Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-21T18:06:11Zhttps://gitlab.torproject.org/legacy/trac/-/issues/34061Reduce amount of GetTor logging2020-06-21T18:06:11ZCecylia BocovichReduce amount of GetTor loggingWe're logging at a very high level (looks like at debug), and outputting frequent successes when we only really need to be logging errors.
For example: a successfully processed email in `log/email_parser.log` outputs:
```
2020-04-27 23:...We're logging at a very high level (looks like at debug), and outputting frequent successes when we only really need to be logging errors.
For example: a successfully processed email in `log/email_parser.log` outputs:
```
2020-04-27 23:18:53+0000 [-] Log opened.
2020-04-27 23:18:53+0000 [process email] New email request received.
2020-04-27 23:18:53+0000 [process email] Reading new email.
2020-04-27 23:18:53+0000 [-] Database query executed successfully.
2020-04-27 23:18:53+0000 [email parser] Building email message from string.
2020-04-27 23:18:53+0000 [email parser] Normalizing and validating FROM email address.
2020-04-27 23:18:53+0000 [email parser] Email address normalized and validated.
2020-04-27 23:18:53+0000 [email parser] Request from [hid]
2020-04-27 23:18:53+0000 [email parser] Found request for links.
2020-04-27 23:18:53+0000 [-] Database query executed successfully.
2020-04-27 23:18:53+0000 [-] Main loop terminated.
2020-04-27 23:18:53+0000 [process email] Email request processed.
```
and in `log/gettor.log`:
```
2020-04-29T14:46:51+0000 [gettor#info] Getting links for windows is.
2020-04-29T14:46:51+0000 [-] Database query executed successfully.
2020-04-29T14:46:51+0000 [gettor#info] Sending links to [hid].
2020-04-29T14:46:51+0000 [gettor#debug] Creating plain text email
2020-04-29T14:46:51+0000 [gettor#debug] Calling asynchronous sendmail.
2020-04-29T14:46:51+0000 [twisted.mail.smtp.ESMTPSenderFactory#info] Starting factory <twisted.mail.smtp.ESMTPSenderFactory object at 0x7f0bba74b780>
2020-04-29T14:46:51+0000 [gettor#info] Email sent successfully.
2020-04-29T14:46:51+0000 [twisted.mail.smtp.ESMTPSenderFactory#info] Stopping factory <twisted.mail.smtp.ESMTPSenderFactory object at 0x7f0bba74b780>
2020-04-29T14:46:51+0000 [-] Database query executed successfully.
2020-04-29T14:46:51+0000 [-] Database query executed successfully.
```
We could reduce this to one log message at most. Especially since this information *should* be captured in the stats database.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/legacy/trac/-/issues/34060Errors thrown in Gettor if "To:" address field doesn't match gettor@tp.o2020-06-21T18:06:11ZCecylia BocovichErrors thrown in Gettor if "To:" address field doesn't match gettor@tp.oI was checking the logs for errors and found a bunch of the following failures:
```
2020-04-29 07:57:51+0000 [email parser] Error while parsing email content: [Failure instance: Traceba
ck: <class 'KeyError'>: 'command'
/usr/lib...I was checking the logs for errors and found a bunch of the following failures:
```
2020-04-29 07:57:51+0000 [email parser] Error while parsing email content: [Failure instance: Traceba
ck: <class 'KeyError'>: 'command'
/usr/lib/python3/dist-packages/twisted/internet/defer.py:311:addCallbacks
/usr/lib/python3/dist-packages/twisted/internet/defer.py:654:_runCallbacks
/usr/lib/python3/dist-packages/twisted/internet/defer.py:1613:unwindGenerator
/usr/lib/python3/dist-packages/twisted/internet/defer.py:1529:_cancellableInlineCallbacks
--- <exception caught here> ---
/usr/lib/python3/dist-packages/twisted/internet/defer.py:1418:_inlineCallbacks
/srv/gettor.torproject.org/home/gettor/gettor/parse/email.py:250:parse_callback
].
```
I noticed this is caused by `parse` returning an empty request [here](https://gitweb.torproject.org/gettor.git/tree/gettor/parse/email.py#n220) which only happens if the `"To:"` address doesn't match `gettor@torproject.org` exactly. After doing more looking, I found the following mismatched addresses:
- "To:" address is just blank
- gettor+[lang code]@torproject.org (e.g., gettor+en@torproject.org).
- [random user]@gmail.com
- [user]@[random domain].[random tld]
(where random = no known connection to gettor, not cryptographically random :))
For the blank and random addresses, I wonder how this is happening. Perhaps we're relying on information that's not consistently configured correctly on user email clients?
For addresses of the form gettor+[lang code]@torproject.org, it looks like gettor used to work by accepting emails of this form to determine localization (see https://twitter.com/get_tor/status/754126179506982912). Perhaps we shouldn't be throwing these out, even though we no longer do localization this way. We could use these language codes once we get around to localizing gettor messages as an optional step.https://gitlab.torproject.org/legacy/trac/-/issues/34059[RT-admin] Create new queues: giving@ and newsletter@2020-06-13T17:01:56ZGus[RT-admin] Create new queues: giving@ and newsletter@- newsletter@rt: responses to the monthly newsletters
- giving@rt: build relationship with donors- newsletter@rt: responses to the monthly newsletters
- giving@rt: build relationship with donorsGusGushttps://gitlab.torproject.org/legacy/trac/-/issues/34058Make sure gettor logs are scrubbed of personal info2020-06-21T18:06:10ZCecylia BocovichMake sure gettor logs are scrubbed of personal infoSome error messages in the gettor logs contain personal info from gettor queries. We should make sure we're not logging this information (particularly for email addresses in SMTP errors).Some error messages in the gettor logs contain personal info from gettor queries. We should make sure we're not logging this information (particularly for email addresses in SMTP errors).https://gitlab.torproject.org/legacy/trac/-/issues/34057Please remove irl from the gitolite-admin repository2020-06-13T17:01:56ZirlPlease remove irl from the gitolite-admin repository```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-29:
Please remove irl from the gitolite-admin repository.
I requested removal from the LDAP group in #34056
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgA...```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-29:
Please remove irl from the gitolite-admin repository.
I requested removal from the LDAP group in #34056
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/ps4MHN0fw3t6AudF4mIfdjVvF0FAl6pLFwACgkQF4mIfdjV
vF0a/Q/+N0QVADtlnaKPa2RDafDAwYJamofBMXq4GGq0bRit6zwfPrqp1H9XRS9j
T4uLjGiTUa1yw2V3MJz33B2tFD+czclBOffdoSA4mHStM1RBBZ6PToi7GQbcoB1h
U/xZJ1ik7oKR1/GB0PbltO2XcQyKGsZNoC6NhTazrLotR6L+zrc7UNCtKTNiUpL7
U2a+0Rowzw+yI/pF53VQ9zA81I8TjqXjOK375P7dx9vaqnMb20hiQ/d+Rj7yOJ1e
qwkTsOAdX0ztRAPOm40s5AyMTMSd26Emx7InyoaII7wXxXsGnxQ+1UTUzuQwiEur
l9fLdAEta8THUye00F27n/FzvL9+w7T50FmcVGO88d785z2heOv4fpLRAADJXSj/
hMtOYXNj01VYBSmBTzgmc09rJ2ZEFgdvxJgNLs/zJ4ka2XwHoq0GWlp2nQKN5dyM
h/+VmDvarCVFVQY5kOtWtdxvzW8xmOh4Ut0/JG8ih4TeuqILnPEaUkeoUKnQZAs0
DLjJOfc4PkP1+v0LSbPsQYiFQTwLwaN5cRmjfey6j8VABe3XgiN3sqxaIZxEca29
cRBLXMgmji1ETU29wGU/LU50QhcdOK5HJz9jSc7qJwuu6y/2PSHOwOJs8HdFovzY
UxXVDxYbTi0c8FpzsJNWyD/P9b6Jw1IhLa2Ru1Yxg7fMofXoCrQ=
=5pBK
-----END PGP SIGNATURE-----
```https://gitlab.torproject.org/legacy/trac/-/issues/34056Please remove irl from gitolite LDAP group2020-06-13T17:01:55ZirlPlease remove irl from gitolite LDAP group```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-29:
Please remove irl from the gitolite LDAP group.
I will file another ticket to remove myself from the
gitolite-admin group in the gitolite configur...```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-29:
Please remove irl from the gitolite LDAP group.
I will file another ticket to remove myself from the
gitolite-admin group in the gitolite configuration.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/ps4MHN0fw3t6AudF4mIfdjVvF0FAl6pK+UACgkQF4mIfdjV
vF28lQ//fQnd2uDUtop9qMbDuvrapHYeDj8SWhHUEpO7VesU1Mtya88waxvQ1z98
NXjVRlcGoxB/+d296NNpiTFilO1ziC1+Ib22W0AVL8Ra8Q4EhYCpU8ck+JqXURTF
C3e94fiI7nq/Qj6b3tmVGTjOHGoT6vwP0Bg2T7WYcHL0Zt2+viASWaBcA0bev8fq
SqWGBfKb7q3SiCE/CCMyNsygXM/sKjmKm+r8/HFHL1bOTP1hPgOA9IyMtHtxsmt4
F79hyFZ7/PfkBfD5Bfk0RWxUDLoGeqoMQNXlIbWjYDyxgGiQXniWhQTWZJkOngpT
+tAWRyjK9V127h7SNttH3I0FH5jagWj+FMT92UW4nznwm8GrNDnX3DXxxE33XVNM
eYmyenXxqMSE/VbyHoghEDe5U7fUF8/hq0EocVJc/mLDKU2rf7sSrgOvCjDjVPHU
2tQOduWcEyk3uwSC8R9vJOsrMBFoy8EW4ykV8VGsHwwzpzwA47ea3K8H4CQDJNth
n9FfZxIQgzwscNNBcGam7RzKwW+Ug5v/cViHGV+3U8+JBQEsxO6u0xDvUg65TbTf
BZKMmkP7cSVc6gyZj8EEV3GPK6e6Hnkyjubp8WvT/sB08pfx3+sJ4E5BvwkZAUTL
kIdDN6ulvgqqWVa0VcrSMaDvfjmxmSFL4iGdlw66E1DjyW37tp8=
=9EI7
-----END PGP SIGNATURE-----
```anarcatanarcathttps://gitlab.torproject.org/legacy/trac/-/issues/34055Use and document 'tbb-backport' in the release process2020-06-16T01:12:52ZcypherpunksUse and document 'tbb-backport' in the release processInclude checking of https://trac.torproject.org/projects/tor/tags/tbb-backport for possible backports in every stable release preparation.Include checking of https://trac.torproject.org/projects/tor/tags/tbb-backport for possible backports in every stable release preparation.https://gitlab.torproject.org/legacy/trac/-/issues/34054Problem with an onion address2020-04-29T06:06:42ZTracProblem with an onion addressHi there, I can't seem to get into an onion address that I have previously been able to.
It is http://piratebayztemzmv.onion/
Comes up as the server timed out .. taking too long to respond etc.
Any ideas how to get back onto Pirate Ba...Hi there, I can't seem to get into an onion address that I have previously been able to.
It is http://piratebayztemzmv.onion/
Comes up as the server timed out .. taking too long to respond etc.
Any ideas how to get back onto Pirate Bay
Many thanks.
**Trac**:
**Username**: DirtyHarry123https://gitlab.torproject.org/legacy/trac/-/issues/34053Update version of wrtc packate for web proxies2020-06-13T18:22:00ZCecylia BocovichUpdate version of wrtc packate for web proxiesWe're currently using version `0.0.62`. I tried an update to the current version `0.4.4` and it works. Let's update to make these a bit more secure.We're currently using version `0.0.62`. I tried an update to the current version `0.4.4` and it works. Let's update to make these a bit more secure.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/legacy/trac/-/issues/34052Create a fonts tarball during tor browser build process2020-06-16T01:26:22ZboklmCreate a fonts tarball during tor browser build processTor Browser for Linux/Windows/macOS includes a specific list of fonts, which we get using `projects/fonts/`.
To make packaging for other OSs such as OpenBSD and NetBSD easier, we can create and distribute a tarball containing the fonts ...Tor Browser for Linux/Windows/macOS includes a specific list of fonts, which we get using `projects/fonts/`.
To make packaging for other OSs such as OpenBSD and NetBSD easier, we can create and distribute a tarball containing the fonts from the linux build.
An other file we might want to include in/with this tarball is `projects/tor-browser/Bundle-Data/linux/Data/fontconfig/fonts.conf`.https://gitlab.torproject.org/legacy/trac/-/issues/34051Generate list of all dependencies and additional files2020-06-16T01:26:22ZMatthew FinkelGenerate list of all dependencies and additional filesExternal Tor Browser packages (for other platforms) would find it helpful if we produce a list of all dependencies used for building Tor Browser for a platform and if those dependencies were build using custom patches. This list should i...External Tor Browser packages (for other platforms) would find it helpful if we produce a list of all dependencies used for building Tor Browser for a platform and if those dependencies were build using custom patches. This list should include any additional files we inject into the final packages (such as licenses, start script, fonts, etc.).https://gitlab.torproject.org/legacy/trac/-/issues/34050Restore check for nil writePipe in WebRTCPeer.Close2020-06-13T18:22:00ZDavid Fifielddcf@torproject.orgRestore check for nil writePipe in WebRTCPeer.CloseI removed this check in [047d3214bfb46de07e5d9f223e4fb1ba24584c8a](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=047d3214bfb46de07e5d9f223e4fb1ba24584c8a) because `NewWebRTCPeer` always initializes `writePip...I removed this check in [047d3214bfb46de07e5d9f223e4fb1ba24584c8a](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=047d3214bfb46de07e5d9f223e4fb1ba24584c8a) because `NewWebRTCPeer` always initializes `writePipe`, and it is never reset to `nil`. However tests used `&WebRTCPeer{}` which bypasses `NewWebRTCPeer` and leaves `writePipe` set to `nil`.
From comment:3:ticket:34049.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/34049Fix proxy calls to session description serialization utils2020-06-13T18:21:59ZCecylia BocovichFix proxy calls to session description serialization utilsWhoops, the proxy code wasn't updated after #33897Whoops, the proxy code wasn't updated after #33897Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/legacy/trac/-/issues/34048Give sysrqb write access to translation-tools and translation repos2020-06-13T17:01:55ZMatthew FinkelGive sysrqb write access to translation-tools and translation reposhttps://git.torproject.org/translation-tools.git
https://git.torproject.org/translation.git
Emmapeel, can you provide a signed message for this?
Thanks.https://git.torproject.org/translation-tools.git
https://git.torproject.org/translation.git
Emmapeel, can you provide a signed message for this?
Thanks.https://gitlab.torproject.org/legacy/trac/-/issues/34047Allow sysrqb access to majus2020-06-13T17:01:55ZMatthew FinkelAllow sysrqb access to majusMaybe this is the `translation` ldap group?
Emmapeel, can you confim (and provide a signed message? :/ )
ThanksMaybe this is the `translation` ldap group?
Emmapeel, can you confim (and provide a signed message? :/ )
Thanksanarcatanarcathttps://gitlab.torproject.org/legacy/trac/-/issues/34046Sign commits with gpg2020-06-16T01:26:22ZboklmSign commits with gpgAs discussed in ticket:25102#comment:20, we should sign all top commits from branches that are used in nightly builds.As discussed in ticket:25102#comment:20, we should sign all top commits from branches that are used in nightly builds.https://gitlab.torproject.org/legacy/trac/-/issues/34045Please remove irl from some groups2020-06-13T17:01:54ZirlPlease remove irl from some groups```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-28:
Please remove irl from the gitolite groups:
@debian-ooni
@onionperf
@research-web
@tech-reports
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/ps...```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-28:
Please remove irl from the gitolite groups:
@debian-ooni
@onionperf
@research-web
@tech-reports
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/ps4MHN0fw3t6AudF4mIfdjVvF0FAl6oE6gACgkQF4mIfdjV
vF2d1Q/+Nvlrkx/rnfyTzlYcJ1Ocm4JXx/7FMsAn0YxYSYpQAvXdSjI8pVtwigTt
bWqSvOKrx5BxqXCNkYZ3OuNE8caPdds6cwh9Zjuqwqo/PAijixlAgukOs3MZxR3o
OFTR5KfC3nuO2X8OXznWxLh/PAEUF/PXigMSuFnZ4kskn74PP4A7G3Zev2gIZOwy
FEMEcnF7cDjsC1rgFr034+UbGDKot6LfH6DoRhtnxMp2K9otLWSfyUhKtJltyDfo
OSF9HvAmEr+Bpatgs8hiDDLZVJ6TEzIxQNu8OmjJZfWXLX61aGIWqB2IbbhM+ccx
0+oFVYHPvcnrqqvLJbnuxPlwD5PeVI9B8DtqJxVrkBI0Gxe5HNkq8QLcOB+yGu1h
5kTKvVp0508ylhlP/9iP3UX3FgiF01TsPYK9BtOgAWOoY2VTRFjYka74Nqzho4zT
I52wKL8Xg/JeJ1hSAhcbuaw8uKu98R8u/VsgPN0MGlOczgqKxmACQZtoHG4Cg7oX
CE0Eb6iv8ZcJHhub7ol3OUGkUTscUX3X4KW7SDGJoI/s6tAOeketelVnL2XIwMyl
eazOl5cUb11yOqM0FNDWAbEBdxKa3jVkmAQYuvYRjE36QV9nizi0NAu5ZeWD1sN/
/hHyHbU1ZLmEmQ9ZaYrK9vcjWjEpSf/SlpBDPRqNR/h/2U8LldE=
=PkzS
-----END PGP SIGNATURE-----
```
This likely means that the debian-ooni group has no remaining members, so repositories with the debian-ooni group in its permissions can instead be swapped with:
```
R = @all
```
instead of the RW permission for the group.https://gitlab.torproject.org/legacy/trac/-/issues/34044Authenticode signing certificate renewal still needs Windows system in the loop2020-06-16T01:12:51ZGeorg KoppenAuthenticode signing certificate renewal still needs Windows system in the loopWe built our Windows .exe signing in a way that it can be done on Linux computers. However, getting a new signing cert currently requires still a custom Windows binary run. We should move that part to a Linux system, too.We built our Windows .exe signing in a way that it can be done on Linux computers. However, getting a new signing cert currently requires still a custom Windows binary run. We should move that part to a Linux system, too.https://gitlab.torproject.org/legacy/trac/-/issues/34043Update snowflake to persist sessions across proxies2020-06-16T01:12:51ZDavid Fifielddcf@torproject.orgUpdate snowflake to persist sessions across proxiesThis updates snowflake for #33745 and #33897, which add Turbo Tunnel features to snowflake.
There are two new dependencies, kcp-go and smux, which together make up the inner reliability layer. There's a patch to kcp-go to eliminate depe...This updates snowflake for #33745 and #33897, which add Turbo Tunnel features to snowflake.
There are two new dependencies, kcp-go and smux, which together make up the inner reliability layer. There's a patch to kcp-go to eliminate dependencies of features we don't use.
This is a Tor Browser ticket but I'm putting it in Circumvention/Snowflake to start to see if there's anything else we want to merge at the same time. Maybe #34042?David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/34042Reduce DataChannelTimeout2020-06-16T01:12:51ZDavid Fifielddcf@torproject.orgReduce DataChannelTimeoutSince #33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can lower `Data...Since #33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can lower `DataChannelTimeout` to discard non-working proxies more quickly.