Re: [tor-bugs] #24946 [Core Tor/Tor]: connection_ap_expire_beginning(): Bug: circuit->purpose == CIRCUIT_PURPOSE_C_GENERAL failed

[Tor Bug Tracker & Wiki]

#24946: connection_ap_expire_beginning(): Bug: circuit->purpose ==
CIRCUIT_PURPOSE_C_GENERAL failed
--+
 Reporter:  arma  |  Owner:  mikeperry
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by mikeperry):

 * status:  assigned => needs_review


Comment:

 Ok, I fixed this, along with and 3 others that I found by looking at every
 occurrence of CIRCUIT_PURPOSE_C_GENERAL (which
 CIRCUIT_PURPOSE_C_HSDIR_POST and CIRCUIT_PURPOSE_C_HSDIR_GEt were split
 off from). https://oniongit.eu/mikeperry/tor/commits/bug24946

 There is one other instance in count_pending_general_client_circuits(),
 which is called by circuit_get_open_circ_or_launch() to determine if we
 have too many non-hidden service client circuits available. If HSDIR
 retries are already rate limited (I think they are, but I am not 100%
 sure), then I don't think we need to patch that one. It would be nice if
 someone who knows could confirm that hsdir attempts/retries are rate
 limited for v2 and v3 though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10818 [Archived/Flashproxy]: Tell users to install M2Crypto

[Tor Bug Tracker & Wiki]

#10818: Tell users to install M2Crypto
-+---
 Reporter:  infinity0|  Owner:  infinity0
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Archived/Flashproxy  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by teor):

 It isn't, it's in the "Archived" component.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24943 [Applications/Tor Browser]: TorButton is preventing from add-on saving its setting

[Tor Bug Tracker & Wiki]

#24943: TorButton is preventing from add-on saving its setting
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * owner:  (none) => tbb-team
 * component:  Applications/Torbutton => Applications/Tor Browser


Comment:

 I also can reproduce this. Torbutton generated a WARN log when I clicked
 save button.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24946 [Core Tor/Tor]: connection_ap_expire_beginning(): Bug: circuit->purpose == CIRCUIT_PURPOSE_C_GENERAL failed

[Tor Bug Tracker & Wiki]

#24946: connection_ap_expire_beginning(): Bug: circuit->purpose ==
CIRCUIT_PURPOSE_C_GENERAL failed
--+
 Reporter:  arma  |  Owner:  mikeperry
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by arma):

 * status:  new => assigned
 * owner:  (none) => mikeperry


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24946 [Core Tor/Tor]: connection_ap_expire_beginning(): Bug: circuit->purpose == CIRCUIT_PURPOSE_C_GENERAL failed

[Tor Bug Tracker & Wiki]

#24946: connection_ap_expire_beginning(): Bug: circuit->purpose ==
CIRCUIT_PURPOSE_C_GENERAL failed
--+
 Reporter:  arma  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 On my onion service, I now get:
 {{{
 Jan 19 18:24:30.165 [warn] connection_ap_expire_beginning(): Bug:
 circuit->purpose == CIRCUIT_PURPOSE_C_GENERAL failed. The purpose on the
 circuit was Hidden service: Uploading HS descriptor; it was in state open,
 path_state new. (on Tor 0.3.3.0-alpha-dev ef148638a1d3b312)
 }}}

 It looks like the clause in question is
 {{{
 }
 if (circ->purpose != CIRCUIT_PURPOSE_C_GENERAL &&
 circ->purpose != CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT &&
 circ->purpose != CIRCUIT_PURPOSE_PATH_BIAS_TESTING) {
   log_warn(LD_BUG, "circuit->purpose == CIRCUIT_PURPOSE_C_GENERAL
 failed. "
"The purpose on the circuit was %s; it was in state %s, "
"path_state %s.",
circuit_purpose_to_string(circ->purpose),
circuit_state_to_string(circ->state),
CIRCUIT_IS_ORIGIN(circ) ?
 pathbias_state_to_string(TO_ORIGIN_CIRCUIT(circ)->path_state) :
 "none");
 }
 }}}
 and I'm suspecting that #23101 wanted to add a line here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18361 [Applications/Tor Browser]: Issues with corporate censorship and mass surveillance

[Tor Bug Tracker & Wiki]

