Re: [tor-bugs] #32116 [Applications/Tor Browser]: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux by default

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32116: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux 
by
default
--+---
 Reporter:  pospeselr |  Owner:  pospeselr
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912  |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * keywords:  TorBrowserTeam201912R => TorBrowserTeam201912


Comment:

 Taking this off of our review radar as we are in `needs_information`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31130 [Applications/Tor Browser]: Use Debian 10 for our Android container images

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31130: Use Debian 10 for our Android container images
---+---
 Reporter:  gk |  Owner:  sisbell
 Type:  defect | Status:
   |  needs_information
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201912  |  Actual Points:
Parent ID:  #31127 | Points:  0.5
 Reviewer:  gk |Sponsor:
---+---
Changes (by gk):

 * keywords:  tbb-rbm, TorBrowserTeam201912R => tbb-rbm,
   TorBrowserTeam201912
 * status:  needs_review => needs_information


Comment:

 Taking this off or our review radar until the tests in comment:51 are
 done.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32623 [Applications/Tor Browser]: Tor Browser should support ENS

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32623: Tor Browser should support ENS
--+---
 Reporter:  bryguy|  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor27-can
--+---

Comment (by bryguy):

 Thanks for considering this request.

 The mailarchive linked content could be interpreted to mean that the ENS
 smart contracts are owned by a multisig Ethereum private key requiring 4
 of 7 signatures in order to be used. Either that, or the private key was
 sharded into 7 parts.

 Convincing four root-ENS-holders to override a situation caused by the ENS
 smart contracts working as expected would, and should, be difficult or
 impossible to arrange. Doing so even once might imply a burden of
 censhorship on those individuals and centralize the service.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-

Comment (by teor):

 I also did a review of the code: we're missing some unit tests for the new
 options.

 There's also a few things we could do to make the design and code more
 maintainable in future.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-

Comment (by teor):

 Actually, we can't use RESERVED_4_BYTES, because it's set to "fc00". We'd
 have to use one of the other fields instead. (Or replace the IPv4 address
 with the hash.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-

Comment (by teor):

 Replying to [comment:9 ahf]:
 > I left some comments there. I think my biggest question is what is the
 IPv6 story in this? Encoding a 32-bit IPv4 address in an IPv6 address is
 smart, but encoding an IPv6 address in an IPv6 address whilst still
 leaving space for other data is going to be difficult.

 The PROXY protocol has 2 address fields and 2 port fields:
 `PROXY TCP6 (SOURCE_IPV6) (DEST_IPV6) (SOURCE_PORT) (DEST_PORT)`

 In the current Tor network, Tor relays must have one IPv4 address and
 port, and can optionally have an IPv6 address and port.

 So here's the information we might want to capture:
 * REND_IPV4 (4 bytes)
 * REND_IPV4_PORT (2 bytes)
 * REND_IPV6 (16 bytes)
 * REND_IPV6_PORT (2 bytes)
 * INSTANCE_ID (2 bytes)
 * CIRCUIT_ID (4 bytes)

 And here's how this patch does that:
 `PROXY TCP6
 (RESERVED_4_BYTES|REND_IPV4|REND_IPV4_PORT|INSTANCE_ID|CIRCUIT_ID)
 (DEST_IPV6?) (UNKNOWN?) (DEST_PORT?)`

 If we ever need to capture the IPv6 address and port:

 If we can use DEST_IPV6 and DEST_PORT:
 * Use DEST_IPV6 for REND_IPV6
 * Use DEST_PORT for REND_IPV6_PORT

 If we can't, we only have 4 bytes left to store 18 bytes, so we hash the
 IPv6 and port, and use the first 4 bytes:
 * RESERVED_4_BYTES = H(REND_IPV6|REND_IPV6_PORT)[:4]

 I think we can make this decision later?

 But we should definitely document that IPv6 is not supported, and that the
 address is the canonical IPv4 address of the rend point. (And not
 guaranteed to be the actual address that the circuit is connecting
 through.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28765 [Applications/Tor Browser]: LibEvent Build for Android

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28765: LibEvent Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam201912, tbb-parity   |
Parent ID:  #28704   | Points:  0.25
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 For Reference, Google's Android build config

 
https://android.googlesource.com/platform/external/libevent/+/0895a49cc55794c7fc41e78c53ffa9882377dcc7/README.android

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28764 [Applications/Tor Browser]: OpenSSL Build for Android

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28764: OpenSSL Build for Android
-+-
 Reporter:  sisbell  |  Owner:  sisbell
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-mobile, tbb-rbm, |  Actual Points:
  TorBrowserTeam201912, tbb-parity   |
Parent ID:  #28704   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by sisbell):

 Useful reference for this issue

 https://github.com/openssl/openssl/blob/master/NOTES.ANDROID

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30237 [Applications/Tor Browser]: Tor Browser: Improve TBB UI of hidden service client authorization

2019-12-03 Thread Tor Bug Tracker & Wiki 
#30237: Tor Browser: Improve TBB UI of hidden service client authorization
-+-
 Reporter:  asn  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-september,  |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:  #3   | Points:
 Reviewer:  pospeselr, sysrqb|Sponsor:
 |  Sponsor27-must
-+-

Comment (by mcs):

 Replying to [comment:45 antonela]:
 > #32562 is done. Will we include it in the UI? What is needed on my side?

 Yes, we plan to add a simple checkbox below the key input field. We need
 to agree on the label; probably something like `Remember this key`. What
 do you think?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30381 [Core Tor/Tor]: Provide control port commands to ADD/REMOVE/VIEW v3 client-auth

2019-12-03 Thread Tor Bug Tracker & Wiki 
#30381: Provide control port commands to ADD/REMOVE/VIEW v3 client-auth
-+-
 Reporter:  asn  |  Owner:  asn
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs, tbb-usability, ux-team, hs-  |  Actual Points:  4.5
  auth, network-team-roadmap-september,  |
  042-deferred-20190918  |
Parent ID:  #14389   | Points:  6
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by mcs):

 Kathy and I experimented with this API today. Very cool stuff!
 Unfortunately, there is one problem: the `ONION_CLIENT_AUTH_VIEW` response
 needs to be changed to include the HS address. Otherwise, we cannot
 present a management interface and allow users to remove keys, etc. (they
 won't know what .onion each key is associated with).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32325 [Applications/Tor Browser]: Allow Letterboxing opt-in/out

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32325: Allow Letterboxing opt-in/out
-+-
 Reporter:  antonela |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tbb-9.0-issues, |  Actual Points:
  TorBrowserTeam202001   |
Parent ID:  #32324   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pospeselr):

 Filed Mozilla 1601040:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1601040

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31157 [Circumvention/Snowflake]: Collect metrics about what type of proxies are running

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31157: Collect metrics about what type of proxies are running
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  anti-censorship-roadmap-october  |  Actual Points:  1
Parent ID:   | Points:  3
 Reviewer:  karsten  |Sponsor:  Sponsor28
-+-

Comment (by cohosh):

 Updated the broker as of {{{2019/12/03 19:00:28}}}

 Updated the standalone proxy-go instances on the bridge as of
 {{{2019/12/03 19:05:27}}}

 I also updated both the mozilla and chrome addon stores.

 When updating the website I got the following errors:
 {{{
 $ rsync --chown=:snowflake --chmod ug=rw,D+x --perms --delete -crv build/
 staticiforme:/srv/snowflake.torproject.org/htdocs/
 sending incremental file list
 rsync: failed to set permissions on
 "/srv/snowflake.torproject.org/htdocs/.": Operation not permitted (1)
 rsync: failed to set permissions on
 "/srv/snowflake.torproject.org/htdocs/assets": Operation not permitted (1)
 ./
 embed.js
 _locales/es/messages.json
 _locales/lt/messages.json
 _locales/nl/messages.json
 _locales/tr/messages.json
 assets/
 rsync: mkstemp
 "/srv/snowflake.torproject.org/htdocs/_locales/nl/.messages.json.c5cJkc"
 failed: Permission denied (13)

 sent 14,890 bytes  received 888 bytes  4,508.00 bytes/sec
 total size is 982,821  speedup is 62.29
 rsync error: some files/attrs were not transferred (see previous errors)
 (code 23) at main.c(1196) [sender=3.1.2]
 }}}
 and when I ran the dry-run again I can see that the nl translations didn't
 update properly:
 {{{
 $ rsync -n --chown=:snowflake --chmod ug=rw,D+x --perms --delete -crv
 build/ staticiforme:/srv/snowflake.torproject.org/htdocs/
 sending incremental file list
 ./
 _locales/nl/messages.json
 assets/

 sent 3,220 bytes  received 52 bytes  934.86 bytes/sec
 total size is 982,821  speedup is 300.37 (DRY RUN)
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32662 [Circumvention/BridgeDB]: Rewrite BridgeDB with Django 3 and Python 3

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32662: Rewrite BridgeDB with Django 3 and Python 3
+
 Reporter:  moonsikpark |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Circumvention/BridgeDB  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  #30946  | Points:
 Reviewer:  |Sponsor:
+
Changes (by phw):

 * cc: cohosh (added)


Comment:

 (This is related to #30946, in which we're working on porting BridgeDB to
 Python 3, so Python 2's end of life won't turn into a bad surprise for
 us.)

 Do you envision Django to replace BridgeDB's user-facing frontend and the
 way it interacts with its database? Or more than that? I'm asking because
 I'm not familiar with Django and I'm trying to understand the intended
 scope of this rewrite. After all, there's a ton of backend code in
 BridgeDB.

 That said, here's a list of significant issues that we may want to keep in
 mind while rewriting (parts of) BridgeDB:

 * [https://gitweb.torproject.org/torspec.git/tree/bridgedb-spec.txt
 BridgeDB's specification] is outdated and in dire need of an update
 (#31426).

 * There's plenty of code in BridgeDB that seems unimportant and/or broken.
 PGP support for emails (#17548) is a good example and we may want to rip
 out this feature altogether.

 * BridgeDB's most significant conceptual issue is that it has poor
 defences against crawlers. Our CAPTCHAs are difficult to solve for people
 (#29695) but easy to solve for crawlers (#32117). A rewrite won't solve
 this issue; we'll have to do more thinking first.

 * Note that [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tree/broker/broker.go snowflake's broker] and
 BridgeDB are conceptually very similar. Both provide clients with bridge
 addresses, but do so in different ways. Before rewriting BridgeDB, we
 should think about merging these two concepts.

 * There should be a feedback loop between bridge distribution and
 measurement. BridgeDB should get its bridges scanned by OONI, and then use
 the scan results to decide what bridges to hand out to users. For example,
 if OONI tells us that a bridge is blocked in Turkey, we should no longer
 hand it out to users coming from Turkey. Similarly, some countries are
 known to block certain circumvention protocols by DPI, so we shouldn't be
 handing these out (#31875).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32666 [Core Tor/Tor]: BUG: Non-fatal assertion info failed in onion_extend_cpath at src/core/or/circuitbuild.c:2663. (Stack trace not available) (on Tor 0.4.1.5 439ca48989ece545)

