seconds...
 2017/08/09 16:59:17 WebRTC: No messages received for 30 seconds -- closing
 stale connection.
 2017/08/09 16:59:17 WebRTC: closing DataChannel
 2017/08/09 16:59:23 WebRTC: Collecting a new Snowflake. Currently at [0/1]
 2017/08/09 16:59:23 snowflake-SeQZtvutAUlE6pFr  connecting...
 2017/08/09 17:03:45 copy loop ended
 2017/08/09 17:03:45  Handler: closed ---
 2017/08/09 17:03:45 SOCKS listening...
 2017/08/09 17:03:46 SOCKS accepted:  {0.0.3.0:1  map[]}
 }}}

 The process had 521 threads, not 1024.
  * [attachment:20170809-info-threads.txt info threads]
  * [attachment:20170809-thread-apply-all-bt.txt thread apply all bt]

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21312#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23166 [Applications/Tor Browser]: Add Felix's obfs4 bridges to Tor Browser's defaults

[Tor Bug Tracker & Wiki]

#23166: Add Felix's obfs4 bridges to Tor Browser's defaults
--+--
 Reporter:  isis  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-bridges   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorM-can
--+--
Changes (by dcf):

 * cc: dcf (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23088 [Obfuscation/BridgeDB]: >Please note that you must send the email using an address from one of the following email providers: Riseup, Gmail or Yahoo.

[Tor Bug Tracker & Wiki]

#23088: >Please note that you must send the email using an address from one of 
the
following email providers: Riseup, Gmail or Yahoo.
--+-
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by cypherpunks):

 @original cypherpunks poster: Note that the requirement of Gmail and Yahoo
 is since they require phone verification. For riseup it's even more
 difficult as it requires you to have an "invitation" from some already
 riseup member.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

[Tor Bug Tracker & Wiki]

#23138: TorButton don't let people to change proxy settings
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  closed
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  reopened => closed
 * resolution:   => wontfix


Comment:

 Replying to [comment:10 cypherpunks]:
 > "If you believe that's because of a bug please file a different ticket."
 You forgot the clause "**in case you have a patch we should consider.**"

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

[Tor Bug Tracker & Wiki]

#23138: TorButton don't let people to change proxy settings
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  reopened
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  wontfix =>


Comment:

 "If you believe that's because of a bug please file a different ticket."

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23166 [Applications/Tor Browser]: Add Felix's obfs4 bridges to Tor Browser's defaults

[Tor Bug Tracker & Wiki]

#23166: Add Felix's obfs4 bridges to Tor Browser's defaults
--+-
 Reporter:  isis  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-bridges
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:  SponsorM-can  |
--+-
 See https://lists.torproject.org/pipermail/tor-
 project/2017-August/001357.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23165 [Metrics/Metrics website]: relay versions graph should add 0.3.1 and 0.3.2

[Tor Bug Tracker & Wiki]

#23165: relay versions graph should add 0.3.1 and 0.3.2
-+--
 Reporter:  arma |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 https://metrics.torproject.org/versions.html shows versions up through
 0.3.0.

 But 0.3.1 is soon to be called stable, and 0.3.2 already exists too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19711 [Core Tor/Tor]: circuit_package_relay_cell(): Bug: outgoing relay cell sent from src/or/relay.c:701 has n_chan==NULL. Dropping. (on Tor 0.2.8.5-rc )

[Tor Bug Tracker & Wiki]

#19711: circuit_package_relay_cell(): Bug: outgoing relay cell sent from
src/or/relay.c:701 has n_chan==NULL. Dropping. (on Tor 0.2.8.5-rc )
+--
 Reporter:  user100500  |  Owner:
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.2.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  log annoyance tor-relay tor-client  |  Actual Points:
Parent ID:  | Points:  3
 Reviewer:  |Sponsor:
+--

Comment (by cypherpunks):

 Got it on 0.3.0.10
 {{{
 [warn] circuit_package_relay_cell(): Bug: outgoing relay cell sent from
 src/or/relay.c:737 has n_chan==NULL. Dropping. (on Tor 0.3.0.10
 c33db290a9d8d0f9)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23164 [Internal Services/Tor Sysadmin Team]: Install tor on crispum

[Tor Bug Tracker & Wiki]

#23164: Install tor on crispum
-+-
 Reporter:  tom  |  Owner:  tpa
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Please install tor on crispum so I can configure the hidden services for
 the tor crash dump submitter and viewer services.

