The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2021-11-09T08:41:14Zhttps://gitlab.torproject.org/tpo/network-health/team/-/issues/133Badexit 55CED4A423E105D474961082FD352E67B63BE824 for misconfiguration2021-11-09T08:41:14ZGeorg KoppenBadexit 55CED4A423E105D474961082FD352E67B63BE824 for misconfigurationThe exitpolicy of that relay allows exiting essentially just to some CDNs/cloud services (fastly, cloudflare, aws) and some universities (mit, umichigan). So, it's pretty useless for the day-to-day exit requirements of our users. This se...The exitpolicy of that relay allows exiting essentially just to some CDNs/cloud services (fastly, cloudflare, aws) and some universities (mit, umichigan). So, it's pretty useless for the day-to-day exit requirements of our users. This seems to be a misconfiguration, so we badexit the relay.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/team/-/issues/82Badexit 74417ED3E7294AB771655BB0D07F501A5FC97BEB for censoring blender.io (Op...2021-07-08T12:07:15ZGeorg KoppenBadexit 74417ED3E7294AB771655BB0D07F501A5FC97BEB for censoring blender.io (OpenDNS)`bermuda` caught `74417ED3E7294AB771655BB0D07F501A5FC97BEB` censoring
blender.io. I confirmed that via Tor Browser where I got a wrong cert
from OpenDNS...`bermuda` caught `74417ED3E7294AB771655BB0D07F501A5FC97BEB` censoring
blender.io. I confirmed that via Tor Browser where I got a wrong cert
from OpenDNS...Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/team/-/issues/339BadExit for https://t.me timeouts2023-12-19T10:58:26ZcypherpunksBadExit for https://t.me timeoutse.g. 104.192.3.74e.g. 104.192.3.74Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/team/-/issues/255Badexit tornode2022 exits2022-09-06T08:27:27ZGeorg KoppenBadexit tornode2022 exitsOne [relay]() already got the badexit flag as it was having (unfixed) DNS issues but there are more which should get treated the same:
```
1C6E1C60B60D3FF0CA864A8F1BDC4801E033195E
6FB44D5B092A42B590DF5FC34C6C6665285BE5DD
9651C8033E519BBE...One [relay]() already got the badexit flag as it was having (unfixed) DNS issues but there are more which should get treated the same:
```
1C6E1C60B60D3FF0CA864A8F1BDC4801E033195E
6FB44D5B092A42B590DF5FC34C6C6665285BE5DD
9651C8033E519BBE55E4A5B8C1F7504D72D09319
```
The first two block at least facebook.com while the latter has even more general DNS resolution issues.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/sbws/-/issues/40179Bandwidth files in v3bw dir can't be read by a different user other than sbws...2023-11-13T15:35:49ZjugaBandwidth files in v3bw dir can't be read by a different user other than sbws userFiles inside `v3bw` have perimssions `600` and are owned by `sbws` user.
Directory `v3bw` have permissions `700` and is owned by `sbws` user.
The files in `v3bw` directory needs to be readable by either a `tor` or `rsync` users.
This is...Files inside `v3bw` have perimssions `600` and are owned by `sbws` user.
Directory `v3bw` have permissions `700` and is owned by `sbws` user.
The files in `v3bw` directory needs to be readable by either a `tor` or `rsync` users.
This issue was introduced by #40162 (pen-torproject#2)sbws: 1.8.x-finaljugajugahttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40833base-browser nightly is using the default channel instead of nightly2023-04-18T06:56:46Zboklmbase-browser nightly is using the default channel instead of nightlybase-browser nightly is missing `--enable-update-channel=[% c("var/channel") %]` in `projects/firefox/build`.base-browser nightly is missing `--enable-update-channel=[% c("var/channel") %]` in `projects/firefox/build`.boklmboklmhttps://gitlab.torproject.org/tpo/web/snowflake/-/issues/3Basic front-end development for snowflake.torproject.org2024-03-06T13:40:23ZAshish SoniBasic front-end development for snowflake.torproject.orgConvert the design( #2) into code for a new landing page. Using HTML, CSS, BootStrap 5.3.0v integrated with lektor.
TO-DOs
* [x] Code Section - 1 (get-snowflake)
* [x] Code Section - 2 (use-snowflake)
* [x] Code Section - 3 (donate-ban...Convert the design( #2) into code for a new landing page. Using HTML, CSS, BootStrap 5.3.0v integrated with lektor.
TO-DOs
* [x] Code Section - 1 (get-snowflake)
* [x] Code Section - 2 (use-snowflake)
* [x] Code Section - 3 (donate-bandwidth)
* [x] Code Section - 4 (faqs)
* [x] Add Navbar
* [x] Make Website Responsive
* [ ] Multilingual SupportAshish SoniAshish Sonihttps://gitlab.torproject.org/tpo/core/arti/-/issues/6Better type for ed25519 identifiers2020-10-15T16:57:11ZNick MathewsonBetter type for ed25519 identifiersWe validate ed25519 public keys every time we read them. I should benchmark that, but I think it could be more expensive than we want. I should make a better type here.We validate ed25519 public keys every time we read them. I should benchmark that, but I think it could be more expensive than we want. I should make a better type here.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42389Betterboxing: gradient is never shown2024-02-07T17:58:03ZThorinBetterboxing: gradient is never shownwindows: theme is system auto (and OS is dark) cc: @ma1
![lbgradient](/uploads/91b640d9aa2a359bceb4616b2e1c4acc/lbgradient.png)windows: theme is system auto (and OS is dark) cc: @ma1
![lbgradient](/uploads/91b640d9aa2a359bceb4616b2e1c4acc/lbgradient.png)ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42390Betterboxing: make the decorator border disappear when the corners are flat2024-02-08T14:48:36Zma1Betterboxing: make the decorator border disappear when the corners are flatReported by @thorin, who provided also the screenshot: the decorator line from #42387, which should usually blend with the letterboxing background, is unpleasantly visible when the window is at letterboxing-rounded size.
Since the decor...Reported by @thorin, who provided also the screenshot: the decorator line from #42387, which should usually blend with the letterboxing background, is unpleasantly visible when the window is at letterboxing-rounded size.
Since the decorator is useful only when the corners are rounded, and we auto-flatten them whenever the letterboxing margin is less than the rounded corners radius, we can hide the decorator as soon as the corner are flattened and bring it back when they're rounded again.
While we're here, per @donuts 's request, we'll remove the thin shadow separating the toolbar from the browser content, originally implemented in https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/886#note_2984761.
![image](/uploads/d71b4fefac2cce27f0ecb62d18a6b909/image.png)ma1ma1https://gitlab.torproject.org/tpo/web/donate-static/-/issues/94Bitcoin ticker on donate.torproject.org/cryptocurrency is incorrect2022-10-13T21:42:52Zal smithBitcoin ticker on donate.torproject.org/cryptocurrency is incorrectHi! The ticker / abbreviation for Bitcoin on donate.torproject.org/cryptocurrency is incorrect. It has been wrong for quite a while, so it's not the result of any recent changes. I am just finally getting around to filing a ticket. Circl...Hi! The ticker / abbreviation for Bitcoin on donate.torproject.org/cryptocurrency is incorrect. It has been wrong for quite a while, so it's not the result of any recent changes. I am just finally getting around to filing a ticket. Circled below is the problem. The text should be changed from "XBT" to "BTC."
![Screen_Shot_2022-10-13_at_1.26.06_PM](/uploads/63727c5ca0867be2fc46d127ff0c1530/Screen_Shot_2022-10-13_at_1.26.06_PM.png)https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42194Blank Net Error page on name resolution failure2024-01-15T16:34:09ZhenryBlank Net Error page on name resolution failureNoticed in tor browser 13.0. Not reproducible in tor browser 12.5, or latest firefox.
## Steps to reproduce
1. Connect to tor.
2. Type in the urlbar "https:xxxxx"
## Result
Net error page is empty apart from a single "Try Again" butt...Noticed in tor browser 13.0. Not reproducible in tor browser 12.5, or latest firefox.
## Steps to reproduce
1. Connect to tor.
2. Type in the urlbar "https:xxxxx"
## Result
Net error page is empty apart from a single "Try Again" button.
## Expect
A not found page.
## Log
Error in stderr:
> [notice] Have tried resolving or connecting to address '[scrubbed]' at 3 different places. Giving up.
>
> JavaScript error: undefined, line 0: Error: Missing host permission for the tab
>
> JavaScript error: resource://gre/modules/URIFixup.sys.mjs, line 626: NS_ERROR_UNKNOWN_PROXY_HOST: Component returned failure code: 0x804b002a (NS_ERROR_UNKNOWN_PROXY_HOST) [nsIDNSService.asyncResolve]
>
> JavaScript error: resource://gre/modules/URIFixup.sys.mjs, line 626: NS_ERROR_UNKNOWN_PROXY_HOST: Component returned failure code: 0x804b002a (NS_ERROR_UNKNOWN_PROXY_HOST) [nsIDNSService.asyncResolve]
>
> JavaScript error: chrome://global/content/aboutNetError.mjs, line 424: InvalidStateError: An exception was thrown
And in the net error page's console:
> Uncaught (in promise) DOMException: An exception was thrown
>
> initPage chrome://global/content/aboutNetError.mjs:424
>
> <anonymous> chrome://global/content/aboutNetError.mjs:1570
It seems that `RPMCheckAlternateHostAvailable` is throwing.ma1ma1https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/27block /webhook/ on irc bot2020-06-23T20:27:06Zanarcatblock /webhook/ on irc botthe irc bot has /webhook/ wide open to the world right now, and without a password. block the /webhook/ route in nginx and restrict it to the gitlab host.the irc bot has /webhook/ wide open to the world right now, and without a password. block the /webhook/ route in nginx and restrict it to the gitlab host.anarcatanarcathttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40455Block or recover background requests after bootstrap2021-07-07T06:15:55ZMatthew FinkelBlock or recover background requests after bootstrapWith #27476, background requests fail before bootstrapping completes because Tor rejects the proxy request. In some instances, these requests are not retried again, in others they are retried after a long period, and in others they are r...With #27476, background requests fail before bootstrapping completes because Tor rejects the proxy request. In some instances, these requests are not retried again, in others they are retried after a long period, and in others they are retried within a short period.
Known background requests:
- HTTPS Everywhere ruleset updates
- Mozilla Blocklist updates
- Tor Browser Updates
We know https-everywhere does not handle fetch failures, and only tries fetching updates again after 24 hours. I believe we can send a `update_update_channel` message, similar to our behavior in febcaf62ee9a85b2c3be638275ae063d34f46e76, and force an update after we successfully bootstrap.
For Firefox's background updates, we may be able to take advantage of Firefox's `offline` mode (`Service.io.offline`), and Firefox will delay updates until we're "online":
- https://searchfox.org/mozilla-central/source/netwerk/base/nsIIOService.idl#160
- https://searchfox.org/mozilla-central/source/netwerk/base/nsIOService.cpp#1228Tor Browser: 10.5richardrichardhttps://gitlab.torproject.org/tpo/tpa/team/-/issues/9721blog aggregator for Tor project members & friends?2020-09-30T19:52:53ZErinn Clarkblog aggregator for Tor project members & friends?Today was I was reading through http://planet.debian.org and thinking how I wished there were a Tor equivalent. There are some problems with this, the first one being that Tor developers are not frequent bloggers, and, to the extent that...Today was I was reading through http://planet.debian.org and thinking how I wished there were a Tor equivalent. There are some problems with this, the first one being that Tor developers are not frequent bloggers, and, to the extent that they are, pretty much all of the relevant stuff ends up on our official blog. There is also the issue that if this is an "official" project by us, it may be subject to some kind of speech-policing because of funders. (Maybe this is not an issue? I think a well-curated blog is unlikely to trigger problems, but would like advice here.)
So, all that said, we know researchers, academic and otherwise, who write interesting blog entries, in addition to a wider community of privacy & security advocates. I think this would be a fun way to get people drawn into the community as well as giving us a more or less central area to point people to if they want to keep in touch with what's going on from people we trust, rather than having to rely on often-crappy news articles.
Thoughts?
And BTW I offer to be involved in setup & maintenance of such a service . Assigning to ponies because I effectively want a pony here.Alexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/web/blog/-/issues/40062blog tag form-990 is a 4042023-10-31T16:10:20ZRoger Dingledineblog tag form-990 is a 404https://support.torproject.org/misc/misc-3/
sends me to
https://blog.torproject.org/category/tags/form-990
which is a 404.
We should either resurrect that blog tag (which might be smart for the outside world that uses a link like tha...https://support.torproject.org/misc/misc-3/
sends me to
https://blog.torproject.org/category/tags/form-990
which is a 404.
We should either resurrect that blog tag (which might be smart for the outside world that uses a link like that still), or find a new tag that pulls together each of our financial transparency reports and fix the support page.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32228Bookmark TPO support domains in Tor Browser2022-09-01T22:32:07ZGusBookmark TPO support domains in Tor BrowserAt the moment we only have blog.torproject.org and torproject.org bookmarked by default in Tor Browser.
I know that we have all those links to the documentation in buttons and other places, but I still need to type or click on somethin...At the moment we only have blog.torproject.org and torproject.org bookmarked by default in Tor Browser.
I know that we have all those links to the documentation in buttons and other places, but I still need to type or click on something to go to other TPO websites. Now that we have an auto-complete function in address bar, that would nice.
Can we have these addresses bookmarked by default in Tor Browser for Android and Desktop?
* support.torproject.org - Get Support
* tb-manual.torproject.org - Tor Browser User Manual
* bridges.torproject.org - Circumvent Censorship, Get Bridges
* community.torproject.org - Join the Tor Community
* donate.torproject.org - Donate to Tor ProjectTor Browser: 10.5GusGushttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41252bookworm upgrades, second batch2024-02-06T18:22:35Zanarcatbookworm upgrades, second batchupgrade all those servers to Debian bookworm
- [x] bacula-director-01.torproject.org (@lavamind)
- [x] btcpayserver-02.torproject.org (@anarcat)
- [x] bungei.torproject.org (@lavamind, `crypttab` had a typo, had to boot rescue to recove...upgrade all those servers to Debian bookworm
- [x] bacula-director-01.torproject.org (@lavamind)
- [x] btcpayserver-02.torproject.org (@anarcat)
- [x] bungei.torproject.org (@lavamind, `crypttab` had a typo, had to boot rescue to recover, grub KVM console seems inaccessible)
- [x] carinatum.torproject.org (@kez, had issues during upgrade, followup in https://gitlab.torproject.org/tpo/network-health/doctor/-/issues/40034)
- [x] check-01.torproject.org (@kez, had a prolonged outage: https://gitlab.torproject.org/tpo/network-health/metrics/tor-check/-/issues/40017, mod_qos broken, followup in https://gitlab.torproject.org/tpo/tpa/team/-/issues/41509)
- [x] colchicifolium.torproject.org (@anarcat)
- [x] collector-02.torproject.org (@anarcat)
- [x] crm-ext-01.torproject.org (@anarcat, PHP 8 compatibility issue, followup in #41511)
- [x] crm-int-01.torproject.org (@anarcat)
- [x] dangerzone-01.torproject.org (@kez)
- [x] donate-review-01.torproject.org (@kez)
- [x] gayi.torproject.org (@anarcat)
- [x] gitlab-02.torproject.org (@anarcat, migrated to standalone postgresql following upgrade issue #41426)
- [x] henryi.torproject.org (@kez)
- [x] majus.torproject.org (@anarcat, obsolete transifex-client package left around)
- [x] materculae.torproject.org (@lavamind, noticed extra load on the server, filed https://gitlab.torproject.org/tpo/tpa/team/-/issues/41507)
- [x] meronense.torproject.org (@lavamind, possible OOM regression see #41515)
- [x] metrics-store-01.torproject.org (@anarcat)
- [x] nevii.torproject.org (@anarcat, handful of issues with paths moved from `/usr/sbin` to `/usr/bin`)
- [x] onionbalance-02.torproject.org (@anarcat)
- [x] onionoo-backend-01.torproject.org (@anarcat)
- [x] onionoo-backend-02.torproject.org (@anarcat)
- [x] onionoo-frontend-01.torproject.org (@anarcat)
- [x] onionoo-frontend-02.torproject.org (@anarcat)
- [x] polyanthum.torproject.org (@lavamind)
- [x] probetelemetry-01.torproject.org (@anarcat)
- [x] rdsys-frontend-01.torproject.org (@anarcat)
- [x] rude.torproject.org (@lavamind)
- [x] survey-01.torproject.org (@lavamind)
- [x] telegram-bot-01.torproject.org (@anarcat)
- [x] weather-01.torproject.org (@anarcat, catastrophic data loss, see #41388)
31 machines
like the first batch, due date is approximate here, used to ping the team to organise this before the actual week planned in TPA-RFC-57, which is "last week of october".
an announcement need to be sent to remind people of this upcoming batch when the first due date is hit.Debian 12 bookworm upgradeanarcatanarcat2024-01-29https://gitlab.torproject.org/tpo/team/-/issues/141Bottomline the creation of the schedule for CR's meetup2023-04-20T18:15:01ZGabagaba@torproject.orgBottomline the creation of the schedule for CR's meetupGabagaba@torproject.orgGabagaba@torproject.org2023-04-13https://gitlab.torproject.org/tpo/tpa/team/-/issues/41119brainstorm ideas for TPA in-person meeting2023-09-14T14:03:42Zanarcatbrainstorm ideas for TPA in-person meetingwe'll have the chance to meet in person with a bunch of people, we should use it. we'll share "THE BAR" space with the ops team, but we can welcome other folks in our session as well.
Once settled, we should throw the results in https:/...we'll have the chance to meet in person with a bunch of people, we should use it. we'll share "THE BAR" space with the ops team, but we can welcome other folks in our session as well.
Once settled, we should throw the results in https://nc.torproject.net/f/458264 (or the wiki? see also https://gitlab.torproject.org/tpo/team/-/wikis//2023-Tor-Meeting-Costa-Rica-Wiki#schedule)
I suggest we proceed by making one comment here per idea, and :+1: the ones we like, asynchronously.
/cc @gaba @lavamind @kezanarcatanarcat2023-04-14