#18361: Issues with corporate censorship and mass surveillance
--+--
 Reporter:  ioerror   |  Owner:  tbb-team
 Type:  defect| Status:  reopened
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Blocking via an unsolvable CAPTCHA
 US 9407661 B2
 https://via.hypothes.is/https://www.google.com/patents/US9407661

 Interesting. Human being who use Tor are being classified as bots for now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23840 [Community/Tor Support]: Google's reCAPTCHA fails 99%

[Tor Bug Tracker & Wiki]

#23840: Google's reCAPTCHA fails 99%
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  reopened
 Priority:  Immediate  |  Milestone:
Component:  Community/Tor Support  |Version:
 Severity:  Blocker| Resolution:
 Keywords:  noscript   |  Actual Points:
Parent ID:  #18361 | Points:
 Reviewer: |Sponsor:
---+--
Changes (by cypherpunks):

 * parent:   => #18361


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24944 [- Select a component]: Captcha

[Tor Bug Tracker & Wiki]

#24944: Captcha
--+---
 Reporter:  shakthib2b|  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by cypherpunks):

 * status:  reopened => closed
 * resolution:   => duplicate


Comment:

 https://trac.torproject.org/projects/tor/ticket/23840

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24944 [- Select a component]: Captcha

[Tor Bug Tracker & Wiki]

#24944: Captcha
--+--
 Reporter:  shakthib2b|  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  invalid =>


Comment:

 https://trac.torproject.org/projects/tor/ticket/23840

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24864 [Core Tor/Tor]: directory authorities take a while to update relays' Tor versions because they use old descriptors for votes

[Tor Bug Tracker & Wiki]

#24864: directory authorities take a while to update relays' Tor versions 
because
they use old descriptors for votes
+
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Low |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Minor   | Resolution:
 Keywords:  tor-relay, tor-dirauth  |  Actual Points:
Parent ID:  | Points:  1
 Reviewer:  |Sponsor:
+

Comment (by arma):

 Replying to [comment:12 arma]:
 > So from moria1's perspective, branice was offline and not worth doing
 any tests for, from Jan 11 until Jan 19.

 Ok, false alarm there too. Looks like moria1's logs were screwed up by the
 overload attacks. I don't have useful logs from that period. :/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13837 [Core Tor/Tor]: Mitigate guard discovery by pinning middle node

[Tor Bug Tracker & Wiki]

#13837: Mitigate guard discovery by pinning middle node
-+-
 Reporter:  asn  |  Owner:
 |  mikeperry
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-guard, guard-discovery-  |  implemented
  prop247-controller, review-group-30|  Actual Points:
Parent ID:  #9001| Points:
 Reviewer:  asn  |Sponsor:
 |  SponsorV-can
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => implemented


Comment:

 merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23101 [Core Tor/Tor]: Predict and build specific HS purpose circuits (rather than GENERAL)

[Tor Bug Tracker & Wiki]

#23101: Predict and build specific HS purpose circuits (rather than GENERAL)
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-guard, guard-discovery-  |  implemented
  prop247-controller, review-group-27, review-   |  Actual Points:
  group-30   |
Parent ID:  #13837   | Points:
 Reviewer:  asn  |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => implemented


Comment:

 merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24864 [Core Tor/Tor]: directory authorities take a while to update relays' Tor versions because they use old descriptors for votes

[Tor Bug Tracker & Wiki]

#24864: directory authorities take a while to update relays' Tor versions 
because
they use old descriptors for votes
+
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Low |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Minor   | Resolution:
 Keywords:  tor-relay, tor-dirauth  |  Actual Points:
Parent ID:  | Points:  1
 Reviewer:  |Sponsor:
+

Comment (by arma):