 See also #22923

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23110 [Core Tor/Tor]: prop224: Rate limit HS descriptor reuploads

[Tor Bug Tracker & Wiki]

#23110: prop224: Rate limit HS descriptor reuploads
--+
 Reporter:  asn   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop224 prop224-extra tor-hs  |  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:  SponsorR-can
--+

Comment (by arma):

 See also the discussion in #23126 around why it would be useful to be able
 to predict how many publishes an onion service will do over time on
 average.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21951 [Applications/Tor Launcher]: Tor Launcher improvements and automation

[Tor Bug Tracker & Wiki]

#21951: Tor Launcher improvements and automation
---+--
 Reporter:  linda  |  Owner:  linda
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor4
---+--

Comment (by linda):

 Replying to [comment:9 isis]:
 > Putting this in Applications/TorLauncher. If this was in error, please
 excuse and move back to component Webpages.

 Oops. You're right! It should be in Applications/TorLauncher.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21951 [Applications/Tor Launcher]: Tor Launcher improvements and automation

[Tor Bug Tracker & Wiki]

#21951: Tor Launcher improvements and automation
---+--
 Reporter:  linda  |  Owner:  linda
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor4
---+--
Changes (by isis):

 * component:  Webpages => Applications/Tor Launcher


Comment:

 Putting this in Applications/TorLauncher. If this was in error, please
 excuse and move back to component Webpages.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23088 [Obfuscation/BridgeDB]: >Please note that you must send the email using an address from one of the following email providers: Riseup, Gmail or Yahoo.

[Tor Bug Tracker & Wiki]

#23088: >Please note that you must send the email using an address from one of 
the
following email providers: Riseup, Gmail or Yahoo.
--+-
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by isis):

 * status:  needs_information => closed
 * resolution:   => invalid


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23086 [Obfuscation/BridgeDB]: GIMP Captcha uses insecure random number generator

[Tor Bug Tracker & Wiki]

#23086: GIMP Captcha uses insecure random number generator
--+---
 Reporter:  cypherpunks   |  Owner:  isis
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Obfuscation/BridgeDB  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by isis):

 * status:  reopened => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23162 [Internal Services/Tor Sysadmin Team]: create speaking@ alias to coordinate speaking requests

[Tor Bug Tracker & Wiki]

#23162: create speaking@ alias to coordinate speaking requests
-+-
 Reporter:  arma |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 |  implemented
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arma):

 * status:  new => closed
 * resolution:   => implemented


Comment:

 Added to tor-puppet in commit 3a82a6ee8.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23163 [Core Tor/Tor]: Wrong name for new tor config options

[Tor Bug Tracker & Wiki]

#23163: Wrong name for new tor config options
--+-
 Reporter:  atagar|  Owner:
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Minor |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Hi Nick, tor has three new config options where the double unscore should
 be at the start rather than end...

 {{{
 SchedulerHighWaterMark__  101 MB
 SchedulerLowWaterMark__   100 MB
 SchedulerMaxFlushCells__  1000
 }}}

 Lacking this causes applications (like Nyx) to present these as user-
 facing options rather than a hidden option like '__ReloadTorrcOnSIGHUP'.

 Cheers! -Damian

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23162 [Internal Services/Tor Sysadmin Team]: create speaking@ alias to coordinate speaking requests

[Tor Bug Tracker & Wiki]

#23162: create speaking@ alias to coordinate speaking requests
-+-
 Reporter:  arma |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 As part of the speakers bureau plan, I'm going to create a speaking@
 alias, which currently will point to me, alison, shari, steph, tommy, isa.

 The goal is that it can be a place where we coordinate our responses to
 invitations to speak at various events, and maybe eventually an outside
 address where people can directly invite us to speak at various events,
 rather than mailing whoever it is that they pick individually as is done
 today.

 It is explicitly *not* the place where all the people who want to sign up
 to do speaking events for Tor will congregate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22802 [Core Tor/Tor]: Avoid use of "0" with tor_parse_foo()

[Tor Bug Tracker & Wiki]

#22802: Avoid use of "0" with tor_parse_foo()
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by catalyst):

 * cc: catayst (added)


Comment:

 Replying to [comment:2 nickm]:
 > I'm not sure we actually do that here -- looking over the tor_parse_*
 functions, I couldn't find any that would have caused #22469.
 Commented on #22469 about a possible cause.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22173 [Core Tor/Tor]: Support looking up node by ed25519 identity

[Tor Bug Tracker & Wiki]

#22173: Support looking up node by ed25519 identity
--+
 Reporter:  dgoulet   |  Owner:  nickm
 Type:  enhancement   | Status:  accepted
 Priority:  High  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22173 [Core Tor/Tor]: Support looking up node by ed25519 identity

