The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2024-01-22T15:15:35Zhttps://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/39Make lox-distributor listening port configurable2024-01-22T15:15:35ZCecylia BocovichMake lox-distributor listening port configurableRight now we have the lox distributor [hard-coded to listen on port 8001](https://gitlab.torproject.org/tpo/anti-censorship/lox/-/blob/main/crates/lox-distributor/src/main.rs?ref_type=heads#L351). We should make this configurable.Right now we have the lox distributor [hard-coded to listen on port 8001](https://gitlab.torproject.org/tpo/anti-censorship/lox/-/blob/main/crates/lox-distributor/src/main.rs?ref_type=heads#L351). We should make this configurable.https://gitlab.torproject.org/tpo/tpa/team/-/issues/31957automate upgrades2024-01-19T19:44:51Zanarcatautomate upgradesupgrades take up a significant chunk of time every week and distract sysadmins (or at least me) from focusing on other projects.
upgrades should be therefore automated, as much as possible.
see also legacy/trac#31239 about auomated ins...upgrades take up a significant chunk of time every week and distract sysadmins (or at least me) from focusing on other projects.
upgrades should be therefore automated, as much as possible.
see also legacy/trac#31239 about auomated installs and this is part of the wider "ops card questionnaire", where we answered no to a question about this, see legacy/trac#30881.
checklist:
* [x] install needrestart everywhere, in interactive mode
* [x] switch needrestart to automatic mode
* [x] install unattended-upgrades everywhere
* [x] fix major upgrades docs to disable unattended-upgrades during the upgrade run
* ~~[ ] automate reboots~~ see legacy/trac#33406 insteadHiroHirohttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42370Missing Tor Browser for Android store icon for F-droid2024-01-19T16:32:55ZclairehurstMissing Tor Browser for Android store icon for F-droid<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
The listing on F-droid doesn't have an icon for Tor Browser for Android for both stable and alpha (see screenshot belo...<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
The listing on F-droid doesn't have an icon for Tor Browser for Android for both stable and alpha (see screenshot below)
### Environment
**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.**
**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.**
F-droid Basic, Calyxos 5.2.0, Android 14, pixel4a
### Relevant logs and/or screenshots
![Screenshot_20240116-122120](/uploads/324de075c1bfb2a67a0f773e03e3e104/Screenshot_20240116-122120.png){width=25%}clairehurstclairehursthttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41219Tor Browser for Android nightly (9/14) does not start: "Cookie Auth file not ...2024-01-18T17:38:54ZGeorg KoppenTor Browser for Android nightly (9/14) does not start: "Cookie Auth file not created"While testing the first nightly on an aarch64 system I did not get very far:
```
09-17 12:05:12.777 29655 29802 I OnionProxyManager: Starting Tor
09-17 12:05:12.778 29655 29802 I OnionProxyManager: Starting process
09-17 12:05:12.790 296...While testing the first nightly on an aarch64 system I did not get very far:
```
09-17 12:05:12.777 29655 29802 I OnionProxyManager: Starting Tor
09-17 12:05:12.778 29655 29802 I OnionProxyManager: Starting process
09-17 12:05:12.790 29655 29802 I OnionProxyManager: Waiting for control port
09-17 12:05:12.812 29655 29821 I OnionProxyManager: Sep 17 12:05:12.804
[notice] Tor 0.4.5.0-alpha-dev (git-1c4b140427aeb36d) running on Linux
with Libevent 2.1.11-stable, OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A,
Libzstd 1.4.4 and Unknown N/A as libc.
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.805
[notice] Tor can't help you if you use it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.806
[notice] This version is not a stable Tor release. Expect more bugs than
usual.
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.806
[notice] Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Tor 0.4.5.0-alpha-dev
(git-1c4b140427aeb36d) running on Linux with Libevent 2.1.11-stable,
OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A, Libzstd 1.4.4 and Unknown N/A
as libc.
09-17 12:05:12.815 29823 29823 I Tor : Tor 0.4.5.0-alpha-dev
(git-1c4b140427aeb36d) running on Linux with Libevent 2.1.11-stable,
OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A, Libzstd 1.4.4 and Unknown N/A
as libc.
09-17 12:05:12.815 29823 29823 I Tor : Tor can't help you if you use
it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.815 29823 29823 I Tor : Tor can't help you if you use
it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.815 29823 29823 I Tor : This version is not a stable
Tor release. Expect more bugs than usual.
09-17 12:05:12.815 29823 29823 I Tor : This version is not a stable
Tor release. Expect more bugs than usual.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Opening Control listener on 127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Opening Control listener on
127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Opening Control listener on
127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Control listener listening on
port 43604.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Control listener listening on port 43604.
09-17 12:05:12.815 29823 29823 I Tor : Control listener listening on
port 43604.
09-17 12:05:12.815 29823 29823 I Tor : Opened Control listener
connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : Opened Control listener
connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : DisableNetwork is set. Tor
will not make or accept non-control network connections. Shutting down
all existing connections.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Opened Control listener connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : DisableNetwork is set. Tor
will not make or accept non-control network connections. Shutting down
all existing connections.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] DisableNetwork is set. Tor will not make or accept non-control
network connections. Shutting down all existing connections.
09-17 12:05:12.815 29823 29823 W Tor : Your log may contain
sensitive information - you disabled SafeLogging, and you're logging
more than "notice". Don't log unless it serves an important reason.
Overwrite the log afterwards.
09-17 12:05:12.816 29823 29823 W Tor : Your log may contain
sensitive information - you disabled SafeLogging, and you're logging
more than "notice". Don't log unless it serves an important reason.
Overwrite the log afterwards.
09-17 12:05:12.816 29823 29823 I Tor :
options_commit_listener_transaction: Recomputed OOS thresholds:
ConnLimit 1000, ConnLimit_ 1292, ConnLimit_high_thresh 1228,
ConnLimit_low_thresh 969
09-17 12:05:12.816 29823 29823 I Tor :
options_commit_listener_transaction: Recomputed OOS thresholds:
ConnLimit 1000, ConnLimit_ 1292, ConnLimit_high_thresh 1228,
ConnLimit_low_thresh 969
09-17 12:05:12.816 29823 29823 I Tor : crypto_openssl_late_init: NOT
using OpenSSL engine support.
09-17 12:05:12.816 29823 29823 I Tor : crypto_openssl_late_init: NOT
using OpenSSL engine support.
09-17 12:05:12.816 29823 29823 I Tor : evaluate_evp_for_aes: This
version of OpenSSL has a known-good EVP counter-mode implementation.
Using it.
09-17 12:05:12.816 29823 29823 I Tor : evaluate_evp_for_aes: This
version of OpenSSL has a known-good EVP counter-mode implementation.
Using it.
09-17 12:05:12.816 29823 29823 D Tor : tor_disable_debugger_attach:
Attemping to disable debugger attachment to Tor for unprivileged users.
09-17 12:05:12.816 29823 29823 D Tor : tor_rename: Renaming
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control.txt.tmp
to
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control.txt
09-17 12:05:12.817 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:12.817 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:12.817 29823 29823 W Tor : It looks like another Tor
process is running with the same data directory. Waiting 5 seconds to
see if it goes away.
09-17 12:05:12.817 29823 29823 W Tor : It looks like another Tor
process is running with the same data directory. Waiting 5 seconds to
see if it goes away.
09-17 12:05:12.817 29655 29802 I OnionProxyManager: Created control port
file: time = 27ms
09-17 12:05:12.821 29655 29802 I OnionProxyManager: Waiting for cookie
auth file
09-17 12:05:17.818 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:17.818 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:17.818 29823 29823 E Tor : No, it's still there. Exiting.
09-17 12:05:17.818 29823 29823 E Tor : No, it's still there. Exiting.
09-17 12:05:17.818 29823 29823 E Tor : set_options: Bug: Acting on
config options left us in a broken state. Dying. (on Tor
0.4.5.0-alpha-dev 1c4b140427aeb36d)
09-17 12:05:17.818 29823 29823 E Tor : set_options: Bug: Acting on
config options left us in a broken state. Dying. (on Tor
0.4.5.0-alpha-dev 1c4b140427aeb36d)
09-17 12:05:17.819 29823 29823 E Tor : Reading config failed--see
warnings above.
09-17 12:05:17.819 29823 29823 E Tor : Reading config failed--see
warnings above.
09-17 12:05:17.828 29823 29823 D Tor : channel_tls_free_all:
Shutting down TLS channels...
09-17 12:05:17.828 29823 29823 D Tor : channel_tls_free_all: Done
shutting down TLS channels
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Shutting
down channels...
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Freeing
channel_identity_map
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Freeing
channel_gid_map
09-17 12:05:17.829 29823 29823 D Tor : channel_free_all: Done
cleaning up after channels
09-17 12:05:17.830 29823 29823 D Tor : connection_free_minimal:
closing fd 7.
09-17 12:05:17.830 29823 29823 D Tor : scheduler_free_all: Shutting
down scheduler
09-17 12:05:17.831 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down dirauth
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down btrack
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down relay
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down or
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down mainloop
09-17 12:05:17.833 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down process
09-17 12:05:17.834 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down evloop
09-17 12:05:17.834 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down network
09-17 12:05:17.835 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down crypto
09-17 12:05:17.835 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down log
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: Unable to start
Tor: java.io.IOException: Cookie Auth file not created:
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control_auth_cookie,
len = 0
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster:
java.io.IOException: Cookie Auth file not created:
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control_auth_cookie,
len = 0
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
com.msopentech.thali.toronionproxy.OnionProxyManager.start(OnionProxyManager.java:47)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
com.msopentech.thali.android.toronionproxy.AndroidOnionProxyManager.start(AndroidOnionProxyManager.java:1)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService.startTor(TorService.java:12)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService.access$1000(TorService.java:1)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService$IncomingIntentRouter.run(TorService.java:17)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.lang.Thread.run(Thread.java:784)
```
There are bunch of things weird here. First of all, I don't have any
other Tor Browser running nor Orbot installed on that tablet. So, it's
not obvious what is interfering with Tor Browser.
Secondly, for some reason two tor's are started (and both are dying
later) which seems wrong to me.https://gitlab.torproject.org/tpo/core/onionmasq/-/issues/64Error handling UX reminder2024-01-18T16:23:38ZetaError handling UX reminderI need to write up something in tpo/applications/vpn about how to handle connection failures (with logs); this is a reminder ticket to do that :pI need to write up something in tpo/applications/vpn about how to handle connection failures (with logs); this is a reminder ticket to do that :pVPN pre-alpha 05etaetahttps://gitlab.torproject.org/tpo/core/arti/-/issues/1126Consider making arti_pattern() usable more generally2024-01-13T21:11:31Zgabi-250Consider making arti_pattern() usable more generallyContext https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1733#note_2966402Context https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1733#note_2966402Arti: Onion service supportgabi-250gabi-250https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/issues/3Bump version in AppStream metainfo before new release2024-01-12T09:59:41ZasciiwolfBump version in AppStream metainfo before new releaseJust a small reminder. Do not forget to manually bump the version number/date in [AppStream metadata](https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/blob/main/share/metainfo/org.torproject.torbrowser-launcher.metain...Just a small reminder. Do not forget to manually bump the version number/date in [AppStream metadata](https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/blob/main/share/metainfo/org.torproject.torbrowser-launcher.metainfo.xml) before making a new torbrowser-launcher release. :-)
[Here](https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/commit/52f7be32cd434d38771e3ec4471c242678f24564) is an example of how to do it.https://gitlab.torproject.org/tpo/core/arti/-/issues/1128Use a postage::watch channel for receiving onion svc config changes in publis...2024-01-11T18:46:12Zgabi-250Use a postage::watch channel for receiving onion svc config changes in publisher.~~This is needed by the publisher (if the config changes, it may need to republish the descriptor).~~
This now exists, and just needs to get used.~~This is needed by the publisher (if the config changes, it may need to republish the descriptor).~~
This now exists, and just needs to get used.Arti: Onion service supporthttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42355Fullscreen on Android doesn't hide system bars2024-01-11T16:31:14ZPier Angelo VendrameFullscreen on Android doesn't hide system barsIn Tor Browser 13.0.7, when you go on fullscreen on Android, system bars persist.
So, as a matter of fact, it isn't a real fullscreen.
STR:
1. Open a video (tried on Invidious instances, but also other sites)
2. Go to fullscreen
3. No...In Tor Browser 13.0.7, when you go on fullscreen on Android, system bars persist.
So, as a matter of fact, it isn't a real fullscreen.
STR:
1. Open a video (tried on Invidious instances, but also other sites)
2. Go to fullscreen
3. Notice that the both the bar with clock/notifications and the "navigation" bar are still visible (I'm using gesture-based navigation, so I don't have a bar with buttons, but a bar with a horizontal line)
If you open the same site on Firefox (but without a custom config such as ours), fullscreen works as expected.
It might have started after the security backport.
Tested on my Pixel 4a, I've seen the problem both on 13.0.7 and on 13.5a3.
/cc @ma1ma1ma1https://gitlab.torproject.org/tpo/core/arti/-/issues/725Implement replay caches for onion services2024-01-11T15:44:15ZNick MathewsonImplement replay caches for onion servicesWe need to implement replay caches at the onion service to prevent replayed INTRODUCE1 or INTRODUCE2 cells.
These can use a HashSet or a bloom filter. See `rend-spec-v3` section 1.8.We need to implement replay caches at the onion service to prevent replayed INTRODUCE1 or INTRODUCE2 cells.
These can use a HashSet or a bloom filter. See `rend-spec-v3` section 1.8.Arti: Onion service supportIan Jacksoniwj@torproject.orgIan Jacksoniwj@torproject.orghttps://gitlab.torproject.org/tpo/core/arti/-/issues/1038Possibly, lower public part of key-bundle logic from hsclient to hscrypto?2024-01-10T20:11:25ZNick MathewsonPossibly, lower public part of key-bundle logic from hsclient to hscrypto?In `tor_hsclient::keys`, there is some code for managing secret keys from a client. While we decide whether to remove or disable `intro_auth` support there (#1037), we should also decide if it makes sense to lower this code into `tor-h...In `tor_hsclient::keys`, there is some code for managing secret keys from a client. While we decide whether to remove or disable `intro_auth` support there (#1037), we should also decide if it makes sense to lower this code into `tor-hscrypto`, since a lot of it will be shared with `tor-hsservice`.
In particular, we want the _public_ part of a key-bundle to be serialized and deserialized in either the format expected by C tor, or in the format expected by arti (discussed in #1028). Since clients will want to be able to generate and export their public keys, and services will want to be able to read them, it probably makes sense for the data structure itself to be shared.
cc @gabi-250Arti: Onion service supporthttps://gitlab.torproject.org/tpo/core/arti/-/issues/922Default value for "connect to onion services", and configuration2024-01-10T18:08:41ZIan Jacksoniwj@torproject.orgDefault value for "connect to onion services", and configurationWhen we release HS client support, should it be enabled by default right away?
Or should we wait for the planned additional security/privacy/assurance work?
If we want to disable it, are we going to disable it in the build by default, ...When we release HS client support, should it be enabled by default right away?
Or should we wait for the planned additional security/privacy/assurance work?
If we want to disable it, are we going to disable it in the build by default, or by changing the default for `StreamPrefsconnect_to_onion_services`?
There should probably be a config parameter, which should probably populate the stream pref default value? I'll see about making one of those.
CC @nickm @dgouletArti: Onion service supporthttps://gitlab.torproject.org/tpo/community/l10n/-/issues/40078Onboarding trainings for translators2024-01-10T14:05:08ZGabagaba@torproject.orgOnboarding trainings for translatorsInclude onboarding trainings to translators during the Localization Hangout we already host monthlyInclude onboarding trainings to translators during the Localization Hangout we already host monthlySponsor 9 - Phase 6 - Usability and Community Intervention on Support for Democracy and Human Rightsemmapeelemmapeelhttps://gitlab.torproject.org/tpo/web/team/-/issues/49test- and staging- sites are indexed by google2024-01-09T19:47:34ZKeztest- and staging- sites are indexed by googlein donate#13 mattlav discovered that google is indexing our testing and staging sites, and sometimes a search returns results for one of those sites instead of our actual production sites.
we should modify the robots.txt files for these...in donate#13 mattlav discovered that google is indexing our testing and staging sites, and sometimes a search returns results for one of those sites instead of our actual production sites.
we should modify the robots.txt files for these sites to block indexing across the entire sitehttps://gitlab.torproject.org/tpo/core/arti/-/issues/1123Descriptor publisher status2024-01-09T16:43:48Zgabi-250Descriptor publisher statusImplement `Publisher::status()`.Implement `Publisher::status()`.Arti: Onion service supportgabi-250gabi-250https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42229"Default search engines" preference is missing search engines on Android2024-01-09T16:14:46Zclairehurst"Default search engines" preference is missing search engines on Android<!--
* Use this issue template for reporting a new bug.
-->
### Summary
See title and screenshots
### Steps to reproduce:
**How one can reproduce the issue - this is very important.**
1. Go to ⁝ (kebob menu) -> Settings -> Search -> ...<!--
* Use this issue template for reporting a new bug.
-->
### Summary
See title and screenshots
### Steps to reproduce:
**How one can reproduce the issue - this is very important.**
1. Go to ⁝ (kebob menu) -> Settings -> Search -> Default Search
2. Notice that there is only "DuckDuckGo" and "Google"
3. go back to the home screen
4. tap the search icon to the left of the search (i.e. DuckDuckGo icon)
5. notice that there are many more search engine options
### Relevant logs and/or screenshots
![Screenshot_2023-11-01_at_16.10.20](/uploads/dfc69957a46804e00f838477c03258d1/Screenshot_2023-11-01_at_16.10.20.png){width=25%}
![Screenshot_2023-11-01_at_16.09.26](/uploads/32d7dc06800e323c0937902bb803d14a/Screenshot_2023-11-01_at_16.09.26.png){width=25%}clairehurstclairehursthttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40294Client README recommends command-line options rather than bridge line arguments2024-01-05T22:28:35ZDavid Fifielddcf@torproject.orgClient README recommends command-line options rather than bridge line argumentssnowflake-client, for backward compatibility reasons,
accepts some configuration options as command line options (e.g. `-front`, `-ice`)
as an alternative to the (preferred) format of setting those options
in a bridge line (e.g. `front=`...snowflake-client, for backward compatibility reasons,
accepts some configuration options as command line options (e.g. `-front`, `-ice`)
as an alternative to the (preferred) format of setting those options
in a bridge line (e.g. `front=`, `ice=`).
The command-line versions are needed only for very very old versions of tor.
The bridge line args are preferred because the scope of command-line options is global,
while bridge line args are specific to a single tor SOCKS connection
(so you can have multiple bridge lines with different options).
The client README still documents and recommends the old command-line options:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/blob/d434549df88292ff6e61830dc06a49b0ac1b21c6/client/README.md#running-the-snowflake-client-with-tor
> The Snowflake client can be configured with either command line options or SOCKS options. We have a few example `torrc` files in this directory. We recommend the following `torrc` options by default:
>
> ```
> UseBridges 1
>
> ClientTransportPlugin snowflake exec ./client \
> -url https://snowflake-broker.torproject.net.global.prod.fastly.net/ \
> -front cdn.sstatic.net \
> -ice stun:stun.voip.blackberry.com:3478,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478
>
> Bridge snowflake 192.0.2.3:1
> ```
We should update these to recommend bridge line args instead,
as is already the case [in torrc](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/blob/d434549df88292ff6e61830dc06a49b0ac1b21c6/client/torrc).
The command-line options don't even need to be documented IMO.
Here's a case of a user on NTC being confused by the README:
https://ntc.party/t/in-case-snowflake-rendezvous-gets-blocked/1857/28.shelikhooshelikhoohttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41033Prepare Tor Browser Stable 13.0.82023-12-21T16:38:32ZPier Angelo VendramePrepare Tor Browser Stable 13.0.8<details>
<summary>Explanation of variables</summary>
- `$(BUILD_SERVER)` : the server the main builder is using to build a tor-browser release
- `$(BUILDER)` : whomever is building the release on the $(BUILD_SERVER)
- **example** :...<details>
<summary>Explanation of variables</summary>
- `$(BUILD_SERVER)` : the server the main builder is using to build a tor-browser release
- `$(BUILDER)` : whomever is building the release on the $(BUILD_SERVER)
- **example** : `pierov`
- `$(STAGING_SERVER)` : the server the signer is using to to run the signing process
- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc
- **example** : `91.6.0`
- `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version
- **example** : `11`
- `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version
- **example** : either `0` or `5`; Alpha's is always `(Stable + 5) % 10`
- `$(TOR_BROWSER_VERSION)` : the Tor Browser version in the format
- **example** : `12.5a3`, `12.0.3`
- `$(BUILD_N)` : a project's build revision within a its branch; this is separate from the `$(TOR_BROWSER_BUILD_N)` value; many of the Firefox-related projects have a `$(BUILD_N)` suffix and may differ between projects even when they contribute to the same build.
- **example** : `build1`
- `$(TOR_BROWSER_BUILD_N)` : the tor-browser build revision for a given Tor Browser release; used in tagging git commits
- **example** : `build2`
- **NOTE** : A project's `$(BUILD_N)` and `$(TOR_BROWSER_BUILD_N)` may be the same, but it is possible for them to diverge. For example :
- if we have multiple Tor Browser releases on a given ESR branch the two will become out of sync as the `$(BUILD_N)` value will increase, while the `$(TOR_BROWSER_BUILD_N)` value may stay at `build1` (but the `$(TOR_BROWSER_VERSION)` will increase)
- if we have build failures unrelated to `tor-browser`, the `$(TOR_BROWSER_BUILD_N)` value will increase while the `$(BUILD_N)` will stay the same.
- `$(TOR_BROWSER_VERSION)` : the published Tor Browser version
- **example** : `11.5a6`, `11.0.7`
- `$(TBB_BUILD_TAG)` : the `tor-browser-build` build tag used to build a given Tor Browser version
- **example** : `tbb-12.0.7-build1`
</details>
**NOTE** It is assumed that the `tor-browser` stable rebase and security backport tasks have been completed
<details>
<summary>Building</summary>
### tor-browser-build: https://gitlab.torproject.org/tpo/applications/tor-browser-build.git
Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)` (and possibly more specific) branches
- [x] Update `rbm.conf`
- [x] `var/torbrowser_version` : update to next version
- [x] `var/torbrowser_build` : update to `$(TOR_BROWSER_BUILD_N)`
- [x] ***(Desktop Only)***`var/torbrowser_incremental_from` : update to previous Desktop version
- **IMPORTANT**: Really *actually* make sure this is the previous Desktop version or else the `make torbrowser-incrementals-*` step will fail
- [ ] Update Desktop-specific build configs
- [ ] Update `projects/firefox/config`
- [ ] `browser_build` : update to match `tor-browser` tag
- [ ] ***(Optional)*** `var/firefox_platform_version` : update to latest `$(ESR_VERSION)` if rebased
- [ ] Update `projects/translation/config`:
- [ ] run `make list_translation_updates-release` to get updated hashes
- [ ] `steps/base-browser/git_hash` : update with `HEAD` commit of project's `base-browser` branch
- [ ] `steps/base-browser-fluent/git_hash` : update with `HEAD` commit of project's `basebrowser-newidentityftl` branch
- [ ] `steps/tor-browser/git_hash` : update with `HEAD` commit of project's `tor-browser` branch
- [ ] `steps/fenix/git_hash` : update with `HEAD` commit of project's `fenix-torbrowserstringsxml` branch
- [ ] Update Android-specific build configs
- [ ] Update `projects/geckoview/config`
- [ ] `browser_build` : update to match `tor-browser` tag
- [ ] ***(Optional)*** `var/geckoview_version` : update to latest `$(ESR_VERSION)` if rebased
- [ ] ***(Optional)*** Update `projects/tor-android-service/config`
- [ ] `git_hash` : update with `HEAD` commit of project's `main` branch
- [ ] ***(Optional)*** Update `projects/application-services/config`:
**NOTE** we don't currently have any of our own patches for this project
- [ ] `git_hash` : update to appropriate git commit associated with `$(ESR_VERSION)`
- [ ] ***(Optional)*** Update `projects/android-components/config`:
- [ ] `android_components_build` : update to match stable android-components tag
- [ ] ***(Optional)*** Update `projects/fenix/config`
- [ ] `fenix_build` : update to match fenix tag
- [ ] Update allowed_addons.json by running (from `tor-browser-build` root):
- `./tools/fetch_allowed_addons.py > projects/browser/allowed_addons.json`
- [ ] Update common build configs
- [ ] Check for NoScript updates here : https://addons.mozilla.org/en-US/firefox/addon/noscript
- [ ] ***(Optional)*** If new version available, update `noscript` section of `input_files` in `projects/browser/config`
- [ ] `URL`
- [ ] `sha256sum`
- [ ] Check for OpenSSL updates here : https://www.openssl.org/source/
- [ ] ***(Optional)*** If new 1.X.Y version available, update `projects/openssl/config`
- [ ] `version` : update to next 1.X.Y version
- [ ] `input_files/sha256sum` : update to sha256 sum of source tarball
- [ ] Check for zlib updates here: https://github.com/madler/zlib/releases
- [ ] **(Optional)** If new tag available, update `projects/zlib/config`
- [ ] `version` : update to next release tag
- [ ] Check for tor updates here : https://gitlab.torproject.org/tpo/core/tor/-/tags
- [ ] ***(Optional)*** Update `projects/tor/config`
- [ ] `version` : update to latest non `-alpha` tag (ping dgoulet or ahf if unsure)
- [ ] Check for go updates here : https://golang.org/dl
- **NOTE** : Tor Browser Stable uses the latest of the *previous* Stable major series go version (apart from the transition phase from Tor Browser Alpha to Stable, in which case Tor Browser Stable may use the latest major series go version)
- [ ] ***(Optional)*** Update `projects/go/config`
- [ ] `version` : update go version
- [ ] `input_files/sha256sum` for `go` : update sha256sum of archive (sha256 sums are displayed on the go download page)
- [ ] Check for manual updates by running (from `tor-browser-build` root): `./tools/fetch-manual.py`
- [ ] ***(Optional)*** If new version is available:
- [ ] Upload the downloaded `manual_$PIPELINEID.zip` file to `tb-build-02.torproject.org`
- [ ] Deploy to `tb-builder`'s `public_html` directory:
- `sudo -u tb-builder cp manual_$PIPELINEID.zip ~/../tb-builder/public_html/.`
- [ ] Update `projects/manual/config`:
- [ ] Change the `version` to `$PIPELINEID`
- [ ] Update `sha256sum` in the `input_files` section
- [x] Update `ChangeLog.txt`
- [x] Ensure ChangeLog.txt is sync'd between alpha and stable branches
- [x] Check the linked issues: ask people to check if any are missing, remove the not fixed ones
- [x] Run `tools/fetch-changelogs.py $(TOR_BROWSER_VERSION)` or `tools/fetch-changelogs.py '#$(ISSUE_NUMBER)'`
- Make sure you have `requests` installed (e.g., `apt install python3-requests`)
- The first time you run this script you will need to generate an access token; the script will guide you
- [x] Copy the output of the script to the beginning of `ChangeLog.txt` and adjust its output
- **NOTE** : If you used the issue number, you will need to write the Tor Browser version manually
- [ ] ***(Optional)*** Under `All Platforms` include any version updates for:
- [ ] Translations
- [ ] OpenSSL
- [ ] NoScript
- [ ] zlib
- [ ] tor daemon
- [ ] ***(Optional)*** Under `Windows + macOS + Linux` include updates for:
- [ ] Firefox
- [ ] ***(Optional)*** Under `Android`, include updates for:
- [ ] Geckoview
- [ ] ***(Optional)*** Under `Build System/All Platforms` include updates for:
- [ ] Go
- [x] Open MR with above changes
- [x] Merge
- [x] Sign/Tag commit: `make torbrowser-signtag-release`
- [x] Push tag to `origin`
- [x] Build on at least one of:
- Run `make torbrowser-release && make torbrowser-incrementals-release`
- [x] Tor Project build machine
- [x] Local developer machine
- [x] Submit build request to Mullvad infrastructure:
- **NOTE** this requires a devmole authentication token
- Run `make torbrowser-kick-devmole-build`
- [x] Ensure builders have matching builds
</details>
<details>
<summary>Communications</summary>
### notify stakeholders
<details>
<summary>email template</summary>
Subject:
Tor Browser $(TOR_BROWSER_VERION) (Android, Windows, macOS, Linux)
Body:
Hello All,
Unsigned Tor Browser $(TOR_BROWSER_VERSION) release candidate builds are now available for testing:
- https://tb-build-05.torproject.org/~$(BUILDER)/builds/release/unsigned/$(TOR_BROWSER_VERSION)/
The full changelog can be found here:
- https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/$(TBB_BUILD_TAG)/ChangeLog.txt
</details>
- [ ] Email tor-qa mailing list: tor-qa@lists.torproject.org
- ***(Optional)*** Additional information:
- [ ] Note any new functionality which needs testing
- [ ] Link to any known issues
- [x] Email packagers:
- Recipients:
- Tails dev mailing list: tails-dev@boum.org
- Guardian Project: nathan@guardianproject.info
- torbrowser-launcher: micah@micahflee.com
- FreeBSD port: freebsd@sysctl.cz <!-- Gitlab user maxfx -->
- OpenBSD port: caspar@schutijser.com <!-- Gitlab user cschutijser -->
- [ ] ***(Optional)*** Note any changes which may affect packaging/downstream integration
</details>
<details>
<summary>Signing</summary>
### signing
- **NOTE** : In practice, it's most efficient to have the blog post and website updates ready to merge, since signing doesn't take very long
- [x] On `$(STAGING_SERVER)`, ensure updated:
- [x] `tor-browser-build` is on the right commit: `git tag -v tbb-$(TOR_BROWSER_VERSION)-$(TOR_BROWSER_BUILD_N) && git checkout tbb-$(TOR_BROWSER_VERSION)-$(TOR_BROWSER_BUILD_N)`
- [x] `tor-browser-build/tools/signing/set-config.hosts`
- `ssh_host_builder` : ssh hostname of machine with unsigned builds
- **NOTE** : `tor-browser-build` is expected to be in the `$HOME` directory)
- `ssh_host_linux_signer` : ssh hostname of linux signing machine
- [x] `tor-browser-build/tools/signing/set-config.rcodesign-appstoreconnect`
- `appstoreconnect_api_key_path` : path to json file containing appstoreconnect api key infos
- [x] `set-config.update-responses`
- `update_responses_repository_dir` : directory where you cloned `git@gitlab.torproject.org:tpo/applications/tor-browser-update-responses.git`
- [x] `tor-browser-build/tools/signing/set-config.tbb-version`
- `tbb_version` : tor browser version string, same as `var/torbrowser_version` in `rbm.conf` (examples: `11.5a12`, `11.0.13`)
- `tbb_version_build` : the tor-browser-build build number (if `var/torbrowser_build` in `rbm.conf` is `buildN` then this value is `N`)
- `tbb_version_type` : either `alpha` for alpha releases or `release` for stable releases
- [x] On `$(STAGING_SERVER)` in a separate `screen` session, ensure tor daemon is running with SOCKS5 proxy on the default port 9050
- [x] run do-all-signing script:
- `cd tor-browser-build/tools/signing/`
- `./do-all-signing.torbrowser`
- **NOTE**: at this point the signed binaries should have been copied to `staticiforme`
- [x] Update `staticiforme.torproject.org`:
- From `screen` session on `staticiforme.torproject.org`:
- [x] Static update components : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org`
- [x] Enable update responses : `sudo -u tb-release ./deploy_update_responses-release.sh`
- [x] Remove old release data from following places:
- **NOTE** : Skip this step if we need to hold on to older versions for some reason (for example, this is an Andoid or Desktop-only release, or if we need to hold back installers in favor of build-to-build updates if there are signing issues, etc)
- [x] `/srv/cdn-master.torproject.org/htdocs/aus1/torbrowser`
- [ ] `/srv/dist-master.torproject.org/htdocs/torbrowser`
- [x] Static update components (again) : `static-update-component cdn.torproject.org && static-update-component dist.torproject.org`
- [ ] Publish APKs to Google Play:
- Log into https://play.google.com/apps/publish
- Select `Tor Browser` app
- Navigate to `Release > Production` and click `Create new release` button:
- Upload the `tor-browser-android-*.apk` APKs
- Update Release Name to Tor Browser version number
- Update Release Notes
- Next to 'Release notes', click `Copy from a previous release`
- Edit blog post url to point to most recent blog post
- Save, review, and configure rollout percentage
- [ ] 25% rollout when publishing a scheduled update
- [ ] 100% rollout when publishing a security-driven release
- [ ] Update rollout percentage to 100% after confirmed no major issues
</details>
<details>
<summary>Signature verification</summary>
<details>
<summary>Check whether the .exe files got properly signed and timestamped</summary>
```
# Point OSSLSIGNCODE to your osslsigncode binary
pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION
OSSLSIGNCODE=/path/to/osslsigncode
../../../tools/authenticode_check.sh
popd
```
</details>
<details>
<summary>Check whether the MAR files got properly signed</summary>
```
# Point NSSDB to your nssdb containing the mar signing certificate
# Point SIGNMAR to your signmar binary
# Point LD_LIBRARY_PATH to your mar-tools directory
pushd tor-browser-build/${channel}/signed/$TORBROWSER_VERSION
NSSDB=/path/to/nssdb
SIGNMAR=/path/to/mar-tools/signmar
LD_LIBRARY_PATH=/path/to/mar-tools/
../../../tools/marsigning_check.sh
popd
```
</details>
</details>
<details>
<summary>Publishing</summary>
### website: https://gitlab.torproject.org/tpo/web/tpo.git
- [x] `databags/versions.ini` : Update the downloads versions
- `torbrowser-stable/version` : sort of a catch-all for latest stable version
- `torbrowser-alpha/version` : sort of a catch-all for latest stable version
- `torbrowser-*-stable/version` : platform-specific stable versions
- `torbrowser-*-alpha/version` : platform-specific alpha versions
- `tor-stable`,`tor-alpha` : set by tor devs, do not touch
- [x] Push to origin as new branch, open 'Draft :' MR
- [x] Remove `Draft:` from MR once signed-packages are uploaded
- [x] Merge
- [x] Publish after CI passes and builds are published
### blog: https://gitlab.torproject.org/tpo/web/blog.git
- [x] Duplicate previous Stable or Alpha release blog post as appropriate to new directory under `content/blog/new-release-tor-browser-$(TOR_BROWSER_VERSION)` and update with info on release :
- [x] Run `tools/signing/create-blog-post` which should create the new blog post from a template (edit set-config.blog to set you local blog directory)
- [ ] Update Tor Browser version numbers
- [ ] Note any ESR rebase
- [ ] Link to any Firefox security updates from ESR upgrade
- [ ] Link to any Android-specific security backports
- [ ] Note any updates to :
- tor
- OpenSSL
- NoScript
- [ ] Convert ChangeLog.txt to markdown format used here by :
- `tor-browser-build/tools/changelog-format-blog-post`
- [x] Push to origin as new branch, open `Draft:` MR
- [x] Remove `Draft:` from MR once signed-packages are uploaded
- [x] Merge
- [x] Publish after CI passes and website has been updated
### tor-announce mailing list
<details>
<summary>email template</summary>
Subject:
New Release: Tor Browser $(TOR_BROWSER_VERSION) (Android, Windows, macOS, Linux)
Body:
Hi everyone,
Tor Browser $(TOR_BROWSER_VERSION) has now been published for all platforms. For details please see our blog post:
- $(BLOG_POST_URL)
</details>
- [x] Email tor-announce mailing list: tor-announce@lists.torproject.org
- **(Optional)** Additional information:
- [x] Link to any known issues
</details>https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/17560Downloaded URLs disk leak on Linux2023-12-18T10:10:42ZGeorg KoppenDownloaded URLs disk leak on LinuxA user on the blog (https://blog.torproject.org/blog/tor-browser-504-released#comment-114195) mentioned that Browser/.local/share/gvfs-metadata/ leaks the URLs downloaded.A user on the blog (https://blog.torproject.org/blog/tor-browser-504-released#comment-114195) mentioned that Browser/.local/share/gvfs-metadata/ leaks the URLs downloaded.ma1ma1https://gitlab.torproject.org/tpo/network-health/tor-weather/-/issues/10Adapt _getVersionDetails() where needed2023-12-13T15:57:22ZGeorg KoppenAdapt _getVersionDetails() where neededLooking over the `RelayClass` methods `_getVersionDetails()` stood out a bit. It contains:
```
return {
"id": relay.get("version"),
"status": relay.get("versionStatus"),
"recommended": relay.ge...Looking over the `RelayClass` methods `_getVersionDetails()` stood out a bit. It contains:
```
return {
"id": relay.get("version"),
"status": relay.get("versionStatus"),
"recommended": relay.get("recommendedVersion"),
"platform": relay.get("platform"),
}
```
I was wondering why `platform` is a version detail. Maybe we should separate that one out? And then a version is not really an id, in particular as a ton of relays will have the same version. So, maybe we could just replace "id" with "version"?