Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2022-09-01T23:00:13Zhttps://gitlab.torproject.org/legacy/trac/-/issues/32027Bump version of Go to 1.13+2022-09-01T23:00:13ZCecylia BocovichBump version of Go to 1.13+We're going to need it eventually for newer versions of pion/webrtc, and there's a nice feature in to log package that allows us to pass the log output writer to libraries.We're going to need it eventually for newer versions of pion/webrtc, and there's a nice feature in to log package that allows us to pass the log output writer to libraries.boklmboklmhttps://gitlab.torproject.org/legacy/trac/-/issues/32993Package Tor With Tor Android Service Project2022-09-01T23:00:13ZShane IsbellPackage Tor With Tor Android Service ProjectCurrently tor-android-service uses pre-built tor library. Start using the tor library that is part of the build.Currently tor-android-service uses pre-built tor library. Start using the tor library that is part of the build.https://gitlab.torproject.org/legacy/trac/-/issues/28005Officially support onions in HTTPS-Everywhere2022-09-01T22:43:24ZGeorge KadianakisOfficially support onions in HTTPS-EverywhereThe plan:
A major UX issue for onion services is their huge addresses. We want to fix this issue because an address with 56 random characters confuses people, it makes it harder to pass the address around, and it also makes it much hard...The plan:
A major UX issue for onion services is their huge addresses. We want to fix this issue because an address with 56 random characters confuses people, it makes it harder to pass the address around, and it also makes it much harder to verify it.
There is a field of literature called "secure name systems" but none of the candidates are good enough for us right now. Hence, we present a hotfix that might offer a situational relief for users for the medium-term future, until we come up with something better, or while we experiment with more solutions. I suggest we keep this ticket focused to this idea, instead of debating why this and not that since we've already been doing this for far too long.
The plan is to use the HTTPS-Everywhere extension that we already have in Tor Browser, and encourage people to write their own rulesets for onions. We are talking about community-maintained rulesets and nothing that is officially maintained by The Tor Project or by HTTPS-Everywhere. This ticket is about making it easier for people to create, import and use this rulesets. We are talking about UI/UX improvements, writing blog posts and doing Q&A.
Here are some example of community rulesets we can imagine:
* The SecureDrop ruleset: where securedrop makes a ruleset with their whole directory. People can download that to quickly visit securedrop destinations, by going to securedrop-nyt.tor.onion .
* The Torproject ruleset: where torproject makes a ruleset with all their onions. We developers can use that to quickly visit Tor sites over onion, by going to tor-trac.tor.onion instead of remembering the onion.
* The Bitcoin ruleset: where a "trusted" bitcoin entity publishes a ruleset with various cryptocurrency-related rules that allow people to quickly visit them.
This approach has both positives and negatives (I assure you this is the case with every "secure naming" project out there):
* Positives: Good security if the ruleset is taken from a trusted source. No state keeping. Reachable engineering effort. No global names, hence no fear of name squatting. Easy to understand tradeoffs.
* Negatives: Terrible security if the ruleset is evil. No global names: If you want people to use your shorten onion name, you need to persuade them to use your ruleset.
Here are some HTTPS-Everywhere issues we need to solve based on my Mexico notes:
* Be able to stop update channels per-channel.
* Need good UI to easily look and understand rules.
* Need to implement file extension to install ruleset with one-click from web button.
Here are some issues we need to think about:
* We need good user text to make sure that people don't shoot themselves in the foot too often by installing bad rulesets and whatnot (they already do it daily when they open onions from "search enginers" or reddit).
* Which tld to use? If we use .tor we open ourselves to DNS leaks in normal browsers. If we use .tor.onion that might be confusing to people.
* Are there any issues with SSL?
More resources:
https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/Notes/OnionV3ux
https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/Notes/HTTPSEverywhereNotes
https://blog.torproject.org/cooking-onions-names-your-onionshttps://gitlab.torproject.org/legacy/trac/-/issues/33626Add TBB project for GeckoView2020-10-02T06:25:04ZShane IsbellAdd TBB project for GeckoViewFenix and android-components have dependencies on GeckoView. Need to setup environment to build this for production, beta and nightly. Involves rust and clang setup.Fenix and android-components have dependencies on GeckoView. Need to setup environment to build this for production, beta and nightly. Involves rust and clang setup.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/31918Rebase and squash mobile and desktop patches2020-06-16T19:16:33ZMatthew FinkelRebase and squash mobile and desktop patchesThe patches for `mobile/android` are separate from the patches for desktop. Some of these patches are similar, such as adding a mozconfig and overriding prefs. Now that Android is a first-class supported platform, we can squash some of t...The patches for `mobile/android` are separate from the patches for desktop. Some of these patches are similar, such as adding a mozconfig and overriding prefs. Now that Android is a first-class supported platform, we can squash some of these patches so we reduce the number of patches we need carry on top of Firefox.Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/33533Rebase Tor Browser esr68 patches on top of mozilla-central2020-06-16T19:13:45ZAlex CatarineuRebase Tor Browser esr68 patches on top of mozilla-centralAlex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/32516Make Write Methods Clearer in TorConfigBuilder2020-06-16T01:27:05ZShane IsbellMake Write Methods Clearer in TorConfigBuilderMake Write Methods Clearer in TorConfigBuilder. We have a lot of duplicate buffer appends that we can cleanup to make code more readable.Make Write Methods Clearer in TorConfigBuilder. We have a lot of duplicate buffer appends that we can cleanup to make code more readable.https://gitlab.torproject.org/legacy/trac/-/issues/25021Update Tor Browser spec for 9.02020-06-16T01:26:57ZGeorg KoppenUpdate Tor Browser spec for 9.0Tor Browser 7.5 is out. We should update our design document to cover all the new issues that are showing up in it. Highlights are
1) Switch to rbm/tor-browser-build
2) The security slider copy update
...
Additionally, we should fold i...Tor Browser 7.5 is out. We should update our design document to cover all the new issues that are showing up in it. Highlights are
1) Switch to rbm/tor-browser-build
2) The security slider copy update
...
Additionally, we should fold in all the 8.0, 8.5, and 9.0 changes.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34432Integrate fenix toolchain into tor-browser-build's master2020-06-16T01:26:35ZGeorg KoppenIntegrate fenix toolchain into tor-browser-build's masterWe decided to not create a new branch to take care of the Fenix toolchain while continuing to build nightly builds with the ESR 68 toolchains (and later ESR 78 toolchains for desktop builds). Rather, we'll follow boklm's idea of namespac...We decided to not create a new branch to take care of the Fenix toolchain while continuing to build nightly builds with the ESR 68 toolchains (and later ESR 78 toolchains for desktop builds). Rather, we'll follow boklm's idea of namespacing the projects to fenix-$project if there are Fenix specific needs and keep everything on `master`. This should avoid diverging branches and a tricky merge at the end.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34355Update entitlement files and other signing related pieces for 9.5 changes and...2020-06-16T01:26:30ZGeorg KoppenUpdate entitlement files and other signing related pieces for 9.5 changes and include fixupsWe have a bunch of scripts in our `tor-browser-build` repo (in `tools/signing`) which show how we do currently a bunch of signing related jobs.
We should update the things that need update for 9.5/10.0a1 (probably both on `master` and, ...We have a bunch of scripts in our `tor-browser-build` repo (in `tools/signing`) which show how we do currently a bunch of signing related jobs.
We should update the things that need update for 9.5/10.0a1 (probably both on `master` and, where applicable, on `maint-9.5` for stable) and go over the `README` again (typo fixing).https://gitlab.torproject.org/legacy/trac/-/issues/34014Support sqlite3 in our python project2020-06-16T01:26:21ZGeorg KoppenSupport sqlite3 in our python projectPython3 we use needs sqlite3 support now.Python3 we use needs sqlite3 support now.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34012Bump cbindgen version to 0.14.12020-06-16T01:26:20ZGeorg KoppenBump cbindgen version to 0.14.1Update to latest cbindgen used on mozilla-central.Update to latest cbindgen used on mozilla-central.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34011Bump clang version to 9.0.12020-06-16T01:26:19ZGeorg KoppenBump clang version to 9.0.1Let's go away from clang 8.0.1Let's go away from clang 8.0.1Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33973Create fat .aar for geckoview2020-06-16T01:26:18ZGeorg KoppenCreate fat .aar for geckoviewDownstream consumers like `android-components` and `fenix` use fat .aar files. We need to create them out of ouf per-arch ones. https://bugzilla.mozilla.org/show_bug.cgi?id=1508976 is the bug where this got implemented on Mozilla's side.Downstream consumers like `android-components` and `fenix` use fat .aar files. We need to create them out of ouf per-arch ones. https://bugzilla.mozilla.org/show_bug.cgi?id=1508976 is the bug where this got implemented on Mozilla's side.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33927Add tor-browser-build project for fenix2020-06-16T01:26:13ZGeorg KoppenAdd tor-browser-build project for fenixWe need an own project for FenixWe need an own project for FenixGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33833Upgrade Rust To Use Android NDK 202020-06-16T01:26:12ZShane IsbellUpgrade Rust To Use Android NDK 20Upgrade rust to use latest toolchainUpgrade rust to use latest toolchainGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33760Update rbm.conf to match NDK 202020-06-16T01:26:11ZShane IsbellUpdate rbm.conf to match NDK 20the configure_host field no longer matches the correct clang in the lasted NDK. The new NDK requires that we also update the platform version number.the configure_host field no longer matches the correct clang in the lasted NDK. The new NDK requires that we also update the platform version number.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33564Upgrade ZSTD to use Android NDK 202020-06-16T01:26:09ZShane IsbellUpgrade ZSTD to use Android NDK 20This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locationsThis is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locationshttps://gitlab.torproject.org/legacy/trac/-/issues/33563Upgrade Tor To Use Android NDK 202020-06-16T01:26:08ZShane IsbellUpgrade Tor To Use Android NDK 20This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locationsThis is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locationsGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/33561Upgrade openssl to use Android NDK 202020-06-16T01:26:07ZShane IsbellUpgrade openssl to use Android NDK 20This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locations.This is based of the current work done in branch for android support. We need to upgrade to build with NDK 21.
Make standalone toolchain is not longer supported in NDK 21 so need to configure to use new locations.Georg KoppenGeorg Koppen