The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-02-21T19:12:25Zhttps://gitlab.torproject.org/tpo/core/torspec/-/issues/24PT_LOG and PT_STATUS event fields unspecifed2022-02-21T19:12:25ZDamian JohnsonPT_LOG and PT_STATUS event fields unspecifedRecently Tor added PT_LOG and PT_STATUS events to the spec...
https://gitweb.torproject.org/torspec.git/commit/?id=3028cf1
https://gitweb.torproject.org/torspec.git/commit/?id=b38257e
Unfortunately the 'pt-spec.txt section 3.3.5' secti...Recently Tor added PT_LOG and PT_STATUS events to the spec...
https://gitweb.torproject.org/torspec.git/commit/?id=3028cf1
https://gitweb.torproject.org/torspec.git/commit/?id=b38257e
Unfortunately the 'pt-spec.txt section 3.3.5' section they mention does not exist, and in looking around I can't find anything that describes what these event fields are defined as ('PT=' 'TYPE=', 'CONNECT=', etc).
I started to write a stem parser for these but can't continue until this is done (I can't parse events without knowing what fields they include).
David is aware of this and plans to has kindly offered to add the missing info...
```
22:24 <+atagar> dgoulet: Your control-spec addition to descript PT_LOG and PT_STATUS
cite a pt-spec section 3.3.4 which does not exist.
22:24 <+atagar> s/descript/describe
22:29 <+atagar> dgoulet: Huh. I'm not spotting anything that lists the keyword
arguments ('PT=' and 'SEVERITY=') so guess the sections simply
missing from the spec. I need that for stem support so please
give me a nudge when the event spec's done. :)
22:59 <+dgoulet> atagar: oh hmmm I'll fix that sorry
23:17 <+atagar> Thanks! Much appreciated. :)
```https://gitlab.torproject.org/tpo/core/torspec/-/issues/23Describe consensus digest calculation2022-02-21T19:12:25ZDamian JohnsonDescribe consensus digest calculationHi lovely network team folks. No doubt I'm being blind but I'm having difficulty figuring out how to calculate network status document digests.
During the voting period (minutes 55-60 of the hour) I fetched the detached signatures and u...Hi lovely network team folks. No doubt I'm being blind but I'm having difficulty figuring out how to calculate network status document digests.
During the voting period (minutes 55-60 of the hour) I fetched the detached signatures and upcoming consensus. The detached signatures cite the digest...
```
% curl http://128.31.0.39:9131/tor/status-vote/next/consensus-signatures > sigs
% curl http://128.31.0.39:9131/tor/status-vote/next/consensus > next_consensus
% grep consensus-digest sigs
consensus-digest 296BA01987256A1C8EFB20E17667152DCFA50755
```
But in trying hex encoded sha1s of various ranges of the consensus I'm having difficulty getting a value that matches that. No doubt I'm missing something but the spec is unhelpfully vague saying simply 'this is the digest' without citing a section describing how it's calculated...
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n3309
It's probably buried in there somewhere but I've skimmed through the spec a few times and it's not jumping out at me. Mind clarifying in the spec how to calculate this?
Thanks!https://gitlab.torproject.org/tpo/core/torspec/-/issues/20Clarify the bandwidth part of dir-spec2022-02-21T19:12:25ZteorClarify the bandwidth part of dir-specPeople keep asking about the precise meaning of relay bandwidths. We should make the spec clearer:
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n424
In particular:
* there is a separate limit on inbound and outbound traf...People keep asking about the precise meaning of relay bandwidths. We should make the spec clearer:
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n424
In particular:
* there is a separate limit on inbound and outbound traffic
* traffic includes origin circuits and BEGINDIR requests
* let's check if traffic includes DirPort, I think it would have to
There may also be more feedback in legacy/trac#25854.
I'm tagging this fast-fix, because I can fix it fast, and it will save me time when I next explain it.https://gitlab.torproject.org/tpo/core/torspec/-/issues/15CIRC_BW is only for origin circuits2022-02-21T19:13:04ZteorCIRC_BW is only for origin circuitsThe CIRC_BW event is only sent for origin circuits:
https://github.com/torproject/torspec/blob/master/control-spec.txt#L2990
We should update the control spec:
https://lists.torproject.org/pipermail/tor-relays/2018-December/016696.htmlThe CIRC_BW event is only sent for origin circuits:
https://github.com/torproject/torspec/blob/master/control-spec.txt#L2990
We should update the control spec:
https://lists.torproject.org/pipermail/tor-relays/2018-December/016696.htmlhttps://gitlab.torproject.org/tpo/core/torspec/-/issues/13List all valid DirPort urls2022-02-21T19:12:26ZDamian JohnsonList all valid DirPort urlsHi network team. Every so often folks stumble on DirPort resources Stem doesn't recognize...
https://trac.torproject.org/projects/tor/ticket/30930
https://trac.torproject.org/projects/tor/ticket/31187
Unfortunately section 'B' is the c...Hi network team. Every so often folks stumble on DirPort resources Stem doesn't recognize...
https://trac.torproject.org/projects/tor/ticket/30930
https://trac.torproject.org/projects/tor/ticket/31187
Unfortunately section 'B' is the closest enumeration we have, but even it doesn't include everything...
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n3888
Could we spec a listing of all urls the DirPort supports (similar to the GETINFO section in the control-spec)?
Thanks!https://gitlab.torproject.org/tpo/core/torspec/-/issues/7Authorization types for v3 onion service have to be clarified in documentation2022-04-21T16:40:01ZTracAuthorization types for v3 onion service have to be clarified in documentationProblem 1. Official [[https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt|spec]] mentions stealth auth:
> [TODO: Also specify stealth client authorization.].
However, stealth auth is only used for v2 onion services. It sh...Problem 1. Official [[https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt|spec]] mentions stealth auth:
> [TODO: Also specify stealth client authorization.].
However, stealth auth is only used for v2 onion services. It should be fixed.
----
Problem 2. According to teor's [[https://trac.torproject.org/projects/tor/ticket/20700#comment:23|comment]] the following auth types were planned: 'descriptor', 'intro', and 'standard'. However, only 'descriptor' type is documented by spec (man page for tor alpha refers to spec for details). Other auth types are not documented at all, though spec gives a strong impression that 'descriptor' is only one of possible authentication types.
If tor project already has some understanding of these future planned auth types, they must be described at least in tickets. If it is not the case, somewhere (e.g. in man page which now refers to spec) we should write that 'descriptor' is the only auth type which will be supported in foreseeable future.
**Trac**:
**Username**: geoiphttps://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/17Write another 'advanced' onion service page: how to scale your onion2023-12-04T21:59:53ZRoger DingledineWrite another 'advanced' onion service page: how to scale your onionWe should have another advanced onion service doc page, where we talk about onionbalance, and we talk about setting up a reverse proxy and give warnings about only proxying to https, and we talk about how the current onion service protoc...We should have another advanced onion service doc page, where we talk about onionbalance, and we talk about setting up a reverse proxy and give warnings about only proxying to https, and we talk about how the current onion service protocol has DoS vulnerabilities and sketch out the future solutions we're imagining.
See also https://gitlab.torproject.org/tpo/web/community/-/issues/114 which is onionbalance-specific.https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/14Provide advice on the best way to monitor availability2023-12-05T14:53:12ZGusProvide advice on the best way to monitor availabilityNY Times and other onions wants a way to monitor their onion. @dgoulet might can help us here.NY Times and other onions wants a way to monitor their onion. @dgoulet might can help us here.Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/web/support/-/issues/117Remove offensive terminology2020-10-09T15:20:14ZGusRemove offensive terminologyI've found some "whitelist" and "blacklist" in our support docs, and we should replace that with a better terminology. See:
https://tools.ietf.org/id/draft-knodel-terminology-00.html#rfc.section.1.2I've found some "whitelist" and "blacklist" in our support docs, and we should replace that with a better terminology. See:
https://tools.ietf.org/id/draft-knodel-terminology-00.html#rfc.section.1.2GusGushttps://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/56Packages wiki page getting discontinued2021-10-21T15:17:20ZGabagaba@torproject.orgPackages wiki page getting discontinuedAtagar is not going to keep maintaining https://trac.torproject.org/projects/tor/wiki/doc/packages
I'm opening this ticket to make a decision if it needs to be moved into gitlab and continue to exist.
https://gitweb.torproject.org/doct...Atagar is not going to keep maintaining https://trac.torproject.org/projects/tor/wiki/doc/packages
I'm opening this ticket to make a decision if it needs to be moved into gitlab and continue to exist.
https://gitweb.torproject.org/doctor.git/tree/package_versions.py would have to get adapted to gitlab.https://gitlab.torproject.org/tpo/core/tor/-/issues/40044doc: Move manpages to doc/man/2021-07-22T16:18:20ZDavid Gouletdgoulet@torproject.orgdoc: Move manpages to doc/man/In an attempt to bring order to chaos in `doc/`, I would like to move the manpages to their directory named `man/`. It is a common practice to put all manpages in one place and usually it is `man/`.
This is quite simple change.In an attempt to bring order to chaos in `doc/`, I would like to move the manpages to their directory named `man/`. It is a common practice to put all manpages in one place and usually it is `man/`.
This is quite simple change.Tor: unspecifiedDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40003Update bridgedb-metrics spec to align with version 2 of metrics format2020-07-15T21:38:54ZhanneloresxUpdate bridgedb-metrics spec to align with version 2 of metrics formatWhile looking at #32117, I saw that a couple of lines on the bridgedb-metrics spec had not been updated to refer to the latest version 2 and could use some updates on the internal metrics that were added. Namely, I had trouble understan...While looking at #32117, I saw that a couple of lines on the bridgedb-metrics spec had not been updated to refer to the latest version 2 and could use some updates on the internal metrics that were added. Namely, I had trouble understanding what the internal metrics were measuring just from reading the spec, and the SUBRING field was not defined.hanneloresxhanneloresxhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40031Documentation is outdated in HACKING/GettingStarted.md2020-08-18T16:35:56ZGuinnessDocumentation is outdated in HACKING/GettingStarted.mdWhile handling #33741, I saw in the mentioned file that the documentation states :
```
8. Submitting your patch
...While handling #33741, I saw in the mentioned file that the documentation states :
```
8. Submitting your patch
We review patches through tickets on our bugtracker at
[trac](https://trac.torproject.org). You can either upload your patches there, or
put them at a public git repository somewhere we can fetch them
(like gitlab, github or bitbucket) and then paste a link on the appropriate
trac ticket.
```
This is not true anymore as we use Gitlab.
I can modify this to give the gitlab link and add a sentence saying that if users want to use gitlab, they need to ask for an account.
I will then make two separated MR for #33741 and this issue.GuinnessGuinnesshttps://gitlab.torproject.org/tpo/web/community/-/issues/142FAQ - more questions to add to the FAQ2021-08-23T16:31:49ZGabagaba@torproject.orgFAQ - more questions to add to the FAQThere were a bunch of questions coming up from the session that Phw did on "Circumventing Internet Censorship with Tor" on June 2020. It would be great to add them to a FAQ with the answers.
Questions from participants:
1. [David F.] ...There were a bunch of questions coming up from the session that Phw did on "Circumventing Internet Censorship with Tor" on June 2020. It would be great to add them to a FAQ with the answers.
Questions from participants:
1. [David F.] There are many search results for "Tor" in app stores. What Tor mobile apps are safe to use?
http://4bflp2c4tnynnbes.onion/tormobile/
http://4bflp2c4tnynnbes.onion/tormobile/tormobile-1/
2. [David F.] Where can someone ask questions about Tor and get support?
http://4bflp2c4tnynnbes.onion/get-in-touch/
3. [anadahz] What happens if an ISP blocks all/some Tor directory authorities? a. As a relay operator: Can I setup a relay on this ISP? b. As a user: Can I connect to Tor (and hope fallback dirs will work)?
https://gitlab.torproject.org/tpo/web/support/-/issues/116
4. [federico] How does Salmon identifies users? If a censor uses dynamic IP addresses to fetch bridges, will future users connecting from those addresses be affected?
Salmon is production ready? If so, we can add to support.tpo,
5. [Reethika] Have you found any interesting issues in your usability studies that you can share with us? Do you have special IRC channels to brainstorm solutions for these usability issues?
https://community.torproject.org/user-research/
=> We are resuming our open meetings next Tuesday in IRC! the details are here https://gitlab.torproject.org/tpo/ux/team/-/wikis/home [antonela]
6. [anadahz] How can one help Tor network grow and became more diverse?
7. [Oliver L] Are Tor Onionservices already safe against DDoS attacks. I know there have been some fixes in the last year. I hope the question has not yet been answered in the presentation, unfortunately I came a little late ;-)
8. [Arturo] How can the internet measurement community (OONI, RIPE, M-Lab, ICLab, etc.) support your work? Are there any gaps we can help meet?
9. [David F.] What is involved in creating a new pluggable transport?
#dev portal?
10. [Arturo] What are the challenges that come with making tools like Tor work in places that have advanced internet censorship? Meek works in China, but it's expensive. What is the real big challenge?
11. [Jack Wampler] ​Would a larger number of bridges help to fight bridge enumeration and scraping from bridge db or is the challenge in distribution itself (i.e. deploying salmon)?GusGushttps://gitlab.torproject.org/tpo/web/support/-/issues/116[Operators] New question - What happens if an ISP blocks some Tor dir auths?2023-11-22T13:04:18ZGus[Operators] New question - What happens if an ISP blocks some Tor dir auths? What happens if an ISP blocks all/some Tor directory authorities? a. As a relay operator: Can I setup a relay on this ISP? b. As a user: Can I connect to Tor (and hope fallback dirs will work)? What happens if an ISP blocks all/some Tor directory authorities? a. As a relay operator: Can I setup a relay on this ISP? b. As a user: Can I connect to Tor (and hope fallback dirs will work)?https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/7Add a short FAQ to snowflake.tp.o2021-06-17T14:13:21ZArlo BreaultAdd a short FAQ to snowflake.tp.oThis should include explanations for the missing feature error messages. See comment:13:ticket:31391This should include explanations for the missing feature error messages. See comment:13:ticket:31391https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-mobile/-/issues/8A Readme file for the project.2020-07-08T16:50:12ZHashikDA Readme file for the project.Add a readme file to the project to help future contributors.Add a readme file to the project to help future contributors.HashikDHashikDhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40009addr: Function is_local_addr() looks at the /24 for IPv42021-07-22T16:18:20ZDavid Gouletdgoulet@torproject.orgaddr: Function is_local_addr() looks at the /24 for IPv4But the rest of tor, including its documentation (see `EnforceDistinctSubnets`), looks at `/16` for IPv4.
Basically, the function `addrs_in_same_network_family()` hard codes the `/16` validation but yet the `is_local_addr()` used by the...But the rest of tor, including its documentation (see `EnforceDistinctSubnets`), looks at `/16` for IPv4.
Basically, the function `addrs_in_same_network_family()` hard codes the `/16` validation but yet the `is_local_addr()` used by the channeltls.c and dircache.c use `/24`.
We ought to find out why? And probably fix that asap if this discrepancy is involuntary.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/network-health/sbws/-/issues/40002Change the references to git.tpo to Gitlab git in the documentation2021-08-09T15:46:54ZjugaChange the references to git.tpo to Gitlab git in the documentationsbws: unspecifiedGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/community/support/-/issues/40001Review and suggest improvements on communitydocs.accessnow.org2021-10-07T22:30:14ZGusReview and suggest improvements on communitydocs.accessnow.orgNow that Access Now published their support templates, we should review and suggest changes (if any) about Tor.
https://communitydocs.accessnow.org/
This issue is being tracked in Access Now Helpline's Gitlab: https://gitlab.com/Access...Now that Access Now published their support templates, we should review and suggest changes (if any) about Tor.
https://communitydocs.accessnow.org/
This issue is being tracked in Access Now Helpline's Gitlab: https://gitlab.com/AccessNowHelpline/community-documentation/-/issues/2GusGus