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32666: BUG: Non-fatal assertion info failed in onion_extend_cpath at
src/core/or/circuitbuild.c:2663. (Stack trace not available) (on Tor
0.4.1.5 439ca48989ece545)
--+--
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Component:  Core Tor/Tor
  Version:  Tor: 0.4.1.5  |   Severity:  Normal
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
 Got this in orbot After startup.
 {{{
 NOTICE: Bootstrapped 100% (done): Done
 Ignoring start request, already started.
 WARN: tor_bug_occurred_: Bug: src/core/or/circuitbuild.c:2663:
 onion_extend_cpath: Non-fatal assertion info failed. (on Tor 0.4.1.5
 439ca48989ece545)
 WARN: Bug: Non-fatal assertion info failed in onion_extend_cpath at
 src/core/or/circuitbuild.c:2663. (Stack trace not available) (on Tor
 0.4.1.5 439ca48989ece545)
 WARN: Failed to find node for hop #2 of our path. Discarding this circuit.
 NOTICE: Our circuit 0 (id: 15) died due to an invalid selected path,
 purpose General-purpose client. This may be a torrc configuration issue,
 or a bug.
 }}}
  Orbot 16.1.2rc2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32576 [Circumvention/Snowflake]: Fix race condition in snowflake broker

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32576: Fix race condition in snowflake broker
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  defect   | Status:  merge_ready
 Priority:  Very High|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  metrics  |  Actual Points:  1
Parent ID:   | Points:
 Reviewer:  phw  |Sponsor:  Sponsor28
-+-
Changes (by phw):

 * status:  needs_review => merge_ready


Comment:

 Looks good to me!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32021 [Core Tor/Tor]: hs-v3: Handle rendezvous client circuit build expire properly

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32021: hs-v3: Handle rendezvous client circuit build expire properly
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-client, tor-circuit  |  Actual Points:
Parent ID:  #30200   | Points:  0.4
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by asn):

 Hmm, logic seems sound.

 Just a suggestion: While we are at it, should we make a new function to
 host the body of `if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out))
 {`? We can put it in the HS subsystem so that the logic is contained in
 there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32333 [Applications/Tor Browser]: NoScript remembers settings on browser quit

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32333: NoScript remembers settings on browser quit
-+-
 Reporter:  kromek   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-9.0-issues, noscript,|  Actual Points:
  TorBrowserTeam201912   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by kromek):

 Still happening on 9.0.2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32664 [Core Tor/Tor]: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32664: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  crash, segfault, regression, tor-hs  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by asn):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Great! Merged!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31223 [Core Tor/Tor]: Research approaches for improving the availability of services under DoS

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31223: Research approaches for improving the availability of services under DoS
+
 Reporter:  asn |  Owner:  (none)
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs tor-dos  |  Actual Points:
Parent ID:  | Points:  15
 Reviewer:  |Sponsor:  Sponsor27-can
+

Comment (by asn):

 Just to expand on the `Introducing application-layer anonymous tokens that
 allow legit clients to get priority over DoS attacker` from the top post.
 This would be introducing some sort of anonymous credentials system for
 onion services, where onions can give some tokens to their good clients in
 an out-of-band fashion and these tokens are used during the introduction
 protocol to prioritize them over the swarm of unknown clients.

 With regards to primitives that can be used for such anonymous tokens
 there is a whole literature on anonymous credentials that we should look
 into. Here are some more links that have been sent to me and I have noted
 them for future reading: https://eprint.iacr.org/2019/877.pdf
 https://github.com/sipa/bips/blob/bip-schnorr/bip-
 schnorr.mediawiki#Blind_Signatures
 https://github.com/w3f/schnorrkel/blob/master/src/vrf.rs
 https://github.com/w3f/schnorrkel/blob/master/src/vrf.rs

 Further questions is how these tokens will be passed to legit clients in
 the first place, if the onion service is unreachable. And what's the
 difference between this approach and the onion service just making more
 onion addresses for good clients instead of tokens.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-
Changes (by ahf):

 * status:  needs_review => needs_information


Comment:

 I left some comments there. I think my biggest question is what is the
 IPv6 story in this? Encoding a 32-bit IPv4 address in an IPv6 address is
 smart, but encoding an IPv6 address in an IPv6 address whilst still
 leaving space for other data is going to be difficult.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-

Comment (by dgoulet):

 ACK for me. I'll let ahf `merge_ready` it with his review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-
Changes (by moonsikpark):

 * status:  needs_revision => needs_review


Comment:

 OK, CI should be passing, ready for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by anarcat):

 >  Let's first find out what's happening there. We were planning to stop
 this instance this afternoon and set up a new one on the same host. If we
 don't know what's going wrong, we might see the same issue with the new
 instance.

 > So, this seems like something that is caused by the hourly updater. Can
 you tell us if omeiense and/or oo-hetzner-03 have similar loads at roughly
 the same timing?

 They do look similar, now that you mention it:

 https://grafana.torproject.org/d/ER3U2cqmk/node-exporter-server-
 metrics?orgId=1=omeiense.torproject.org:9100=onionoo-
 backend-01.torproject.org:9100=oo-hetzner-03.torproject.org:9100

 The peak bandwidth usage is bigger on onionoo-backend-01, but that might
 be just because the disks are faster; the peak is bigger, but shorter, so
 the transfer size is probably equivalent.

 > I have suspended the hourly updater on this host, but this is the normal
 expected operation for Onionoo's hourly updater. There are state files
 that get updated every run including those for which nothing has changed.
 This is a known flaw in Onionoo but until now it hasn't been a problem.

 Okay, maybe I'm being overly cautious then. It might be a problem in the
 mid-long term in the new cluster because of the way it is structured: all
 writes are replicated between the two servers, because they act as a
 redundant cluster. If one node goes down, the other can take over on the
 fly. It also allows us to migrate the machines between the two servers
 more or less in realtime.

 Maybe we should make an exception for this host, and keep the data only on
 one server. This would have a few implications:

  1. if the server goes down, we need to restore from backups, so there's
 up to 24h of data loss
  2. when we reboot the servers, the machine will go down for the duration
 of the reboot
  3. moving the machine around if we decommission the server will require
 manual work

 > karsten is going to look at how difficult it would be to reduce the
 number of writes performed. Is the problem total IO or is it just the
 writes? Are reads cached? i.e. if we read it again to compare before
 writing, does that help?

 A napkin calculation tells me we're writing about 50GiB of data on the
 disk every hour. That seems like a *lot*!

 (I base this on the graphs that seem to average about 36MiB/s for 35
 minutes on onionoo-backend-01, which means around 56GiB. oo-hetzner-03
 writes 21MiB for 35 minutes, which means about 46GiB. about average
 between the two is 50GiB.)

 Is that about right? What *are* you writing in there? :)

 > There's very little we can do about the CPU load. We already use
 optimized parsing libraries for JSON, and quite simple parsers for Tor
 descriptors. Metrics does involve some computation. If CPU load is a
 problem then perhaps the Ganeti cluster is the wrong place for Onionoo to
 live and we need something else.

 I don't mind the CPU load so much, actually. That we have some capacity.
 And we do have the capacity on the network too - it's a gigabit link after
 all. It's just that this single node is already taking 10% of the capacity
 during those peaks, so I was worried it was an anomaly.

 But maybe there's much ado about nothing here. It just seems strange that
 we write all that data all the time...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-+-
 Reporter:  moonsikpark  |  Owner:  (none)
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511   | Points:
 Reviewer:  dgoulet, ahf |Sponsor:  Sponsor27-can
-+-
Changes (by dgoulet):

 * keywords:  tor-hs tor-dos => tor-hs tor-dos extra-review
 * reviewer:  dgoulet => dgoulet, ahf
 * status:  needs_review => needs_revision


Comment:

 One tiny thing remains. We can remove code from your fixes :). We should
 be ready to merge after that.

 I will still ask ahf for a second review on this since he worked on the
 original feature.

 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
+
 Reporter:  moonsikpark |  Owner:  (none)
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs tor-dos  |  Actual Points:
Parent ID:  #32511  | Points:
 Reviewer:  dgoulet |Sponsor:  Sponsor27-can
+
Changes (by moonsikpark):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32021 [Core Tor/Tor]: hs-v3: Handle rendezvous client circuit build expire properly

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32021: hs-v3: Handle rendezvous client circuit build expire properly
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-client, tor-circuit  |  Actual Points:
Parent ID:  #30200   | Points:  0.4
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by dgoulet):

 * status:  assigned => needs_review


Comment:

 Branch: `ticket32021_043_01`
 PR: https://github.com/torproject/tor/pull/1581

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31157 [Circumvention/Snowflake]: Collect metrics about what type of proxies are running

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31157: Collect metrics about what type of proxies are running
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  anti-censorship-roadmap-october  |  Actual Points:  1
Parent ID:   | Points:  3
 Reviewer:  karsten  |Sponsor:  Sponsor28
-+-
Changes (by cohosh):

 * status:  needs_review => merge_ready


Comment:

 Okay, great. Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32460 [Webpages/Website]: download page has confusing flow, especially with donate banner

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32460: download page has confusing flow, especially with donate banner
--+--
 Reporter:  arma  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ggus):

 I have been answering users on Frontdesk and they believe that:

 a) They need to donate to Tor Project to download - "I already donated to
 Tor Project and I still can't download";
 b) Their connection are censored or Tor Project is blocked
 c) Website isn't working

 I created an article in RT to reply these tickets with the direct download
 link. They all answered thanking and were able to install.

 Options 3 and 4 looks a good combination that we could try now.

 Other changes might need some UX research.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32511 [Core Tor/Tor]: Add features improving onion services' interaction with Tor.

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32511: Add features improving onion services' interaction with Tor.
--+---
 Reporter:  moonsikpark   |  Owner:  (none)
 Type:  enhancement   | Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.4.2.4-rc
 Severity:  Normal| Resolution:
 Keywords:  tor-hs|  Actual Points:
Parent ID:| Points:
 Reviewer:  dgoulet   |Sponsor:
--+---

Comment (by asn):

 I have made a [tor-dev] thread about the third feature as I'd like to see
 progress here ASAP: https://lists.torproject.org/pipermail/tor-
 dev/2019-December/014097.html

 Nick asked a good question that would be great to have answers to.
 moonsikpark or anyone else please chime in if you have feedback :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32660 [Metrics/Onionoo]: onionoo-backend is killing the ganeti cluster

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32660: onionoo-backend is killing the ganeti cluster
-+--
 Reporter:  anarcat  |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Onionoo  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by irl):

 I have suspended the hourly updater on this host, but this is the normal
 expected operation for Onionoo's hourly updater. There are state files
 that get updated every run including those for which nothing has changed.
 This is a known flaw in Onionoo but until now it hasn't been a problem.

 karsten is going to look at how difficult it would be to reduce the number
 of writes performed. Is the problem total IO or is it just the writes? Are
 reads cached? i.e. if we read it again to compare before writing, does
 that help?

 There's very little we can do about the CPU load. We already use optimized
 parsing libraries for JSON, and quite simple parsers for Tor descriptors.
 Metrics does involve some computation. If CPU load is a problem then
 perhaps the Ganeti cluster is the wrong place for Onionoo to live and we
 need something else.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32460 [Webpages/Website]: download page has confusing flow, especially with donate banner

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32460: download page has confusing flow, especially with donate banner
--+--
 Reporter:  arma  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mcs):

 The list in comment:6 includes some very good points. Here is one more
 item (which has been mentioned a few times already):

 4. Remove the "Download Tor Browser" button from the download page header.
 That button has no effect except to reload the download page itself. This
 is especially confusing because that button contains a downward pointing
 arrow, which on most sites indicates that clicking the button will start
 the download.

 Also, I do not think we need to wait for results from a user research
 study before we improve the download page/flow. Even small changes as are
 being discussed here might help a lot, and I think enough smart people are
 paying attention that we are unlikely to make things worse. Research
 should then be used to make further improvements. That said, I fully
 understand if no one has time to work on the website this month!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28841 [Core Tor/Tor]: Write tool for onion service health assessment

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28841: Write tool for onion service health assessment
-+-
 Reporter:  asn  |  Owner:  dgoulet
 Type:  project  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs, reachability, research,  |  Actual Points:
  network-health, network-team-roadmap-  |
  september  |
Parent ID:  #30200   | Points:  7
 Reviewer:   |Sponsor:
 |  Sponsor27-must
-+-
Changes (by dgoulet):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 At this point, the general idea of stable tracepoints in tor is being
 discussed so merging this tool upstream depends on the decisions coming
 out of the discussions with the network team.

 For now, this lives outside of tor and hopefully one day, the tracing part
 will be put upstream. In the meantime, the rest is out of tree.

 For reference, tor tracing is here:
 https://gitweb.torproject.org/user/dgoulet/tor.git/?h=lttng-hs

 The scripts to analyze the traces and output useful data is here until we
 find a better place:

 https://people.torproject.org/~dgoulet/volatile/analyze-client.py
 https://people.torproject.org/~dgoulet/volatile/analyze-service.py

 Closing this as "Done" since the work has been done but upstream merge
 requires more discussions. But for the sponsored work, it is considered
 done.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31960 [Circumvention/Snowflake]: Hello, currently, in China, Tor Browser 9.0a7 version can't establish a Tor network connection through snowflake bridge

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31960: Hello, currently, in China, Tor Browser 9.0a7 version can't establish a 
Tor
network connection through snowflake bridge
-+---
 Reporter:  amiableclarity2011   |  Owner:  cohosh
 Type:  defect   | Status:  closed
 Priority:  Immediate|  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  duplicate
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by amiableclarity2011):

 Replying to [comment:15 phw]:
 > Thanks for your feedback, amiableclarity2011! We can provide you with a
 private obfs4 bridge which should work in China. Just send an email to phw
 at torproject dot org.

 Thank you so much for your help. I really appreciate it. My email address
 isamiableclarity2...@gmail.com

 I have already sent the email to you. Thank you so much for your help
 again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18620 [Core Tor/Tor]: HSFORGET command to clear cached client state for a HS

2019-12-03 Thread Tor Bug Tracker & Wiki 
#18620: HSFORGET command to clear cached client state for a HS
-+--
 Reporter:  str4d|  Owner:  str4d
 Type:  enhancement  | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor |Version:  Tor: 0.2.7.6
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, tor-control, v2  |  Actual Points:
Parent ID:   | Points:  1
 Reviewer:  asn, special |Sponsor:
-+--
Changes (by dgoulet):

 * keywords:  tor-hs, tor-control => tor-hs, tor-control, v2
 * parent:  #28841 =>


Comment:

 This ticket is v2 specific. Parent is about v3. Furthermore, I think this
 is now fixed with v3 with the latest fixes with #32020 and #32094.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32654 [Applications/Tor Launcher]: Torbrowser overides user disabling tor proxy after restart

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32654: Torbrowser overides user disabling tor proxy after restart
---+---
 Reporter:  woyazi |  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Minor  | Resolution:
 Keywords:  TorBrowserTeamTriaged  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by mcs):

 Replying to [comment:3 gk]:
 > I actually think this ticket has the same underlying issue as #32224 (it
 it is an issue at all) in that anything else than a manual proxy does not
 seem to work anymore. Without looking at the code, though, nothing comes
 to mind what we could have changed.

 I think the difference with Tor Browser 9 compared to earlier versions is
 that people cannot disable the (now built-in) Tor Launcher extension. With
 Tor Launcher disabled, Torbutton did not pick up proxy settings from Tor
 Launcher and — as long as no environment variables were set — did not make
 any pref changes (see `setProxySettings()` inside `components/startup-
 observer.js`).

 A workaround is to set the `TOR_TRANSPROXY` environment variable, although
 that forces the settings as follows:
 {{{
 this._prefs.setBoolPref("network.proxy.socks_remote_dns", false);
 this._prefs.setIntPref("network.proxy.type", 0);
 this._prefs.setIntPref("network.proxy.socks_port", 0);
 this._prefs.setCharPref("network.proxy.socks", "");
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28969 [Core Tor/Tor]: Onion Service v3 connection status update event

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28969: Onion Service v3 connection status update event
-+-
 Reporter:  rl1987   |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs reachability research |  Actual Points:
  network-health tor-spec|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * parent:  #28841 =>


Comment:

 #28841 did not use control port after all.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28968 [Core Tor/Tor]: Onion Service v2 connection status update event

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28968: Onion Service v2 connection status update event
-+-
 Reporter:  rl1987   |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs reachability research |  Actual Points:
  network-health tor-spec|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * parent:  #28841 =>


Comment:

 #28841 did not use control port after all.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #28967 [Core Tor/Tor]: Tor control command to connect to Onion Service

2019-12-03 Thread Tor Bug Tracker & Wiki 
#28967: Tor control command to connect to Onion Service
-+-
 Reporter:  rl1987   |  Owner:  (none)
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs reachability research |  Actual Points:
  network-health spec-needed tor-spec|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by dgoulet):

 * parent:  #28841 =>


Comment:

 #28841 did not use control port afterall.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31963 [Applications/Tor Browser]: Feature Request - Tor Team / Contributors link in 'About Tor Browser'

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31963: Feature Request - Tor Team / Contributors link in 'About Tor Browser'
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by emmapeel):

 related to https://dip.torproject.org/torproject/web/tpo/issues/27

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31561 [Core Tor/Tor]: hs-v3: Service can keep unused intro points in its list

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31561: hs-v3: Service can keep unused intro points in its list
+--
 Reporter:  dgoulet |  Owner:  dgoulet
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tor-hs, hv-v3   |  Actual Points:  0.1
Parent ID:  #30200  | Points:  0.2
 Reviewer:  asn, mikeperry  |Sponsor:  Sponsor27-must
+--
Changes (by dgoulet):

 * status:  needs_revision => closed
 * resolution:   => fixed


Comment:

 Ok good news. We don't need new code here. This has been fixed through
 #32094 and #32020

 Short summary is that:

 1. #32020: Added the code to remove a circuit from the HS circuitmap on
 close, free and repurpose.

 2. #32094: Made it that we only use the HS circuitmap when launching
 introduction points so the `launch_intro_point_circuits()` actually
 notices now that the IP that timed out has not more circuit and thus a
 retry is done up to `MAX_INTRO_POINT_CIRCUIT_RETRIES = 3`.

 Combining both, this means that `cleanup_intro_points()` will remove the
 IP after 3 fail retries and thus clean it up properly the service list.

 > This is bad because of #31548, this means an intro point can end up in
 the descriptor even though the service never established any circuits to
 it...

 This is not the case now since we use the HS circuitmap to learn if the
 circuit is established or not.

 We are done here. Resolving as "fixed" even though this ticket resulted in
 no actual patches applied to master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32664 [Core Tor/Tor]: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32664: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  crash, segfault, regression, tor-hs  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  asn  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by dgoulet):

 * status:  new => needs_review
 * reviewer:   => asn


Comment:

 Branch: `ticket32664_043_01`
 PR: https://github.com/torproject/tor/pull/1580

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32460 [Webpages/Website]: download page has confusing flow, especially with donate banner

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32460: download page has confusing flow, especially with donate banner
--+--
 Reporter:  arma  |  Owner:  hiro
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by nah):

 Hi everyone!
 We have very good points here. I'm going to try to sum up.

 On previous training people said they are not used to know the
 icons of their OS, so they didn't know where to click to download the Tor
 browser. With the banners it seems the problem have escalated. We will
 have the opportunity to test the download page with different audiences in
 the following two weeks. So far, as I see here, we have the following
 hypothesis:

 1. Download usually start by itself in other websites - is it possible to
 make it happen without tracking users? If not - how about making a
 "warning" like: ''we do not track your device, please choose your
 compatible OS to download Tor''.

 2. Users don't know the icon of their OS -- if that is true, maybe
 labeling the icons would be an alternative? do you have other thoughts on
 that?

 3. Donate banner seems to make the download page more confusing. What do
 you think about removing the banner only from the download page? Is it
 possible to bring it back once the download is completed?

 Am I missing something? Do you have other points?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31963 [Applications/Tor Browser]: Feature Request - Tor Team / Contributors link in 'About Tor Browser'

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31963: Feature Request - Tor Team / Contributors link in 'About Tor Browser'
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team, tbb-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by antonela):

 * keywords:  ux-team, tbb-dev => ux-team, tbb-team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31963 [Applications/Tor Browser]: Feature Request - Tor Team / Contributors link in 'About Tor Browser'

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31963: Feature Request - Tor Team / Contributors link in 'About Tor Browser'
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  tbb-team
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by antonela):

 * keywords:  ux-team, tbb-team => ux-team
 * status:  new => assigned


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31963 [Applications/Tor Browser]: Feature Request - Tor Team / Contributors link in 'About Tor Browser'

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31963: Feature Request - Tor Team / Contributors link in 'About Tor Browser'
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team, tbb-dev  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by antonela):

 * keywords:  ux-team => ux-team, tbb-dev


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
+
 Reporter:  moonsikpark |  Owner:  (none)
 Type:  enhancement | Status:  needs_revision
 Priority:  Medium  |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs tor-dos  |  Actual Points:
Parent ID:  #32511  | Points:
 Reviewer:  dgoulet |Sponsor:  Sponsor27-can
+
Changes (by dgoulet):

 * status:  needs_review => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30237 [Applications/Tor Browser]: Tor Browser: Improve TBB UI of hidden service client authorization

2019-12-03 Thread Tor Bug Tracker & Wiki 
#30237: Tor Browser: Improve TBB UI of hidden service client authorization
-+-
 Reporter:  asn  |  Owner:  mcs
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  network-team-roadmap-september,  |  Actual Points:
  TorBrowserTeam201912R  |
Parent ID:  #3   | Points:
 Reviewer:  pospeselr, sysrqb|Sponsor:
 |  Sponsor27-must
-+-

Comment (by antonela):

 #32562 is done. Will we include it in the UI? What is needed on my side?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32562 [Core Tor/Tor]: Allow ONION_CLIENT_AUTH_ADD credentials to be made permanent

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32562: Allow ONION_CLIENT_AUTH_ADD credentials to be made permanent
-+-
 Reporter:  asn  |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tor-hs, tbb-usability, ux-team, hs-  |  Actual Points:  1.2
  auth, network-team-roadmap-september,  |
  042-deferred-20190918  |
Parent ID:  #14389   | Points:  2
 Reviewer:  dgoulet  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by dgoulet):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Great! Merged!

 (FYI, no changes file since this code hasn't been released yet. Was merged
 in master 2 weeks ago.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31963 [Applications/Tor Browser]: Feature Request - Tor Team / Contributors link in 'About Tor Browser'

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31963: Feature Request - Tor Team / Contributors link in 'About Tor Browser'
--+--
 Reporter:  Zarko_Gjurov  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ux-team   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by antonela):

 * keywords:   => ux-team


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32006 [Applications/Tor Browser]: Add key shortcut tooltips for new identity toolbar button

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32006: Add key shortcut tooltips for new identity toolbar button
-+-
 Reporter:  acat |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-newnym, ux-team, |  Actual Points:
  TorBrowserTeam202001   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pili):

 * keywords:  tbb-newnym ux-team => tbb-newnym, ux-team,
   TorBrowserTeam202001


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32006 [Applications/Tor Browser]: Add key shortcut tooltips for new identity toolbar button

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32006: Add key shortcut tooltips for new identity toolbar button
--+--
 Reporter:  acat  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-newnym ux-team|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by antonela):

 I like this. Can we upgrade it to our wishlist for the next release?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32665 [Metrics/Library]: Parse newly added Snowflake statistics lines

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32665: Parse newly added Snowflake statistics lines
-+--
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Library  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 As cohosh writes in #31157, Snowflake statistics files will soon
 [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/doc/broker-
 spec.txt?id=94de69aa369ebdee0cee5b683a42ebc8811a796d contain new lines]:

 {{{
 diff --git a/doc/broker-spec.txt b/doc/broker-spec.txt
 index 2877784..eba3347 100644
 --- a/doc/broker-spec.txt
 +++ b/doc/broker-spec.txt
 @@ -31,6 +31,24 @@ Metrics data from the Snowflake broker can be retrieved
 by sending an HTTP GET r
  A count of the total number of unique IP addresses of Snowflake
  proxies that have polled.

