The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-06-17T19:03:32Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/33086Support brotli compression for directory requests2022-06-17T19:03:32ZNick MathewsonSupport brotli compression for directory requestsBrotli seems to outperform zstd in compression, and claims performance comparable to deflate. We should investigate using it for directory requests.Brotli seems to outperform zstd in compression, and claims performance comparable to deflate. We should investigate using it for directory requests.rl1987rl1987https://gitlab.torproject.org/tpo/core/tor/-/issues/32907Remove or_options_t dependencies from module config headers2022-06-17T19:04:17ZteorRemove or_options_t dependencies from module config headersThe following inline header functions depend on some members of or_options_t, which is a dependency we don't need:
* options_validate_dirauth_mode()
* options_validate_server_transport()
* options_validate_relay_mode()
And the dependency...The following inline header functions depend on some members of or_options_t, which is a dependency we don't need:
* options_validate_dirauth_mode()
* options_validate_server_transport()
* options_validate_relay_mode()
And the dependency only exists when the relay or dirauth modules are disabled.
Instead, we could put these functions in stub C files, which are only compiled when relay/dirauth mode is disabled.Neel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32889Space the a-d unsigned ints in tor_inet_aton()2020-06-27T13:48:31ZNeel Chauhanneel@neelc.orgSpace the a-d unsigned ints in tor_inet_aton()Neel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32829Fix spacing in tor_inet_aton()2020-06-27T13:48:34ZNeel Chauhanneel@neelc.orgFix spacing in tor_inet_aton()Neel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32671Circpad padding timer flag is not properly reset2021-07-09T17:22:51ZMike PerryCircpad padding timer flag is not properly resetThis appears to have no consequences outside of the circpad simulator, but we are forgetting to reset the is_padding_timer_scheduled flag in circpad_send_padding_cell_for_callback(). It should get set to 0 at the top of that function.This appears to have no consequences outside of the circpad simulator, but we are forgetting to reset the is_padding_timer_scheduled flag in circpad_send_padding_cell_for_callback(). It should get set to 0 at the top of that function.https://gitlab.torproject.org/tpo/core/tor/-/issues/32626Remove extra space in #define in ed25519-donna-portable-identify.h2020-06-27T13:48:45ZNeel Chauhanneel@neelc.orgRemove extra space in #define in ed25519-donna-portable-identify.hThis line:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__ ) || defined(_M_X64)
```
should be:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(_M_X64)
```This line:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__ ) || defined(_M_X64)
```
should be:
```
#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(_M_X64)
```Neel Chauhanneel@neelc.orgNeel Chauhanneel@neelc.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32621Add automated checks to make sure man page options stay in alphabetical order2022-06-16T16:05:50ZteorAdd automated checks to make sure man page options stay in alphabetical orderWe should add automated checks or automated tooling that makes sure that the man page options are in alphabetical order (within sections).
These tools will help us not regress legacy/trac#4310.We should add automated checks or automated tooling that makes sure that the man page options are in alphabetical order (within sections).
These tools will help us not regress legacy/trac#4310.https://gitlab.torproject.org/tpo/core/tor/-/issues/32354Support "Cache Directory Tagging Standard" (already implemented e.g. in GNU tar)2022-06-17T16:22:17ZTracSupport "Cache Directory Tagging Standard" (already implemented e.g. in GNU tar)Tor seems to store sizable cached data in /var/lib/tor/diff-cache/. There is now a standard for apps to indicate that transient caches like this to be skipped from backups: https://bford.info/cachedir/spec.html
The application needs to ...Tor seems to store sizable cached data in /var/lib/tor/diff-cache/. There is now a standard for apps to indicate that transient caches like this to be skipped from backups: https://bford.info/cachedir/spec.html
The application needs to create (and recreate) a file called "CACHEDIR.TAG" in the cache directory, with content of "Signature: 8a477f597d28d172789f06886806bc55".
Skipping cache directories marked as such via this standard is already supported for example in GNU tar:
--exclude-caches
Exclude contents of directories containing file CACHEDIR.TAG, except for the tag file itself.
--exclude-caches-all
Exclude directories containing file CACHEDIR.TAG and the file itself.
--exclude-caches-under
Exclude everything under directories containing CACHEDIR.TAG
**Trac**:
**Username**: rmhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32102Add build information to binary2020-11-19T15:46:43ZTracAdd build information to binary```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=...```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx etc....
```
As tor versions up rapidly stable repos sometimes host legacy versions of tor.
Some people like me tend to just compile it ourselves and replace the binary, to enjoy the benefit of packaging and to follow up on new versions.
It would be nice to add build informations, such as gcc version, library versions and configure arguments. That way people like me can replicate exactly what the package managers are doing.
**Trac**:
**Username**: willbarrhttps://gitlab.torproject.org/tpo/core/tor/-/issues/31742Write a script or makefile target to install git hooks2020-06-27T20:23:24Zrl1987Write a script or makefile target to install git hooksAt this point we have to manually copy git hook scripts into .git/hooks directory and make them executable. Having a scripted way to do this would be more convenient.At this point we have to manually copy git hook scripts into .git/hooks directory and make them executable. Having a scripted way to do this would be more convenient.https://gitlab.torproject.org/tpo/core/tor/-/issues/31699Remove unused configure.ac checks2021-07-09T17:22:51ZNick MathewsonRemove unused configure.ac checksHere is a little script to find macros in orconfig.h.in that are not actually mentioned in our code:
```
#/bin/bash
for macroname in $(grep '#undef' orconfig.h.in | awk -e '{ print $2; }') ; do
git grep -l "$macroname" src >/dev/null...Here is a little script to find macros in orconfig.h.in that are not actually mentioned in our code:
```
#/bin/bash
for macroname in $(grep '#undef' orconfig.h.in | awk -e '{ print $2; }') ; do
git grep -l "$macroname" src >/dev/null || echo "$macroname"
done
```
Some of these macros are used in system header files, but we can safely remove the autoconf checks for the ones that are not. I think they are:
```
HAVE_EVENT2_BUFFEREVENT_SSL_H
HAVE_EVENT2_DNS_H
HAVE_EVENT2_EVENT_H
HAVE_EVP_SHA3_256
HAVE_GETPASS
HAVE_HTONLL
HAVE_LIBCAP
HAVE_MALLOC_MALLOC_H
HAVE_MALLOC_NP_H
HAVE_STRUCT_TCP_INFO_TCPI_SND_MSS
HAVE_STRUCT_TCP_INFO_TCPI_UNACKED
HAVE_SYS_SYSLIMITS_H
HAVE_U_CHAR
SRCDIR
```https://gitlab.torproject.org/tpo/core/tor/-/issues/31698Reconsider HAVE_XXX_H usage in the Tor code2021-09-16T14:22:37ZAlexander Færøyahf@torproject.orgReconsider HAVE_XXX_H usage in the Tor codeWe currently sometimes have code like:
```
#ifdef HAVE_STRING_H
# include <string.h>
#endif
```
But we don't expect to work on systems that do not have, for example, string.h available. We should not do these check in every .c and .h ...We currently sometimes have code like:
```
#ifdef HAVE_STRING_H
# include <string.h>
#endif
```
But we don't expect to work on systems that do not have, for example, string.h available. We should not do these check in every .c and .h file, but instead just have our configure script fail if these headers are not available.https://gitlab.torproject.org/tpo/core/tor/-/issues/31647Should OBSOLETE and ___invisible configuration obtions be available to GETCONF?2022-06-17T16:36:34ZNick MathewsonShould OBSOLETE and ___invisible configuration obtions be available to GETCONF?Right now, you can use GETCONF on the invisible `___UsingTestNetworkDefaults` or the obsolete `DisableIOCP` -- without any complaint from Tor.
Perhaps Tor should complain, or even reject these requests.Right now, you can use GETCONF on the invisible `___UsingTestNetworkDefaults` or the obsolete `DisableIOCP` -- without any complaint from Tor.
Perhaps Tor should complain, or even reject these requests.https://gitlab.torproject.org/tpo/core/tor/-/issues/31156Add support of TBytes keyword to torrc for AccountingMax setting (and maybe o...2020-07-30T20:37:37ZTracAdd support of TBytes keyword to torrc for AccountingMax setting (and maybe others)Happening on Debian 9 with Tor 0.2.9.16 from the standard apt repo.
(Sorry, if this is already resolved in newer versions. In that case just close and ignore.)
Syslog output:
```
Jul 14 10:50:38 systemd[1]: Starting Anonymizing overla...Happening on Debian 9 with Tor 0.2.9.16 from the standard apt repo.
(Sorry, if this is already resolved in newer versions. In that case just close and ignore.)
Syslog output:
```
Jul 14 10:50:38 systemd[1]: Starting Anonymizing overlay network for TCP...
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.082 [notice] Tor 0.2.9.16 (git-9ef571339967c1e5) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0k and Zlib 1.2.8.
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.082 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.082 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.082 [notice] Read configuration file "/etc/tor/torrc".
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.085 [warn] Unknown unit 'TBytes'.
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.085 [warn] Failed to parse/validate config: Value 'AccountingMax 5 TBytes' is malformed or out of bounds.
Jul 14 10:50:39 tor[530]: Jul 14 10:50:39.085 [err] Reading config failed--see warnings above.
Jul 14 10:50:39 systemd[1]: tor@default.service: Control process exited, code=exited status=1
Jul 14 10:50:39 systemd[1]: Failed to start Anonymizing overlay network for TCP.
```
Additionally, please note that /var/tor/log didn't give any hint of this, instead it went to syslog. Suboptimal.
**Trac**:
**Username**: tlahttps://gitlab.torproject.org/tpo/core/tor/-/issues/30642Add an ed25519-identity file to the data directory2022-03-31T17:09:18ZteorAdd an ed25519-identity file to the data directoryRelays print their RSA fingerprint to a "fingerprint" file in their data directory.
We need an equivalent file for base-64 encoded ed25519 public keys.Relays print their RSA fingerprint to a "fingerprint" file in their data directory.
We need an equivalent file for base-64 encoded ed25519 public keys.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/30267Simplify the code logic of launching HS circuits2021-09-16T14:19:58ZGeorge KadianakisSimplify the code logic of launching HS circuitsThe intro/rendezvous parts of `circuit_get_open_circ_or_launch()` are very complicated, and then they call `circuit_get_open_circ_or_launch()` which is also extremely complicated.
A minimal action item for improving the situation here w...The intro/rendezvous parts of `circuit_get_open_circ_or_launch()` are very complicated, and then they call `circuit_get_open_circ_or_launch()` which is also extremely complicated.
A minimal action item for improving the situation here would be to split the HS-parts of `connection_ap_handshake_attach_circuit()` which are already pretty disentangled into their own function. That's pretty easy to do.
The harder part of this would be to see if we can also split the HS parts of `circuit_get_open_circ_or_launch()` in some way.https://gitlab.torproject.org/tpo/core/tor/-/issues/30045output of "tor --key-expiration sign" should be a time stamp2020-08-04T17:29:41Ztoralfoutput of "tor --key-expiration sign" should be a time stampIt would be helpful for a cron job having sth like
```
let "diff = $(tor --key-expiration sign --format=timestamp) - $(date +%s)"
```
in it.It would be helpful for a cron job having sth like
```
let "diff = $(tor --key-expiration sign --format=timestamp) - $(date +%s)"
```
in it.https://gitlab.torproject.org/tpo/core/tor/-/issues/29573Tests fail without network interface configured2022-06-17T16:19:03ZTracTests fail without network interface configuredI build packages on Linux as an unprivileged user inside a network namespace with no interfaces configured (to catch packages that try to use Internet resources during the build process). With tor 0.3.5.7 and earlier, this worked fine an...I build packages on Linux as an unprivileged user inside a network namespace with no interfaces configured (to catch packages that try to use Internet resources during the build process). With tor 0.3.5.7 and earlier, this worked fine and the test suite passed completely.
With tor 0.3.5.8, three test cases fail:
```
address/get_if_addrs_list_internal: Feb 24 12:59:28.031 [err] connect() failed: Network is unreachable
[get_if_addrs_list_internal FAILED]
address/get_if_addrs_list_no_internal: Feb 24 12:59:28.040 [err] connect() failed: Network is unreachable
[get_if_addrs_list_no_internal FAILED]
address/get_if_addrs: Feb 24 12:59:28.309 [err] connect() failed: Network is unreachable
[get_if_addrs FAILED]
```
Here's strace output for one of the failures:
```
socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_UDP) = 6
connect(6, {sa_family=AF_INET, sin_port=htons(9), sin_addr=inet_addr("18.0.0.1")}, 16) = -1 ENETUNREACH (Network is unreachable)
```
So this looks like get_interface_address6_via_udp_socket_hack failing - comments in the tests suggest that they ought to be getting an empty list rather than an error in this circumstance?
**Trac**:
**Username**: atsampsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/29232Write a function that prints a link specifier and link specifier list2021-09-16T14:24:10ZteorWrite a function that prints a link specifier and link specifier listWe want to print link specifiers for debugging, and log link specifiers, but we don't have an easy way to do that.We want to print link specifiers for debugging, and log link specifiers, but we don't have an easy way to do that.https://gitlab.torproject.org/tpo/core/tor/-/issues/29131Split rephist.c into modules for each type of statistic2021-09-16T14:24:09ZteorSplit rephist.c into modules for each type of statisticLet's split up rephist.c by statistic. We can also split out the stat-specific structs at the same time.
If we do this in 0.4.1, it will help us remove the bandwidth stats as part of our Sponsor V work.Let's split up rephist.c by statistic. We can also split out the stat-specific structs at the same time.
If we do this in 0.4.1, it will help us remove the bandwidth stats as part of our Sponsor V work.