[Tor Bug Tracker & Wiki]

#22173: Support looking up node by ed25519 identity
--+
 Reporter:  dgoulet   |  Owner:  nickm
 Type:  enhancement   | Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 I've got the backend here in `ed25519_lookup`, but no front end yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22469 [Core Tor/Tor]: tor should probably reject "0x00" in port range specifications (was: tor should better validate invalid ipv6 address:port definitions)

[Tor Bug Tracker & Wiki]

#22469: tor should probably reject "0x00" in port range specifications
-+-
 Reporter:  toralf   |  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.3.1.2-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay torrc configuration intro  |  Actual Points:
  ipv6   |
Parent ID:  #22802   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by catalyst):

 * cc: catalyst (added)


Comment:

 By code inspection it looks like `0x00` as the port might get accepted by
 `parse_port_range()` because `tor_parse_long()` gets called with a non-
 null `next` to detect a hyphen delimiting the maximum of a port range, but
 nothing seems to produce an error if some different character follows the
 first port number of the "range".  i.e., `0x00` gets parsed as `0`
 followed by `x00` as trailing garbage that gets ignored rather than
 producing an error.  I haven't come up with a test for this yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23161 [Applications/Tor Browser]: Make tor.exe binaries identical

[Tor Bug Tracker & Wiki]

#23161: Make tor.exe binaries identical
--+---
 Reporter:  cypherpunks   |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by boklm):

 * status:  new => closed
 * resolution:   => not a bug
 * component:  - Select a component => Applications/Tor Browser


Comment:

 It is intentional that those 2 binaries are different. The tor.exe from
 Tor Browser is difficult to use outside of Tor Browser as it has no
 console support, so the tor.exe from the Expert Bundle which is made for
 use without Tor Browser is built with console support.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23161 [- Select a component]: Make tor.exe binaries identical

[Tor Bug Tracker & Wiki]

#23161: Make tor.exe binaries identical
--+-
 Reporter:  cypherpunks   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Between the tor.exe binaries of "torbrowser-install-*_en-US.exe" and "tor-
 win32-*.zip" there is a small difference in PE header, one shows GUI and
 the other console

 I guess it would be better if both of these binaries were identical?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #15645 [Core Tor/Tor]: Document PublishServerDescriptor better

[Tor Bug Tracker & Wiki]

#15645: Document PublishServerDescriptor better
--+
 Reporter:  qbi   |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.2.6.7
 Severity:  Normal| Resolution:  fixed
 Keywords:  docs easy |  Actual Points:
Parent ID:| Points:  .1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Done in d655388a4a7c6a

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing

[Tor Bug Tracker & Wiki]

#22976: disallow tor exec'ing
--+
 Reporter:  dawuud|  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  sandbox   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing

[Tor Bug Tracker & Wiki]

#22976: disallow tor exec'ing
--+
 Reporter:  dawuud|  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  sandbox   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * owner:   => nickm
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22976 [Core Tor/Tor]: disallow tor exec'ing

[Tor Bug Tracker & Wiki]

#22976: disallow tor exec'ing
--+
 Reporter:  dawuud|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  sandbox   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 Implementation in my `feature22976` branch.

 This isn't fundamentally about seccomp; it's about disabling
 functionality. Our sandbox already disables all exec calls.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23158 [Internal Services/Service - trac]: Restrict access to InterMapTxt and other service pages

[Tor Bug Tracker & Wiki]

#23158: Restrict access to InterMapTxt and other service pages
--+-
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by qbi):

 I made the site read-only. Do you have other service pages in mind?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23128 [Applications/Tor Browser]: When right clicking on a webm and clicking on open with -> Torbrowser it opens TorBrowser even though it is not set up

[Tor Bug Tracker & Wiki]

#23128: When right clicking on a webm and clicking on open with -> Torbrowser it
opens TorBrowser even though it is not set up
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * status:  needs_information => new


Comment:

 Replying to [comment:6 gk]:
 > Hm. Why should that be "won't fix"? Isn't this bug something we should
 fix (eventually) given that it is confusing and is leading to unexpected
 behavior (imagine the user has forgotten that they opened Tor Browser that
 way and is wondering now why normal browsing is not working)?

