Re: [tor-bugs] #17605 [Core Tor/Tor]: Stop HTTP caches storing or modifying X-Your-Address-Is from Tor Directory documents (was: Stop caches storing or modifying X-Your-Address-Is from Tor Directory d

[Tor Bug Tracker & Wiki]

#17605: Stop HTTP caches storing or modifying X-Your-Address-Is from Tor 
Directory
documents
-+-
 Reporter:  teor |  Owner:  jryans
 Type:  defect   | Status:
 |  needs_revision
 Priority:  High |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-dirauth, 034-triage-20180328,|  Actual Points:
  034-removed-20180328   |
Parent ID:  #5940| Points:  2
 Reviewer:  nickm|Sponsor:
-+-

Comment (by teor):

 The problematic caches are HTTP caches, not directory caches.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24607 [Circumvention/BridgeDB]: CAPTCHAs on BridgeDB seem to be getting more difficult

[Tor Bug Tracker & Wiki]

#24607: CAPTCHAs on BridgeDB seem to be getting more difficult
-+-
 Reporter:  alison   |  Owner:  phw
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/BridgeDB   |Version:
 Severity:  Normal   | Resolution:
 Keywords:  anti-censorship-roadmap-november,|  Actual Points:
  s30-o22a2  |
Parent ID:  #31279   | Points:  5
 Reviewer:   |Sponsor:
 |  Sponsor30-must
-+-

Comment (by phw):

 Replying to [comment:9 phw]:
 > * Google provides a [https://developers.google.com/recaptcha/docs/v3
 reCAPTCHA v3 API], which returns an anomaly score in the interval [0, 1]
 for each request, without any kind of friction. Ignoring for now that this
 is a Google service, it may be an option for BridgeDB's HTTPS distributor
 but not for moat or email.
 [[br]]
 In theory, we may even be able to set up a reverse proxy for Google's
 CAPTCHA API, so Google doesn't get to see requests directly from our
 users. The NSA [https://news.ycombinator.com/item?id=6148 apparently
 set up such a system].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33074 [Core Tor/Tor]: tor opens multiple ports if `ExtORPort auto` is used multiple times; only uses one of them

[Tor Bug Tracker & Wiki]

#33074: tor opens multiple ports if `ExtORPort auto` is used multiple times; 
only
uses one of them
--+--
 Reporter:  dcf   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by dcf):

 * status:  new => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31872 [Circumvention]: Write up process for distribution of private bridges

[Tor Bug Tracker & Wiki]

#31872: Write up process for distribution of private bridges
---+---
 Reporter:  phw|  Owner:  phw
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Circumvention  |Version:
 Severity:  Normal | Resolution:  implemented
 Keywords:  s30-o23a1  |  Actual Points:  0.3
Parent ID:  #31280 | Points:  1
 Reviewer:  cohosh |Sponsor:  Sponsor30-can
---+---
Changes (by phw):

 * status:  needs_revision => closed
 * resolution:   => implemented
 * actualpoints:   => 0.3


Comment:

 Thanks for the review! I
 
[https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/NGOBridgeSupport?sfp_email=_mail==diff=6_version=4
 addressed your feedback].
 I'm closing this ticket because we now have a process. Next, we need to
 actually go through this process and improve on it. I filed #33145 for
 this purpose.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33145 [Circumvention]: Go through process of distributing private bridges

[Tor Bug Tracker & Wiki]

#33145: Go through process of distributing private bridges
---+---
 Reporter:  phw|  Owner:  (none)
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Circumvention  |Version:
 Severity:  Normal |   Keywords:  s30-o23a1
Actual Points: |  Parent ID:  #31280
   Points:  2  |   Reviewer:
  Sponsor:  Sponsor30-can  |
---+---
 Over at #31872, we created a process for distributing private bridges to
 NGOs:
 
https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/NGOBridgeSupport

 It's now time to go through this process with a non-trivial number of
 censored users. Once we did, we need to document our experience and
 iteratively improve the process.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20348 [Circumvention/Censorship analysis]: Allot Communications blocking of vanilla Tor, obfs4, and meek in Kazakhstan, starting 2016-06

[Tor Bug Tracker & Wiki]

#20348: Allot Communications blocking of vanilla Tor, obfs4, and meek in
Kazakhstan, starting 2016-06
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  project| Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Circumvention/Censorship analysis  |Version:
 Severity:  Normal | Resolution:
 Keywords:  censorship block kz|  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by phw):

 Over at #32126, karsten
 [https://trac.torproject.org/projects/tor/ticket/32126#comment:1 analysed
 results] from OONI's Tor Test. It looks like no measurement from
 Kazakhstan succeeded. Interestingly, however, shortly after the four
 minute mark, approximately 75% of measurements started reaching Tor's 20%
 bootstrap phase.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32126 [Metrics/Ideas]: Add OONI's Vanilla Tor measurement data to Tor Metrics

[Tor Bug Tracker & Wiki]

#32126: Add OONI's Vanilla Tor measurement data to Tor Metrics
---+--
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Ideas  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by phw):

 Thanks for starting this discussion, Karsten. Your analysis is very
 insightful and already helped me
 [https://dip.torproject.org/phw/bridgestrap/blob/master/tor.go#L19 pick a
 threshold for bridgestrap].

 Replying to [comment:1 karsten]:
 > The next step here is to discuss '''what''' results we want to add to
 Tor Metrics. Are these graphs useful, or is there something potentially
 more interesting in the data that we want to have? I'm hoping for input
 from other teams here.
 >
 > All graphs above are ECDFs, unlike other graphs on Tor Metrics. This is
 a smaller issue on the graphing side, because we need to process non-
 aggregated measurements for making a graph. It's also a possible issue on
 the usability side, because ECDFs are probably harder to understand than
 time plots.
 [[br]]
 From an anti-censorship point of view, I find your third graph – the
 bootstrap times broken down by percentages and countries – very useful. It
 gives us a good idea of where Tor (does not) work and the bootstrap phases
 provide a hint of how a block is implemented. It would also be great if
 one could provide arbitrary date ranges to explore this graph, just like
 it's currently possible for most metrics.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33144 [Circumvention/Snowflake]: Overhaul websocketconn.Conn; implement net.Conn

[Tor Bug Tracker & Wiki]

#33144: Overhaul websocketconn.Conn; implement net.Conn
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:  cohosh   |Sponsor:
-+--
Changes (by cohosh):

 * reviewer:   => cohosh


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33112 [Circumvention/Snowflake]: snowflake-webextension "Could not connect to the bridge."

[Tor Bug Tracker & Wiki]

#33112: snowflake-webextension "Could not connect to the bridge."
-+
 Reporter:  cypherpunks  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Minor| Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by cohosh):

 My first suggestion is to try de-activating and re-activating the
 snowflake proxy so that it does the check again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33126 [Circumvention/Snowflake]: Snowflake Extension bug

[Tor Bug Tracker & Wiki]

#33126: Snowflake Extension bug
-+---
 Reporter:  eddytorres96 |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  duplicate
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by cohosh):

 * status:  needs_information => closed
 * resolution:   => duplicate


Comment:

 This is actually a duplicate of #33112. We can discuss the issue there.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33126 [Circumvention/Snowflake]: Snowflake Extension bug

[Tor Bug Tracker & Wiki]

#33126: Snowflake Extension bug
-+---
 Reporter:  eddytorres96 |  Owner:  (none)
 Type:  defect   | Status:  needs_information
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by dcf):

 * status:  new => needs_information
 * cc: arlolra, cohosh, dcf, phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33127 [Circumvention/Snowflake]: Snowflake Extension proxy bug

[Tor Bug Tracker & Wiki]

#33127: Snowflake Extension proxy bug
-+---
 Reporter:  t  |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  duplicate
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by dcf):

 * cc: arlolra, cohosh, dcf, phw (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33144 [Circumvention/Snowflake]: Overhaul websocketconn.Conn; implement net.Conn

[Tor Bug Tracker & Wiki]

#33144: Overhaul websocketconn.Conn; implement net.Conn
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Description changed by dcf:

Old description:

