| #19522 |
HS intro circuit retry logic fails when network interface is down
|
needs_revision
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19531 |
Major cleanup in our baseXX APIs
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19535 |
A can't-happen case for one-hop circuits actually can happen
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19552 |
Provide mechanism to find dirconns associated with a download_status_t, and expose active download attempts in GETINFO response
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19560 |
running tor trying to access its ed25519_signing_secret_key, log message too loud
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19565 |
SR: Use trunnel for the shared random value construction
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #19570 |
Shared random round gets out of sync
|
reopened
|
|
enhancement
|
High
|
Tor: unspecified
|
| #19572 |
set Tor Control Authcookie default file location from /var/lib/tor/control.authcookie to /var/run/tor/control.authcookie
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19625 |
Allow relays to set peering policy
|
needs_information
|
|
project
|
Medium
|
Tor: unspecified
|
| #19647 |
HS Descriptors should only contain UTF-8
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19656 |
Shared random state doesn't expire when clock changes?
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19661 |
tor refuses to use /dev/null as a config file
|
needs_revision
|
cypherpunks
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19665 |
Should *Port_set count sockets?
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19669 |
`log_prefix_` maybe getting weird output from strftime
|
new
|
|
defect
|
Low
|
Tor: unspecified
|
| #19759 |
systemd tor.service hardening: add MemoryDenyWriteExecute=true
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19761 |
Tor systemd service should have RuntimeDirectory=tor
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19762 |
Tor systemd service should have ReadWriteDirectories=/var/run/tor
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19777 |
tor-gencert should warn nicely when PEM passphrases are too short
|
new
|
|
defect
|
Very Low
|
Tor: unspecified
|
| #19853 |
ServerDNSAllowNonRFC953Hostnames affects clients, and AllowNonRFC953Hostnames affects servers
|
new
|
|
defect
|
Low
|
Tor: unspecified
|
| #19919 |
If ORPort address is publicly routable, use it to guess Address
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19926 |
BUG warning in connection_ap_attach_pending: waiting for rendezvous desc :*
|
new
|
|
defect
|
Low
|
Tor: unspecified
|
| #19931 |
curve25519-donna runtime math errors on armhf
|
needs_information
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19959 |
have a flag for Tor relay location, if a relay is hosted in a data center, cloud or physically secured
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19980 |
Use OpenSSL 1.1.0 X5519 in Tor when available (if it's good)
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19983 |
Is openssl 1.1.0's "secure heap" feature useful for us?
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19984 |
Use a better set of comparison/evaluation functions for deciding which connections to kill when OOS
|
new
|
|
defect
|
High
|
Tor: unspecified
|
| #19987 |
Unit Test Guard, Middle, Exit, Intro, and Rend node choices
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #19988 |
Warn when Port addresses have no effect
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #19989 |
Tor fails to bootstrap with an Exit as EntryNode
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20006 |
HSFETCH fails for hidden services which use client authentication
|
needs_revision
|
rl1987
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20007 |
Sandbox causing crash when setting HidServAuth when there is a hidden service running
|
needs_information
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20022 |
Tor should deprecate insecure cookie auth
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20035 |
Identify client-specific options that work with hidden services
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20046 |
Test hidden services with different consensuses
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20050 |
Testing: add a controller feature to generate paths without building circuits
|
needs_revision
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20055 |
Remove relays that fail to rotate onion keys from the consensus
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20071 |
Tor clients need 4 routers when connecting via IPv6, but only 3 using IPv4
|
new
|
|
defect
|
Low
|
Tor: unspecified
|
| #20082 |
Lower initial descriptor upload delay for hidden services
|
needs_revision
|
twim
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20153 |
VirtualAddrNetworkIPv6 man entry should say "[FC00::]/7"
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20164 |
Warn relay operators when we guess an address from several equally valid alternatives
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20165 |
When a relay advertises a new, unreachable address, OR reachability can succeed via the old address
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20169 |
hs_desc, hs_desc_content - BAD_DESC|NOT_FOUND
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20188 |
hsfetch hs_desc FAILED with REASON missing
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20191 |
Prevent a recurrence of #20103
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20194 |
Add "update fallbacks" to "Preliminaries" in Tor's doc/HACKING/ReleasingTor.md
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20212 |
Tor can be forced to open too many circuits by embedding .onion resources
|
new
|
tbb-team
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20225 |
tor "wedged" and become unable to connect to a hidden service
|
needs_information
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20226 |
Support DNS-MX resource records with .onion-filtering for TOR as secure/anonymous email transport protocoll
|
new
|
|
enhancement
|
Medium
|
Tor: very long term
|
| #20232 |
Relays get stuck on resolve_my_address() if unable to guess address
|
new
|
|
defect
|
Very Low
|
Tor: unspecified
|
| #20272 |
constraint broken in case 1 of consensus weight calculation
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20284 |
consensus weight case 2b3 does not follow dir-spec
|
needs_revision
|
pastly
|
defect
|
Medium
|
Tor: unspecified
|
| #20285 |
can't create valid case 2b3 consens weight calculation
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20289 |
HS_DESC event while waiting for upload
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20332 |
Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20337 |
Support abstract namespace AF_UNIX sockets.
