Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T18:04:30Zhttps://gitlab.torproject.org/legacy/trac/-/issues/34024Reduce timeout and stallout values2020-06-13T18:04:30ZKarsten LoesingReduce timeout and stallout valuesOn #33974 we discussed a suggestion to reduce timeouts for our three downloads as follows:
- 50 KiB download with 15 seconds timeout rather than 295 seconds,
- 1 MiB download with 60 seconds timeout rather than 1795 seconds, and
- 5 ...On #33974 we discussed a suggestion to reduce timeouts for our three downloads as follows:
- 50 KiB download with 15 seconds timeout rather than 295 seconds,
- 1 MiB download with 60 seconds timeout rather than 1795 seconds, and
- 5 MiB download with 120 seconds timeout rather than 3595 seconds.
Similarly, stallouts would be dropped entirely:
- 50 KiB download with 0 seconds stallout rather than 300 seconds,
- 1 MiB download with 0 seconds stallout rather than 1800 seconds, and
- 5 MiB download with 0 seconds stallout rather than 3600 seconds.
After discussing this with irl we concluded that we might want to pick values somewhere in the middle. The smaller values above are being used by TGen for generating load for Shadow simulations, in that case it makes sense to use timeouts similar to how users would behave. But in the measurements we're doing with OnionPerf we can easily record more data even after a human user would have given up and later filter out measurements taking longer than whatever timeouts we want to use.
In particular, it would be important for us to use timeouts that are higher than timeouts used internally by the Tor client, so that we can observe what happens in those cases. Even if a human user would long have given up.
How about we use timeouts and stallouts close to 5 minutes, so that we avoid overlapping measurements? Like 270 seconds for all three download sizes? What would we use as stallout value here? 0?Karsten LoesingKarsten Loesinghttps://gitlab.torproject.org/legacy/trac/-/issues/34023Reduce the number of 50 KiB downloads2020-06-13T18:04:30ZKarsten LoesingReduce the number of 50 KiB downloadsOn #33076 we discussed whether we should kill the 50 KiB downloads in deployed OnionPerfs and only keep the 1 MiB and 5 MiB downloads. The primary reason would be that our [throughput](https://metrics.torproject.org/onionperf-throughput....On #33076 we discussed whether we should kill the 50 KiB downloads in deployed OnionPerfs and only keep the 1 MiB and 5 MiB downloads. The primary reason would be that our [throughput](https://metrics.torproject.org/onionperf-throughput.html) graphs would be based on five times as many data points per day, because they only include 1 MiB and 5 MiB downloads, but not 50 KiB downloads. This would not affect our [circuit round-trip latencies graphs](https://metrics.torproject.org/onionperf-latencies.html) which include all three downloaded file sizes.
The main reason against killing 50 KiB downloads is that OnionPerfs would consume more bandwidth and also put more load on the Tor network. Let's consider two scenarios with and without 50 KiB downloads. In both scenarios we're making a new download every 5 minutes, randomly chosen with a weight of 1.0 for 5 MiB runs, 2.0 for 1 MiB runs, and either 12.0 or 0.0 for 50 KiB runs:
- With 50 KiB downloads we're downloading on average `12/15 * 50 KiB + 2/15 * 1 MiB + 1/15 * 5 MiB = 517 KiB` every 5 minutes, or `517 * 8 * 1024 / (300 * 1000) = 14 kbps`.
- Without 50 KiB downloads we're downloading on average `2/3 * 1 MiB + 1/3 * 5 MiB = 2389 KiB` every 5 minutes, or `2389 * 8 * 1024 / (300 * 1000) = 65 kbps`.
These numbers are both tiny in comparison to the overall network capacity and to other services like the bandwidth scanners.
I'm going to make this change and deploy it on new OnionPerf instances tomorrow, unless I hear objections here.Karsten LoesingKarsten Loesinghttps://gitlab.torproject.org/legacy/trac/-/issues/34022Rename the testbuild/torbrowser-testbuild targets2020-06-16T01:26:21ZboklmRename the testbuild/torbrowser-testbuild targetsFor release, alpha and nightly we use the same target name in `projects/release/config` and other components.
For testbuild however, we use the `testbuild` target in `projects/release/config`, which is using the `torbrowser-testbuild` t...For release, alpha and nightly we use the same target name in `projects/release/config` and other components.
For testbuild however, we use the `testbuild` target in `projects/release/config`, which is using the `torbrowser-testbuild` target (defined in rbm.conf) for building other components, which can be confusing. There is also a `testbuild` target in rbm.conf, which is used by `torbrowser-testbuild`.
I think we could fix that by renaming the `torbrowser-testbuild` target we have in `rbm.conf` to `testbuild`, and the current `testbuild` target to `testbuild-common`.
This will however require that people who use a custom `rbm.local.conf` update it.https://gitlab.torproject.org/legacy/trac/-/issues/34021Bundling .a files together in a single libtor.a file2020-06-13T15:53:16ZAlexander Færøyahf@torproject.orgBundling .a files together in a single libtor.a fileFor iOS, there is currently a manual step in the build process where all .a files from `tor.git` is added to the Tor.framework build-system.
Would it make sense for us to add a single libtor.a file for people to include as part of the b...For iOS, there is currently a manual step in the build process where all .a files from `tor.git` is added to the Tor.framework build-system.
Would it make sense for us to add a single libtor.a file for people to include as part of the build process for Tor?
I assume this is largely related to also having a libtor.so provided directly by the build-system.Tor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/34020Please remove the DNS entry for op-ab.onionperf.torproject.net2020-06-13T17:01:53ZirlPlease remove the DNS entry for op-ab.onionperf.torproject.net#34018 removes this from CollecTor configuration, and the host is currently being shut down as I write this ticket.
I don't know if there's any question as to what to do about TLS certs issued to domain names. In an ideal world we'd tra...#34018 removes this from CollecTor configuration, and the host is currently being shut down as I write this ticket.
I don't know if there's any question as to what to do about TLS certs issued to domain names. In an ideal world we'd track these and not reuse names until we're sure the certs would be expired. There is a Lets Encrypt cert issued to this name that will also be in backups, destroying it would be difficult, but I can revoke the certs:
https://letsencrypt.org/docs/revoking/
I've done this for the two non-expired certs.anarcatanarcathttps://gitlab.torproject.org/legacy/trac/-/issues/34019Please remove irl from groups2020-06-13T17:01:52ZirlPlease remove irl from groups```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-27:
Please remove irl from the following LDAP groups:
1512(metrics)
1550(collector)
1546(exonerator)
1547(onionoo)
1532(tordnsel)
1505(gitweb)
1507(ch...```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
For trac.torproject.org 2020-04-27:
Please remove irl from the following LDAP groups:
1512(metrics)
1550(collector)
1546(exonerator)
1547(onionoo)
1532(tordnsel)
1505(gitweb)
1507(check)
1577(torresearch)
1573(exonerator-web)
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/ps4MHN0fw3t6AudF4mIfdjVvF0FAl6mvTIACgkQF4mIfdjV
vF1+Bg/+K06u/k15Cyz8W6N/yer4/Fy5mPYDf4vCF3MCUGXMTSfs1kTptHxRmypv
gyGRjICSIOk28JI4tKsbHk7HtMdc5WYBqmq9/5NDooZdpN4BY+HAN0FFsAumhXPW
DVhI9wh86ejORPzjDMLgwBa9N4WbMbuTCd3hXsvNtj1cEsNPgCCj1rP7TRzq3mqy
EHtwOx+rDss+0xfoSWKO/4DSMptn7wXqp8E5GwcsuCP9i/ODDtlAbW4PmQd/dpAV
yuY2J+3jKWdtW3xlt/r4gfg/UFEFhOuCs0y5QJVKvbTtS2i3s+Y2uai/f9Oc5JZq
ITB9gGp5HcUh+YtVg6qqhmK2Bgip7togUaEpNQ1f6Lyt3mS2lz7TXm15NcWKtc5k
H1P5dSnOZhIKB4ewagpXhh4ZdeEee8/df1NI7T2cCgdDBd+y3hHVxO8bXnZcgOWM
QDxzJu/ZJ0pVK4Sjh8+UgfCh1A2zIMxc6YsT0YxD2QGs+qPtXYT5DdEws60YfXY1
5oeMpiloI6flwA0KNTc/7GLQfGB3o3VtIpcWQVfh4I6OBhxSJaTAAlVoCOSzQ8+Y
W2c6/Rx291K5bew0WlmFcba3DaERLkenczvHgjMxEC8ZH31ybYcV0Br24aHhq+uc
+4/ZdQAmT6iVrgU41jNQGUQE8KePPprqHtZK82x9frliw9W1qhs=
=cYgF
-----END PGP SIGNATURE-----
```anarcatanarcathttps://gitlab.torproject.org/legacy/trac/-/issues/34018Remove op-ab from CollecTor configuration2020-06-13T17:52:30ZirlRemove op-ab from CollecTor configurationThis is going away.This is going away.https://gitlab.torproject.org/legacy/trac/-/issues/34017Bump openssl version to 1.1.1g for Tor Browser2020-06-16T01:12:48ZcypherpunksBump openssl version to 1.1.1g for Tor Browserhttps://www.openssl.org/news/secadv/20200421.txthttps://www.openssl.org/news/secadv/20200421.txthttps://gitlab.torproject.org/legacy/trac/-/issues/34016Please add DNS entries for new OnionPerf hosts2020-06-13T17:01:52ZKarsten LoesingPlease add DNS entries for new OnionPerf hostsCan you please put in DNS entries for the following new OnionPerf hosts?
```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
37.218.241.56 op-us2.onionperf.torproject.net
37.218.247.100 op-nl2.onionperf.torproject.net
103.104.244....Can you please put in DNS entries for the following new OnionPerf hosts?
```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
37.218.241.56 op-us2.onionperf.torproject.net
37.218.247.100 op-nl2.onionperf.torproject.net
103.104.244.142 op-hk2.onionperf.torproject.net
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEzBAEBCAAdFiEEn3LJwENUSMzBpDI57UASP+I0EckFAl6mr7wACgkQ7UASP+I0
Ecn8YQgAmXXd9A2jk2RSCoNDsxO2RFpkuB54qhffYccyHl+3DZMZgQ/taGIvOUQK
ikoIx4o+dHhUoww0oOwi7vSK7TShSknxpHdCtFfBet9U5YrmgeICDpVu6bbM/0Oa
vpUR//UeXNT3rZWUmCLQdxNbO9tN9Ad1A1v56xvOj6TUbnxbV4Z3Zc+eNvuMu9h0
n02akV8llBg6HuI8639hg9P3M3Qw8aKtB14yW398+eUm4KhgMyLMWgxnZE1algEb
Lta0unKp1qbDpysDL830ZpqTwBvyqTmJ50Uma7kg57Jx695mrqSl/+N6Ef5d/YJK
z0URVMddc4zGw/AtuVAcjoJMHGSJZA==
=+V9l
-----END PGP SIGNATURE-----
```
Later this week I'll ask you to remove three DNS entries for current OnionPerf hosts, but we should first have the new ones in place and running before turning the old ones off.
Thanks!anarcatanarcathttps://gitlab.torproject.org/legacy/trac/-/issues/34015geckoview is not built reproducible2020-06-16T01:12:48ZGeorg Koppengeckoview is not built reproducibleWhile checking for reproducibility issues within geckoview .aar files I realized that `libxul.so` differs. All other artifacts match when built on different machines. Attached is the diff.While checking for reproducibility issues within geckoview .aar files I realized that `libxul.so` differs. All other artifacts match when built on different machines. Attached is the diff.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34014Support sqlite3 in our python project2020-06-16T01:26:21ZGeorg KoppenSupport sqlite3 in our python projectPython3 we use needs sqlite3 support now.Python3 we use needs sqlite3 support now.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34013Bump node version to v10.21.02020-06-16T01:26:20ZGeorg KoppenBump node version to v10.21.0Update our node version to what is used in mozilla-central.Update our node version to what is used in mozilla-central.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34012Bump cbindgen version to 0.14.12020-06-16T01:26:20ZGeorg KoppenBump cbindgen version to 0.14.1Update to latest cbindgen used on mozilla-central.Update to latest cbindgen used on mozilla-central.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34011Bump clang version to 9.0.12020-06-16T01:26:19ZGeorg KoppenBump clang version to 9.0.1Let's go away from clang 8.0.1Let's go away from clang 8.0.1Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/34010Use io_uring when available2020-06-13T15:53:16ZTracUse io_uring when availableIo_uring is a new subsystem for asynchronous transfers of network or disk/storage i/o.
https://lwn.net/Articles/810414/
It has a great potential in handling concurrent connections and transfers over multiple sockets or disk files.
Sa...Io_uring is a new subsystem for asynchronous transfers of network or disk/storage i/o.
https://lwn.net/Articles/810414/
It has a great potential in handling concurrent connections and transfers over multiple sockets or disk files.
Samba has implemented this on disk io as side, and ib my home / nas setting, it almost doubled total throughput on concurrent reads.
In network situations, it is said to be able to scale to 3-5x performance.
Liburing is a library to be able to utilise this subsystem. I think that Tor really should look at io_uring due to the massive concurrency of a relay.
In my own experience running a relay on a low end hardware for two years and the low end hardware was never able to fill the fiber connection. It seems to be quite a lot of internal overhead, perhaps io_uring could really help.
**References**
https://lwn.net/Articles/810414/
https://lwn.net/Articles/776428/
https://git.kernel.dk/cgit/liburing/
https://github.com/axboe/liburing
**Other projects using io_uring**
https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed#.27io_uring.27_vfs_module
https://github.com/ceph/ceph/pull/27392
**Trac**:
**Username**: torryTor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/34009update legacy TorRelayGuide and Exit Notice HTML page w/r/t DNSEL changes2020-06-13T17:35:23Zstarlightupdate legacy TorRelayGuide and Exit Notice HTML page w/r/t DNSEL changesWhile the wiki TorRelayGuide claims to be no longer maintained, the new documentation is difficult to navigate and appears devoid of technical information--certainly any present is well hidden.
Please spend a few minutes updating the le...While the wiki TorRelayGuide claims to be no longer maintained, the new documentation is difficult to navigate and appears devoid of technical information--certainly any present is well hidden.
Please spend a few minutes updating the legacy documentation page to reflect DNSEL changes as described in
https://lists.torproject.org/pipermail/tor-project/2020-March/002759.html
Please also revise the template exit notice.GusGushttps://gitlab.torproject.org/legacy/trac/-/issues/34008User may choose to leave on page after using New Identity2020-06-16T01:28:34ZcypherpunksUser may choose to leave on page after using New IdentityIf user uses New Identity but some tab asks are they sure to leave it, this tab remains open and user may choose to not leave.
New Tor Browser window opens but old one remains. I'm not sure whether this can be used to identify user or not.If user uses New Identity but some tab asks are they sure to leave it, this tab remains open and user may choose to not leave.
New Tor Browser window opens but old one remains. I'm not sure whether this can be used to identify user or not.https://gitlab.torproject.org/legacy/trac/-/issues/34007White Across Browser2020-06-13T17:36:54ZTracWhite Across BrowserHello, I saw this bug first on a chat site then when I went to twitter and my email it happened there too.
When the browser is in a certain size there is a white bar at the bottom of the browser and at the top just under the address bar...Hello, I saw this bug first on a chat site then when I went to twitter and my email it happened there too.
When the browser is in a certain size there is a white bar at the bottom of the browser and at the top just under the address bar. If I drag the browser to reach from top to bottom it goes away and the site is normal. When this white bar is there I have trouble seeing the top and bottom of the website.
**Trac**:
**Username**: person130068GusGushttps://gitlab.torproject.org/legacy/trac/-/issues/34006How to register .tor.onion ?2020-06-16T01:12:47ZcypherpunksHow to register .tor.onion ?I have 4+ years onion service so I"d like to have (short name).tor.onion.I have 4+ years onion service so I"d like to have (short name).tor.onion.https://gitlab.torproject.org/legacy/trac/-/issues/34005./mach configure --disable-compile-environment breaks for Tor Browser2020-06-16T01:12:47ZGeorg Koppen./mach configure --disable-compile-environment breaks for Tor BrowserSometimes it is useful to use Mozilla's build environment without checking whether all the compilers and necessary tools are available (see for instance #33973). Mozilla has the `--disable-compile-environment` option for that. It succeed...Sometimes it is useful to use Mozilla's build environment without checking whether all the compilers and necessary tools are available (see for instance #33973). Mozilla has the `--disable-compile-environment` option for that. It succeeds with a clean Mozilla esr68 branch but fails for us for three reasons if we delete the respective `.mozconfig` file:
1) `--disable-tor-launcher` needs to be set even though we don't want to compile anything
2) `--with-tor-browser-version` needs to be specified even though we don't want to compile anything
3) `--enable-official-branding` needs to be specified because otherwise `default512.png` in the unofficial branding is missing (or `default256.png` for the esr68-based branches)