Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T17:02:21Zhttps://gitlab.torproject.org/legacy/trac/-/issues/34371make db.torproject.org a real debian archive2020-06-13T17:02:21Zanarcatmake db.torproject.org a real debian archiveI often have trouble uploading packages following our procedure here:
https://help.torproject.org/tsa/howto/build_and_upload_debs/#Uploading_admin_packages
For example, just now I have stumbled upon this:
```
Failed to upload userdir-...I often have trouble uploading packages following our procedure here:
https://help.torproject.org/tsa/howto/build_and_upload_debs/#Uploading_admin_packages
For example, just now I have stumbled upon this:
```
Failed to upload userdir-ldap-cgi_0.3.43~x.tpo.8.dsc to anarcat@alberti.torproject.org:/srv/db.torproject.org/ftp-archive/archive/pool/tpo-all/userdir-ldap-cgi_0.3.43~x.tpo.8.dsc: scp: /srv/db.torproject.org/ftp-archive/archive/pool/tpo-all/userdir-ldap-cgi_0.3.43~x.tpo.8.dsc: Permission denied
```
That was because there was already a `.8.dsc` file from a previous ("UNRELEASED") upload. (I feel it was a mistake to upload such a package in the first place, but that's besides the point: this is only one of many ways this procedure can fail on upload.)
The archive also manually handles OpenPGP certifications and rotations, which is sub-optimal, to say the least, from a security perspective.
Instead, we should use well-known software like reprepro or else to manage the repository, with a proper "incoming" queue.https://gitlab.torproject.org/legacy/trac/-/issues/34370Improve identity doorhanger message during failed onion authentication2020-06-16T01:13:15ZAntonelaantonela@torproject.orgImprove identity doorhanger message during failed onion authenticationWhen you visit an onion site that requires authentication and you click cancel, then you click the circled-i button to the left of the URL, it says connection is not secure.
But there is no connection, and any handshake-type stuff that ...When you visit an onion site that requires authentication and you click cancel, then you click the circled-i button to the left of the URL, it says connection is not secure.
But there is no connection, and any handshake-type stuff that happens is all secure, right? Maybe it's not an issue but I thought I'd just bring it up.
via https://blog.torproject.org/comment/288072#comment-288072https://gitlab.torproject.org/legacy/trac/-/issues/34369Fix learn more link in Onion Auth prompt2020-06-16T01:13:14ZAntonelaantonela@torproject.orgFix learn more link in Onion Auth promptThe Learn more link in the "requesting your private key" dialogue leads to a 404 page:
https://2019.www.torproject.org/docs/tor-manual-dev.html.en-US#_client_…
It should go to
https://tb-manual.torproject.org/onion-services/
or
http...The Learn more link in the "requesting your private key" dialogue leads to a 404 page:
https://2019.www.torproject.org/docs/tor-manual-dev.html.en-US#_client_…
It should go to
https://tb-manual.torproject.org/onion-services/
or
https://support.torproject.org/onionservices/client-auth/
via https://blog.torproject.org/comment/288070#comment-288070Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/34368Improve authenticode-signing script to better check for a signature2020-06-16T01:26:31ZGeorg KoppenImprove authenticode-signing script to better check for a signatureOur current `authenticode-signing.sh` script checks two things at the moment:
1) Whether a .exe is still unsigned
2) Whether removing a signature (using `osslsigncode remove-signature`) is producing the same SHA-256 sum as outlined in t...Our current `authenticode-signing.sh` script checks two things at the moment:
1) Whether a .exe is still unsigned
2) Whether removing a signature (using `osslsigncode remove-signature`) is producing the same SHA-256 sum as outlined in the SHA-256 sums file.
If both conditions hold it concludes that the bundles are properly signed.
There are ways for improvement here. While I think it's important to check that removing the signature provides the expected unsigned SHA-256 we could try to check the signature directly.
`osslsigncode verify -require-leaf-hash` comes to mind. We should investigate, though, how that behaves in case of truncated/broken signatures or no signatures at all.https://gitlab.torproject.org/legacy/trac/-/issues/34367Use ossligncode's -readpass option2020-06-16T01:26:31ZGeorg KoppenUse ossligncode's -readpass optionI think we should switch to `osslsigncode`'s `-readpass` option to have a better setup when dealing with our passphrase for access to our signing key.I think we should switch to `osslsigncode`'s `-readpass` option to have a better setup when dealing with our passphrase for access to our signing key.https://gitlab.torproject.org/legacy/trac/-/issues/34366The onion-location mechanism does not redirect to full URL2020-06-16T01:13:14ZGeorg KoppenThe onion-location mechanism does not redirect to full URLI was looking at https://www.torproject.org/download/#android when I got asked about using the onion service instead, which is nice. I opted in but then after the redirect I landed at http://expyuzz4wqqyqhjn.onion/download/index.html
Th...I was looking at https://www.torproject.org/download/#android when I got asked about using the onion service instead, which is nice. I opted in but then after the redirect I landed at http://expyuzz4wqqyqhjn.onion/download/index.html
The missing anchor is annoying as I need to scroll down again manually while I have been at the correct place before.
The expectation here is that I am landing at http://expyuzz4wqqyqhjn.onion/download/index.html#android instead.https://gitlab.torproject.org/legacy/trac/-/issues/3436510.0a1 mar update failing2020-06-16T01:13:13ZMatthew Finkel10.0a1 mar update failing```
*** AUS:SVC Creating UpdateService
*** AUS:SVC Logging current UpdateService status:
*** AUS:SVC UpdateService.canCheckForUpdates - able to check for updates
*** AUS:SVC getCanApplyUpdates - testing write access /home/user/tor-browse...```
*** AUS:SVC Creating UpdateService
*** AUS:SVC Logging current UpdateService status:
*** AUS:SVC UpdateService.canCheckForUpdates - able to check for updates
*** AUS:SVC getCanApplyUpdates - testing write access /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/update.test
*** AUS:SVC getCanApplyUpdates - able to apply updates
*** AUS:SVC getCanStageUpdates - staging updates is disabled by preference app.update.staging.enabled
*** AUS:SVC Elevation required: false
*** AUS:SVC Update being handled by other instance: false
*** AUS:SVC Downloading: false
*** AUS:SVC End of UpdateService status
*** AUS:SVC getCanStageUpdates - staging updates is disabled by preference app.update.staging.enabled
*** AUS:SVC UpdateManager:_loadXMLFileIntoArray - XML file does not exist. path: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/active-update.xml
*** AUS:SVC getCanStageUpdates - staging updates is disabled by preference app.update.staging.enabled
*** AUS:SVC Checker: checkForUpdates, force: true
*** AUS:SVC Creating UpdateService
*** AUS:SVC Logging current UpdateService status:
*** AUS:SVC UpdateService.canCheckForUpdates - able to check for updates
*** AUS:SVC getCanApplyUpdates - testing write access /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/update.test
*** AUS:SVC getCanApplyUpdates - able to apply updates
*** AUS:SVC getCanStageUpdates - staging updates is disabled by preference app.update.staging.enabled
*** AUS:SVC Elevation required: false
*** AUS:SVC Update being handled by other instance: false
*** AUS:SVC Downloading: false
*** AUS:SVC End of UpdateService status
*** AUS:SVC UpdateService.canCheckForUpdates - able to check for updates
*** AUS:SVC Checker:getUpdateURL - update URL: https://aus1.torproject.org/torbrowser/update_3/alpha/Linux_x86_64-gcc3/9.5a13/en-US?force=1
*** AUS:SVC Checker:checkForUpdates - sending request to: https://aus1.torproject.org/torbrowser/update_3/alpha/Linux_x86_64-gcc3/9.5a13/en-US?force=1
*** AUS:SVC Checker:onLoad - request completed downloading document
*** AUS:SVC Checker:onLoad - Getting sslStatus failed.
*** AUS:SVC Checker:onLoad - number of updates available: 1
*** AUS:SVC getCanApplyUpdates - testing write access /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/update.test
*** AUS:SVC getCanApplyUpdates - able to apply updates
*** AUS:SVC Creating Downloader
*** AUS:SVC UpdateService:_downloadUpdate
*** AUS:SVC readStringFromFile - file doesn't exist: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.status
*** AUS:SVC readStatusFile - status: null, path: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.status
*** AUS:SVC getCanUseBits - Not using BITS because this is not Windows
*** AUS:SVC Downloader:downloadUpdate - Starting nsIIncrementalDownload with url: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-9.5a13-10.0a1_en-US.incremental.mar, path: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.mar, interval: 0
*** AUS:SVC Downloader:onStartRequest - original URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-9.5a13-10.0a1_en-US.incremental.mar, final URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-9.5a13-10.0a1_en-US.incremental.mar
*** AUS:SVC Downloader:onStopRequest - downloader: nsIIncrementalDownload, original URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-9.5a13-10.0a1_en-US.incremental.mar, final URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-9.5a13-10.0a1_en-US.incremental.mar, status: 2147549183
*** AUS:SVC Downloader:onStopRequest - status: 2147549183, current fail: 0, max fail: 10, retryTimeout: 2000
*** AUS:SVC Downloader:onStopRequest - non-verification failure
*** AUS:SVC getStatusTextFromCode - transfer error: Failed (unknown reason), default code: 2152398849
*** AUS:SVC Downloader:onStopRequest - setting state to: download-failed
*** AUS:SVC Downloader:onStopRequest - verification of patch failed, downloading complete update patch
*** AUS:SVC UpdateService:_downloadUpdate
*** AUS:SVC readStringFromFile - file doesn't exist: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.status
*** AUS:SVC readStatusFile - status: null, path: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.status
*** AUS:SVC Downloader:_selectPatch - found existing patch with state: null
*** AUS:SVC getCanUseBits - Not using BITS because this is not Windows
*** AUS:SVC Downloader:downloadUpdate - Starting nsIIncrementalDownload with url: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-10.0a1_en-US.mar, path: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/updates/0/update.mar, interval: 0
*** AUS:SVC Downloader:onStartRequest - original URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-10.0a1_en-US.mar, final URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-10.0a1_en-US.mar
*** AUS:SVC Downloader:onStopRequest - downloader: nsIIncrementalDownload, original URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-10.0a1_en-US.mar, final URI spec: https://cdn.torproject.org/aus1/torbrowser/10.0a1/tor-browser-linux64-10.0a1_en-US.mar, status: 2147549183
*** AUS:SVC Downloader:onStopRequest - status: 2147549183, current fail: 0, max fail: 10, retryTimeout: 2000
*** AUS:SVC Downloader:onStopRequest - non-verification failure
*** AUS:SVC getStatusTextFromCode - transfer error: Failed (unknown reason), default code: 2152398849
*** AUS:SVC Downloader:onStopRequest - setting state to: download-failed
*** AUS:SVC Downloader:onStopRequest - notifying observers of error. topic: update-error, status: download-attempt-failed
*** AUS:SVC UpdateManager:_writeUpdatesToXMLFile - no updates to write. removing file: /home/user/tor-browser_en-US/Browser/TorBrowser/UpdateInfo/active-update.xml
```https://gitlab.torproject.org/legacy/trac/-/issues/34364Stem website down2020-06-13T17:02:21ZDamian JohnsonStem website downHi lovely sysadimins. Today I noticed that Stem's website is down...
https://stem.torproject.org/
The www directory on staticforme has the appropriate content...
```
stem@staticiforme:~$ ls /home/stem/www
_images _sources api ...Hi lovely sysadimins. Today I noticed that Stem's website is down...
https://stem.torproject.org/
The www directory on staticforme has the appropriate content...
```
stem@staticiforme:~$ ls /home/stem/www
_images _sources api change_log.html download.html genindex.html objects.inv search.html tutorials
_modules _static api.html contents.html faq.html index.html py-modindex.html searchindex.js tutorials.html
```
Per chance did someone revoke the stem user's sudoer access? When I run Stem's website replubication script its mirroradm upload encounters a password prompt where I don't believe it previously did...
```
stem@staticiforme:~$ cat /home/stem/build_site
#!/bin/sh
export PATH=/home/stem/bin:$PATH
export PYTHONPATH=/home/stem/lib/python
cd /home/stem/stem
git pull
cd docs
make clean
make html
sudo -u mirroradm static-master-update-component stem.torproject.org
echo "$(date)" > /home/stem/site_last_built
```
```
stem@staticiforme:~$ ./build_site
Already up to date.
rm -rf _build/*
sphinx-build -b html -d _build/doctrees . _build/html
Making output directory...
Running Sphinx v1.1.3
...
build succeeded, 47 warnings.
Build finished. The HTML pages are in _build/html.
[sudo] password for stem on staticiforme:
```
If you'd like for us to adjust something with regard to our website republication I'm all ears, but in the meantime I'd appreciate if we restored the website.
Thanks!https://gitlab.torproject.org/legacy/trac/-/issues/34363Allow mail from sysrqb@torproject.org on tor-announce@2020-06-13T17:02:20ZMatthew FinkelAllow mail from sysrqb@torproject.org on tor-announce@Please accept mail from `sysrqb@torproject.org` on tor-announce@ so I can announce new Tor Browser releases.
ThanksPlease accept mail from `sysrqb@torproject.org` on tor-announce@ so I can announce new Tor Browser releases.
ThanksJens KubiezielJens Kubiezielhttps://gitlab.torproject.org/legacy/trac/-/issues/34362Improve Onion Service Authentication prompt2020-06-16T01:13:13ZMatthew FinkelImprove Onion Service Authentication prompthttps://blog.torproject.org/comment/288030#comment-288030
pastly commented that the current phrasing implies Tor Browser will send the private key to the onion service (because the onion service "requested it").
pastly, subsequently, s...https://blog.torproject.org/comment/288030#comment-288030
pastly commented that the current phrasing implies Tor Browser will send the private key to the onion service (because the onion service "requested it").
pastly, subsequently, suggested something like "foo.onion requires you to authenticate. Please enter the private key for your identity with this onion service".
The message should imply that the private key is needed for authentication, but the key is only used locally to prove possession of it (via crypto magic), and the key is not actually sent to the onion service.
Related: #30237Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/34361"Prioritize .onion sites when known" appears under General2020-06-16T01:13:12ZMatthew Finkel"Prioritize .onion sites when known" appears under Generalhttps://blog.torproject.org/comment/288024#comment-288024
When `about:preferences#general` is opened in a new tab, "Onion Services" appears at the bottom of the list.https://blog.torproject.org/comment/288024#comment-288024
When `about:preferences#general` is opened in a new tab, "Onion Services" appears at the bottom of the list.https://gitlab.torproject.org/legacy/trac/-/issues/34360Bump binutils version to 2.342020-06-16T01:26:31ZGeorg KoppenBump binutils version to 2.34We are using a rather old binutils version. Let's bump it to the latest, 2.34.We are using a rather old binutils version. Let's bump it to the latest, 2.34.https://gitlab.torproject.org/legacy/trac/-/issues/34359Adapt abicheck.cc to deal with newer GCC version2020-06-16T01:26:30ZGeorg KoppenAdapt abicheck.cc to deal with newer GCC versionWe need to adapt our `abicheck.cc` to work as it is supposed to with GCC 9.We need to adapt our `abicheck.cc` to work as it is supposed to with GCC 9.https://gitlab.torproject.org/legacy/trac/-/issues/34358Implement a browser-compatible NAT behaviour discovery STUN library2020-06-13T18:22:18ZCecylia BocovichImplement a browser-compatible NAT behaviour discovery STUN librarySo far we've been lucky that the npm modules we've been using are available through Firefox and Chrome APIs. That's not the case for [stun](https://www.npmjs.com/package/stun), which we need for #34129.
~~It looks like there are some op...So far we've been lucky that the npm modules we've been using are available through Firefox and Chrome APIs. That's not the case for [stun](https://www.npmjs.com/package/stun), which we need for #34129.
~~It looks like there are some options for packing node modules for use in web applications: https://www.npmjs.com/package/webpack~~
~~But we might need to modify our build scripts.~~
Now it seems like we'd have to implement our own STUN library from scratch using the UDP socket APIs.
It's questionable how worth it this is at the moment.https://gitlab.torproject.org/legacy/trac/-/issues/34357Reject relays running 0.4.12020-06-13T15:53:43ZNick MathewsonReject relays running 0.4.1Now that 0.4.1 has reached end-of-life, it's time for directory authorities to stop accepting relays running it.
See #32672 for the last time we did this.
Looking at the graphs, I don't see a significant change in the drop-off rate for...Now that 0.4.1 has reached end-of-life, it's time for directory authorities to stop accepting relays running it.
See #32672 for the last time we did this.
Looking at the graphs, I don't see a significant change in the drop-off rate for deprecated versions in between when we announced that they were deprecated, and when we finally removed them. Maybe this time we should just send out an announcment, wait a month, then reject the relays?Tor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/34356Consider bundling Python binary on GNU/Linux2020-06-16T01:26:30ZJeremyRandConsider bundling Python binary on GNU/LinuxNamecoin (specifically Electrum-NMC) currently requires Python 3.6+, which is not yet universally available. To avoid incompatibility issues on older GNU/Linux distros, it may be worth considering bundling a Python 3.6+ binary with Tor ...Namecoin (specifically Electrum-NMC) currently requires Python 3.6+, which is not yet universally available. To avoid incompatibility issues on older GNU/Linux distros, it may be worth considering bundling a Python 3.6+ binary with Tor Browser when building with Namecoin is enabled.
(This would have also avoided #33749.)https://gitlab.torproject.org/legacy/trac/-/issues/34355Update entitlement files and other signing related pieces for 9.5 changes and...2020-06-16T01:26:30ZGeorg KoppenUpdate entitlement files and other signing related pieces for 9.5 changes and include fixupsWe have a bunch of scripts in our `tor-browser-build` repo (in `tools/signing`) which show how we do currently a bunch of signing related jobs.
We should update the things that need update for 9.5/10.0a1 (probably both on `master` and, ...We have a bunch of scripts in our `tor-browser-build` repo (in `tools/signing`) which show how we do currently a bunch of signing related jobs.
We should update the things that need update for 9.5/10.0a1 (probably both on `master` and, where applicable, on `maint-9.5` for stable) and go over the `README` again (typo fixing).https://gitlab.torproject.org/legacy/trac/-/issues/34354SDP Serialization.2020-06-13T18:22:18ZHashikDSDP Serialization.SDP Serialization.SDP Serialization.https://gitlab.torproject.org/legacy/trac/-/issues/34353Create a new subkey for our Tor Browser GPG key2020-06-16T01:26:29ZGeorg KoppenCreate a new subkey for our Tor Browser GPG keyThe currently used GPG subkey for signing our packages is expiring in a couple of weeks. We should create and deploy a new one.The currently used GPG subkey for signing our packages is expiring in a couple of weeks. We should create and deploy a new one.https://gitlab.torproject.org/legacy/trac/-/issues/34352Bump OP version in setup.py2020-06-13T18:04:43ZAna CusturaBump OP version in setup.pyI ran into a weird bug where installing the latest OP on a system that already has an installation from a version prior to commit [de26da3](https://gitweb.torproject.org/onionperf.git/commit/?id=de26da351d859b64a35b81eb2d07dbf325a86960) ...I ran into a weird bug where installing the latest OP on a system that already has an installation from a version prior to commit [de26da3](https://gitweb.torproject.org/onionperf.git/commit/?id=de26da351d859b64a35b81eb2d07dbf325a86960) results in the following error message:
```
$ onionperf
Traceback (most recent call last):
File "/usr/local/bin/onionperf", line 4, in <module>
__import__('pkg_resources').run_script('OnionPerf==0.2rc0', 'onionperf')
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 667, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1452, in run_script
raise ResolutionError(
pkg_resources.ResolutionError: Script 'scripts/onionperf' not found in metadata at None
```
It looks like `setuptools` is renaming the OnionPerf version from `0.2.pre` (as it is currently specified in `setup.py`) to `0.2rc0` when installing, and they somehow conflict. I've tested this can be solved by bumping the version to 0.3 in `setup.py` (patch attached).