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20340 |
nice to have: test torrc for incompatible transistions of config values
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20356 |
prop220: unit tests for all new/changed circuit extension functions
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20362 |
Bug: Used circuit is in strange path state new
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20371 |
Lower HSDir query backoff delay
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20423 |
Clock jumps on relay due to hostname lookup timeouts
|
reopened
|
|
defect
|
High
|
Tor: unspecified
|
| #20462 |
Make test failures/bugs on Raspberry Pi 3
|
reopened
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20469 |
Expose predicted-ports state over the control port
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20528 |
Make sure bridge clients update bridges when options are updated
|
needs_revision
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20531 |
rewrite_node_address_for_bridge and networkstatus_set_current_consensus can conflict
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20535 |
A 304 "Not Modified" should update the time to when we next expect a modification
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20554 |
Refactor circuit_expire_building
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20555 |
Stream isolation for DNS
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20594 |
hs: Make HSDir produce HS statistics for prop224
|
new
|
|
enhancement
|
High
|
Tor: unspecified
|
| #20601 |
Clients should reject outdated consensuses as soon as they parse them
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20617 |
Write a unit test abstraction for tests that need to be repeated multiple times to prove failure
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20625 |
When a consensus doesn't have enough signatures, write it (and sigs) to a file
|
needs_revision
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20647 |
Tor and Chutney CI improvements
|
new
|
|
enhancement
|
High
|
Tor: unspecified
|
| #20653 |
Test targets should gracefully handle missing dependencies
|
new
|
|
defect
|
Low
|
Tor: unspecified
|
| #20671 |
Refactor stream cipher API
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20672 |
Refactor hashing API
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20676 |
Disposable Exit Nodes
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #20742 |
prop224: Implement stealth client authorization
|
assigned
|
asn
|
enhancement
|
Very High
|
Tor: unspecified
|
| #20822 |
Follow-up tasks for prop271 (new guard API) implementation
|
new
|
|
project
|
Medium
|
Tor: unspecified
|
| #20827 |
Record guards' ed25519 identities
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20835 |
Refactor choose_good_entry_server so it is (almost) never used
|
new
|
|
task
|
High
|
Tor: unspecified
|
| #20849 |
periodic pattern in network connections ofa newly setup relay
|
needs_information
|
|
task
|
Low
|
Tor: unspecified
|
| #20872 |
option to build non-standard code paths on x86
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20919 |
Extract prop271 state-parsing code into a generic thing
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20930 |
Use new systemd hardening options
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20931 |
[prop271] Generate GUARD controller events
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20953 |
Isolate references to versioning
|
new
|
chelseakomlo
|
enhancement
|
Medium
|
Tor: unspecified
|
| #20956 |
optionally do not write command line config to torrc
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #20986 |
Gracefully handle build configurations on systems without AsciiDoc
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21006 |
Reduce NumDirectoryGuards to 1
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21020 |
Refactor dirserv_generate_networkstatus_vote_obj
|
new
|
|
enhancement
|
Low
|
Tor: unspecified
|
| #21023 |
Replace custom checks with Autoconf macros
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21039 |
Refactor and simplify guard code of circuit_send_next_onion_skin()
|
needs_revision
|
asn
|
defect
|
Medium
|
Tor: unspecified
|
| #21043 |
Make ClientUseIPv4 and ClientUseIPv6 equivalent to ReachableAddresses
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21044 |
ORPort self reachability test happens also when it shouldn't
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21081 |
tor --service install -options does not work
|
new
|
cypherpunks
|
defect
|
Medium
|
Tor: unspecified
|
| #21084 |
sometimes we call circuit has_opened() more than 2 times on client side
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21117 |
can't migrate onion services to single-hop onion services
|
new
|
|
defect
|
Medium
|
Tor: unspecified
|
| #21133 |
Add stem support to expose ed25519 relay key expire date
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #21149 |
Document what Tor means by "using reasonable defaults"
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
| #21179 |
Add a fuzzing harness for the tor OR protocol
|
new
|
|
enhancement
|
Medium
|
Tor: unspecified
|