> In the turbotunnel branch I found it convenient to have
> `websocketconn.Conn` implement `net.Conn`, not only `io.ReadWriteCloser`.
> While implementing the additional methods, I found some ways that
> `websocketconn.Conn`'s existing methods do not satisfy the requirements
> of `net.Conn`:
>  * there are data races when multiple goroutines call `Read` or `Write`.
>* this is partly because `Read` assigns to the shared field `conn.r`,
> and partly because [https://godoc.org/github.com/gorilla/websocket#hdr-
> Concurrency the underlying websocket.Conn doesn't permit concurrent
> access].
>  * when a websocketconn.Conn is closed, it starts returning some kind of
> [https://godoc.org/github.com/gorilla/websocket#CloseError
> websocket.CloseError], not `io.EOF`.
>
> This branch
>  1. adds tests that expose the above issues
>  2. rewrites `websocketconn.Conn` to serialize `Read`s and `Write`s using
> my favorite `io.Pipe`-with-goroutine trick
>  3. implements the remaining `net.Conn` methods

New description:

 In the turbotunnel branch I found it convenient to have
 `websocketconn.Conn` implement `net.Conn`, not only `io.ReadWriteCloser`.
 While implementing the additional methods, I found some ways that
 `websocketconn.Conn`'s existing methods do not satisfy the requirements of
 `net.Conn`:
  * there are data races when multiple goroutines call `Read` or `Write`.
* this is partly because `Read` assigns to the shared field `conn.r`,
 and partly because [https://godoc.org/github.com/gorilla/websocket#hdr-
 Concurrency the underlying websocket.Conn doesn't permit concurrent
 access].
  * when a websocketconn.Conn is closed, it starts returning some kind of
 [https://godoc.org/github.com/gorilla/websocket#CloseError
 websocket.CloseError], not `io.EOF`.

 This branch
  1. adds tests that expose the above issues
  2. rewrites `websocketconn.Conn` to serialize `Read`s and `Write`s using
 my favorite `io.Pipe`-with-goroutine trick
  3. transforms [https://godoc.org/github.com/gorilla/websocket#CloseError
 websocket.CloseError] with code `CloseNormalClosure` or
 `CloseNoStatusReceived` to `io.EOF`
  4. implements the remaining `net.Conn` methods

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31686 [Internal Services/Tor Sysadmin Team]: retire textile

[Tor Bug Tracker & Wiki]

#31686: retire textile
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  accepted
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 chiwui specs:

  * 20G, 4G swap
  * 2G RAM
  * 2CPU
  * SWAP_UUID=484b554e-fb17-4330-94e6-9a3fa3f8e1ed
  * NEW_IP=116.202.120.176

 There are two old IP addresses, strangely: 138.201.14.212 and
 138.201.14.213, respectively chiwui2 and chiwui4 in DNS, not sure why that
 is.

 i migrated a first version of the machine over and things still seem to
 work, although it's hard to tell if TBB is pinging the old server or the
 new (probably the former, unfortunately). will start the final migration
 now.
 correct interfaces file:

 {{{
 iface eth0 inet static
 #address 138.201.14.212/27
 #gateway 138.201.14.193
 address 116.202.120.176/27
 gateway 116.202.120.161
 iface eth0 inet static
 address 138.201.14.213/27
 iface eth0 inet6 static
 accept_ra 0
 #address 2a01:4f8:172:1b46:0:abba:20:1/96
 #gateway 2a01:4f8:172:1b46:0:abba:0:1
 address 2a01:4f8:fff0:4f:266:37ff:fe5a:8583/64
 gateway 2a01:4f8:fff0:4f::1
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33144 [Circumvention/Snowflake]: Overhaul websocketconn.Conn; implement net.Conn

[Tor Bug Tracker & Wiki]

#33144: Overhaul websocketconn.Conn; implement net.Conn
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by dcf):

 * status:  assigned => needs_review


Comment:

 *
 
[https://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=bug33144-websocketconn=4a13694eefc21a11a2a9df5a59bbfba90a9e38da
 commits]
 *
 
[https://gitweb.torproject.org/user/dcf/snowflake.git/diff/?h=bug33144-websocketconn=4a13694eefc21a11a2a9df5a59bbfba90a9e38da=564d1c83634f26341c423815387e728f14c0e61d
 diff]

 To see the test failures, do this:
 {{{
 git checkout d03847bbaa83bc30e6fa57929b9d7bac1788a824
 cd common/websocketconn/
 go test -race
 }}}

 The output may differ; an example output for me just now is
 attachment:bug33144-websocketconn-test-failures.txt.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33144 [Circumvention/Snowflake]: Overhaul websocketconn.Conn; implement net.Conn

[Tor Bug Tracker & Wiki]

#33144: Overhaul websocketconn.Conn; implement net.Conn
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by dcf):

 * Attachment "bug33144-websocketconn-test-failures.txt" added.

 git checkout d03847bbaa83bc30e6fa57929b9d7bac1788a824; cd
 common/websocketconn; go test -race

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33144 [Circumvention/Snowflake]: Overhaul websocketconn.Conn; implement net.Conn

[Tor Bug Tracker & Wiki]

#33144: Overhaul websocketconn.Conn; implement net.Conn
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  enhancement  | Status:  assigned
 Priority:  Medium   |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+--
 In the turbotunnel branch I found it convenient to have
 `websocketconn.Conn` implement `net.Conn`, not only `io.ReadWriteCloser`.
 While implementing the additional methods, I found some ways that
 `websocketconn.Conn`'s existing methods do not satisfy the requirements of
 `net.Conn`:
  * there are data races when multiple goroutines call `Read` or `Write`.
* this is partly because `Read` assigns to the shared field `conn.r`,
 and partly because [https://godoc.org/github.com/gorilla/websocket#hdr-
 Concurrency the underlying websocket.Conn doesn't permit concurrent
 access].
  * when a websocketconn.Conn is closed, it starts returning some kind of
 [https://godoc.org/github.com/gorilla/websocket#CloseError
 websocket.CloseError], not `io.EOF`.

 This branch
  1. adds tests that expose the above issues
  2. rewrites `websocketconn.Conn` to serialize `Read`s and `Write`s using
 my favorite `io.Pipe`-with-goroutine trick
  3. implements the remaining `net.Conn` methods

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31686 [Internal Services/Tor Sysadmin Team]: retire textile

[Tor Bug Tracker & Wiki]

#31686: retire textile
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  accepted
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 gayi decom procedure done:

 1. N/A
 2. shutdown
 3. undefined
 4. scheduled removal in 7 days: `echo 'rm -r
 /srv/vmstore/gayi.torproject.org/' | at now + 7 days`
 5. N/A: gayi remains for now, because it's still on gnt-fsn
 6. N/A
 7. N/A
 8. N/A
 9. N/A
 10. move to gnt-fsn in the spreadsheet
 11. N/A
 12. N/A
 13. N/A
 14. N/A
 15. N/A

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31686 [Internal Services/Tor Sysadmin Team]: retire textile

[Tor Bug Tracker & Wiki]

#31686: retire textile
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  accepted
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 gayi migrated to gnt-fsn, DNS records updated. next step is gayi decom.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30977 [Applications/Tor Browser]: Make it possible to measure Tor performance while doing Tor Browser updates/update pings

[Tor Bug Tracker & Wiki]

#30977: Make it possible to measure Tor performance while doing Tor Browser
updates/update pings
-+--
 Reporter:  gk   |  Owner:  tbb-team
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-performance, tbb-update  |  Actual Points:
Parent ID:  #31893   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by sysrqb):

 * parent:   => #31893


Comment:

 We can start with emitted the log locally, then we can think about how we
 can safely publish the information.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30939 [Applications/Tor Browser]: Use Firefox's Tracking Protection as a means for performance improvements (was: Use Firefox's Enhanced Tracking Protection as a means for performance

[Tor Bug Tracker & Wiki]

#30939: Use Firefox's Tracking Protection as a means for performance 
improvements
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  project   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-performance, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by sysrqb):

 We learned we don't want the "Enhanced" part of "Tracking Protection".
 Maybe #17569 or https://github.com/brave/adblock-rust are better
 alternatives, too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33072 [Core Tor/Tor]: When under load, give 503 aggressively for dirport requests without compression

[Tor Bug Tracker & Wiki]

#33072: When under load, give 503 aggressively for dirport requests without
compression
---+---
 Reporter:  nickm  |  Owner:  dgoulet
 Type:  defect | Status:  needs_revision
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  network-health 043-should  |  Actual Points:
Parent ID:  #33018 | Points:
 Reviewer:  nickm, teor, arma  |Sponsor:
---+---
Changes (by dgoulet):

 * status:  needs_review => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32230 [Core Tor/Tor]: configure summary is confusing or incorrect