 The scenario you describe is possible, yes. I think I was a little too
 quick to move toward "won't fix." My reason was that (1) we do not know
 how to fix this problem right now and (2) it seems like an issue that will
 be rare (I assume most people open Tor Browser after they download it and
 do not delete their TorBrowser-Data directory). But you are right, we
 should keep this ticket open in the hope that we will eventually find time
 to fix it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22897 [Core Tor/Tor]: Revise privcount patch series to use trace modules

[Tor Bug Tracker & Wiki]

#22897: Revise privcount patch series to use trace modules
--+
 Reporter:  nickm |  Owner:
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  privcount |  Actual Points:
Parent ID:  #22955| Points:
 Reviewer:|Sponsor:  SponsorQ-can
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 Currently, we're planning to do this not with trace modules, but by
 putting the datacollector side of privcount into Tor. See proposal 280.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22961 [Core Tor/Tor]: Should tor-spec say that nodes MUST NOT use TLS compression?

[Tor Bug Tracker & Wiki]

#22961: Should tor-spec say that nodes MUST NOT use TLS compression?
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  tor-spec security  |  Actual Points:
Parent ID:  #18856 | Points:
 Reviewer: |Sponsor:
---+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Done in 7411e54cd7d7f2bbb70364218a35f2b48a8ee0ed as part of #22964.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22802 [Core Tor/Tor]: Avoid use of "0" with tor_parse_foo()

[Tor Bug Tracker & Wiki]

#22802: Avoid use of "0" with tor_parse_foo()
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => needs_review


Comment:

 I've fixed the cases  I could see in `bug22802`.

 I also cleaned up a bogus case in the windows tor_parse_uint64()
 implementation while I was there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22802 [Core Tor/Tor]: Avoid use of "0" with tor_parse_foo()

[Tor Bug Tracker & Wiki]

#22802: Avoid use of "0" with tor_parse_foo()
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 Replying to [comment:1 teor]:
 > In #22469, tor accepts 0x00 as a port number in the torrc, despite it
 being against the spec. I wonder if we do the same thing when parsing
 ports in other contexts?

 I'm not sure we actually do that here -- looking over the tor_parse_*
 functions, I couldn't find any that would have caused #22469.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21615 [Metrics/Atlas]: Use hashed fingerprint in all lookups

[Tor Bug Tracker & Wiki]

#21615: Use hashed fingerprint in all lookups
---+--
 Reporter:  cypherpunks|  Owner:  irl
 Type:  enhancement| Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 The cause of #23156 is a combination of the patch hashing the fingerprints
 from summary documents to fix #22307 and the details page also hashing the
 fingerprint it has been given (to prevent bridge fingerprints from being
 leaked).

 This is also related to #15415 where functionality was added to redirect
 searches to the details page when there is only one result. The redirect
 uses the internal fingerprint and this ticket caused that fingerprint to
 be hashed. The details page would then doubly hash relay fingerprints and
 triply hash bridge fingerprints which Onionoo does not support.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22677 [Core Tor/Tor]: Document that Sandbox 1 requires linux and seccomp2.

[Tor Bug Tracker & Wiki]

#22677: Document that Sandbox 1 requires linux and seccomp2.
---+
 Reporter:  cypherpunks|  Owner:
 Type:  enhancement| Status:  needs_review
 Priority:  Medium |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  documentation trivial  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by nickm):

 * status:  new => needs_review


Comment:

 Manual patch in `bug22677`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19418 [Core Tor/Tor]: i2d_RSAPublicKey retval ignored in multiple callsites

[Tor Bug Tracker & Wiki]

#19418: i2d_RSAPublicKey retval ignored in multiple callsites
-+-
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bug-bounty disaster-waiting-to-  |  Actual Points:
  happen |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
 |  SponsorV-can
-+-
Changes (by nickm):

 * status:  new => needs_review


Comment:

 So it seems our major omission here has been checking the output of
 crypto_pk_get_digest.  I have a patch for that in `bug19418_029`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19281 [Core Tor/Tor]: Potential heap corruption via `write_escaped_data` in control.c

[Tor Bug Tracker & Wiki]

#19281: Potential heap corruption via `write_escaped_data` in control.c
-+-
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:  new
 Priority:  High |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tor-bug-bounty, heap-correctness,|  Actual Points:
  disaster-waiting-to-happen |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
 |  SponsorV-can
-+-

Comment (by nickm):

 Fix in `bug192821_025`. I recommend no backport.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19281 [Core Tor/Tor]: Potential heap corruption via `write_escaped_data` in control.c

[Tor Bug Tracker & Wiki]

#19281: Potential heap corruption via `write_escaped_data` in control.c
-+-
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  unspecified
 Severity:  Normal   | Resolution:
 Keywords:  tor-bug-bounty, heap-correctness,|  Actual Points:
  disaster-waiting-to-happen |
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
 |  SponsorV-can
-+-
Changes (by nickm):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21615 [Metrics/Atlas]: Use hashed fingerprint in all lookups