 For branice in particular, here's what moria1's logs have to say
 (timestamps in EST):
 {{{
 Jan 11 02:42:35.977 [info] dirserv_single_reachability_test(): Testing
 reachability of branice at 50.7.176.2:443.
 Jan 11 02:42:36.568 [info] dirserv_orconn_tls_done(): Found router
 $48A1D31469BBB130255B9E53130A5825ECFCC719~branice at 50.7.176.2 to be
 reachable at 50.7.176.2:443. Yay.
 Jan 11 03:03:56.410 [info] dirserv_single_reachability_test(): Testing
 reachability of branice at 50.7.176.2:443.
 Jan 11 03:03:56.888 [info] dirserv_orconn_tls_done(): Found router
 $48A1D31469BBB130255B9E53130A5825ECFCC719~branice at 50.7.176.2 to be
 reachable at 50.7.176.2:443. Yay.
 Jan 19 17:19:07.512 [info] dirserv_single_reachability_test(): Testing
 reachability of branice at 50.7.176.2:443.
 Jan 19 17:19:07.826 [info] dirserv_orconn_tls_done(): Found router
 $48A1D31469BBB130255B9E53130A5825ECFCC719~branice at 50.7.176.2 to be
 reachable at 50.7.176.2:443. Yay.
 }}}
 So from moria1's perspective, branice was offline and not worth doing any
 tests for, from Jan 11 until Jan 19.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23101 [Core Tor/Tor]: Predict and build specific HS purpose circuits (rather than GENERAL)

[Tor Bug Tracker & Wiki]

#23101: Predict and build specific HS purpose circuits (rather than GENERAL)
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-guard, guard-discovery-  |  Actual Points:
  prop247-controller, review-group-27, review-   |
  group-30   |
Parent ID:  #13837   | Points:
 Reviewer:  asn  |Sponsor:
-+-

Comment (by nickm):

 Update: I'm cool with merging this, but could I ask you to please make a
 squashed version?  I tried squashing the branch, and there were conflicts.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24864 [Core Tor/Tor]: directory authorities take a while to update relays' Tor versions because they use old descriptors for votes

[Tor Bug Tracker & Wiki]

#24864: directory authorities take a while to update relays' Tor versions 
because
they use old descriptors for votes
+
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Low |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Minor   | Resolution:
 Keywords:  tor-relay, tor-dirauth  |  Actual Points:
Parent ID:  | Points:  1
 Reviewer:  |Sponsor:
+

Comment (by arma):

 Replying to [comment:10 teor]:
 > So it appears that the descriptor takes time to be included in the
 consensus.

 Yeah, there's certainly a flood of data here, enough of it contradictory
 and wrong that I don't see anything I can actually act on.

 So in conclusion, it has not yet appeared to me that the descriptor takes
 time to be included in the consensus. In fact, that's what the consensus
 *is* -- it's a consensus of which descriptors the authorities are voting
 about.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24881 [Webpages/Website]: consolidate relay setup instruction pages and link to new guide

[Tor Bug Tracker & Wiki]

#24881: consolidate relay setup instruction pages and link to new guide
--+--
 Reporter:  cypherpunks   |  Owner:  hiro
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24881 [Webpages/Website]: consolidate relay setup instruction pages and link to new guide

[Tor Bug Tracker & Wiki]

#24881: consolidate relay setup instruction pages and link to new guide
--+--
 Reporter:  cypherpunks   |  Owner:  hiro
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  needs_review => assigned
 * owner:  (none) => hiro


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24588 [Core Tor/Tor]: Make signal handlers optional, for starting Tor in-process

[Tor Bug Tracker & Wiki]

#24588: Make signal handlers optional, for starting Tor in-process
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 |  implemented
 Keywords:  tor-mobile, s8-api, review-group-30  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => implemented


Comment:

 Great!  I squashed those in, and added
 d6ff5e71e305f5baef1df6676e0690be6ba705c9 to fix the first paragraph.  I've
 merged that to torspec master, and merged the code branch to Tor master.
 Thanks for the review!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10885 [Applications/Tor Browser]: Confusing/Conflicting Info Provided About Flash in Tor Browser, Usability Issue

[Tor Bug Tracker & Wiki]

#10885: Confusing/Conflicting Info Provided About Flash in Tor Browser, 
Usability
Issue
--+--
 Reporter:  guranna2  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  tbb-torbutton, tbb-usability  |  Actual Points:
Parent ID:  #7008 | Points:
 Reviewer:|Sponsor:
--+--
Changes (by arma):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Replying to [ticket:10885 guranna2]:
 > --[2]--Documentation in design document
 (https://www.torproject.org/projects/torbrowser/design/) says "In
 addition, to reduce any unproxied activity by arbitrary plugins at load
 time, and to reduce the fingerprintability of the installed plugin list,
 we also patch the Firefox source code to prevent the load of any plugins
 except for Flash and Gnash."