[Tor Bug Tracker & Wiki]

#32230: configure summary is confusing or incorrect
--+
 Reporter:  teor  |  Owner:  dgoulet
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  043-must  |  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:  teor  |Sponsor:
--+
Changes (by dgoulet):

 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:2 teor]:
 > Replying to [comment:1 dgoulet]:
 > > Replying to [ticket:32230 teor]:
 > > > Inverted, should be --enable-* :
 > > > * --disable-seccomp
 > > > * --disable-libscrypt
 > > > * --disable-gcc-hardening ?
 > > > * --disable-linker-hardening ?
 > > > * --disable-module-dirauth
 > > > * --disable-unittests
 > >
 > > All these are enabled by default and thus why we put in the
 `--disable`. If one does autocompletion on `./configure --enable-`, none
 of the above shows up.
 >
 > Ok, but the output is still wrong:
 >
 > {{{
 > test "x$enable_seccomp" != "xno" && value=1 || value=0
 > PPRINT_PROP_BOOL([libseccomp (--disable-seccomp)], $value)
 > }}}
 >
 > If enable_seccomp is yes, then value is 1, and we print --disable-
 seccomp yes.
 > But we should actually print one of these:
 > * --enable-seccomp yes
 > * --disable-seccomp no
 >
 > I prefer the output without the double-negative.
 > But I can understand if you want to print the non-default option as
 well.

 Right, the string is hardcoded regardless of the value of the option.
 Basically, the `--disable-seccomp` is the configure option that is
 available, regardless if you enabled it or not.

 The way to look at it is `libseccomp = yes/no`. The configure options
 there were added so the user knows how to switch the option on or off.

 I agree it is confusing. We would need to handle different text output for
 _each_ option depending on their values. Maybe another ticket?

 Another way to look at it is that `--enable-seccomp` virtually doesn't
 exists, you either have no option which enables seccomp by default or you
 disable it with `--disable`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33143 [Internal Services/Tor Sysadmin Team]: ferm: convert BASE_SSH_ALLOWED rules into puppet exported rules

[Tor Bug Tracker & Wiki]

#33143: ferm: convert BASE_SSH_ALLOWED rules into puppet exported rules
-+-
 Reporter:  anarcat  |  Owner:  tpa
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin   |Version:
  Team   |   Keywords:  tpa-
 Severity:  Normal   |  roadmap-february
Actual Points:   |  Parent ID:  #31239
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 right now a new node technically doesn't get the "jumphost" functionality
 ("has SSH access everywhere else") out of the box. for that to work, the
 network the box is on needs to be added to `tor-
 puppet/modules/ferm/templates/defs.conf.erb` by hand. this is okay-ish for
 instances of IP ranges that already exist, but is a pain for new (say)
 ganeti nodes themselves which are usually not in those ranges (as opposed
 to their instances, using the vswitch range).

 so those magic IP addresses should be turned into exported resources that
 follow our policy. maybe that exported resource should be part of a
 "jumphost" class that get included where we want, or just everywhere, but
 in any case, it should be moved into puppet to make installs more
 consistent and faster.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33114 [Applications/Orbot]: Crash after update to 16.1.4-BETA-1-tor-0.4.2.5-rc (from f-droid)

[Tor Bug Tracker & Wiki]

#33114: Crash after update to 16.1.4-BETA-1-tor-0.4.2.5-rc (from f-droid)
---+--
 Reporter:  user45738  |  Owner:  n8fr8
 Type:  defect | Status:  new
 Priority:  Very High  |  Milestone:
Component:  Applications/Orbot |Version:  Tor: 0.4.2.5
 Severity:  Major  | Resolution:
 Keywords:  orbot, crash, android, update  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by user45738):

 Thanks n8fr8. Is there a bug report/issue I can follow?

 Downgrading (at least from F-Droid) leads to install-errors for me
 unfortunately.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33142 [Webpages/Website]: update image on sponsors page

[Tor Bug Tracker & Wiki]

#33142: update image on sponsors page
--+--
 Reporter:  bekeela   |  Owner:  hiro
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 On the sponsors page https://www.torproject.org/about/sponsors/ please
 update the image for National Science Foundation via Georgetown.

 In the images folder for the website, there is a Georgetown logo (the one
 that appears on the sponsors page now) and a NSF logo. Maybe an image can
 be created that has both logos? And has the grey background like the other
 logos on the page?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19251 [Applications/Tor Browser]: TorBrowser might want to have an error page specific to when .onion links fail

[Tor Bug Tracker & Wiki]

#19251: TorBrowser might want to have an error page specific to when .onion 
links
fail
---+---
 Reporter:  cypherpunks|  Owner:  brade
 Type:  enhancement| Status:  assigned
 Priority:  Low|  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam202001  |  Actual Points:  3.1
Parent ID:  #30025 | Points:  6
 Reviewer: |Sponsor:
   |  Sponsor27-must
---+---

Comment (by brade):

 Personally I like the thinner lines in the "A" line for the browser and
 onionsite graphics (as compared to the "C" line).  In particular, the fat
 lines of the browser window makes the toolbar seem disproportionately
 large.

 I'm concerned that using a cloud graphic may confuse users about what the
 Tor Network is.  I think many users will think of a cloud (on the
 Internet) as the place where they store images and files rather than the
 network.  We should also be careful about reusing the Tor Browser icon to
 represent Network or Onionsite. Ticket #23486 includes some other ideas
 for icons, although our design ideas have evolved since that ticket was
 updated.

 For "onion site" vs "onionsite", I'm ok with either term. I am curious how
 "website" localizes.  If we are coining a new term in English
 ("onionsite") will our translators be able to create an equivalent term in
 their language?  I assume they can handle it, but maybe we should check
 with emmapeel.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #5830 [Webpages/Research]: Write tool to automate web queries to Tor; and use Stem to track stream/circ allocation and results

[Tor Bug Tracker & Wiki]

#5830: Write tool to automate web queries to Tor; and use Stem to track
stream/circ allocation and results
-+-
 Reporter:  arma |  Owner:
 |  metrics-team
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Webpages/Research|Version:
 Severity:  Normal   | Resolution:
 Keywords:  bounty, nickm-cares, research-   |  Actual Points:
  ideas, metrics-roadmap-2019-q2, network-   |
  health |
Parent ID:   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  bounty, nickm-cares, research-ideas, metrics-roadmap-2019-q2
 =>
 bounty, nickm-cares, research-ideas, metrics-roadmap-2019-q2, network-
 health


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32372 [Core Tor/Tor]: Add a practracker mode that only regenerates over-broad exceptions

[Tor Bug Tracker & Wiki]

#32372: Add a practracker mode that only regenerates over-broad exceptions
--+
 Reporter:  teor  |  Owner:  nickm
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should|  Actual Points:  .2
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 (CI is now passing)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31011 [Core Tor/Tor]: Make the bridge authority reject private PT addresses when DirAllowPrivateAddresses is 0

[Tor Bug Tracker & Wiki]

#31011: Make the bridge authority reject private PT addresses when
DirAllowPrivateAddresses is 0
--+
 Reporter:  teor  |  Owner:  cjb
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #31009| Points:  1
 Reviewer:  ahf   |Sponsor:  Sponsor28-can
--+

Comment (by cjb):

 Replying to [comment:17 teor]:
 > In this case, I think we should log a warning or notice-level message.
 Because it is still likely to be a misconfiguration. (Im pretty sure tor
 understands all current PT addresses.)

 Thanks, here's a v2 of the patch that adds this notice.

 {{{
 From be21a19923793836918386fa8672932befb9e645 Mon Sep 17 00:00:00 2001
 From: Chris Ball 
 Date: Tue, 28 Jan 2020 17:07:06 -0800
 Subject: [PATCH] Refuse to publish a bridge with internal addr to
 bridgeauth

 If a PT:
   * has ServerTransportListenAddr set to an internal address
   * and it's a bridge
   * and it's publishing its descriptor to the default bridge authorities
 then fail the config as invalid, since we don't want internal IP info
 being sent to bridgeauths for distribution.