 +"snowflake-ips-standalone" NUM NL
 +[At most once.]
 +
 +A count of the total number of unique IP addresses of snowflake
 +proxies of type "standalone" that have polled.
 +
 +"snowflake-ips-badge" NUM NL
 +[At most once.]
 +
 +A count of the total number of unique IP addresses of snowflake
 +proxies of type "badge" that have polled.
 +
 +"snowflake-ips-webext" NUM NL
 +[At most once.]
 +
 +A count of the total number of unique IP addresses of snowflake
 +proxies of type "webext" that have polled.
 +
  "snowflake-idle-count" NUM NL
  [At most once.]
 }}}

 Let's parse these new lines in metrics-lib as soon as files containing
 them exist on CollecTor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #32664 [Core Tor/Tor]: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32664: hs-v3: Segfault in hs_circ_service_get_established_intro_circ()
-+-
 Reporter:  dgoulet  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core |Version:
  Tor/Tor|
 Severity:  Normal   |   Keywords:  crash, segfault, regression, tor-hs
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
  Sponsor27-must |
-+-
 Reported by atagar on IRC:

 {{{
 <+atagar> Looks like stem's jenkins runs are presently failing due to tor
 segfaults: https://paste.debian.net/plain/1119133
 }}}

 The report:

 {{{
 ...
 Dec 02 17:03:09.077 [notice] Configured to measure directory request
 statistics, but no GeoIP database found. Please specify a GeoIP database
 using the GeoIPFile option.
 Dec 02 17:03:09.085 [warn] Controller gave us config lines that didn't
 validate: Unknown option 'bombay'.  Failing.
 Dec 02 17:03:09.085 [warn] Tor is currently configured as a relay and a
 hidden service. That's not very secure: you should probably run your
 hidden service in a separate Tor process, at least -- see
 https://trac.torproject.org/8742
 Dec 02 17:03:09.088 [notice] Configured to measure directory request
 statistics, but no GeoIP database found. Please specify a GeoIP database
 using the GeoIPFile option.
 Dec 02 17:03:09.225 [warn] Failed to find node for hop #1 of our path.
 Discarding this circuit.

  T= 1575306189
 Tor 0.4.3.0-alpha-dev died: Caught signal 11
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(+0x21ceb5)[0x56360d945eb5]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(hs_circ_service_get_established_intro_circ+0x27)[0x56360d8327e7]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(hs_circ_service_get_established_intro_circ+0x27)[0x56360d8327e7]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(hs_service_run_scheduled_events+0x14ff)[0x56360d849ccf]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(+0x72961)[0x56360d79b961]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(+0x762f3)[0x56360d79f2f3]
 /usr/lib/x86_64-linux-
 gnu/libevent-2.0.so.5(event_base_loop+0x6a0)[0x7f6688b925a0]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(do_main_loop+0xe5)[0x56360d79e565]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(tor_run_main+0x122d)[0x56360d78ba2d]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(tor_main+0x3a)[0x56360d7891da]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(main+0x19)[0x56360d788d59]
 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f66873e72e1]
 /srv/jenkins-workspace/workspace/stem-tor-
 ci/RESULT/tor(_start+0x2a)[0x56360d788daa]
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32650 [Community/Translations]: Check translations for bogus characters

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32650: Check translations for bogus characters
+--
 Reporter:  gk  |  Owner:  emmapeel
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by emmapeel):

 maybe it could use i18nspector like in tails:

 https://git-tails.immerda.ch/jenkins-tools/tree/slaves/lint_po

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32654 [Applications/Tor Launcher]: Torbrowser overides user disabling tor proxy after restart

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32654: Torbrowser overides user disabling tor proxy after restart
---+---
 Reporter:  woyazi |  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Minor  | Resolution:
 Keywords:  TorBrowserTeamTriaged  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by gk):

 I actually think this ticket has the same underlying issue as #32654 (it
 it is an issue at all) in that anything else than a manual proxy does not
 seem to work anymore. Without looking at the code, though, nothing comes
 to mind what we could have changed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31157 [Circumvention/Snowflake]: Collect metrics about what type of proxies are running

2019-12-03 Thread Tor Bug Tracker & Wiki 
#31157: Collect metrics about what type of proxies are running
-+-
 Reporter:  cohosh   |  Owner:  cohosh
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  anti-censorship-roadmap-october  |  Actual Points:  1
Parent ID:   | Points:  3
 Reviewer:  karsten  |Sponsor:  Sponsor28
-+-

Comment (by karsten):

 Replying to [comment:11 cohosh]:
 > Before I deploy this I'd like to hear from the metrics team about
 whether they or we need to so something before suddenly supplying new
 metrics.
 >
 > The new specification is available here: https://gitweb.torproject.org
 /pluggable-transports/snowflake.git/tree/doc/broker-spec.txt

 These changes look okay to me, from the perspective of CollecTor archiving
 these files. We'll have to extend metrics-lib to parse and provide the new
 fields, but there's no rush in doing so. CollecTor will ignore those new
 lines and archive files anyway. And if it doesn't, we'll fix CollecTor.
 Feel free to deploy these changes. I'll make a note (and later a ticket)
 to update metrics-lib. Thanks for asking!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32116 [Applications/Tor Browser]: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux by default

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32116: Fix tor-browser's .mozconfig so that ./mach configure succeeds on Linux 
by
default
--+---
 Reporter:  pospeselr |  Owner:  pospeselr
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201912R |  Actual Points:  0
Parent ID:| Points:  0
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  needs_review => needs_information


Comment:

 Replying to [comment:8 pospeselr]:
 > Updated patch to include comment at the top pointing developers to the
 official mozconfigs in tor-browser-build.
 >
 > tor-browser: https://gitweb.torproject.org/user/richard/tor-
 browser.git/commit/?h=bug_32116_v2

 This looks okay to me. However, even with those changes the configure step
 does not succeed by default due to Tor Launcher missing. So, I guess the
 patch does not deliver what the ticket wants?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32654 [Applications/Tor Launcher]: Torbrowser overides user disabling tor proxy after restart

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32654: Torbrowser overides user disabling tor proxy after restart
---+---
 Reporter:  woyazi |  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:
Component:  Applications/Tor Launcher  |Version:
 Severity:  Minor  | Resolution:
 Keywords:  TorBrowserTeamTriaged  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---
Changes (by gk):

 * version:  Tor: unspecified =>


Comment:

 We don't use the version field (in particular not with some Tor version).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32570 [Metrics/CollecTor]: CollecTor stopped collecting snowflake stats

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32570: CollecTor stopped collecting snowflake stats
---+---
 Reporter:  cohosh |  Owner:  metrics-team
 Type:  defect | Status:  needs_information
 Priority:  Medium |  Milestone:
Component:  Metrics/CollecTor  |Version:
 Severity:  Normal | Resolution:
 Keywords:  snowflake  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+---

Comment (by karsten):

 Done. Will check tarballs in a few days to confirm that these files are
 actually gone.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32654 [Applications/Tor Launcher]: Torbrowser overides user disabling tor proxy after restart

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32654: Torbrowser overides user disabling tor proxy after restart
---+--
 Reporter:  woyazi |  Owner:  brade
 Type:  defect | Status:  new
 Priority:  Low|  Milestone:
Component:  Applications/Tor Launcher  |Version:  Tor: unspecified
 Severity:  Minor  | Resolution:
 Keywords:  TorBrowserTeamTriaged  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by pili):

 * keywords:   => TorBrowserTeamTriaged


Comment:

 I'm able to reproduce this, the question is whether we want to allow this
 behavior

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32624 [Applications/Tor Browser]: localStorage is not shared between tabs

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32624: localStorage is not shared between tabs
--+--
 Reporter:  nDe15o|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff78-esr-will-have|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * keywords:   => ff78-esr-will-have


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32659 [Applications/Tor Browser]: Remove IPv6 address of dgoulet's default bridge

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32659: Remove IPv6 address of dgoulet's default bridge
+--
 Reporter:  phw |  Owner:  tbb-team
 Type:  defect  | Status:  closed
 Priority:  Low |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:  fixed
 Keywords:  tbb-bridges, TorBrowserTeam201912R  |  Actual Points:  0.04
Parent ID:  | Points:
 Reviewer:  gk  |Sponsor:
|  Sponsor30-can
+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Looks good to me, thanks. Merged to `tor-android-service` (commit
 1a2f8b9d7e4d10b2057eee0e68d5aacc5d26f8ae) and `tor-browser-build` (commit
 8904bff35ab4cce37ce5397b9eb98d2eefca2843 on `master` and
 e1a0befdb0af9861c66115cfc613db6dc79b210d on `maint-9.0`). I picked up the
 new `tor-android-service` commit up as well (commit
 fd460ada3d9af6e2b93045cd0f6f5996e7654b36 on `master` and
 fb95108e6bb7c61661e4624de952b521d3412981 on `maint-9.0`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32659 [Applications/Tor Browser]: Remove IPv6 address of dgoulet's default bridge

2019-12-03 Thread Tor Bug Tracker & Wiki 
#32659: Remove IPv6 address of dgoulet's default bridge
+--
 Reporter:  phw |  Owner:  tbb-team
 Type:  defect  | Status:
|  needs_review
 Priority:  Low |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-bridges, TorBrowserTeam201912R  |  Actual Points:  0.04
Parent ID:  | Points:
 Reviewer:  gk  |Sponsor:
|  Sponsor30-can
+--
Changes (by gk):

 * keywords:  tbb-bridges => tbb-bridges, TorBrowserTeam201912R
 * reviewer:   => gk


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22919 [Applications/Tor Browser]: Form tracking and OS fingerprinting (only Windows, but without Javascript)

2019-12-03 Thread Tor Bug Tracker & Wiki 
#22919: Form tracking and OS fingerprinting (only Windows, but without 
Javascript)
-+-
 Reporter:  basvd|  Owner:  acat
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  tbb-fingerprinting,  |  Actual Points:  0.5
  TorBrowserTeam201912R  |
Parent ID:   | Points:  1
 Reviewer:  tom  |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:15 tom]:
 > This LGTM. I began to wonder if we could use AppendInt(uint64) to get
 the same bitness for  2 calls to RandomNum instead of 3; but I think this
 would change the ultimate output of the boundary, and we would idally keep
 it looking the same so it's not apparent if one is using the old-style RNG
 or the new-style.
 >
 > If you agree this is keeping the same format/appearance of the boundary
 (aka, you can double check my belief) - let's land it in Tor and/or submit
 it for uplift to get it upstreamed/further review.

 I think the plan was to get it upstreamed first to get a further review on
 it and then backport what actually landed on mozilla-central. tjr, if you
 could help with the former that would be much appreciated. acat is out for
 the remainder of the year.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs