The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-06-27T13:48:45Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32626Remove extra space in #define in ed25519-donna-portable-identify.h2020-06-27T13:48:45ZNeel Chauhanneel@neelc.orgRemove extra space in #define in ed25519-donna-portable-identify.hThis line:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__ ) || defined(_M_X64)
```
should be:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(_M_X64)
```This line:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__ ) || defined(_M_X64)
```
should be:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(_M_X64)
```Neel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32621Add automated checks to make sure man page options stay in alphabetical order2022-06-16T16:05:50ZteorAdd automated checks to make sure man page options stay in alphabetical orderWe should add automated checks or automated tooling that makes sure that the man page options are in alphabetical order (within sections).
These tools will help us not regress legacy/trac#4310.We should add automated checks or automated tooling that makes sure that the man page options are in alphabetical order (within sections).
These tools will help us not regress legacy/trac#4310.https://gitlab.torproject.org/tpo/applications/team/-/issues/16Create Style Guides2023-01-05T18:14:59ZMatthew FinkelCreate Style GuidesFollowing legacy/trac#26184, we should document our coding style preferences. We should consider documenting all Tor Browser-related projects.Following legacy/trac#26184, we should document our coding style preferences. We should consider documenting all Tor Browser-related projects.Sponsor 131 - Phase 5 - Ongoing Maintenancehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32544Create Style Guides2023-01-05T15:49:18ZMatthew FinkelCreate Style GuidesFollowing legacy/trac#26184, we should document our coding style preferences. We should consider documenting all Tor Browser-related projects.Following legacy/trac#26184, we should document our coding style preferences. We should consider documenting all Tor Browser-related projects.Sponsor 131 - Phase 5 - Ongoing Maintenancehttps://gitlab.torproject.org/tpo/core/tor/-/issues/32514Remove the extra whitespace around the DARWIN #defines2020-06-27T13:48:49ZNeel Chauhanneel@neelc.orgRemove the extra whitespace around the DARWIN #definesKeep in mind that I do not own a Mac, do Hackintosh, or use macOS.Keep in mind that I do not own a Mac, do Hackintosh, or use macOS.Tor: 0.4.3.x-finalNeel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32513Remove the extra whitespace in the lines_eq() if statement in consdiff_gen_di...2020-06-27T13:48:49ZNeel Chauhanneel@neelc.orgRemove the extra whitespace in the lines_eq() if statement in consdiff_gen_diff()This `if` statement:
```
if (! lines_eq(line1, line2) ) {
```
should be:
```
if (!lines_eq(line1, line2)) {
```This `if` statement:
```
if (! lines_eq(line1, line2) ) {
```
should be:
```
if (!lines_eq(line1, line2)) {
```Tor: 0.4.3.x-finalNeel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32354Support "Cache Directory Tagging Standard" (already implemented e.g. in GNU tar)2022-06-17T16:22:17ZTracSupport "Cache Directory Tagging Standard" (already implemented e.g. in GNU tar)Tor seems to store sizable cached data in /var/lib/tor/diff-cache/. There is now a standard for apps to indicate that transient caches like this to be skipped from backups: https://bford.info/cachedir/spec.html
The application needs to ...Tor seems to store sizable cached data in /var/lib/tor/diff-cache/. There is now a standard for apps to indicate that transient caches like this to be skipped from backups: https://bford.info/cachedir/spec.html
The application needs to create (and recreate) a file called "CACHEDIR.TAG" in the cache directory, with content of "Signature: 8a477f597d28d172789f06886806bc55".
Skipping cache directories marked as such via this standard is already supported for example in GNU tar:
--exclude-caches
Exclude contents of directories containing file CACHEDIR.TAG, except for the tag file itself.
--exclude-caches-all
Exclude directories containing file CACHEDIR.TAG and the file itself.
--exclude-caches-under
Exclude everything under directories containing CACHEDIR.TAG
**Trac**:
**Username**: rmhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32178Tor adds trailing space character to log events2020-11-03T14:07:14ZRoger DingledineTor adds trailing space character to log eventsFirst noticed in legacy/trac#32164, where Tor Browser's "view of Tor logs" has a bonus space at the end of every line.
I believe it's Tor adding the space. This super simple hack:
```
diff --git a/src/feature/control/control_events.c b/...First noticed in legacy/trac#32164, where Tor Browser's "view of Tor logs" has a bonus space at the end of every line.
I believe it's Tor adding the space. This super simple hack:
```
diff --git a/src/feature/control/control_events.c b/src/feature/control/control_events.c
index 82ea943999..5ddfffeee8 100644
--- a/src/feature/control/control_events.c
+++ b/src/feature/control/control_events.c
@@ -1328,6 +1328,7 @@ control_event_logmsg(int severity, log_domain_mask_t domain, const char *msg)
default: s = "UnknownLogSeverity"; break;
}
++disable_log_messages;
+ printf("Sending \"650 %s %s\"\n", s, b?b:msg);
send_control_event(event, "650 %s %s\r\n", s, b?b:msg);
if (severity == LOG_ERR) {
/* Force a flush, since we may be about to die horribly */
```
shows it:
```
Sending "650 INFO circuit_free_(): Circuit 0 (id: 4) has been freed. "
```
I believe it comes from this snippet in control_event_logmsg():
```
if (strchr(msg, '\n')) {
char *cp;
b = tor_strdup(msg);
for (cp = b; *cp; ++cp)
if (*cp == '\r' || *cp == '\n')
*cp = ' ';
}
```
That is, we send in log lines that have \n in them, and the function helpfully turns the \n into a ' '.
Bug went into Tor 0.1.1.1-alpha in commit c2f6fe9b (way back in the days of the v0 control protocol).Tor: 0.4.5.x-stableNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/web/support/-/issues/78Organise APT section in a more meaningful way2020-06-27T13:39:56ZGusOrganise APT section in a more meaningful wayFor each question in [APT](https://support.torproject.org/apt/) section, you will need to add a new value, for example:
```
key: 1
```
See #77For each question in [APT](https://support.torproject.org/apt/) section, you will need to add a new value, for example:
```
key: 1
```
See #77https://gitlab.torproject.org/tpo/web/support/-/issues/77Organise Tor Browser section in a more meaningful way2020-10-16T19:38:02ZGusOrganise Tor Browser section in a more meaningful wayFor each question in [Tor Browser section](https://support.torproject.org/tbb/), you will need to add a new value, for example:
```
key: 1
```
So you need to read all questions, figure out the best order from user perspective, edit the...For each question in [Tor Browser section](https://support.torproject.org/tbb/), you will need to add a new value, for example:
```
key: 1
```
So you need to read all questions, figure out the best order from user perspective, edit the file and add key: number. See another example [here](https://raw.githubusercontent.com/torproject/support/master/content/about/backdoor/contents.lr).
And https://support.torproject.org/tbb/how-to-verify-signature/ should be **key: 1** . :smirk_cat:https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/32117Understand and document BridgeDB bot scraping attempts2020-10-29T17:40:19ZCecylia BocovichUnderstand and document BridgeDB bot scraping attemptsWe are aware of automated attempts to enumerate bridges in BridgeDB, but lack a more rigorous understanding of the problem.
We have detected bot requests from bridgeDB's web interface and deployed some defences by forbidding requests wi...We are aware of automated attempts to enumerate bridges in BridgeDB, but lack a more rigorous understanding of the problem.
We have detected bot requests from bridgeDB's web interface and deployed some defences by forbidding requests with headers that are commonly associated with bots, and handing out fake bridges to suspected bot requests (legacy/trac#31252), and
We also suspect that these bots are solving our CAPTCHAs more accurately than users (legacy/trac#24607).
After a recent campaign to get more volunteer bridges, we set up an experiment to test the reachability of a subset of these new bridges from a probe site in Beijing and found all new bridges in our sample to be blocked (most were blocked from the very start of the experiment): legacy/trac#31701
This ticket is for documenting bot behaviour and brainstorming ways to detect and analyze the automatic scraping of BridgeDB from censor-owned bots.hanneloresxhanneloresxhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32102Add build information to binary2020-11-19T15:46:43ZTracAdd build information to binary```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=...```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx etc....
```
As tor versions up rapidly stable repos sometimes host legacy versions of tor.
Some people like me tend to just compile it ourselves and replace the binary, to enjoy the benefit of packaging and to follow up on new versions.
It would be nice to add build informations, such as gcc version, library versions and configure arguments. That way people like me can replicate exactly what the package managers are doing.
**Trac**:
**Username**: willbarrhttps://gitlab.torproject.org/tpo/web/manual/-/issues/14Remove Yahoo from email providers that can request bridges2020-06-27T13:39:53ZGusRemove Yahoo from email providers that can request bridgesSince June 2019, BridgeDB only works with Riseup and Gmail.
> From now on, users can no longer request bridges from a Yahoo email account, which fixes issue #28496. We believe that Yahoo fell behind in making it hard for spammers to cre...Since June 2019, BridgeDB only works with Riseup and Gmail.
> From now on, users can no longer request bridges from a Yahoo email account, which fixes issue #28496. We believe that Yahoo fell behind in making it hard for spammers to create many email accounts, and it also has a feature that allows the creation of up to 500 disposable email addresses, which makes it easy for a censor to request a disproportionately large number of bridges. We therefore deactivated Yahoo, which leaves us with Gmail and Riseup as the email providers from which users can request bridges.
https://blog.torproject.org/new-release-bridgedb-071https://gitlab.torproject.org/tpo/core/tor/-/issues/31891make autostyle doesn't work when building outside the source tree2020-06-27T13:49:15ZTaylor Yumake autostyle doesn't work when building outside the source treeIt looks like `make autostyle` doesn't work correctly if building outside the source tree. (Here I'm building in a subdirectory of the source tree.)
```
$ make -k autostyle
abs_top_srcdir="/Users/tlyu/src/tor/build-norust/.." python3 ../...It looks like `make autostyle` doesn't work correctly if building outside the source tree. (Here I'm building in a subdirectory of the source tree.)
```
$ make -k autostyle
abs_top_srcdir="/Users/tlyu/src/tor/build-norust/.." python3 ../scripts/maint/update_versions.py
Traceback (most recent call last):
File "../scripts/maint/update_versions.py", line 98, in <module>
with open("configure.ac") as f:
FileNotFoundError: [Errno 2] No such file or directory: 'configure.ac'
make: *** [update-versions] Error 1
python3 scripts/maint/annotate_ifdef_directives.py ../src/lib/*/*.[ch] ../src/core/*/*.[ch] ../src/feature/*/*.[ch] ../src/app/*/*.[ch] ../src/test/*.[ch] ../src/test/*/*.[ch] ../src/tools/*.[ch]
/Users/tlyu/src/brew/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/Resources/Python.app/Contents/MacOS/Python: can't open file 'scripts/maint/annotate_ifdef_directives.py': [Errno 2] No such file or directory
make: *** [autostyle-ifdefs] Error 2
python3 scripts/maint/rectify_include_paths.py
/Users/tlyu/src/brew/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/Resources/Python.app/Contents/MacOS/Python: can't open file 'scripts/maint/rectify_include_paths.py': [Errno 2] No such file or directory
make: *** [rectify-includes] Error 2
make: Target `autostyle' not remade because of errors.
```Tor: 0.4.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31854In tests and log.c, stop using ~0 a log domain mask2020-06-27T13:49:17ZNick MathewsonIn tests and log.c, stop using ~0 a log domain maskThere are a few places in the tests where we use ~0 or ~0u to indicate a log domain mask that covers all domains. We also do this in log.c.
But back in legacy/trac#31080, we made the log_domain_mask_t into a 64-bit value, probably one ...There are a few places in the tests where we use ~0 or ~0u to indicate a log domain mask that covers all domains. We also do this in log.c.
But back in legacy/trac#31080, we made the log_domain_mask_t into a 64-bit value, probably one defined by a macro like LD_ALL_DOMAINS.
Additionally, we should _not_ use ~(uint64_t)0 for the definition of this value, since we don't want to include LD_NO_MOCK, LD_NOCB, and LD_NOFUNCNAME.
Found while looking at legacy/trac#31334; this should be done after legacy/trac#31334 is merged.
No backport needed, since we do not yet have any logging domains that use the high 32 bits of this type.Tor: 0.4.2.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31839Improve logging documentation2021-07-22T16:19:25ZteorImprove logging documentationTor: 0.4.2.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31825Use the full name of optional modules, rather than an abbreviation2020-07-14T22:24:16ZteorUse the full name of optional modules, rather than an abbreviationSome Tor builders are confused by the optional module descriptions in Tor's configure script.
We should spell out abbreviations:
* dirauth = Directory AuthoritySome Tor builders are confused by the optional module descriptions in Tor's configure script.
We should spell out abbreviations:
* dirauth = Directory AuthorityTor: 0.4.2.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31762Add GETINFO dir/status-vote/current/consensus-microdesc to the control spec2020-06-27T13:49:22ZteorAdd GETINFO dir/status-vote/current/consensus-microdesc to the control specHere:
https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n811
With "added in Tor 0.4.3.1-alpha"Here:
https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n811
With "added in Tor 0.4.3.1-alpha"Tor: 0.4.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31754Add HS DoS defence stats to heartbeat2022-10-11T23:39:34ZGeorge KadianakisAdd HS DoS defence stats to heartbeatWe should add entries to our heartbeat about the new DoS defences we added to see how helpful and prevalent they are.
In particular:
- We should mention how many single-hop connections we blocked (legacy/trac#24962)
- How many times we ...We should add entries to our heartbeat about the new DoS defences we added to see how helpful and prevalent they are.
In particular:
- We should mention how many single-hop connections we blocked (legacy/trac#24962)
- How many times we applied rate-limiting as an introduction point (legacy/trac#15516).
(Marking this as easy since the heartbeat module is not too hard to figure out)Tor: 0.4.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31742Write a script or makefile target to install git hooks2020-06-27T20:23:24Zrl1987Write a script or makefile target to install git hooksAt this point we have to manually copy git hook scripts into .git/hooks directory and make them executable. Having a scripted way to do this would be more convenient.At this point we have to manually copy git hook scripts into .git/hooks directory and make them executable. Having a scripted way to do this would be more convenient.