 I opened #24945 for this bug, which I think still remains (either because
 Tor Browser has wrong behavior or because the docs are wrong).

 The rest of them I think are resolved at this point. In particular, the
 Torbutton security settings interface is improved a lot.

 I'm going to close this ticket in my quest to close #7008.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 woo.  Merging now!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16261 [Webpages/Website]: Update the "Running a Bridge" section of the website

[Tor Bug Tracker & Wiki]

#16261: Update the "Running a Bridge" section of the website
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages/Website |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridges, docs, pts, website- |  Actual Points:
  content|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by yawning):

 * cc: yawning (removed)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24945 [Applications/Tor Browser]: Tor Browser design doc says it whitelists flash and gnash as plugins

[Tor Bug Tracker & Wiki]

#24945: Tor Browser design doc says it whitelists flash and gnash as plugins
--+--
 Reporter:  arma  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 The Tor Browser design doc says "we also patch the Firefox source code to
 prevent the load of any plugins except for Flash and Gnash. Even for Flash
 and Gnash, we also patch Firefox to prevent loading them into the address
 space until they are explicitly enabled."

 If this is so, we should probably change Tor Browser to just prevent all
 plugins, including Flash and Gnash.

 And if it is no longer so, we should fix the wrong statement in the design
 doc.

 Noticed in #10885.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by dgoulet):

 I've squashed the fixup commit and created _02 branches. The git diff
 should be zero with the _01 branches.

 Last thing, I edited the last commit to reflect the new consensus
 parameter name.

 `bug24895_029_02`, `bug24895_031_02` and `bug24895_032_02`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #7470 [Applications/Tor Browser]: Make it possible to run Flash in TBB

[Tor Bug Tracker & Wiki]

#7470: Make it possible to run Flash in TBB
--+--
 Reporter:  arma  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:  flash |  Actual Points:
Parent ID:  #7008 | Points:
 Reviewer:|Sponsor:
--+--
Changes (by arma):

 * status:  assigned => closed
 * resolution:   => wontfix


Comment:

 Ok. Closing as wontfix because I'm working towards closing #7008 as
 wontfix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24588 [Core Tor/Tor]: Make signal handlers optional, for starting Tor in-process

[Tor Bug Tracker & Wiki]

#24588: Make signal handlers optional, for starting Tor in-process
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile, s8-api, review-group-30  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-

Comment (by mikeperry):

 Ok, this documentation for the code looks great. I still think it is
 surprising to list things in controller-spec.txt that can't be set via
 SETCONF. The first paragraph of that section says "These options can be
 set and examined by the SETCONF and GETCONF commands.."

 How about this fixup so that it is not as much of a surprise:
 
https://gitweb.torproject.org/user/mikeperry/torspec.git/commit/?h=disable_signal_handlers=0d95894f3ae46009d0e3f5dddcbe3f221d8a6f1e

 That branch also has a bonus commit for __OwningControllerFD:
 
https://gitweb.torproject.org/user/mikeperry/torspec.git/commit/?h=disable_signal_handlers=cde44d7276bef1ec4c538b5f585317c4a1ddeca5

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24899 [Core Tor/Tor]: [feature request] Increase the limit on pending client circuits with the number of onion services

[Tor Bug Tracker & Wiki]

#24899: [feature request] Increase the limit on pending client circuits with the
number of onion services
---+
 Reporter:  yurivict271|  Owner:  (none)
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-hs, ddos-risk  |  Actual Points:
Parent ID:  #24897 | Points:  1
 Reviewer: |Sponsor:
---+

Comment (by yurivict271):

 {{{MaxClientCircuitsPendingPerHS}}} should have a sensible default.

 Additionally, "purpose" can be assigned to the limits, with
 {{{MaxClientCircuitsPendingPerHS}}} only allocating pending circuits to
 individual onions, and {{{MaxClientCircuitsPending}}} being shared between
 all uses.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24497 [Webpages/Website]: Improve documentation for tor relay operators

[Tor Bug Tracker & Wiki]

#24497: Improve documentation for tor relay operators
--+
 Reporter:  arthuredelstein   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 I'm closing this as I consider the main task as done, please reopen with
 specific items that are missing if you disagree.
 #16261 is used to track the Bridge documenation.