 And for clients that aren't running with this fix: if we're a bridgeauth,
 reject extra-info descs containing those internal addresses.
 ---
  src/feature/dirauth/process_descs.c  |  9 +
  src/feature/relay/transport_config.c | 17 -
  src/test/conf_examples/pt_10/error   |  1 +
  src/test/conf_examples/pt_10/torrc   |  9 +
  4 files changed, 35 insertions(+), 1 deletion(-)
  create mode 100644 src/test/conf_examples/pt_10/error
  create mode 100644 src/test/conf_examples/pt_10/torrc

 diff --git a/src/feature/dirauth/process_descs.c
 b/src/feature/dirauth/process_descs.c
 index baf8f8c21..1c2c48ea3 100644
 --- a/src/feature/dirauth/process_descs.c
 +++ b/src/feature/dirauth/process_descs.c
 @@ -895,6 +895,15 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char
 **msg)
  goto fail;
}

 +  /* If the extrainfo descriptor contains an internal address, reject it.
 */
 +  if (dirserv_router_has_valid_address(ri) < 0) {
 +log_notice(LD_DIR, "Rejecting an extrainfo descriptor '%s' "
 +   "with an internal address.", ri->nickname);
 +*msg = "Router extrainfo descriptor contained an internal address.";
 +rv = ROUTER_AUTHDIR_REJECTS;
 +goto fail;
 +  }
 +
if ((r = routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei,
>cache_info, msg)))
 {
  if (r<0) {
 diff --git a/src/feature/relay/transport_config.c
 b/src/feature/relay/transport_config.c
 index 7dcce70e3..7cf023bec 100644
 --- a/src/feature/relay/transport_config.c
 +++ b/src/feature/relay/transport_config.c
 @@ -16,7 +16,7 @@

  #include "lib/encoding/confline.h"
  #include "lib/encoding/keyval.h"
 -
 +#include "lib/net/address.h"
  #include "lib/container/smartlist.h"

  /* Required for dirinfo_type_t in or_options_t */
 @@ -230,6 +230,21 @@ options_validate_server_transport(const or_options_t
 *old_options,
  char *bindaddr = get_bindaddr_from_transport_listen_line(cl->value,
 NULL);
  if (!bindaddr)
REJECT("ServerTransportListenAddr did not parse. See logs for
 details.");
 +
 +tor_addr_t tor_addr;
 +uint16_t tor_port;
 +int parse_rv = tor_addr_port_parse(LOG_WARN, bindaddr, _addr,
 _port, 0);
 +if (parse_rv < 0) {
 +log_notice(LD_CONFIG, "Your ServerTransportListenAddr failed to
 parse "
 +  "as a Tor address; check your
 configuration.");
 +}
 +if (parse_rv == 0 &&
 +tor_addr_is_internal(_addr, 0) &&
 +options->PublishServerDescriptor_ == BRIDGE_DIRINFO &&
 +!options->AlternateBridgeAuthority)
 +  REJECT("ServerTransportListenAddr is an internal address, "
 + "refusing to publish this bridge to the default bridge
 authorities.");
 +
  tor_free(bindaddr);
}

 diff --git a/src/test/conf_examples/pt_10/error
 b/src/test/conf_examples/pt_10/error
 new file mode 100644
 index 0..17a200942
 --- /dev/null
 +++ b/src/test/conf_examples/pt_10/error
 @@ -0,0 +1 @@
 +ServerTransportListenAddr is an internal address, refusing to publish
 this bridge to the default bridge authorities.
 diff --git a/src/test/conf_examples/pt_10/torrc
 b/src/test/conf_examples/pt_10/torrc
 new file mode 100644
 index 0..c08f34091
 --- /dev/null
 +++ b/src/test/conf_examples/pt_10/torrc
 @@ -0,0 +1,9 @@
 +# Relay PT tests
 +# Options from relay/transport_config.c
 +# Try a valid minimal config, with a bad ServerTransportListenAddr
 +ORPort 2
 +ExtORPort 1
 +BridgeRelay 1
 +ServerTransportPlugin bad3 exec /
 

Re: [tor-bugs] #33098 [Internal Services/Tor Sysadmin Team]: fsn-node-03 disk problems

[Tor Bug Tracker & Wiki]

#33098: fsn-node-03 disk problems
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Blocker  | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 box rebooted fine last week, disk arrays are all sync'd and work fine (no
 smartd error), we're done with the disk problems here hopefully.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33141 [Internal Services/Tor Sysadmin Team]: migrate sysadmin roadmap in trac wiki

[Tor Bug Tracker & Wiki]

#33141: migrate sysadmin roadmap in trac wiki
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:  assigned
 Priority:  High |  Milestone:
Component:  Internal Services/Tor Sysadmin   |Version:
  Team   |   Keywords:  tpa-
 Severity:  Minor|  roadmap-february
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 right now we have the sysadmin roadmap in three places:

  * https://pad.riseup.net/p/CYOUx21kpxLL_5Eui61J-tpa-roadmap-2020
  *
 https://pad.riseup.net/redirect#https%3A//help.torproject.org/tsa/roadmap/2020/
  * https://trac.torproject.org/projects/tor/wiki/org/teams/SysadminTeam

 let's move all of this in one, or at most two, location, probably the
 latter since we're now using tickets for february and march.

 we can keep the free-form text thing for the remaining months for now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33134 [Internal Services/Tor Sysadmin Team]: Improve documentation for interacting with db.torproject.org

[Tor Bug Tracker & Wiki]

#33134: Improve documentation for interacting with db.torproject.org
-+-
 Reporter:  gk   |  Owner:  anarcat
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 https://help.torproject.org/tsa/howto/ldap/ is docs i wrote because i had
 to braindump stuff i found out and changing https://db.torproject.org/ was
 harder (and i couldn't immediately figure it out).

 thanks for the suggestions, i'll process this on friday.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32532 [Internal Services/Tor Sysadmin Team]: Install ZNC on Chives, make pastly admin it

[Tor Bug Tracker & Wiki]

#32532: Install ZNC on Chives, make pastly admin it
-+-
 Reporter:  pastly   |  Owner:  pastly
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by anarcat):

 apparently, i've been told you should be able to push to the wiki
 yourself. the readonly repository, you probably already know here:

 https://gitweb.torproject.org/project/help/wiki.git/

 but you should also be able to pull and push from the read-write URL as
 long as you have an SSH key on the git server:

 g...@git-rw.torproject.org:project/help/wiki.git

 please try that and let me know if works (or doesn't).

 also do let me know what the next steps should be here, i'm a bit lost as
 to what we should do next. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32372 [Core Tor/Tor]: Add a practracker mode that only regenerates over-broad exceptions

[Tor Bug Tracker & Wiki]

#32372: Add a practracker mode that only regenerates over-broad exceptions
--+
 Reporter:  teor  |  Owner:  nickm
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  accepted => needs_review


Comment:

 Travis has passed.  Appveyor found an issue with --regen and --regen-
 overbroad on windows; I've added another commit to address that one.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32372 [Core Tor/Tor]: Add a practracker mode that only regenerates over-broad exceptions

[Tor Bug Tracker & Wiki]

#32372: Add a practracker mode that only regenerates over-broad exceptions
--+
 Reporter:  teor  |  Owner:  nickm
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should|  Actual Points:  .2
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * actualpoints:   => .2


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32372 [Core Tor/Tor]: Add a practracker mode that only regenerates over-broad exceptions

[Tor Bug Tracker & Wiki]

#32372: Add a practracker mode that only regenerates over-broad exceptions
--+
 Reporter:  teor  |  Owner:  nickm
 Type:  enhancement   | Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should|  Actual Points:
Parent ID:| Points:  1
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 See branch `practracker_regen_overbroad_2` with PR at
 https://github.com/torproject/tor/pull/1705 .  It includes an integration
 test for --regen-overbroad, as well as one for --regen.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31078 [Core Tor/Tor]: improve docs for config var abstraction

[Tor Bug Tracker & Wiki]

#31078: improve docs for config var abstraction
+
 Reporter:  catalyst|  Owner:  nickm
 Type:  enhancement | Status:  assigned
 Priority:  Medium  |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  043-should doc  |  Actual Points:
Parent ID:  #29211  | Points:  2
 Reviewer:  |Sponsor:
+

Comment (by nickm):

 Ping on this ticket: I can make the changes that teor and I discussed
 above, but I'd like to know whether you think they make a good start,
 Catalyst.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33139 [Core Tor/Tor]: New Identity should remove v3 client auth ephemeral keys

[Tor Bug Tracker & Wiki]

#33139: New Identity should remove v3 client auth ephemeral keys
-+
 Reporter:  mcs  |  Owner:  (none)
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  security 043-should  |  Actual Points:  0.1
Parent ID:  #3   | Points:  0.1
 Reviewer:  asn  |Sponsor:  Sponsor27-must
-+
Changes (by dgoulet):

 * status:  new => needs_review
 * reviewer:   => asn
 * points:   => 0.1
 * actualpoints:   => 0.1


Comment:

 Branch: `ticket33139_043_01`
 PR: https://github.com/torproject/tor/pull/1704

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33022 [Internal Services/Service - git]: Grant Georg DocTor permissions

[Tor Bug Tracker & Wiki]

#33022: Grant Georg DocTor permissions
-+
 Reporter:  atagar   |  Owner:  tor-gitadm
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by gk):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Thanks. We should be good here then.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32949 [Internal Services/Service - git]: Migrate dip from gitlab-01 to gitlab-02

[Tor Bug Tracker & Wiki]

#32949: Migrate dip from gitlab-01 to gitlab-02
-+--
 Reporter:  hiro |  Owner:  hiro
 Type:  defect   | Status:  assigned
 Priority:  High |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  gitlab tpa-roadmap-february  |  Actual Points:
Parent ID:  #32730   | Points:  5
 Reviewer:   |Sponsor:
-+--
Changes (by gaba):

 * points:   => 5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32390 [Internal Services/Service - sandstorm]: decomission storm / bracteata on February 11, 2020 (was: decomission storm / bracteata on February 4, 2020)

[Tor Bug Tracker & Wiki]

#32390: decomission storm / bracteata on February 11, 2020
---+--
 Reporter:  gaba   |  Owner:  hiro
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - sandstorm  |Version:
 Severity:  Normal | Resolution:
 Keywords:  tpa-roadmap-february   |  Actual Points:
Parent ID:  #32267 | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gaba):

 * cc: gaba (added)


Comment:

 Let's give it more time. I will follow with people.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33140 [Core Tor]: Clusterfuzz environment flags reused for dependencies

[Tor Bug Tracker & Wiki]

#33140: Clusterfuzz environment flags reused for dependencies
---+
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  clusterfuzz, oss-fuzz  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by cypherpunks):

 If tor doesn't use openssl correctly tor fails the test. Openssl is fuzzed
 upstream so the instrumentation doesn't help because we don't complete the
 openssl fuzz build, we complete the tor fuzz build.

 That and when used with zlib you literally have no choice but to fully
 instrument the zlib build or expect zlib to to break eventually.

 I'm going to leave this here for open discussion and check in
 periodically.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32949 [Internal Services/Service - git]: Migrate dip from gitlab-01 to gitlab-02

[Tor Bug Tracker & Wiki]

#32949: Migrate dip from gitlab-01 to gitlab-02
-+--
 Reporter:  hiro |  Owner:  hiro
 Type:  defect   | Status:  assigned
 Priority:  High |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  gitlab tpa-roadmap-february  |  Actual Points:
Parent ID:  #32730   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by gaba):

 * priority:  Medium => High


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32901 [Internal Services/Tor Sysadmin Team]: puppetize Nagios

[Tor Bug Tracker & Wiki]

#32901: puppetize Nagios
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  assigned
 Priority:  Low  |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Major| Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:  #31239   | Points:  10
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * points:   => 10


Comment:

 probably underestimating here even, but gotta give some ballpark.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33073 [Core Tor/Tor]: Write a proposal for Tor Relays to Automatically Find their IPv6 Address

[Tor Bug Tracker & Wiki]

#33073: Write a proposal for Tor Relays to Automatically Find their IPv6 Address
-+
 Reporter:  teor |  Owner:  teor
 Type:  task | Status:  needs_information
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay  |  Actual Points:  3
Parent ID:  #5940| Points:  2
 Reviewer:   |Sponsor:  Sponsor55-must
-+
Changes (by dgoulet):

 * status:  needs_review => needs_information


Comment:

 Discussions are happening on tor-dev@ so once the dust as settled, I
 propose we put this one in `merge_ready` (once you are satisfied teor) so
 we can add it to tor-spec.git.

 Proposal doesn't need to be perfect, just in a state that implementation
 can possibly start.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31957 [Internal Services/Tor Sysadmin Team]: automate upgrades

[Tor Bug Tracker & Wiki]

#31957: automate upgrades
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * owner:  hiro => anarcat
 * points:   => 0.5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32103 [Core Tor/Tor]: Subsystem "thread_cleanup" is never called

[Tor Bug Tracker & Wiki]

#32103: Subsystem "thread_cleanup" is never called
--+
 Reporter:  opara |  Owner:  nickm
 Type:  defect| Status:  accepted
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should, extra-review  |  Actual Points:  .2
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => accepted


Comment:

 This isn't actually ready for review yet: my branch is incomplete, and
 opara's patches are not proposed for Tor integration.  I'll work on both
 to see what I can use, and then make a branch for review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30733 [Core Tor/sbws]: sbws does not detect changes in descriptor bandwidth values

[Tor Bug Tracker & Wiki]

#30733: sbws does not detect changes in descriptor bandwidth values
-+-
 Reporter:  starlight|  Owner:  juga
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:  sbws:
 |  1.1.x-final
Component:  Core Tor/sbws|Version:  sbws:
 |  1.1.0
 Severity:  Critical | Resolution:
 Keywords:  sbws-majority-blocker, sbws-roadmap  |  Actual Points:
Parent ID:  #33121   | Points:  1
 Reviewer:  asn  |Sponsor:
-+-
Changes (by dgoulet):

 * reviewer:   => asn


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31011 [Core Tor/Tor]: Make the bridge authority reject private PT addresses when DirAllowPrivateAddresses is 0

[Tor Bug Tracker & Wiki]

#31011: Make the bridge authority reject private PT addresses when
DirAllowPrivateAddresses is 0
--+
 Reporter:  teor  |  Owner:  cjb
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #31009| Points:  1
 Reviewer:  ahf   |Sponsor:  Sponsor28-can
--+
Changes (by dgoulet):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31081 [Core Tor/Tor]: GETCONF allows zero arguments, contrary to spec

[Tor Bug Tracker & Wiki]

#31081: GETCONF allows zero arguments, contrary to spec
---+
 Reporter:  catalyst   |  Owner:  (none)
 Type:  task   | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tor-control, tor-spec  |  Actual Points:  0.1
Parent ID: | Points:  1
 Reviewer:  teor   |Sponsor:
---+
Changes (by dgoulet):

 * reviewer:   => teor


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32103 [Core Tor/Tor]: Subsystem "thread_cleanup" is never called

[Tor Bug Tracker & Wiki]

#32103: Subsystem "thread_cleanup" is never called
--+
 Reporter:  opara |  Owner:  nickm
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  043-should, extra-review  |  Actual Points:  .2
Parent ID:| Points:
 Reviewer:  catalyst  |Sponsor:
--+
Changes (by dgoulet):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32335 [Core Tor/Tor]: Set up a .github repository on GitHub

[Tor Bug Tracker & Wiki]

#32335: Set up a .github repository on GitHub
--+--
 Reporter:  teor  |  Owner:  (none)
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-github, 043-deferred  |  Actual Points:
Parent ID:| Points:  1
 Reviewer:  catalyst  |Sponsor:
--+--
Changes (by dgoulet):

 * reviewer:   => catalyst


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32831 [Core Tor/Tor]: create JAR artifacts for consuming geoip files in Android apps

[Tor Bug Tracker & Wiki]

#32831: create JAR artifacts for consuming geoip files in Android apps
-+
 Reporter:  eighthave|  Owner:  (none)
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  Android, tbb-mobile  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  ahf  |Sponsor:
-+
Changes (by dgoulet):

 * reviewer:   => ahf


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32472 [Core Tor/Tor]: buf_flush_to_tls: Non-fatal assertion !(flushlen > *buf_flushlen)

[Tor Bug Tracker & Wiki]

#32472: buf_flush_to_tls: Non-fatal assertion !(flushlen > *buf_flushlen)
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  assert, tor-connection 043-must  |  Actual Points:
Parent ID:   | Points:
 Reviewer:  dgoulet  |Sponsor:
-+-
Changes (by dgoulet):

 * reviewer:   => dgoulet


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33069 [Core Tor/Tor]: Init sk if loaded from service blob to be on the curve

[Tor Bug Tracker & Wiki]

#33069: Init sk if loaded from service blob to be on the curve
--+
 Reporter:  saibato   |  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  backport? |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by dgoulet):

 * reviewer:   => nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33139 [Core Tor/Tor]: New Identity should remove v3 client auth ephemeral keys

[Tor Bug Tracker & Wiki]

#33139: New Identity should remove v3 client auth ephemeral keys
-+
 Reporter:  mcs  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  security 043-should  |  Actual Points:
Parent ID:  #3   | Points:
 Reviewer:   |Sponsor:  Sponsor27-must
-+
Changes (by dgoulet):

 * keywords:  security 043-should 042-backport => security 043-should


Comment:

 No backport needed. Ephemeral client authorization was introduced in 043
 alpha.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33140 [Core Tor]: Clusterfuzz environment flags reused for dependencies

[Tor Bug Tracker & Wiki]

#33140: Clusterfuzz environment flags reused for dependencies
---+
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Core Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  clusterfuzz, oss-fuzz  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by nickm):

 >This sounds wrong. If we're fuzzing tor then why are we also
 instrumenting dependencies for clusterfuzz? It looks like the dependencies
 should override these flags when built to avoid conflicts.

 I'm no fuzzing expert, but here is my understanding:

 I think we want to instrument everything, so that we can find it when code
 outside of Tor is caused by Tor to leak memory, invoke undefined behavior,
 or whatever.

 Even though openssl is fuzzed itself, that's no guarantee that Tor is
 using openssl correctly: we might be invoking an openssl function with a
 too-short buffer, or using it with an uninitialized object.  If we did,
 then the fuzzers might not find that unless the openssl code that we're
 using is also implemented.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32914 [Internal Services/Tor Sysadmin Team]: review the puppet bootstrapping process

[Tor Bug Tracker & Wiki]

#32914: review the puppet bootstrapping process
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Minor| Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:  #31239   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * points:   => 1


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33085 [Internal Services/Tor Sysadmin Team]: decomission unifolium/kvm2, 6 VMs to migrate

[Tor Bug Tracker & Wiki]

#33085: decomission unifolium/kvm2, 6 VMs to migrate
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:   | Points:  5
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * points:   => 5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33139 [Core Tor/Tor]: New Identity should remove v3 client auth ephemeral keys

[Tor Bug Tracker & Wiki]

#33139: New Identity should remove v3 client auth ephemeral keys
--+
 Reporter:  mcs   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor:
  |  0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  security 043-should 042-backport  |  Actual Points:
Parent ID:  #3| Points:
 Reviewer:|Sponsor:
  |  Sponsor27-must
--+
Changes (by nickm):

 * keywords:   => security 043-should 042-backport
 * milestone:   => Tor: 0.4.3.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33081 [Internal Services/Tor Sysadmin Team]: new gnt-fsn node (fsn-node-04)

[Tor Bug Tracker & Wiki]

#33081: new gnt-fsn node (fsn-node-04)
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:   | Points:  2
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * points:   => 2


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19757 [Applications/Tor Browser]: Make a menu to add onion and auth-cookie to TB

[Tor Bug Tracker & Wiki]

#19757: Make a menu to add onion and auth-cookie to TB
-+-
 Reporter:  mrphs|  Owner:  brade
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tbb-usability, tor-hs,  |  Actual Points:  6.5
  TorBrowserTeam202001   |
Parent ID:  #3   | Points:  8
 Reviewer:  pospeselr, acat  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by mcs):

 Replying to [comment:34 asn]:
 > Agreed with dgoulet here.
 >
 > If you want "new identity" to cleanup the ephemeral keys we can do that.
 Perhaps open a ticket about it and post on this ticket and we will handle
 it?

 Done; see #33139.

 > I'm not sure about the last bug you mentioned. What is "removed from
 about:preferences"  supposed to and why do you expect it to remove the
 keys from the tor side? And yes the part about New Identity is weird.

 We will capture a log and email it to you and dgoulet (Kathy and I don't
 want to leak private .onion addresses publicly in this ticket). The
 "remove from about:preferences" part means that Tor Browser's new key
 management UI was used to remove a permanent key. From tor's perspective,
 this means that an `ONION_CLIENT_AUTH_REMOVE` command was received on the
 control port.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33140 [Core Tor]: Clusterfuzz environment flags reused for dependencies

[Tor Bug Tracker & Wiki]

#33140: Clusterfuzz environment flags reused for dependencies
---+--
 Reporter:  cypherpunks|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Component:  Core Tor
  Version: |   Severity:  Normal
 Keywords:  clusterfuzz, oss-fuzz  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
 The build script for tor at oss-fuzz currently reuses clusterfuzz
 environment variables to compile dependencies. This has consequences when
 the dependencies themselves are upstream projects at oss-fuzz. The build
 environment sets the following flags to enable fuzzing of a target
 project:

 {{{
 CC=clang
 CXX=clang++
 CFLAGS=-O1 -fno-omit-frame-pointer -gline-tables-only
 -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-
 address-use-after-scope -fsanitize=fuzzer-no-link
 CXXFLAGS=-O1 -fno-omit-frame-pointer -gline-tables-only
 -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-
 address-use-after-scope -fsanitize=fuzzer-no-link -stdlib=libc++
 }}}

 In the case of zlib: Using the environment flags above as-is results in
 activating oss-fuzz instrumentation. Eventually resulting in ambiguously
 placed `undefined symbol __sancov_lowest_stack` because stack depth
 tracing was not instrumented properly. Which leads to a rabbit-hole of why
 are we fixing instrumenting fuzzers in tor's dependencies?

 Now Openssl also has an upstream clusterfuzz instance and so leaving the
 environment flags as-is also results in instrumenting openssl for oss-
 fuzz.

 This sounds wrong. If we're fuzzing tor then why are we also instrumenting
 dependencies for clusterfuzz? It looks like the dependencies **should**
 override these flags when built to avoid conflicts.

 When the flags are overridden to build debug dependencies, followed by
 building tor's fuzzers as usual, `check_build tor` passes all tests.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32996 [Internal Services/Service - jenkins]: trigger lektor/translations build when translation.git/[website] updates

[Tor Bug Tracker & Wiki]

#32996: trigger lektor/translations build when translation.git/[website] updates
-+-
 Reporter:  emmapeel |  Owner:  weasel
 Type:  task | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - jenkins  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  lektor, l10n, jenkins|  Actual Points:
Parent ID:  #32746   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by weasel):

 Replying to [comment:2 emmapeel]:
 > The branch is building at the right time, but it seems there is a
 problem with the translation files:
 >
 > Lektor is not finding the files from translation.git at the time of
 building (a path change needed?).

 This might be a different ticket, though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33092 [Core Tor/Tor]: Pass -bind_at_load on macOS

[Tor Bug Tracker & Wiki]

#33092: Pass -bind_at_load on macOS
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  macos |  Actual Points:
Parent ID:| Points:
 Reviewer:  teor, nickm   |Sponsor:
--+
Changes (by dgoulet):

 * keywords:   => macos
 * reviewer:   => teor, nickm


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33139 [Core Tor/Tor]: New Identity should remove v3 client auth ephemeral keys

[Tor Bug Tracker & Wiki]

#33139: New Identity should remove v3 client auth ephemeral keys
--+
 Reporter:  mcs   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3| Points:
 Reviewer:|Sponsor:  Sponsor27-must
--+
Changes (by mcs):

 * sponsor:   => Sponsor27-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32391 [Internal Services/Service - nextcloud]: Purge test accounts and data from riseup in February 4, 2020

[Tor Bug Tracker & Wiki]

#32391: Purge test accounts and data from riseup in February 4, 2020
-+-
 Reporter:  gaba |  Owner:  gaba
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service -  |Version:
  nextcloud  |
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-march|  Actual Points:
Parent ID:  #32267   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * status:  new => assigned
 * owner:  nextcloud-admin@… => gaba


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33139 [Core Tor/Tor]: New Identity should remove v3 client auth ephemeral keys

[Tor Bug Tracker & Wiki]

#33139: New Identity should remove v3 client auth ephemeral keys
--+
 Reporter:  mcs   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #3
   Points:|   Reviewer:
  Sponsor:|
--+
 As discussed in ticket:19757#comment:31 through comment 34, tor should
 remove all of the ephemeral v3 client authorization keys when a NEWNYM
 signal is received (new identity).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33101 [Internal Services/Service - git]: gitweb.tpo lists ghost arma repos

[Tor Bug Tracker & Wiki]

#33101: gitweb.tpo lists ghost arma repos
-+
 Reporter:  arma |  Owner:  tor-gitadm
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 I removed a nickm ghost repo as well

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33131 [Core Tor/Tor]: Bug: buf->datalen >= 0x7fffffff

[Tor Bug Tracker & Wiki]

#33131: Bug: buf->datalen >= 0x7fff
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Low   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.4.2.5
 Severity:  Minor | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * priority:  Medium => Low
 * milestone:  Tor: unspecified => Tor: 0.4.4.x-final


Comment:

 Okay.  We should fix this as correctness issue, but from what I can tell
 the solution for now is "don't set bandwidthrate so high" -- so we can
 leave it alone in 0.4.3.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33022 [Internal Services/Service - git]: Grant Georg DocTor permissions

[Tor Bug Tracker & Wiki]

#33022: Grant Georg DocTor permissions
-+
 Reporter:  atagar   |  Owner:  tor-gitadm
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by Sebastian):

 Git stuff done

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32940 [Internal Services/Service - git]: git: Give GeKo access to dirauth-conf.git

[Tor Bug Tracker & Wiki]

#32940: git: Give GeKo access to dirauth-conf.git
-+
 Reporter:  dgoulet  |  Owner:  tor-gitadm
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by Sebastian):

 Done. Please note that GeKo is not a valid username, it should be gk
 afaict.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32940 [Internal Services/Service - git]: git: Give GeKo access to dirauth-conf.git

[Tor Bug Tracker & Wiki]

#32940: git: Give GeKo access to dirauth-conf.git
-+
 Reporter:  dgoulet  |  Owner:  tor-gitadm
 Type:  task | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service - git  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by Sebastian):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33132 [Community/Translations]: Swedish translation has not been added

[Tor Bug Tracker & Wiki]

#33132: Swedish translation has not been added
+---
 Reporter:  jony08  |  Owner:  emmapeel
 Type:  enhancement | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Normal  | Resolution:  not a bug
 Keywords:  translation |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by emmapeel):

 * status:  new => closed
 * resolution:   => not a bug


Comment:

 Yes indeed, as cohosh says, the translations have not been reviewed yet.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33138 [Community/Outreach]: New RT queue and alias iff@tpo

[Tor Bug Tracker & Wiki]

#33138: New RT queue and alias iff@tpo
+--
 Reporter:  ggus|  Owner:  ggus
 Type:  defect  | Status:  new
 Priority:  High|  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Normal  |   Keywords:
Actual Points:  |  Parent ID:
   Points:  |   Reviewer:
  Sponsor:  |
+--
 Hello, as part of Tor Village in Internet Freedom Festival (IFF), we are
 going to open a Call for activities. To manage the proposals, we would
 like to have a new queue in RT:

 email address: iff@tpo
 queue name: iff
 access: pili, ggus

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31239 [Internal Services/Tor Sysadmin Team]: automate installs

[Tor Bug Tracker & Wiki]

#31239: automate installs
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  enhancement  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-february |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tpa-roadmap-february


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33137 [Core Tor/Tor]: Resolve TROVE-2020-003

[Tor Bug Tracker & Wiki]

#33137: Resolve TROVE-2020-003
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  043-must security
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33132 [Community/Translations]: Swedish translation has not been added

[Tor Bug Tracker & Wiki]

#33132: Swedish translation has not been added
+--
 Reporter:  jony08  |  Owner:  emmapeel
 Type:  enhancement | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  translation |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by cohosh):

 I just did an update of the available translations and I'm still not
 seeing Swedish being translated. We use the completed translations branch:
 https://gitweb.torproject.org/translation.git/tree/?h=snowflakeaddon-
 messages.json_completed

 and looking at the Swedish translation, it's all in English still:
 https://gitweb.torproject.org/translation.git/tree/sv/messages.json?h
 =snowflakeaddon-messages.json_completed

 Maybe this is pending a review?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19757 [Applications/Tor Browser]: Make a menu to add onion and auth-cookie to TB

[Tor Bug Tracker & Wiki]

#19757: Make a menu to add onion and auth-cookie to TB
-+-
 Reporter:  mrphs|  Owner:  brade
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tbb-usability, tor-hs,  |  Actual Points:  6.5
  TorBrowserTeam202001   |
Parent ID:  #3   | Points:  8
 Reviewer:  pospeselr, acat  |Sponsor:
 |  Sponsor27-must
-+-
Changes (by mcs):

 * actualpoints:  6.3 => 6.5


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19251 [Applications/Tor Browser]: TorBrowser might want to have an error page specific to when .onion links fail

[Tor Bug Tracker & Wiki]

#19251: TorBrowser might want to have an error page specific to when .onion 
links
fail
---+---
 Reporter:  cypherpunks|  Owner:  brade
 Type:  enhancement| Status:  assigned
 Priority:  Low|  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam202001  |  Actual Points:  3.1
Parent ID:  #30025 | Points:  6
 Reviewer: |Sponsor:
   |  Sponsor27-must
---+---
Changes (by mcs):

 * actualpoints:  2.1 => 3.1


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17202 [Internal Services/Tor Sysadmin Team]: Shut down SVN and decomission the host (gayi)

[Tor Bug Tracker & Wiki]

#17202: Shut down SVN and decomission the host (gayi)
-+-
 Reporter:  nickm|  Owner:  (none)
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-march|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tpa-roadmap-march


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32391 [Internal Services/Service - nextcloud]: Purge test accounts and data from riseup in February 4, 2020

[Tor Bug Tracker & Wiki]

#32391: Purge test accounts and data from riseup in February 4, 2020
-+-
 Reporter:  gaba |  Owner:
 |  nextcloud-admin@…
 Type:  task | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Service -  |Version:
  nextcloud  |
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-march|  Actual Points:
Parent ID:  #32267   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tpa-roadmap-march


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31159 [Internal Services/Tor Sysadmin Team]: Monitor anti-censorship www services with prometheus

[Tor Bug Tracker & Wiki]

#31159: Monitor anti-censorship www services with prometheus
-+-
 Reporter:  phw  |  Owner:  hiro
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-february tpa-roadmap-|  Actual Points:
  march  |
Parent ID:  #30152   | Points:  1
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:  tpa-roadmap-february => tpa-roadmap-february tpa-roadmap-march


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29974 [Internal Services/Tor Sysadmin Team]: move critical services off, and then replace, moly

[Tor Bug Tracker & Wiki]

#29974: move critical services off, and then replace, moly
-+-
 Reporter:  anarcat  |  Owner:  anarcat
 Type:  project  | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-march|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tpa-roadmap-march


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #29397 [Internal Services/Tor Sysadmin Team]: Make use of some donated hardware

[Tor Bug Tracker & Wiki]

#29397: Make use of some donated hardware
-+-
 Reporter:  ln5  |  Owner:  anarcat
 Type:  task | Status:
 |  assigned
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tpa-roadmap-march|  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gaba):

 * keywords:   => tpa-roadmap-march


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32870 [Applications/Tor Browser]: Bump version of pion webrtc in Tor Browser

[Tor Bug Tracker & Wiki]

#32870: Bump version of pion webrtc in Tor Browser
--+---
 Reporter:  cohosh|  Owner:  cohosh
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam202001R |  Actual Points:  .7
Parent ID:  #31971| Points:  1
 Reviewer:  boklm |Sponsor:  Sponsor28
--+---
Changes (by boklm):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:7 boklm]:
 > I will try running dcf's script to see if I get the same result.

 After using the script and comparing with the result I get, the changes
 from this commit look good to me. So I merged it to master with commit
 `af8affa4bfb0c1cea943de716ce64da7c5d2d146`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33134 [Internal Services/Tor Sysadmin Team]: Improve documentation for interacting with db.torproject.org

[Tor Bug Tracker & Wiki]

#33134: Improve documentation for interacting with db.torproject.org
-+-
 Reporter:  gk   |  Owner:  anarcat
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 ISTR that our documentation here is derived from Debian; if that's
 correct, we should first check whether there are any updates in the
 documentation in Debian that we can upstream.  After we're done with this,
 we should see whether the upstream maintainers would like to take our
 improved documentation.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33134 [Internal Services/Tor Sysadmin Team]: Improve documentation for interacting with db.torproject.org

[Tor Bug Tracker & Wiki]

#33134: Improve documentation for interacting with db.torproject.org
-+-
 Reporter:  gk   |  Owner:  anarcat
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:
Component:  Internal Services/Tor Sysadmin Team  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by anarcat):

 * owner:  tpa => anarcat
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33092 [Core Tor/Tor]: Pass -bind_at_load on macOS

[Tor Bug Tracker & Wiki]

#33092: Pass -bind_at_load on macOS
--+
 Reporter:  teor  |  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 So if I'm figuring right, 5.5k is currently around .05% (that is, 5% of
 1%) of the binary size?  Right now, I don't think a savings that small is
 worth even a small amount of risk, if that's the only motivation.