[Tor Bug Tracker & Wiki]

#21615: Use hashed fingerprint in all lookups
---+--
 Reporter:  cypherpunks|  Owner:  irl
 Type:  enhancement| Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by irl):

 * status:  closed => reopened
 * resolution:  fixed =>
 * parent:  #22307 =>


Comment:

 See #23156.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

[Tor Bug Tracker & Wiki]

#23156: Atlas returns no results on certain valid searches
---+
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by irl):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 This patch has been reverted. Follow up in #21615.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23160 [Metrics/Atlas]: Adding flag makes list empty while seach result contains the flag

[Tor Bug Tracker & Wiki]

#23160: Adding flag makes list empty while seach result contains the flag
---+-
 Reporter:  qbi|  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 I was looking for [https://atlas.torproject.org/#search/country:it
 italian] relays recently. When the search result appeared I wanted to see
 only relays with the Exit flag. So I entered `Exit`, but the resulting
 list was empty. Same behaviour was with the
 [https://atlas.torproject.org/#top10 Top10 list].

 Steps to reproduce:

   1. Go to https://atlas.torproject.org/#top10
   2. Go to Flags column.
   3. Enter `Exit` add the bottom entry field.
   4. Empty list

 Expected behaviour is that it should show the relays with the entered flag
 and empty list if there are none.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23157 [Core Tor/Tor]: prop224: Fix coverity reports generated by prop224 service merge (#20657)

[Tor Bug Tracker & Wiki]

#23157: prop224: Fix coverity reports generated by prop224 service merge 
(#20657)
-+
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs prop224 coverity  |  Actual Points:
Parent ID:  #20657   | Points:  0.3
 Reviewer:   |Sponsor:  SponsorR-can
-+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Merging; thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23159 [Core Tor/Tor]: Bug: Non-fatal assertion ei failed in launch_intro_point_circuits at src/or/hs_service.c:1784

[Tor Bug Tracker & Wiki]

#23159: Bug: Non-fatal assertion ei failed in launch_intro_point_circuits at
src/or/hs_service.c:1784
-+
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #20657   | Points:  0.2
 Reviewer:   |Sponsor:
-+
Description changed by asn:

Old description:

> I had the following non-fatal assert trigger for me when I SIGTERMed my
> service in chutney:
>
> {{{
> Aug 08 10:34:25.000 [warn] Bug: Non-fatal assertion ei failed in
> launch_intro_point_circuits at src/or/hs_service.c:1784. Stack trace:
> (bon Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(log_backtrace+0x42)
> [0x2802a2] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_bug_occurred_+0xb7)
> [0x299127] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug:
> ./src/or/tor(hs_service_run_scheduled_events+0x189d) [0x27339d] (on Tor
> 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x4b198) [0x153198] (on
> Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x69e10) [0x171e10] (on
> Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: /usr/lib/x86_64-linux-
> gnu/libevent-2.0.so.5(event_base_loop+0x7fc) [0x53613dc] (on Tor 0.3.2.0
> -alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(do_main_loop+0x244)
> [0x156674] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_main+0x1c35)
> [0x159ec5] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(main+0x19) [0x151de9]
> (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: /lib/x86_64-linux-
> gnu/libc.so.6(__libc_start_main+0xf5) [0x623db45] (on Tor 0.3.2.0-alpha-
> dev eafb26f30db8c809)
> Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x49e39) [0x151e39] (on
> Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
> Aug 08 10:34:26.000 [notice] Catching signal TERM, exiting cleanly.
> }}}

New description:

 I had the following non-fatal assert trigger for me when I SIGTERMed my
 service in chutney:

 {{{
 Aug 08 10:34:25.000 [warn] Bug: Non-fatal assertion ei failed in
 launch_intro_point_circuits at src/or/hs_service.c:1784. Stack trace: (bon
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(log_backtrace+0x42)
 [0x2802a2] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_bug_occurred_+0xb7)
 [0x299127] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug:
 ./src/or/tor(hs_service_run_scheduled_events+0x189d) [0x27339d] (on Tor
 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x4b198) [0x153198] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x69e10) [0x171e10] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: /usr/lib/x86_64-linux-
 gnu/libevent-2.0.so.5(event_base_loop+0x7fc) [0x53613dc] (on Tor 0.3.2.0
 -alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(do_main_loop+0x244)
 [0x156674] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_main+0x1c35)
 [0x159ec5] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(main+0x19) [0x151de9] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: /lib/x86_64-linux-
 gnu/libc.so.6(__libc_start_main+0xf5) [0x623db45] (on Tor 0.3.2.0-alpha-
 dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x49e39) [0x151e39] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:26.000 [notice] Catching signal TERM, exiting cleanly.
 }}}

 I have not reproed it since then.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23159 [Core Tor/Tor]: Bug: Non-fatal assertion ei failed in launch_intro_point_circuits at src/or/hs_service.c:1784

[Tor Bug Tracker & Wiki]

#23159: Bug: Non-fatal assertion ei failed in launch_intro_point_circuits at
src/or/hs_service.c:1784
--+
 Reporter:  asn   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-hs, prop224
Actual Points:|  Parent ID:  #20657
   Points:  0.2   |   Reviewer:
  Sponsor:|
--+
 I had the following non-fatal assert trigger for me when I SIGTERMed my
 service in chutney:

 {{{
 Aug 08 10:34:25.000 [warn] Bug: Non-fatal assertion ei failed in
 launch_intro_point_circuits at src/or/hs_service.c:1784. Stack trace: (bon
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(log_backtrace+0x42)
 [0x2802a2] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_bug_occurred_+0xb7)
 [0x299127] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug:
 ./src/or/tor(hs_service_run_scheduled_events+0x189d) [0x27339d] (on Tor
 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x4b198) [0x153198] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x69e10) [0x171e10] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: /usr/lib/x86_64-linux-
 gnu/libevent-2.0.so.5(event_base_loop+0x7fc) [0x53613dc] (on Tor 0.3.2.0
 -alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(do_main_loop+0x244)
 [0x156674] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(tor_main+0x1c35)
 [0x159ec5] (on Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(main+0x19) [0x151de9] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: /lib/x86_64-linux-
 gnu/libc.so.6(__libc_start_main+0xf5) [0x623db45] (on Tor 0.3.2.0-alpha-
 dev eafb26f30db8c809)
 Aug 08 10:34:25.000 [warn] Bug: ./src/or/tor(+0x49e39) [0x151e39] (on
 Tor 0.3.2.0-alpha-dev eafb26f30db8c809)
 Aug 08 10:34:26.000 [notice] Catching signal TERM, exiting cleanly.
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20757 [Applications/Tor Browser]: git-gpg-wrapper is incompatible with git ≥ 2.10.0-rc0

[Tor Bug Tracker & Wiki]

#20757: git-gpg-wrapper is incompatible with git ≥ 2.10.0-rc0
-+-
 Reporter:  dcf  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-gitian, tbb-rbm, |  Actual Points:
  TorBrowserTeam201708R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good to me. This is fixed now in `tor-browser-build` (commit
 cdb545afe64aa22364f2a7e08e0afe27a1f60129 on `master`) and in `tor-browser-
 bundle` (commit 6b1c63cc05cd28a55a241296808eef448bdf96f3 on `master` and
 commit ddfbe17d6b6a83fc3c7fda2e6737d33221f8539c on `maint-7.0`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23158 [Internal Services/Service - trac]: Restrict access to InterMapTxt and other service pages

[Tor Bug Tracker & Wiki]

#23158: Restrict access to InterMapTxt and other service pages
--+-
 Reporter:  cypherpunks   |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 InterMapTxt can be used to redefine links schemas. Using it everyone
 logged as cypherpunks user can globally nearly-stealthy redirect all the
 prefixed links to malware-spreading websites.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22947 [Webpages/Blog]: Possible Security Issue (Information Disclosure) with Drupal on blog.torproject.org

[Tor Bug Tracker & Wiki]

#22947: Possible Security Issue (Information Disclosure) with Drupal on
blog.torproject.org
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  accepted
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords:  security   |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by cypherpunks):

 Got the exact same error again when clicking on new comment, relevant link
 https://blog.torproject.org/comment/reply/node/1384/comment_node_article/270328

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23134 [Applications/Tor Browser]: Switch circuits after REASON=DESTROY instead of showing the Firefox error page immediately (was: Unable to connect - bug or not?)

[Tor Bug Tracker & Wiki]

#23134: Switch circuits after REASON=DESTROY instead of showing the Firefox 
error
page immediately
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

[Tor Bug Tracker & Wiki]

#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by irl):

 Apologies, this is related to #21615, will revert momentarily.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23153 [Applications/Tor Browser]: TB 7.5a4 - NoScript option: forbid active web content when using a proxy

[Tor Bug Tracker & Wiki]

#23153: TB 7.5a4 - NoScript option: forbid active web content when using a proxy
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 NoScript recommends that because it is often used outside the context of
 Tor Browser. However, we have the security slider which you can use to
 easily adapt your browsing to the threat model you have.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23138 [Applications/Tor Browser]: TorButton don't let people to change proxy settings

[Tor Bug Tracker & Wiki]

#23138: TorButton don't let people to change proxy settings
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  closed
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_information => closed
 * resolution:   => wontfix


Comment:

 Replying to [comment:8 cypherpunks]:
 > Curious, eh? That's good, but it will "eat" a cat :P
 >
 > Short answer: Because I want to use HTTP proxy.
 > Long answer:
 > I know many people who use TBB with HTTP proxy.
 > Some of reasons:
 > 1. To take a complete log of requests.
 > 2. To filter out certain destination using their DNS servers(e.g.,
 custom hosts)
 > 3. To share Tor access with other software that doesn't support SOCKS
 but HTTP.
 > 4. More.
 >
 > We all understand this might reduce anomity. However, you should know
 that
 > there are many, YES, MANY, people use Tor without Firefox! No, really,
 this
 > might bring you heart attack, but it's true.
 >
 > I have several legal websites hosting on .onion. According to my access
 log,
 > 40% of access use non-TBB browser, such as Firefox 64bit, iPhone,
 Chrome(!),
 > Safari, etc etc. I've kicked non-TBB user(return 301 ) after I saw that.
 >
 > Back to the primary discussion,
 > when will you consider custom proxy? We just want to use our own
 HTTPS/SOCKS4/5/PAC proxy
 > to hide IP using Tor.

 That's not something we will fix ourselves. But we might accept patches to
 support this use-case. Feel free to reopen this ticket in case you have a
 patch we should consider.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22692 [Applications/Tor Browser]: Backport Linux content sandboxing from Firefox 54

[Tor Bug Tracker & Wiki]

#22692: Backport Linux content sandboxing from Firefox 54
-+-
 Reporter:  jld  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  TorBrowserTeam201708,|  Actual Points:
  GeorgKoppen201708  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:2 cypherpunks]:
 > Whoa, so are you in business of backporting sandbox level 2? Then for
 other platforms too. Also are you going to do cherry-picking from the
 trunk?

 We are in the business of getting content sandboxing on Linux going at
 all. ESR 52 does not have that by default. We are better off on macOS and
 we have #16010 for Windows. Once we have content sandboxing running on all
 supported platforms we can think about tightening the policies by
 backporting (more) patches.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21410 [Applications/Tor Browser]: Pagewise scrolling up with [Shift]+[Space] not working on some websites

[Tor Bug Tracker & Wiki]

#21410: Pagewise scrolling up with [Shift]+[Space] not working on some websites
--+--
 Reporter:  Runawe|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Runawe):

 Problem still exists in Tor Browser 7.0.4

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23157 [Core Tor/Tor]: prop224: Fix coverity reports generated by prop224 service merge (#20657)

[Tor Bug Tracker & Wiki]

#23157: prop224: Fix coverity reports generated by prop224 service merge 
(#20657)
-+
 Reporter:  asn  |  Owner:
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs prop224 coverity  |  Actual Points:
Parent ID:  #20657   | Points:  0.3
 Reviewer:   |Sponsor:  SponsorR-can
-+
Changes (by asn):

 * status:  new => needs_review
 * parent:   => #20657


Comment:

 Please see my branch `bug23157` for the coverity fixes here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22770 [Applications/Tor Browser]: Cookie protections dialog cannot delete cookies after upgrade

[Tor Bug Tracker & Wiki]

#22770: Cookie protections dialog cannot delete cookies after upgrade
--+--
 Reporter:  pastly|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  cookies   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Runawe):

 Problem still exists in Tor Browser 7.0.4

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

[Tor Bug Tracker & Wiki]

#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-

Comment (by cypherpunks):

 This looks to be related to the merge of #21615.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23157 [Core Tor/Tor]: prop224: Fix coverity reports generated by prop224 service merge (#20657)

[Tor Bug Tracker & Wiki]

#23157: prop224: Fix coverity reports generated by prop224 service merge 
(#20657)
--+-
 Reporter:  asn   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  tor-hs prop224 coverity
Actual Points:|  Parent ID:
   Points:  0.3   |   Reviewer:
  Sponsor:  SponsorR-can  |
--+-


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22979 [Core Tor/Tor]: prop224: Add an introduction point onion key in the descriptor

[Tor Bug Tracker & Wiki]

#22979: prop224: Add an introduction point onion key in the descriptor
---+---
 Reporter:  dgoulet|  Owner:  dgoulet
 Type:  enhancement| Status:  closed
 Priority:  Medium |  Milestone:  Tor:
   |  0.3.2.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords:  tor-hs, prop224, tor-spec  |  Actual Points:
Parent ID:  #21888 | Points:  0.1
 Reviewer:  asn|Sponsor:  SponsorR-must
---+---
Changes (by asn):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 That was fixed as part of the #20657 branch, and also merged upstream.
 See:
 
https://gitweb.torproject.org/tor.git/commit/?id=471489ca035a50733205f97c8d589d80c58e36e8

 Closing this for now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13818 [Applications/Tor Browser]: [PATCH] Active tab looks ugly (inherits system color scheme only partially)

[Tor Bug Tracker & Wiki]

#13818: [PATCH] Active tab looks ugly (inherits system color scheme only 
partially)
--+--
 Reporter:  gentoo_root   |  Owner:  mcs
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Closed #23154 as a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23154 [Applications/Tor Browser]: TOR BROWSER USER INTERFACE ISSUE

[Tor Bug Tracker & Wiki]

#23154: TOR BROWSER USER INTERFACE ISSUE
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Very Low  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Trivial   | Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 This is a duplicate of #13818.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

[Tor Bug Tracker & Wiki]

#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:  nickm|Sponsor:  SponsorR-must
-+

Comment (by asn):

 For some reason I can't close the ticket. Trac just gives me a comment
 preview instead of closing it...
 If someone else can close it, please do.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20657 [Core Tor/Tor]: prop224: Implement service support.

[Tor Bug Tracker & Wiki]

#20657: prop224: Implement service support.
-+
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  needs_review
 Priority:  Very High|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224  |  Actual Points:
Parent ID:  #12424   | Points:  6
 Reviewer:  nickm|Sponsor:  SponsorR-must
-+

Comment (by asn):

 So I took another look at `fcdc4bee0`. It's not an easy read, because the
 `rep_hist` subsystem (and what it expects from us) is quite strange.

 However, the commit in question does not remove any
 `rep_hist_note_used_internal()` from any legacy call points, so the
 removals should not influence the legacy system.

 It wouldn't surprise me if there are still circ timeout bugs like #23097
 in the v3 system, so I expect that we will need to fine tune the rephist
 system further as we continue with client-side prop224 testing. For now I
 think we are good. I'm closing this ticket! :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22671 [Webpages/Blog]: Implement design changes to blog.torproject.org

[Tor Bug Tracker & Wiki]

#22671: Implement design changes to blog.torproject.org
---+--
 Reporter:  linda  |  Owner:  hiro
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--
Changes (by hiro):

 * status:  reopened => needs_review


Comment:

 Sorry. forgot about the footer.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16596 [Metrics/ExoneraTor]: Change database queries towards making only a single query per request

[Tor Bug Tracker & Wiki]

#16596: Change database queries towards making only a single query per request
+--
 Reporter:  karsten |  Owner:  karsten
 Type:  enhancement | Status:  accepted
 Priority:  Low |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by karsten):

 * status:  new => accepted
 * owner:   => karsten


Comment:

 Err, wrong ticket, this one just happened to be open. By the way, I picked
 up work on this one yesterday.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23156 [Metrics/Atlas]: Atlas returns no results on certain valid searches

[Tor Bug Tracker & Wiki]

#23156: Atlas returns no results on certain valid searches
---+-
 Reporter:  phoul  |  Owner:  irl
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Atlas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Changes (by karsten):

 * cc: karsten (added)


Comment:

 This might be related to the recently pushed fixes/enhancements. I'll let
 irl do a quick check whether that's the case. If it's potentially Onionoo-
 related, please let me know and I'll take a closer look!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16596 [Metrics/ExoneraTor]: Change database queries towards making only a single query per request

[Tor Bug Tracker & Wiki]

#16596: Change database queries towards making only a single query per request
+-
 Reporter:  karsten |  Owner:
 Type:  enhancement | Status:  new
 Priority:  Low |  Milestone:
Component:  Metrics/ExoneraTor  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-
Changes (by karsten):

 * cc: karsten (added)


Comment:

 This might be related to the recently pushed fixes/enhancements. I'll let
 irl do a quick check whether that's the case. If it's potentially Onionoo-
 related, please let me know and I'll take a closer look!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17898 [Applications/Tor Browser]: Disable Firefox' new Tracking Protection in ESR 45

[Tor Bug Tracker & Wiki]

#17898: Disable Firefox' new Tracking Protection in ESR 45
-+-
 Reporter:  cypherpunks  |  Owner:  gk
 Type:  defect   | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff45-esr, tbb-6.0a5, |  Actual Points:
  TorBrowserTeam201604R, GeorgKoppen201604   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Why not disable(unclickable) & hide it from the UI?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs