Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-16T01:12:56Zhttps://gitlab.torproject.org/legacy/trac/-/issues/34145Investigate fallout from transitioning to 77.0b12020-06-16T01:12:56ZGeorg KoppenInvestigate fallout from transitioning to 77.0b1Compilation is busted with our patches based on 77.0b1. This is the bug to investigate this.Compilation is busted with our patches based on 77.0b1. This is the bug to investigate this.https://gitlab.torproject.org/legacy/trac/-/issues/34136Audit the Content Process Sandbox Level bump in ESR68.8 on Windows2020-06-16T01:12:55ZcypherpunksAudit the Content Process Sandbox Level bump in ESR68.8 on WindowsTo fix CVE-2020-12388 and CVE-2020-12389, Mozilla set `security.sandbox.content.level` to `6`.
The code to support that was backported to ESR: https://hg.mozilla.org/mozilla-unified/file/esr68/security/sandbox/win/src/sandboxbroker/sandb...To fix CVE-2020-12388 and CVE-2020-12389, Mozilla set `security.sandbox.content.level` to `6`.
The code to support that was backported to ESR: https://hg.mozilla.org/mozilla-unified/file/esr68/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp#l505
Correctness and completeness of the backport should be audited.https://gitlab.torproject.org/legacy/trac/-/issues/34119Hook gk's tor related gmail account to the google play account to get tor bro...2020-06-16T01:12:55ZGeorg KoppenHook gk's tor related gmail account to the google play account to get tor browser releases outWe should avoid all sorts of bottlenecks and just having one person being able to get mobile releases pushed to Google Play is one of those. Let's hook gk's up resurrected gmail account to solve that issue.We should avoid all sorts of bottlenecks and just having one person being able to get mobile releases pushed to Google Play is one of those. Let's hook gk's up resurrected gmail account to solve that issue.https://gitlab.torproject.org/legacy/trac/-/issues/34044Authenticode signing certificate renewal still needs Windows system in the loop2020-06-16T01:12:51ZGeorg KoppenAuthenticode signing certificate renewal still needs Windows system in the loopWe built our Windows .exe signing in a way that it can be done on Linux computers. However, getting a new signing cert currently requires still a custom Windows binary run. We should move that part to a Linux system, too.We built our Windows .exe signing in a way that it can be done on Linux computers. However, getting a new signing cert currently requires still a custom Windows binary run. We should move that part to a Linux system, too.https://gitlab.torproject.org/legacy/trac/-/issues/34015geckoview is not built reproducible2020-06-16T01:12:48ZGeorg Koppengeckoview is not built reproducibleWhile checking for reproducibility issues within geckoview .aar files I realized that `libxul.so` differs. All other artifacts match when built on different machines. Attached is the diff.While checking for reproducibility issues within geckoview .aar files I realized that `libxul.so` differs. All other artifacts match when built on different machines. Attached is the diff.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33562Upgrade libevent to use NDK 202020-06-16T01:11:42ZShane IsbellUpgrade libevent to use NDK 20This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locations.This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locations.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/27045Add option for firefox incremental builds2020-06-16T01:25:15ZboklmAdd option for firefox incremental buildsIn Tor Browser builds, when we need to rebuild firefox, we do a full firefox rebuild. During the development of firefox patches it would be useful to be able to do incremental rebuilds of firefox.
To do that, we could add a new makefile...In Tor Browser builds, when we need to rebuild firefox, we do a full firefox rebuild. During the development of firefox patches it would be useful to be able to do incremental rebuilds of firefox.
To do that, we could add a new makefile target for this type of build and an option in `rbm.local.conf` pointing to the firefox sources directory. We would then mount that directory in the build container and use it instead of the sources from git.https://gitlab.torproject.org/legacy/trac/-/issues/24527Inform users in Tor Launcher of which settings are best for them based on the...2020-06-16T01:01:15ZArturo FilastòInform users in Tor Launcher of which settings are best for them based on their countryTor Browser Launcher would, for countries where we know Tor to either work for sure or not work for sure, advise users on whether to use a bridge or not.
This does open the question of "How does Tor Launcher know the country of the user...Tor Browser Launcher would, for countries where we know Tor to either work for sure or not work for sure, advise users on whether to use a bridge or not.
This does open the question of "How does Tor Launcher know the country of the user"?
I think this is at the end of the day a UX question, that can have various ways of doing it. For example you can have the user input their country (but that is maybe a bit sketchy from the users perspective) or you could show them a list of countries where tor is known to work OK and a list of where it's known to not work.Mark SmithMark Smith