 Is there anything else going on here?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32230 [Core Tor/Tor]: configure summary is confusing or incorrect

[Tor Bug Tracker & Wiki]

#32230: configure summary is confusing or incorrect
--+
 Reporter:  teor  |  Owner:  dgoulet
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:  043-must  |  Actual Points:
Parent ID:| Points:  0.5
 Reviewer:  teor  |Sponsor:
--+

Comment (by nickm):

 Replying to [comment:2 teor]:
 > Replying to [comment:1 dgoulet]:
 > > > * --with-tor-user=[user]
 > > > * --with-tor-group=[group]
 > >
 > > I have no clue where this is used. I can't find `TORUSER` or
 `TORGROUP` being used anywhere?
 >
 > Maybe nickm can help?

 I can't find any evidence of these fields either.  They used to be used by
 some of the scripts in contrib/dist, but all those scripts are now
 removed, since they were obsolete and unmaintained.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service

[Tor Bug Tracker & Wiki]

#33129: Tor node that is not part of the consensus should not be used as 
rendezvous
point with the onion service
+---
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  defect  | Status:  needs_information
 Priority:  Very High   |  Milestone:
Component:  Core Tor|Version:
 Severity:  Critical| Resolution:
 Keywords:  onion services  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by asn):

 * status:  new => needs_information


Comment:

 The reason we dont require RPs to be part of the consensus, is that there
 is no global consensus, and clients and service can have a different one
 at any given time. This will cause desynch issues where the service will
 be rejecting rendezvous requests because they cant find the node on the
 consensus. In theory we could fix this by having the client pass a list of
 rendezvous to the service, but not sure if this is worth it given the
 limited improvements that this will bring to the overall attack (#24487).

 Even if we required that the RP is in the consensus, the attacker can just
 make a bunch of relays in those IPs, get them in the consensus and then
 perform the attack properly. Hence, I dont see the suggested defence being
 such a big improvement here.

 If I'm wrong please correct me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32363 [Core Tor/Tor]: tor_inet_aton parsing of IPv4 literals is too lax

[Tor Bug Tracker & Wiki]

#32363: tor_inet_aton parsing of IPv4 literals is too lax
+--
 Reporter:  liberat |  Owner:  neel
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor:
|  0.4.4.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  BugSmashFund, extra-review  |  Actual Points:
Parent ID:  | Points:  0.2
 Reviewer:  nickm   |Sponsor:
+--
Changes (by teor):

 * keywords:  BugSmashFund => BugSmashFund, extra-review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32363 [Core Tor/Tor]: tor_inet_aton parsing of IPv4 literals is too lax

[Tor Bug Tracker & Wiki]

#32363: tor_inet_aton parsing of IPv4 literals is too lax
--+
 Reporter:  liberat   |  Owner:  neel
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  BugSmashFund  |  Actual Points:
Parent ID:| Points:  0.2
 Reviewer:  nickm |Sponsor:
--+
Changes (by teor):

 * version:  Tor: 0.4.1.6 =>
 * points:   => 0.2
 * milestone:  Tor: 0.4.3.x-final => Tor: 0.4.4.x-final
 * keywords:  043-can => BugSmashFund
 * reviewer:  dgoulet, nickm, teor => nickm
 * type:  defect => enhancement


Comment:

 This code looks fine to me, but I'd like nickm to answer this question
 before we merge:

 Can we add a smartlist_core dependency to lib/net ?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32614 [Core Tor/Tor]: hs-v3: Consider flagging an intro point as bad if rendezvous fails multiple times

[Tor Bug Tracker & Wiki]

#32614: hs-v3: Consider flagging an intro point as bad if rendezvous fails 
multiple
times
-+
 Reporter:  dgoulet  |  Owner:  neel
 Type:  defect   | Status:  needs_revision
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-circuit, tor-hs  |  Actual Points:
Parent ID:   | Points:  0.2
 Reviewer:  dgoulet  |Sponsor:  Sponsor27-can
-+
Changes (by asn):

 * status:  needs_review => needs_revision


Comment:

 Hmm chceked the PR and made a small comment.

 I'm generally concerned here about the lack of unittests.

 Also I'd appreciate a torspec branch (or a thorough post on this ticket)
 that analyzes the effects of this new behavior. For example, what is the
 old behavior vs the new behavior in the following two scenarios:
 - Intro node is broken and does not forward rend requests.
 - Service is overloaded and cannot handle rendezvous.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19757 [Applications/Tor Browser]: Make a menu to add onion and auth-cookie to TB

[Tor Bug Tracker & Wiki]

#19757: Make a menu to add onion and auth-cookie to TB
-+-
 Reporter:  mrphs|  Owner:  brade
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ux-team, tbb-usability, tor-hs,  |  Actual Points:  6.3
  TorBrowserTeam202001   |
Parent ID:  #3   | Points:  8
 Reviewer:  pospeselr, acat  |Sponsor:
 |  Sponsor27-must
-+-

Comment (by asn):

 Agreed with dgoulet here.

 If you want "new identity" to cleanup the ephemeral keys we can do that.
 Perhaps open a ticket about it and post on this ticket and we will handle
 it?

 I'm not sure about the last bug you mentioned. What is "removed from
 about:preferences"  supposed to and why do you expect it to remove the
 keys from the tor side? And yes the part about New Identity is weird.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32709 [Core Tor/Tor]: hsv3: Support onionbalance keys when handling INTRO2 cells

[Tor Bug Tracker & Wiki]

#32709: hsv3: Support onionbalance keys when handling INTRO2 cells
-+-
 Reporter:  asn  |  Owner:  asn
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs scaling onionbalance tor- |  Actual Points:
  spec network-team-roadmap-2020Q1 044-must  |
Parent ID:  #26768   | Points:  5
 Reviewer:  nickm, dgoulet   |Sponsor:
 |  Sponsor27-must
-+-
Changes (by asn):

 * status:  assigned => needs_review


Comment:

 Hello,

 please see https://github.com/torproject/tor/pull/1685 for a PR that fixes
 the remaining issues of comment:15 and also fixes the comment/docs issues
 raised by teor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33067 [Metrics/Consensus Health]: DocTor should fetch microdesc consensus (was: DocTor should fetch microdesc consensus, and use compression)

[Tor Bug Tracker & Wiki]

#33067: DocTor should fetch microdesc consensus
---+--
 Reporter:  arma   |  Owner:  gk
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Metrics/Consensus Health   |Version:
 Severity:  Normal | Resolution:
 Keywords:  GeorgKoppen202002, network-health  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 I am changing the summary of this ticket again under the impression we
 already use compression (see: atagar's comment:9).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #32831 [Core Tor/Tor]: create JAR artifacts for consuming geoip files in Android apps

[Tor Bug Tracker & Wiki]

#32831: create JAR artifacts for consuming geoip files in Android apps
-+
 Reporter:  eighthave|  Owner:  (none)
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  Android, tbb-mobile  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by teor):

 * status:  new => needs_review
 * type:  defect => enhancement
 * milestone:   => Tor: 0.4.4.x-final


Comment:

 Sorry we missed this ticket, it didn't have a milestone, and it wasn't in
 needs_review.

 I've put it in 0.4.4 and in needs_review, so someone should review it in
 the next week or two.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31565 [Core Tor/Tor]: static Tor building against openssl-1.1.1 fails: configure unable to find linkable OpenSSL

[Tor Bug Tracker & Wiki]

#31565: static Tor building against openssl-1.1.1 fails: configure unable to 
find
linkable OpenSSL
-+-
 Reporter:  shredder |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor,openssl,1.1.1,static,mingw   |  Actual Points:
  043-should backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 Replying to [comment:2 arma]:

 >
 > I wonder how rbm solves this one; I'm cc'ing boklm to find out. Maybe
 it's simply by not making it that static.

 Yes, in Tor Browser, tor is dynamically linked to openssl, so we don't
 have this issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs