The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2021-10-08T06:22:07Zhttps://gitlab.torproject.org/tpo/web/newsletter/-/issues/11https://newsletter.torproject.org overlaps text as width is too small on my p...2021-10-08T06:22:07ZGeorg Koppenhttps://newsletter.torproject.org overlaps text as width is too small on my phoneTesting on a Samsungs Galaxy S5 mini I realized there is overlapping text on https://newsletter.torproject.org in the Archive section (the dates overlap with text so that the result is hardly readable). See attachment for how this looks ...Testing on a Samsungs Galaxy S5 mini I realized there is overlapping text on https://newsletter.torproject.org in the Archive section (the dates overlap with text so that the result is hardly readable). See attachment for how this looks like.https://gitlab.torproject.org/tpo/web/manual/-/issues/71TB manual single page2022-05-04T16:05:47Zweasel (Peter Palfrader)TB manual single pageCan we please (additionally if you like) have a single-page build of the manual?Can we please (additionally if you like) have a single-page build of the manual?https://gitlab.torproject.org/tpo/web/support/-/issues/147Tor Browser Developer key is available on keys.openpgp.net2021-03-01T17:28:10ZGusTor Browser Developer key is available on keys.openpgp.netSince the key is now available on keys.openpgp.org:
https://keys.openpgp.org/search?q=torbrowser%40torproject.org
We should add this to How to verify signature: https://support.torproject.org/tbb/how-to-verify-signature/Since the key is now available on keys.openpgp.org:
https://keys.openpgp.org/search?q=torbrowser%40torproject.org
We should add this to How to verify signature: https://support.torproject.org/tbb/how-to-verify-signature/championquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/web/tpo/-/issues/123Update /press link2020-12-21T17:21:06ZGusUpdate /press link> I can see our blog is listed here: https://www.torproject.org/press/ as a link to an article on techlector.com. I am glad to see that. However, we have rebranded our domain from techlector.com to techreen.com. Could you please re-edit ...> I can see our blog is listed here: https://www.torproject.org/press/ as a link to an article on techlector.com. I am glad to see that. However, we have rebranded our domain from techlector.com to techreen.com. Could you please re-edit this so that the old link (https://techlector.com/tor-project-will-transfer-to-azure-to-continue-offering-domain-fronting/) will be changed to https://techreen.com/tor-project-will-transfer-to-azure-to-continue-offering-domain-fronting/?GusGushttps://gitlab.torproject.org/tpo/web/community/-/issues/173Typo lins -> lines2020-12-14T21:59:27ZGusTypo lins -> linesA translator reported:
> "You can simply add it next to the first ORPort lins in your torrc file."
I guess, the word "lins" in the original text is actually "lines".A translator reported:
> "You can simply add it next to the first ORPort lins in your torrc file."
I guess, the word "lins" in the original text is actually "lines".GusGushttps://gitlab.torproject.org/tpo/core/arti/-/issues/43Make sure that a circuit doesn't use relays in the same family2021-08-05T19:18:35ZNick MathewsonMake sure that a circuit doesn't use relays in the same familyMoved from #28.
To do this:
- [x] Start by implementing a "same-family?" predicate in tor-netdir, probably as a method for the Relay type.
- [x] Then use this predicate in tor-circmgr/path/exitpath.rs.
- [x] Implement something...Moved from #28.
To do this:
- [x] Start by implementing a "same-family?" predicate in tor-netdir, probably as a method for the Relay type.
- [x] Then use this predicate in tor-circmgr/path/exitpath.rs.
- [x] Implement something like the `EnforceDistinctSubnets` feature from C tor.Arti 0.0.1 release: basic anonymityhttps://gitlab.torproject.org/tpo/web/manual/-/issues/63Images overflow on mobile2023-04-23T15:18:56ZtorrrrrrrrrrrrrrrrImages overflow on mobileOn these pages,
- https://tb-manual.torproject.org/about/
- https://tb-manual.torproject.org/secure-connections/
- https://tb-manual.torproject.org/updating/
- https://tb-manual.torproject.org/uninstalling/
An image overflows device wid...On these pages,
- https://tb-manual.torproject.org/about/
- https://tb-manual.torproject.org/secure-connections/
- https://tb-manual.torproject.org/updating/
- https://tb-manual.torproject.org/uninstalling/
An image overflows device width on mobile.
One screenshot:
<img src="/uploads/19177e9a09d6798a5a57b059d0b604ee/tb-manual.png" width="300">https://gitlab.torproject.org/tpo/core/arti/-/issues/35Refactor buffers in tor-dirclient/src/lib.rs2021-08-02T05:30:07ZNick MathewsonRefactor buffers in tor-dirclient/src/lib.rsRight now, the buffer used in tor-dirclient/src/lib.rs is a `Vec<u8>`, and the code copies around inside it a lot.
It might be cool to change that to be a VecDeque<u8> instead, and not have to copy inside the buffer.Right now, the buffer used in tor-dirclient/src/lib.rs is a `Vec<u8>`, and the code copies around inside it a lot.
It might be cool to change that to be a VecDeque<u8> instead, and not have to copy inside the buffer.https://gitlab.torproject.org/tpo/core/arti/-/issues/34Add support for more compression types2021-01-21T17:04:19ZNick MathewsonAdd support for more compression typesRight now the directory code in `tor-dirclient/src/compress.rs` supports zlib compression only. It would be good to add support for ~~xz2 and~~ zstd and maybe brotli.
Update (17 Dec 2020): @wuldr has added support for xz2!Right now the directory code in `tor-dirclient/src/compress.rs` supports zlib compression only. It would be good to add support for ~~xz2 and~~ zstd and maybe brotli.
Update (17 Dec 2020): @wuldr has added support for xz2!https://gitlab.torproject.org/tpo/core/arti/-/issues/33Support RESOLVE and RESOLVE_PTR commands2021-07-27T18:03:30ZNick MathewsonSupport RESOLVE and RESOLVE_PTR commandsThese two commands are socks extensions. Arti parses them, but doesn't actually implement them. Further, there is backend support for sending RELAY_RESOLVE commands. All this will need is some connecting together.These two commands are socks extensions. Arti parses them, but doesn't actually implement them. Further, there is backend support for sending RELAY_RESOLVE commands. All this will need is some connecting together.Arti 0.1.0 release: Okay for experimental embeddinghttps://gitlab.torproject.org/tpo/web/community/-/issues/170Instructions on Fedora relay guide looks incomplete (step 2 and 3)2021-04-08T21:38:31ZGusInstructions on Fedora relay guide looks incomplete (step 2 and 3)
```
2. # 3. Add the following to /etc/yum.repos.d/tor.repo and then install the tor package.
```
http://3gldbgtv5e4god56.onion/relay/setup/guard/fedora/
```
2. # 3. Add the following to /etc/yum.repos.d/tor.repo and then install the tor package.
```
http://3gldbgtv5e4god56.onion/relay/setup/guard/fedora/GusGushttps://gitlab.torproject.org/tpo/web/community/-/issues/167[Relay Operations][Getting Help] Add hyperlinks to IRC channel (OFTC webchat)...2021-04-08T20:19:54Zchampionquizzerchampionquizzer@torproject.org[Relay Operations][Getting Help] Add hyperlinks to IRC channel (OFTC webchat) and mailing-list archive1. In this sentence- *You can also get help by joining the IRC channel #tor-relays* on the ['Getting Help' page](https://community.torproject.org/relay/getting-help/), we must redirect the user to #tor-relays IRC channel on OFTC webchat ...1. In this sentence- *You can also get help by joining the IRC channel #tor-relays* on the ['Getting Help' page](https://community.torproject.org/relay/getting-help/), we must redirect the user to #tor-relays IRC channel on OFTC webchat i.e. https://webchat.oftc.net/?channels=tor-relays (to maintain consistency throughout our docs).
2. In this sentence- *Make sure to check out the archives!*, we must hyper link the *archives* to the tor-relays mailing-list archives here: https://lists.torproject.org/pipermail/tor-relays/championquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/web/community/-/issues/164I think that is a part of the relay guide that we can improve (teor)2022-01-20T19:11:28ZcypherpunksI think that is a part of the relay guide that we can improve (teor)https://lists.torproject.org/pipermail/tor-relays/2018-June/015527.html
```
I think that is a part of the relay guide that we can improve:
Relays exist so that clients can use the network.
Consensus flags exist so that clients can use ...https://lists.torproject.org/pipermail/tor-relays/2018-June/015527.html
```
I think that is a part of the relay guide that we can improve:
Relays exist so that clients can use the network.
Consensus flags exist so that clients can use the network efficiently.
Bandwidth weights are assigned so that clients can use the network efficiently.
```https://gitlab.torproject.org/tpo/web/community/-/issues/159[Relay Operations] Issues with formatting2021-11-12T11:19:40Zchampionquizzerchampionquizzer@torproject.org[Relay Operations] Issues with formattingOn the ['Relay Operations/Technical Setup/Bridge' page for various operating systems](https://community.torproject.org/relay/setup/bridge/) -
1. All the terminal commands must be formatted in the manner other commands are in order to ...On the ['Relay Operations/Technical Setup/Bridge' page for various operating systems](https://community.torproject.org/relay/setup/bridge/) -
1. All the terminal commands must be formatted in the manner other commands are in order to maintain a consistency throughout our docs.
2. It must be mentioned whether to run the commands as user or as root (by $ and #/sudo respectively)(like it has been explained on this [page](https://support.torproject.org/rpm/#install)).https://gitlab.torproject.org/tpo/network-health/metrics/relay-search/-/issues/40002When the Tor settings are set to safest security level2021-08-10T13:11:32ZMelroy van den BergWhen the Tor settings are set to safest security levelHi,
So when you set the Tor Browser to safe/safest security level settings, the relay search will give an error. See below:
![cors_issue](/uploads/470525bf8326268370fec832309f0523/cors_issue.png)
Two possible solutions (or both?):
1...Hi,
So when you set the Tor Browser to safe/safest security level settings, the relay search will give an error. See below:
![cors_issue](/uploads/470525bf8326268370fec832309f0523/cors_issue.png)
Two possible solutions (or both?):
1. Fix the **CORS issue**, by hosting the backend also via an onion domain
2. Fix the **error message**, since the backend is NOT down. Also let the person now that either the backend is down _OR_ your Tor Browser settings are too high. Otherwise it's very confusing.
Thanks!
**UPDATED:** Related: #31714
Regards,
Melroyhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40112libstdc++.so.6 not stripped2021-01-20T18:56:24Zyanmaanilibstdc++.so.6 not strippedIn `tor-browser-build/projects/tor/build`, `libstdc++.so.6` is copied from GCC to the output:
```
# We need to copy the libstdc++.so.6 for Tor Browser on older Linux distros.
# Copying it into /Browser, which feels more natural, and ...In `tor-browser-build/projects/tor/build`, `libstdc++.so.6` is copied from GCC to the output:
```
# We need to copy the libstdc++.so.6 for Tor Browser on older Linux distros.
# Copying it into /Browser, which feels more natural, and amending
# LD_LIBRARY_PATH breaks updates from a Tor Browser with the old
# LD_LIBRARY_PATH value to the Tor Browser with the newer one. Thus, we copy
# the libstdc++ into the directory with the libs tor depends on, too. See bug
# 13359 for further details.
mkdir -p "$distdir/Tor/libstdc++"
cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libstdc++.so.6 "$distdir/Tor/libstdc++/"
[% IF c("var/asan") -%]
cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libasan.so.5 "$distdir/Tor/"
cp /var/tmp/dist/gcc/[% c("var/libdir") %]/libubsan.so.1 "$distdir/Tor/"
[% END -%]
chmod 700 "$distdir"/Tor/*.so*
chmod 700 "$distdir"/Tor/libstdc++/*.so*
```
This file is unstripped and contains debug info. Stripping it takes it from 17 MB to 2 MB, without any impact on functionality as far as I can tell. After compression, the entire tarball is 3MB smaller.
This should be a one-line change, provided `strip` is deterministic. I haven't looked into it.Tor Browser: 10.5https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/1Use timers to determine when it's time to prune cache entries2020-12-14T19:00:42ZPhilipp Winterphw@torproject.orgUse timers to determine when it's time to prune cache entriesEach time a new cache entry is added, [bridgestrap iterates](https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/blob/471ab0714f3966621f9f40aa707f3d12b0711410/tor.go#L108) over existing cache entries to figure out what entrie...Each time a new cache entry is added, [bridgestrap iterates](https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/blob/471ab0714f3966621f9f40aa707f3d12b0711410/tor.go#L108) over existing cache entries to figure out what entries have expired:
```golang
// First, prune expired cache entries.
now := time.Now()
cacheMutex.Lock()
for index, entry := range *tc {
if entry.Time.Before(now.Add(-CacheValidity)) {
delete(*tc, index)
}
}
```
This scales linearly, which is bad news. On my core i7 2.9 GHz laptop, it takes 0.3 ms to prune a cache holding 10,000 elements. @cohosh [suggested](https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/commit/ecc6e0487655af9ab6f91ff4fbab7ce76d11caa7#note_2709958) that we could use Timers instead: each time a cache entry is added, we set up a new timer. In parallel, we have a goroutine running that waits for the timers to fire, to then delete the expired cache entries.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40145Investigate alt-svc validation and cache eviction2023-11-27T08:30:55ZMatthew FinkelInvestigate alt-svc validation and cache evictionAfter connecting to a site that sends an alt-svc onion header (such as a site fronted by Cloudflare), Tor Browser receives an alt-svc. When Firefox receives an alt-svc, it establishes a connection with it as verification that it is usefu...After connecting to a site that sends an alt-svc onion header (such as a site fronted by Cloudflare), Tor Browser receives an alt-svc. When Firefox receives an alt-svc, it establishes a connection with it as verification that it is useful and usable. There seems to be a bug in Firefox (or Tor Browser) where this verification continues indefinitely, regardless of whether the original site is still open.
I'm not sure if this is because every response from Cloudflare's IP address site may return a different alt-srv, and Tor Browser connects with the IP address when the alt-srv connection fails or the connection cache is bypassed, therefore Tor Browser creates a very long lists of sites it should contact and verify. Or, maybe Tor Browser enters an infinite loop (or finite but sufficiently large in size) of testing the alt-srv's in its list, and never marks them as valid. I'm not sure why this is happening.
However, the most problematic and concerning result is that Tor Browser continually tries connecting with these sites long after any tabs for that site are closed.Tor Browser: 11.0 Issues with previous releasehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40144about:privatebrowsing Firefox branding2023-02-22T11:40:50ZPassword is "Cypherpunks Write Code" without quotescypherpunks@mailinator.comabout:privatebrowsing Firefox brandingabout:privatebrowsing contains Firefox branding instead of Tor Browser oneabout:privatebrowsing contains Firefox branding instead of Tor Browser oneSponsor 131 - Phase 2 - Privacy BrowserPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/71Send commits to mailing list(s)2022-10-31T14:01:56ZAlexander Færøyahf@torproject.orgSend commits to mailing list(s)The browser folks wants us to enable commit emails from fenix and other TB related repositories to their commit mailing list. We should find a way to do this in a structured way for the tpo/ namespace such that all our projects (also upc...The browser folks wants us to enable commit emails from fenix and other TB related repositories to their commit mailing list. We should find a way to do this in a structured way for the tpo/ namespace such that all our projects (also upcoming) gets these hooks enabled.
For now, we need to get Fenix and Tor-Browser.