 I added URLs to the Tor Relay Guide on the website, it is under review
 here:
 https://trac.torproject.org/projects/tor/ticket/24881#comment:3

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16261 [Webpages/Website]: Update the "Running a Bridge" section of the website

[Tor Bug Tracker & Wiki]

#16261: Update the "Running a Bridge" section of the website
-+-
 Reporter:  isis |  Owner:  isis
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Webpages/Website |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-bridges, docs, pts, website- |  Actual Points:
  content|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * parent:  #24497 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10818 [Archived/Flashproxy]: Tell users to install M2Crypto

[Tor Bug Tracker & Wiki]

#10818: Tell users to install M2Crypto
-+---
 Reporter:  infinity0|  Owner:  infinity0
 Type:  defect   | Status:  new
 Priority:  Very High|  Milestone:
Component:  Archived/Flashproxy  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by yurivict271):

 http://crypto.stanford.edu/flashproxy says that FlashProxy is deprecated.
 Why is this important then?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24505 [Webpages/Website]: Publish tor relay auto-update instructions

[Tor Bug Tracker & Wiki]

#24505: Publish tor relay auto-update instructions
--+
 Reporter:  arthuredelstein   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  ux-team   |  Actual Points:
Parent ID:  #24497| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 I'm closing it, please reopen if you think something is missing.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24881 [Webpages/Website]: consolidate relay setup instruction pages and link to new guide

[Tor Bug Tracker & Wiki]

#24881: consolidate relay setup instruction pages and link to new guide
--+--
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * status:  new => needs_review


Comment:

 see my 24881_consolidate_relay_doc branch on gh:
 https://github.com/nusenu/torproject-
 webwml/commit/41b9624bf787a6dc50b0e52a587ca58259ab59fd
 https://github.com/nusenu/torproject-
 webwml/commit/8358537eea329c42e0b6247c1c9efb615c8047a4

 changes:
 - Add new entry to sidenav: Tor Relay Guide
 - Remove sidenav entry "Installing Tor on Fedora/CentOS"
 - Remove rpms.wml
 - Remove sidenav entry "Configuring a Relay graphically" (but do not
 remove the page itself to not break old urls)
 - Remove sidenav entry "Configuring a Relay manually" (but do not remove
 the page itself to not break old urls)
 - Replace old content with a pointer to the new Tor Relay Guide.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24658 [Core Tor/Tor]: Split/refactor crypto.h into smaller separate modules

[Tor Bug Tracker & Wiki]

#24658: Split/refactor crypto.h into smaller separate modules
-+-
 Reporter:  isis |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-crypto, refactor, review-|  Actual Points:
  group-29   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8-can
-+-
Changes (by ffmancera):

 * status:  needs_revision => needs_review


Comment:

 Okay, all changes done. Also I committed the changes related with
 compiling and dependency issues. All tests pass succesfully.

 I hope everything is fine :D

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by arma):

 Sure, sounds great. Thanks.

 (Once they're all merged, I'll go add the oxford comma to "Default,
 minimum and maximum" in master. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24944 [- Select a component]: Captcha

[Tor Bug Tracker & Wiki]

#24944: Captcha
--+-
 Reporter:  shakthib2b|  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 Complain to Google, not innocent Tor Project!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23101 [Core Tor/Tor]: Predict and build specific HS purpose circuits (rather than GENERAL)

[Tor Bug Tracker & Wiki]

#23101: Predict and build specific HS purpose circuits (rather than GENERAL)
-+-
 Reporter:  mikeperry|  Owner:
 |  mikeperry
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-guard, guard-discovery-  |  Actual Points:
  prop247-controller, review-group-27, review-   |
  group-30   |
Parent ID:  #13837   | Points:
 Reviewer:  asn  |Sponsor:
-+-

Comment (by nickm):

 Okay, I'm fine with merging this patch series once Roger is.  I still
 think that having separate client and service vanguards might be a better
 idea, but if you've done the analysis, I'll believe you.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24883 [Webpages]: Listing OpenBSD Tor Brower on www

[Tor Bug Tracker & Wiki]

#24883: Listing OpenBSD Tor Brower on www
-+
 Reporter:  gman999  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Webpages |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by cypherpunks):

 https://www.torproject.org/docs/openbsd.html.en

 "Running Tor on OpenBSD"
 should be
 "Installing Tor Browser on OpenBSD"
 (since the page is about Tor Browser installation (not just tor)

 sidenav says:
 "Installing Tor on OpenBSD"

 should be:
 "Installing Tor Browser on OpenBSD"

 And more generally I believe this should be on
 https://www.torproject.org/download/download.html.en
 like any other Tor Browser information for all other OSes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24902 [Core Tor/Tor]: Denial of Service mitigation subsystem

[Tor Bug Tracker & Wiki]

#24902: Denial of Service mitigation subsystem
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  accepted
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ddos, tor-relay, review-group-30  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by dgoulet):

 * status:  needs_revision => accepted


Comment:

 Moving this back to "accepted" since a lot will change after IRC
 discussions. The new and hopefully simpler design is this now:

 1. Have a circuit token bucket per-IP which is refilled with some value at
 some rate defined by consensus parameters. Remove token from bucket every
 time a CREATE is seen. If bucket goes down to 0, activate defense if the
 number of concurrent connection is above a certain threshold defined by a
 consensus parameter.

 2. Detect high connection amount of connections per-IP and start closing
 connections for that IP if that reaches a too high threshold specified by
 a consensus parameter.

 3. Add a torrc option and/or consensus parameter to refuse client
 connection with ESTABLISH_RENDEZVOUS or in other words, an anti tor2web
 option at the relay. These have been observed to be quite problematic as
 people are running hundreds (if not thousands) of tor2web clients scanning
 the onion space. As collateral damage, it is loading relays with
 connections for rendezvous circuits. We could easily integrate that option
 with a certain threshold of parallel connection like "if I see 10 conn on
 that IP doing RDV, block".

 I'm working on the new code for this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => merge_ready


Comment:

 These look fine to me.  Roger, do you like them?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by nickm):

 For other reviewers: The tor branches are called `bug`... not `ticket...`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-

Comment (by dgoulet):

 This looks good! Ok, so I made two tiny winy changes here and I'll explain
 why. They are in the fixup commit `9e3b63b041f0e60e`:

 1. I changed the name `maxrendfailures` to `hs_service_max_rdv_failures`
 which, like you said above, is to specifically point it out to be service
 side. Secondly, because this needs to be merged forward, with v3 in 032,
 that value is used by both versions and moved to `hs_common.h` so the
 naming is important to clearly name space it to the "hs" subsystem and
 identify it as service. Third, `rend` in the code is associated with v2
 thus the use of `rdv` instead. Finally, I think a name like that will be
 more explicit when read from the consensus or torrc file by the dirauth.

 2. I simply made the default, min and max values a `#define` which, when
 merging forward, will be moved to `hs_common.c`.

 This patch won't merge forward cleanly because of the big v3 change
 starting in 031 so here are the respective branches per version.

 NOTE: The fixup commit from above is in all the branches so --autosquash
 might be desirable before merging. And I hope I made the merge forward
 OK... Let me know if anything goes wrong. There will be a very easy
 conflict from 029 to 030.

 Branch: `ticket24895_029_01`, `ticket24895_031_01` and
 `ticket24895_032_01`
 Spec branch: `ticket24895_01`

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24863 [Core Tor/Tor]: Travis CI environment change breaks clang builds

[Tor Bug Tracker & Wiki]

#24863: Travis CI environment change breaks clang builds
--+
 Reporter:  catalyst  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  tor-ci|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor3
--+
Changes (by nickm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay! Merging.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24588 [Core Tor/Tor]: Make signal handlers optional, for starting Tor in-process

[Tor Bug Tracker & Wiki]

#24588: Make signal handlers optional, for starting Tor in-process
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile, s8-api, review-group-30  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-
Changes (by nickm):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24588 [Core Tor/Tor]: Make signal handlers optional, for starting Tor in-process

[Tor Bug Tracker & Wiki]

#24588: Make signal handlers optional, for starting Tor in-process
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-mobile, s8-api, review-group-30  |  Actual Points:
Parent ID:  #23684   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-

Comment (by nickm):

 > Why is this listed for controllers in control-spec.txt if you can't
 SETCONF/change the value while Tor is running (as per the check added to
 options_transition_allowed)?

 That's because it's meant for use by controllers only, not in a regular
 torrc.  If you're not embedding Tor, this option isn't useful.  We already
 have similar controller-only unchangeable options in control-spec.txt,
 like OwningControllerFD.

 > I was also briefly confused what the event handler was doing in the else
 where signal handlers are set to disabled. Maybe document that it is for
 the SIGNAL control port command/activate_signals()?

 Okay! I've added a commit to improve the documentation in general.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24583 [Core Tor/Tor]: Make it easy to debug restart-in-process

[Tor Bug Tracker & Wiki]

#24583: Make it easy to debug restart-in-process
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 |  implemented
 Keywords:  tor-mobile, s8-api, review-group-30  |  Actual Points:
Parent ID:  #23847   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor8
-+-
Changes (by nickm):

 * status:  merge_ready => closed
 * resolution:   => implemented


Comment:

 Thanks!  Squashed and merging.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24933 [Core Tor/Tor]: tor-gencert says [warn] event_base_free_: no base to free

[Tor Bug Tracker & Wiki]

#24933: tor-gencert says [warn] event_base_free_: no base to free
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Minor | Resolution:  fixed
 Keywords:  logging   |  Actual Points:
Parent ID:| Points:  0.2
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 ok, this turns out to be trivial.  Fixed with e7907f15f9b768.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24944 [- Select a component]: Captcha

[Tor Bug Tracker & Wiki]

#24944: Captcha
--+
 Reporter:  shakthib2b|  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Captcha keeps on asking for new images and not accepting right ones

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24943 [Applications/Torbutton]: TorButton is preventing from add-on saving its setting

[Tor Bug Tracker & Wiki]

#24943: TorButton is preventing from add-on saving its setting
+
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  task| Status:  new
 Priority:  High|  Milestone:
Component:  Applications/Torbutton  |Version:
 Severity:  Critical|   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+
 TL:DR;
 I've downloaded an add-on from mozilla, and when I try to configure it the
 TorButton cleared its settings.

 Detail:
 First, I thought this might be an add-on's bug. I tested the add-on with
 Mozilla Firefox ESR and Firefox 57. Both worked without problem.
 So I removed the add-on from Tor browser and tried this[1].
 When I clicked "Save", it cleared all forms.
 The Browser console said TorButton is causing this issue.

 I understand you don't want users to add any add-ons to your browser.
 But isn't this too much?


 [1]
 
https://trac.torproject.org/projects/tor/attachment/ticket/24783/samplefortor.zip

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24445 [Metrics/Compass]: Shut down compass

[Tor Bug Tracker & Wiki]

#24445: Shut down compass
-+--
 Reporter:  irl  |  Owner:  metrics-team
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Metrics/Compass  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by irl):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Ah yes, I forgot to clean up.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24445 [Metrics/Compass]: Shut down compass

[Tor Bug Tracker & Wiki]

#24445: Shut down compass
-+--
 Reporter:  irl  |  Owner:  metrics-team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Compass  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Huh, that was quick (#24942). Time to close this ticket?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24942 [Internal Services/Tor Sysadmin Team]: Please shut down compass.torproject.org

[Tor Bug Tracker & Wiki]

#24942: Please shut down compass.torproject.org
-+
 Reporter:  irl  |  Owner:  tpa
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:  #24445   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by weasel):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 done.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24942 [Internal Services/Tor Sysadmin Team]: Please shut down compass.torproject.org

[Tor Bug Tracker & Wiki]

#24942: Please shut down compass.torproject.org
-+
 Reporter:  irl  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:  #24445
   Points:   |   Reviewer:
  Sponsor:   |
-+
 The redirect form on ​https://compass.torproject.org/ has been in place
 for a couple of weeks now, and it says "This page will be removed January
 15, 2018." Time to remove that page.

 Please kill the process, remove the user account and DNS entry at any
 time.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24445 [Metrics/Compass]: Shut down compass

[Tor Bug Tracker & Wiki]

#24445: Shut down compass
-+--
 Reporter:  irl  |  Owner:  metrics-team
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Compass  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by irl):

 Let's do it!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16110 [Applications/Tor Browser]: Improve Time Resolution Defense

[Tor Bug Tracker & Wiki]

#16110: Improve Time Resolution Defense
-+-
 Reporter:  mikeperry|  Owner:  mikeperry
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-fingerprinting-time-highres  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Some newer research papers worth reading:

 https://gruss.cc/files/fantastictimers.pdf
 https://acmccs.github.io/papers/p163-caoA.pdf

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20955 [Applications/Tor Browser]: Tor Browser memory hardening

[Tor Bug Tracker & Wiki]

#20955: Tor Browser memory hardening
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-security  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:6 gk]:
 > FreeGuard entered the scene recently:
 https://arxiv.org/pdf/1709.02746.pdf (with comparisons of Die Harder and
 the OpenBDS allocator).

 Code can be found on: https://github.com/UTSASRG/FreeGuard.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #24941 [Metrics/Website]: Add first and last months to CollecTor's Available Descriptors table

[Tor Bug Tracker & Wiki]

#24941: Add first and last months to CollecTor's Available Descriptors table
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  Metrics/Website  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 We're generating the directory listing pages linked from the
 [https://metrics.torproject.org/collector.html CollecTor page] by parsing
 CollecTor's `index.json` file.

 What we could also do is include first and last months in the Available
 Descriptors table. And for ongoing collections we could say something like
 "$month to present".

 This isn't super important, as users can as well click through directory
 listings to obtain this information. But it's also not terribly hard to
 build. Setting priority to Low. Maybe something for a Friday afternoon.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24926 [Applications/Tor Browser]: Should Tor Browser for Android support the PanicKit Panic Trigger Intent?

[Tor Bug Tracker & Wiki]

#24926: Should Tor Browser for Android support the PanicKit Panic Trigger 
Intent?
--+--
 Reporter:  sysrqb|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-mobile|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by eighthave):

 As the person who put it there, I think it should stay :)  I think there
 should be a preference to control this, we have the UX laid out for this.
 The idea is that by default, all "panic responder" aps should do a "non-
 destructive" behavior so that someone can install a "panic trigger" app
 (e.g. Ripple) and have it work without any configuration.  Then any
 "destructive" actions must be explicitly enabled by the user, and
 cryptographically tied to one specific panic trigger app.  These can be
 deleting data, hiding the app by changing the name/icon/etc,

 Here is a more thorough overview:
 https://guardianproject.info/2016/01/12/panickit-making-your-whole-phone-
 respond-to-a-panic-button/

 Quitting the browser could be considered destructive since the website
 might have state, stuff in a webform, uploading content, etc.  I think it
 is important that Tor Browser have a default action for panic triggers to
 keep the the whole panic configuration experience as simple as possible.
 If there was a way to detect things that might be considered state, and
 only quit if those are not present, that would be ideal.  One simple non-
 destructive response would be to stop tor itself and all related network
 traffic and hide all notifications.

 As for destructive responses, I think Tor Browser should offer:
 * wipe all data and quit app (Tor Browser can do this without any
 confirmation)
 * prompt for full uninstall (Android requires that the user click the
 confirmation prompt)
 * change app icon/name and disguise itself as a game, utility, etc that is
 then unlocked with a PIN to restore Tor Browser with all data intact

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24895 [Core Tor/Tor]: MAX_REND_FAILURES is 1, but we will try three times

[Tor Bug Tracker & Wiki]

#24895: MAX_REND_FAILURES is 1, but we will try three times
-+-
 Reporter:  arma |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  032-backport, 031-backport,  |  Actual Points:
  030-backport, 029-backport, 025-backport   |
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by arma):

 * status:  needs_revision => needs_review


Comment:

 My {{{bug24895-029}}} branch adds this consensus param, and applies to
 maint-0.2.9. (I don't think any relevant huge services still run on 0.2.5,
 so I am fine leaving oldoldstable alone here.)

 I picked a max of 10 (out of my hat, "chosen by fair dice roll"), and a
 default of 2 (based on discussion above). I could maybe have picked a
 default of 1, since we're going to deploy 1 on the network as soon as this
 patch goes out, and we have no plans to change it from 1. But I went with
 2 in case we later decide to try it.

 I also went with the consensus param name "maxrendfailures", which is
 maybe a bit vague because it doesn't specify whether I mean the client
 side or the service side. If somebody likes a different size bike shed,
 now is the time to speak up. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs